Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l5Irbur8WDLcsVvnRsM4HKhcmEE.roa
File: l5Irbur8WDLcsVvnRsM4HKhcmEE.roa (raw, json)
Hash identifier: FyZK77vsowTW/mAi/lq0+SG+LBh9WNs1tLU9hCLWdkM=
Subject key identifier: 97:92:2B:6E:EA:FC:58:32:DC:B1:5B:E7:46:C3:38:1C:A8:5C:98:41
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184EC7C5130158E24A18A99541178470D77
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l5Irbur8WDLcsVvnRsM4HKhcmEE.roa
Signing time: Wed 07 Dec 2022 12:08:00 +0000
ROA not before: Wed 07 Dec 2022 12:08:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 87.121.124.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:7c:51:30:15:8e:24:a1:8a:99:54:11:78:47:0d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 7 12:08:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97922b6eeafc5832dcb15be746c3381ca85c9841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:51:52:0e:32:ee:57:e7:8c:51:23:07:e2:2f:
92:95:7d:94:d8:42:16:48:7f:d0:c4:ce:8f:ac:b9:
b7:22:8b:e9:67:eb:c5:41:4b:a9:20:2e:02:08:c7:
85:0e:36:56:05:3a:3f:21:56:77:8b:9a:fe:d9:6c:
ba:a2:16:2c:82:7d:0a:4b:c2:b6:80:c7:39:80:37:
8c:10:fd:17:7d:fc:f2:36:88:b5:8d:9b:89:88:b5:
68:5b:a3:59:84:3b:bd:88:67:41:f8:b9:49:e7:b0:
14:4b:06:de:79:2b:f9:b8:15:37:b0:cd:73:46:92:
46:6c:2d:4a:61:48:f7:c2:98:ea:2a:29:b9:96:c0:
e0:e6:40:e3:ad:39:2f:57:60:94:99:b1:5f:47:90:
c9:9e:4d:bb:bb:24:ee:ed:0a:df:c1:df:fe:58:be:
38:91:fe:34:c2:7b:9c:4f:93:3a:42:34:da:df:e9:
b1:8b:e6:a0:3b:5a:45:c2:9d:6a:71:d8:39:3b:ca:
98:86:49:ac:95:4f:c4:33:f3:6f:db:08:bc:cd:43:
aa:be:f7:a4:67:c5:29:fb:53:f7:0d:9b:50:1b:5e:
e8:f9:3c:17:1e:79:ea:f2:a1:da:87:37:a8:b3:bd:
a3:32:38:17:8b:c7:b6:a8:4e:6b:df:00:71:75:45:
7f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:92:2B:6E:EA:FC:58:32:DC:B1:5B:E7:46:C3:38:1C:A8:5C:98:41
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l5Irbur8WDLcsVvnRsM4HKhcmEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.49.0/24
87.121.124.0/23
94.154.161.0-94.154.163.255
164.40.185.0/24
185.218.137.0/24
185.218.139.0/24
185.219.126.0/24
194.48.248.0/24
Signature Algorithm: sha256WithRSAEncryption
11:38:c6:4e:11:fc:f8:56:b1:d0:1f:34:99:fa:7e:11:e8:29:
b3:bd:b3:46:b0:85:b5:e1:cb:a1:07:15:ff:87:d8:2a:88:22:
5c:7b:81:b0:cc:7c:88:32:d9:a3:33:04:9c:65:e6:2a:54:49:
d3:97:17:6e:6b:3f:3c:51:51:96:f9:bf:8c:75:e7:ec:b4:43:
51:ad:1b:16:ac:72:49:b3:1b:3d:2c:36:91:63:d0:3c:5e:0e:
15:10:e3:7d:4b:6c:cc:70:60:72:54:a1:d3:3d:38:a1:1b:93:
76:da:b0:2e:65:de:84:87:49:7d:30:43:d2:a3:69:5b:6f:3d:
2d:27:ed:9b:0f:eb:2d:4e:7d:66:20:21:e8:df:09:3d:72:78:
51:cf:8c:79:60:e4:23:00:bf:32:a2:a4:de:2e:ff:c2:68:b3:
d9:19:18:17:3a:e2:6f:d7:f9:e3:50:1b:da:66:84:23:37:5b:
a1:a3:93:c4:ba:5c:65:cd:e7:bd:b0:e5:8e:2e:27:a0:d1:7a:
b1:ff:a5:e4:76:b5:4c:63:4c:bd:5a:4f:13:8b:5d:e8:ae:58:
48:be:f9:67:6a:7c:e7:0d:e4:21:12:20:55:a8:2b:34:ce:f0:
65:71:d2:0c:d3:ea:1d:1a:f0:04:ba:77:fe:e2:da:5d:31:bc:
32:1e:32:36
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYTsfFEwFY4koYqZVBF4Rw13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjA3MTIwODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzkyMmI2ZWVhZmM1ODMyZGNiMTViZTc0NmMzMzgxY2E4NWM5ODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVFSDjLuV+eMUSMH4i+SlX2U2EIW
SH/QxM6PrLm3IovpZ+vFQUupIC4CCMeFDjZWBTo/IVZ3i5r+2Wy6ohYsgn0KS8K2
gMc5gDeMEP0XffzyNoi1jZuJiLVoW6NZhDu9iGdB+LlJ57AUSwbeeSv5uBU3sM1z
RpJGbC1KYUj3wpjqKim5lsDg5kDjrTkvV2CUmbFfR5DJnk27uyTu7Qrfwd/+WL44
kf40wnucT5M6QjTa3+mxi+agO1pFwp1qcdg5O8qYhkmslU/EM/Nv2wi8zUOqvvek
Z8Up+1P3DZtQG17o+TwXHnnq8qHahzeos72jMjgXi8e2qE5r3wBxdUV/KQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJeSK27q/Fgy3LFb50bDOByoXJhBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbDVJcmJ1cjhXRExjc1Z2blJzTTRIS2hjbUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUEwxAwQB
V3l8MAwDBABemqEDBAJemqADBACkKLkDBAC52okDBAC52osDBAC5234DBADCMPgw
DQYJKoZIhvcNAQELBQADggEBABE4xk4R/PhWsdAfNJn6fhHoKbO9s0awhbXhy6EH
Ff+H2CqIIlx7gbDMfIgy2aMzBJxl5ipUSdOXF25rPzxRUZb5v4x15+y0Q1GtGxas
ckmzGz0sNpFj0DxeDhUQ431LbMxwYHJUodM9OKEbk3basC5l3oSHSX0wQ9KjaVtv
PS0n7ZsP6y1OfWYgIejfCT1yeFHPjHlg5CMAvzKipN4u/8Jos9kZGBc64m/X+eNQ
G9pmhCM3W6Gjk8S6XGXN572w5Y4uJ6DRerH/peR2tUxjTL1aTxOLXeiuWEi++Wdq
fOcN5CESIFWoKzTO8GVx0gzT6h0a8AS6d/7i2l0xvDIeMjY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org