Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5FTwnTho_WSGzbGyquBvNdFKqms.roa
File: 5FTwnTho_WSGzbGyquBvNdFKqms.roa (raw, json)
Hash identifier: nHbZxVIl3rmYoBp7EYLBOZGpHIKoNFo2PHGbsX7q6NM=
Subject key identifier: E4:54:F0:9D:38:68:FD:64:86:CD:B1:B2:AA:E0:6F:35:D1:4A:AA:6B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018775BD918E19D6E7EDB86C24C98BD733CE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5FTwnTho_WSGzbGyquBvNdFKqms.roa
Signing time: Wed 12 Apr 2023 13:52:50 +0000
ROA not before: Wed 12 Apr 2023 13:52:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 81.161.230.0/24 maxlen: 24
94.156.234.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
176.125.253.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:bd:91:8e:19:d6:e7:ed:b8:6c:24:c9:8b:d7:33:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 12 13:52:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e454f09d3868fd6486cdb1b2aae06f35d14aaa6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:1d:0c:af:93:85:c0:7e:27:f2:09:3c:57:
c1:35:6a:af:54:fb:ff:b7:57:45:cb:d1:27:19:92:
78:77:32:af:23:64:33:96:22:88:a1:90:9f:97:b6:
36:0c:81:27:af:57:82:bc:78:28:10:dc:ef:34:3a:
58:52:63:01:ff:b1:f7:7a:f3:d6:81:11:87:c7:de:
a3:10:04:c4:b1:0d:18:e4:5e:02:4a:6a:96:49:51:
9c:94:d6:db:15:65:7e:b4:53:2b:22:1f:8b:95:0c:
a5:05:56:62:92:44:86:81:94:71:ec:44:fa:6f:d5:
97:2d:f4:24:07:a0:51:07:33:ac:48:44:94:85:36:
1d:1a:b0:c8:cc:be:30:04:55:da:df:1e:91:d2:35:
04:13:4d:72:6d:51:30:dd:ee:85:15:07:06:b1:8c:
da:80:64:f6:be:37:5f:35:8a:27:61:d8:c5:aa:a7:
24:c7:ac:59:0d:27:df:d3:e8:7e:99:69:9f:24:1e:
3e:36:38:a8:8b:3e:b6:43:99:72:fb:76:ba:37:12:
96:de:48:94:be:08:d1:2e:fe:27:31:02:d6:43:57:
63:fb:12:1a:d2:95:ec:e3:60:81:ff:4f:7a:8e:f5:
36:98:71:79:4c:b1:c7:e8:e8:78:e0:88:f3:da:6f:
23:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:54:F0:9D:38:68:FD:64:86:CD:B1:B2:AA:E0:6F:35:D1:4A:AA:6B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5FTwnTho_WSGzbGyquBvNdFKqms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.129.84.0/24
45.129.86.0/24
81.161.230.0/24
94.154.162.0/24
94.156.160.0/24
94.156.234.0/24
176.125.252.0/23
178.215.226.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
Signature Algorithm: sha256WithRSAEncryption
24:96:92:62:c5:03:dd:3f:4a:89:23:52:5b:8e:db:e6:cb:6b:
8f:7b:8e:2d:4e:9b:81:1d:d5:d8:33:c2:30:ce:c8:68:e6:9d:
26:06:b0:8d:8f:80:76:13:39:50:b1:65:fa:08:04:f4:8a:06:
62:46:bb:03:2e:57:d7:6c:ec:fa:fa:33:3c:63:30:ec:59:9e:
57:2d:f1:cf:6c:6a:67:31:87:b5:09:65:49:a8:b4:96:98:bd:
21:21:ab:cc:18:fe:43:53:40:e2:72:a9:c1:a3:39:5a:f5:08:
95:cf:ce:f1:31:b4:17:41:2e:18:50:e3:98:e8:8a:b7:16:ab:
c5:0f:1a:46:c1:5c:c5:26:24:e7:7b:6a:9e:88:7b:37:af:df:
5e:2e:db:db:8f:f0:97:e9:24:b8:bb:8e:85:ca:1c:4e:78:fa:
0a:ce:09:99:c3:67:54:f4:f7:61:6b:31:64:74:fc:4f:2c:fd:
ab:26:0f:4c:d7:7f:a0:1a:fc:6a:e1:22:76:42:f3:be:67:a6:
01:0e:74:8d:dd:a8:f5:a1:7c:b5:94:ad:a4:16:58:68:1d:e5:
0f:45:e6:0b:e2:a1:0a:f3:19:26:55:c0:d2:7a:1a:04:fd:f9:
ba:f5:bf:82:02:30:0d:60:a1:c4:92:18:3c:0f:88:14:69:9b:
bb:1a:31:2b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYd1vZGOGdbn7bhsJMmL1zPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEyMTM1MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU0ZjA5ZDM4NjhmZDY0ODZjZGIxYjJhYWUwNmYzNWQxNGFhYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKQdDK+ThcB+J/IJPFfBNWqvVPv/
t1dFy9EnGZJ4dzKvI2QzliKIoZCfl7Y2DIEnr1eCvHgoENzvNDpYUmMB/7H3evPW
gRGHx96jEATEsQ0Y5F4CSmqWSVGclNbbFWV+tFMrIh+LlQylBVZikkSGgZRx7ET6
b9WXLfQkB6BRBzOsSESUhTYdGrDIzL4wBFXa3x6R0jUEE01ybVEw3e6FFQcGsYza
gGT2vjdfNYonYdjFqqckx6xZDSff0+h+mWmfJB4+Njioiz62Q5ly+3a6NxKW3kiU
vgjRLv4nMQLWQ1dj+xIa0pXs42CB/096jvU2mHF5TLHH6Oh44Ijz2m8jcwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFORU8J04aP1khs2xsqrgbzXRSqprMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNUZUd25UaG9fV1NHemJHeXF1QnZOZEZLcW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQmcAwQA
LQz/AwQALYFUAwQALYFWAwQAUaHmAwQAXpqiAwQAXpygAwQAXpzqAwQBsH38AwQA
stfiAwQAwSoiAwQAwS88AwQAwS8/MA0GCSqGSIb3DQEBCwUAA4IBAQAklpJixQPd
P0qJI1Jbjtvmy2uPe44tTpuBHdXYM8Iwzsho5p0mBrCNj4B2EzlQsWX6CAT0igZi
RrsDLlfXbOz6+jM8YzDsWZ5XLfHPbGpnMYe1CWVJqLSWmL0hIavMGP5DU0DicqnB
ozla9QiVz87xMbQXQS4YUOOY6Iq3FqvFDxpGwVzFJiTne2qeiHs3r99eLtvbj/CX
6SS4u46FyhxOePoKzgmZw2dU9PdhazFkdPxPLP2rJg9M13+gGvxq4SJ2QvO+Z6YB
DnSN3aj1oXy1lK2kFlhoHeUPReYL4qEK8xkmVcDSehoE/fm69b+CAjANYKHEkhg8
D4gUaZu7GjEr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:58 2024 by rpki-client on console-fra.rpki-client.org