Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/eFvUplIszwuG1r6zd4clW8hfPF0.roa
File: eFvUplIszwuG1r6zd4clW8hfPF0.roa (raw, json)
Hash identifier: m27zvtUtuNMzAoYk4VQErLPjl4q6KOsTP+tP82mo7rM=
Subject key identifier: 78:5B:D4:A6:52:2C:CF:0B:86:D6:BE:B3:77:87:25:5B:C8:5F:3C:5D
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018262F95966557291427D755251075642E5
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/eFvUplIszwuG1r6zd4clW8hfPF0.roa
Signing time: Wed 03 Aug 2022 09:11:24 +0000
ROA not before: Wed 03 Aug 2022 09:11:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 194.110.247.0/24 maxlen: 24
194.113.35.0/24 maxlen: 24
5.181.3.0/24 maxlen: 24
5.181.1.0/24 maxlen: 24
5.181.2.0/24 maxlen: 24
5.181.0.0/24 maxlen: 24
45.143.164.0/24 maxlen: 24
37.44.192.0/24 maxlen: 24
37.44.193.0/24 maxlen: 24
2a09:fb86::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:f9:59:66:55:72:91:42:7d:75:52:51:07:56:42:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Aug 3 09:11:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=785bd4a6522ccf0b86d6beb37787255bc85f3c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5c:17:4d:12:e9:50:bc:72:77:69:23:bd:01:
bb:2c:ab:92:c9:38:b6:12:20:9f:49:35:ee:43:b9:
da:f6:31:55:e2:0b:60:bc:71:0a:19:99:a7:cb:8e:
e9:6b:e1:d6:d4:6b:48:aa:c8:65:78:f0:97:7a:27:
bf:51:d4:9a:49:cf:49:00:5c:59:00:10:00:9e:77:
5b:99:5a:50:8e:b5:14:89:40:a5:ef:93:66:05:4b:
b2:e9:39:97:9b:69:a4:c2:14:af:2a:d4:fb:d3:48:
51:c2:72:79:57:29:99:d6:23:1b:51:19:eb:2a:91:
95:40:14:85:f8:c1:dc:f6:94:97:90:ad:96:d6:d8:
7b:4b:50:5f:fb:1f:c8:95:7e:8d:8a:d7:c1:db:35:
f6:4a:49:53:a1:44:fa:83:aa:84:a7:4d:25:74:78:
06:88:ed:ed:2c:5f:36:ba:b8:46:3a:2a:2a:5e:65:
2e:4c:f5:96:b4:c9:c9:ff:3e:36:55:0a:b1:fe:6f:
c8:db:9f:f9:5c:c6:d0:b3:8d:0f:3b:64:a8:1b:38:
8a:b5:78:c9:74:13:70:dc:5a:a1:93:2d:d7:65:68:
23:b5:46:16:ea:76:a0:cc:7a:95:c1:fb:41:a0:24:
ec:bc:10:75:98:eb:4c:bf:bb:4f:0d:98:78:54:a1:
78:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5B:D4:A6:52:2C:CF:0B:86:D6:BE:B3:77:87:25:5B:C8:5F:3C:5D
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/eFvUplIszwuG1r6zd4clW8hfPF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.0.0/22
37.44.192.0/23
45.143.164.0/24
194.110.247.0/24
194.113.35.0/24
IPv6:
2a09:fb86::/32
Signature Algorithm: sha256WithRSAEncryption
5e:07:e7:48:ce:66:19:d1:ef:64:26:8a:e9:ae:4d:28:c3:18:
63:e5:61:a4:32:cb:2b:8b:d2:6d:3b:1f:42:80:ad:e9:f0:14:
00:b7:97:07:2b:0c:55:92:82:b5:93:bd:b0:e3:10:d4:a5:40:
cf:f0:04:87:b5:5f:e2:f0:e4:73:e0:ee:d5:88:02:ab:c0:38:
be:5c:5c:23:60:b4:f2:f6:66:e7:b4:f4:28:58:0f:7a:b1:77:
61:76:d5:93:63:cb:42:62:d6:84:42:09:57:8f:35:1d:9c:2e:
f6:d2:e2:38:4b:d4:8b:de:9d:0f:d0:f2:1e:d3:d9:c9:2a:39:
81:34:1a:ed:8b:ae:93:18:3c:c2:f9:aa:a9:a5:68:f3:6f:53:
dc:ea:b1:8d:e9:36:fa:0b:c8:07:0b:a3:a0:b6:96:a9:d3:d8:
37:16:fc:90:64:be:05:cb:78:97:aa:ff:8d:48:04:0e:a0:5b:
b2:1e:43:c5:60:24:41:a1:ce:02:5f:c3:34:c1:35:bc:b9:5c:
1b:6a:ae:d5:37:a0:f5:65:5c:40:17:36:d7:0a:b1:c6:4d:c6:
44:ca:69:48:96:5c:5c:2e:24:76:7c:cd:8d:70:0a:65:17:ae:
6b:d2:99:7b:c4:0e:b6:fd:5b:7f:2b:47:3c:1b:5c:35:2d:3a:
62:4f:e9:1c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYJi+VlmVXKRQn11UlEHVkLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIwODAzMDkxMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODViZDRhNjUyMmNjZjBiODZkNmJlYjM3Nzg3MjU1YmM4NWYzYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1wXTRLpULxyd2kjvQG7LKuSyTi2
EiCfSTXuQ7na9jFV4gtgvHEKGZmny47pa+HW1GtIqshlePCXeie/UdSaSc9JAFxZ
ABAAnndbmVpQjrUUiUCl75NmBUuy6TmXm2mkwhSvKtT700hRwnJ5VymZ1iMbURnr
KpGVQBSF+MHc9pSXkK2W1th7S1Bf+x/IlX6NitfB2zX2SklToUT6g6qEp00ldHgG
iO3tLF82urhGOioqXmUuTPWWtMnJ/z42VQqx/m/I25/5XMbQs40PO2SoGziKtXjJ
dBNw3Fqhky3XZWgjtUYW6nagzHqVwftBoCTsvBB1mOtMv7tPDZh4VKF4CwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHhb1KZSLM8Lhta+s3eHJVvIXzxdMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvZUZ2VXBsSXN6d3VHMXI2emQ0Y2xXOGhmUEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBbUAAwQB
JSzAAwQALY+kAwQAwm73AwQAwnEjMA0EAgACMAcDBQAqCfuGMA0GCSqGSIb3DQEB
CwUAA4IBAQBeB+dIzmYZ0e9kJorprk0owxhj5WGkMssri9JtOx9CgK3p8BQAt5cH
KwxVkoK1k72w4xDUpUDP8ASHtV/i8ORz4O7ViAKrwDi+XFwjYLTy9mbntPQoWA96
sXdhdtWTY8tCYtaEQglXjzUdnC720uI4S9SL3p0P0PIe09nJKjmBNBrti66TGDzC
+aqppWjzb1Pc6rGN6Tb6C8gHC6Ogtpap09g3FvyQZL4Fy3iXqv+NSAQOoFuyHkPF
YCRBoc4CX8M0wTW8uVwbaq7VN6D1ZVxAFzbXCrHGTcZEymlIllxcLiR2fM2NcApl
F65r0pl7xA62/Vt/K0c8G1w1LTpiT+kc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org