Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/sOWyOTVKmHd0Grv0BM3PlILSiSw.roa
File: sOWyOTVKmHd0Grv0BM3PlILSiSw.roa (raw, json)
Hash identifier: 4AVJieY6q1Xq5GYjW4x0fGMsdroAPOR8/r0u/QcQU6g=
Subject key identifier: B0:E5:B2:39:35:4A:98:77:74:1A:BB:F4:04:CD:CF:94:82:D2:89:2C
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0181FE46A0F0029DD5768FAAF79230C9A32F
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/sOWyOTVKmHd0Grv0BM3PlILSiSw.roa
Signing time: Thu 14 Jul 2022 19:54:10 +0000
ROA not before: Thu 14 Jul 2022 19:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 194.110.247.0/24 maxlen: 24
194.113.35.0/24 maxlen: 24
5.181.3.0/24 maxlen: 24
5.181.1.0/24 maxlen: 24
5.181.2.0/24 maxlen: 24
5.181.0.0/24 maxlen: 24
45.143.164.0/24 maxlen: 24
37.44.192.0/24 maxlen: 24
2a09:fb86::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fe:46:a0:f0:02:9d:d5:76:8f:aa:f7:92:30:c9:a3:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jul 14 19:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0e5b239354a9877741abbf404cdcf9482d2892c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:7c:11:65:f0:be:fe:30:4e:cf:e4:30:b3:
76:22:45:4e:81:e9:71:57:32:cb:bf:08:5f:05:c2:
1a:bd:50:25:f2:b5:69:1f:fb:2b:de:90:74:af:78:
35:5e:37:70:d2:cb:de:4a:b1:f6:14:6c:4f:34:1a:
af:aa:6e:7d:64:87:f1:e0:7c:4a:1c:5e:ee:b6:01:
a6:64:5a:16:20:8a:bf:b1:db:9a:f7:f8:36:08:06:
86:5d:cd:63:b2:37:b0:9d:e1:c6:3e:83:d4:b1:11:
de:d3:59:3b:61:b9:fe:e5:86:3e:80:f3:ff:68:28:
80:c9:db:02:22:b5:76:f2:8c:99:a6:28:f9:98:56:
fa:17:e2:0f:de:8f:fd:4b:09:9a:b1:e8:c3:c0:fa:
e2:fb:48:37:58:be:d8:5e:7c:b6:dc:11:da:31:26:
89:2f:fb:d4:1a:20:44:da:89:fb:8e:bd:71:8f:e3:
89:bd:f5:58:55:97:19:e2:1f:27:8e:4a:bd:33:97:
44:2a:df:18:d4:92:af:5c:ec:b8:b9:74:4b:9c:ea:
dd:dd:fd:54:9e:e0:c3:84:0b:cc:60:0e:f8:26:a8:
85:cd:8c:fc:9b:de:ca:c5:39:87:5e:c5:9d:3b:36:
dc:93:5f:da:c1:2a:8f:5b:45:3d:12:55:af:01:a8:
0a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E5:B2:39:35:4A:98:77:74:1A:BB:F4:04:CD:CF:94:82:D2:89:2C
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/sOWyOTVKmHd0Grv0BM3PlILSiSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.0.0/22
37.44.192.0/24
45.143.164.0/24
194.110.247.0/24
194.113.35.0/24
IPv6:
2a09:fb86::/32
Signature Algorithm: sha256WithRSAEncryption
16:4b:38:5e:4d:f5:22:05:ef:5b:51:80:35:77:80:a4:f5:16:
68:53:8a:72:fe:b1:2e:2c:a9:1d:2b:47:9f:69:a0:7e:27:55:
a5:ac:d7:9d:da:04:46:6c:d6:f6:6e:08:df:b9:3f:dd:39:3b:
00:ff:26:68:cf:e2:52:23:32:4c:9f:97:a5:b8:d7:12:4f:d0:
ea:7c:25:a8:6e:c7:cc:32:7a:6b:1c:5c:8e:10:00:57:7f:61:
57:c3:92:a2:36:a5:91:dc:4c:4f:4f:7d:ca:aa:f1:f6:86:59:
d3:ab:cc:06:9b:20:d3:26:9e:be:ba:ab:a9:b2:46:37:4f:08:
c1:b1:1c:70:99:df:12:14:98:c5:84:b4:b4:52:17:e8:f0:8a:
7e:af:fb:40:6f:0e:25:a7:e4:14:85:4e:e8:04:3a:3c:11:2b:
4c:f8:c7:53:39:2b:2d:2b:93:7a:7e:fd:74:72:ea:b0:6a:89:
86:52:93:a3:e1:4f:99:44:07:f9:39:ce:1d:72:db:7d:86:96:
ab:a5:f3:a6:be:ce:f9:40:71:73:31:6e:b9:76:c5:de:a6:a0:
68:d8:61:1d:8b:13:94:bb:7e:f3:61:95:b0:49:0a:3c:1f:a9:
c3:db:f3:48:47:c6:c4:b6:88:d8:0c:4c:2f:f2:0b:8b:7b:c9:
d5:31:7f:85
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYH+RqDwAp3Vdo+q95IwyaMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjIwNzE0MTk1NDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGU1YjIzOTM1NGE5ODc3NzQxYWJiZjQwNGNkY2Y5NDgyZDI4OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGV8EWXwvv4wTs/kMLN2IkVOgelx
VzLLvwhfBcIavVAl8rVpH/sr3pB0r3g1Xjdw0sveSrH2FGxPNBqvqm59ZIfx4HxK
HF7utgGmZFoWIIq/sdua9/g2CAaGXc1jsjewneHGPoPUsRHe01k7Ybn+5YY+gPP/
aCiAydsCIrV28oyZpij5mFb6F+IP3o/9SwmasejDwPri+0g3WL7YXny23BHaMSaJ
L/vUGiBE2on7jr1xj+OJvfVYVZcZ4h8njkq9M5dEKt8Y1JKvXOy4uXRLnOrd3f1U
nuDDhAvMYA74JqiFzYz8m97KxTmHXsWdOzbck1/awSqPW0U9ElWvAagKuQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLDlsjk1Sph3dBq79ATNz5SC0oksMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvc09XeU9UVkttSGQwR3J2MEJNM1BsSUxTaVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBbUAAwQA
JSzAAwQALY+kAwQAwm73AwQAwnEjMA0EAgACMAcDBQAqCfuGMA0GCSqGSIb3DQEB
CwUAA4IBAQAWSzheTfUiBe9bUYA1d4Ck9RZoU4py/rEuLKkdK0efaaB+J1WlrNed
2gRGbNb2bgjfuT/dOTsA/yZoz+JSIzJMn5eluNcST9DqfCWobsfMMnprHFyOEABX
f2FXw5KiNqWR3ExPT33KqvH2hlnTq8wGmyDTJp6+uqupskY3TwjBsRxwmd8SFJjF
hLS0Uhfo8Ip+r/tAbw4lp+QUhU7oBDo8EStM+MdTOSstK5N6fv10cuqwaomGUpOj
4U+ZRAf5Oc4dctt9hparpfOmvs75QHFzMW65dsXepqBo2GEdixOUu37zYZWwSQo8
H6nD2/NIR8bEtojYDEwv8guLe8nVMX+F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org