Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/OGksgcy3tDXOUSqUCC1LpxcIR9I.roa
File: OGksgcy3tDXOUSqUCC1LpxcIR9I.roa (raw, json)
Hash identifier: K+nKaA+3No2dnzaHV7BpRz5Lrio8+H3wgXanlu5jSgY=
Subject key identifier: 38:69:2C:81:CC:B7:B4:35:CE:51:2A:94:08:2D:4B:A7:17:08:47:D2
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 018BFE8AA6F78620C2E4CC41B2797F63F7DE
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/OGksgcy3tDXOUSqUCC1LpxcIR9I.roa
Signing time: Thu 23 Nov 2023 23:36:21 +0000
ROA not before: Thu 23 Nov 2023 23:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 109.205.185.0/24 maxlen: 24
5.44.248.0/24 maxlen: 32
137.59.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
46.254.105.0/24 maxlen: 32
46.16.32.0/24 maxlen: 32
2.58.76.0/22 maxlen: 32
178.212.226.0/24 maxlen: 32
80.73.243.0/24 maxlen: 32
87.236.144.0/24 maxlen: 32
93.157.108.0/24 maxlen: 32
45.67.4.0/22 maxlen: 32
185.72.240.0/22 maxlen: 32
146.255.187.0/24 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fe:8a:a6:f7:86:20:c2:e4:cc:41:b2:79:7f:63:f7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Nov 23 23:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38692c81ccb7b435ce512a94082d4ba7170847d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:07:be:08:4c:ca:97:05:5b:cb:15:2a:ad:f9:
5b:6d:18:cb:36:f4:90:96:ce:5a:d6:a4:69:3e:b8:
6f:db:4f:2c:f5:cb:a8:4b:19:08:62:fb:58:7f:86:
6d:a5:6f:dc:61:83:fc:ab:f8:51:01:eb:65:a1:f4:
ce:da:ca:4c:32:f6:ed:c7:02:4e:12:e9:9f:f3:16:
76:48:54:47:19:4c:06:33:06:64:be:e4:d5:91:5e:
a5:7b:f1:70:93:4d:37:b5:72:eb:67:b1:bd:b4:70:
5e:35:c9:0a:fb:a1:ba:89:9b:75:e8:94:07:81:27:
43:a9:25:a1:81:47:cc:07:63:04:c7:81:f5:f3:c8:
fa:fb:1a:e8:15:7f:0c:f0:e4:03:0c:d5:65:17:47:
1f:b2:05:d3:b3:05:9e:f5:45:2b:fb:4d:59:9f:42:
93:fd:87:05:c5:9a:36:89:77:e3:cb:c8:f4:1e:68:
c8:bb:ab:58:10:bd:73:d7:42:bf:29:25:98:71:af:
ee:35:bd:6b:4b:e5:a1:19:9b:66:27:6b:8c:67:ac:
67:fb:ad:c9:17:6c:63:f5:af:52:6c:a0:2c:d2:98:
48:b7:aa:bb:0d:32:cb:77:05:43:60:e9:35:8b:b6:
d3:64:8f:65:fe:d8:48:82:89:89:33:3b:4f:5f:be:
62:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:69:2C:81:CC:B7:B4:35:CE:51:2A:94:08:2D:4B:A7:17:08:47:D2
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/OGksgcy3tDXOUSqUCC1LpxcIR9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
5.44.248.0/24
45.67.4.0/22
46.16.32.0/24
46.254.105.0/24
80.73.243.0/24
87.236.144.0/24
92.119.168.0/22
93.157.108.0/24
109.205.185.0/24
137.59.4.0/22
146.255.187.0/24
178.212.226.0/24
185.72.240.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
96:f2:22:c0:48:ba:32:f6:f4:b1:e0:f1:25:c1:6e:f4:6a:9a:
f1:14:f6:69:67:91:0b:9d:e0:2b:75:ab:c9:c8:d7:97:51:88:
ff:46:d5:3a:16:3e:55:cd:e4:36:88:91:44:21:88:08:83:dd:
c8:b6:df:ca:50:25:7d:2c:ca:da:0a:90:2f:39:a0:f6:15:76:
25:ea:35:97:37:ed:8b:97:f8:d1:c2:74:9c:3c:18:8f:96:cb:
2b:b8:a5:be:90:c7:94:2a:bf:02:f2:0f:7b:d6:44:6e:7c:2c:
4a:73:d2:82:f9:f2:e5:71:48:e2:a2:f5:5a:d8:80:f2:fa:89:
24:45:44:95:99:0e:60:5a:6c:99:cb:d2:9e:95:a8:3d:cf:db:
f8:39:6c:77:c3:67:fc:b0:5a:6c:fc:20:a4:cf:7d:14:c0:ee:
76:20:d0:13:da:7d:34:a2:a0:ce:13:41:b3:93:0a:26:73:b9:
b0:32:f9:df:90:e8:35:16:59:22:88:5f:ce:7a:26:b5:c3:a8:
ac:93:6a:bf:ca:02:36:c0:30:cb:a5:56:7a:d7:ba:0a:a5:fc:
59:ec:40:fa:62:e8:b4:d3:11:43:29:46:bc:76:95:41:3e:bb:
4c:a0:21:c6:07:7f:86:1c:5d:f6:c3:62:b8:90:28:58:13:29:
5c:c6:4b:b8
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYv+iqb3hiDC5MxBsnl/Y/feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMxMTIzMjMzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODY5MmM4MWNjYjdiNDM1Y2U1MTJhOTQwODJkNGJhNzE3MDg0N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQe+CEzKlwVbyxUqrflbbRjLNvSQ
ls5a1qRpPrhv208s9cuoSxkIYvtYf4ZtpW/cYYP8q/hRAetlofTO2spMMvbtxwJO
Eumf8xZ2SFRHGUwGMwZkvuTVkV6le/Fwk003tXLrZ7G9tHBeNckK+6G6iZt16JQH
gSdDqSWhgUfMB2MEx4H188j6+xroFX8M8OQDDNVlF0cfsgXTswWe9UUr+01Zn0KT
/YcFxZo2iXfjy8j0HmjIu6tYEL1z10K/KSWYca/uNb1rS+WhGZtmJ2uMZ6xn+63J
F2xj9a9SbKAs0phIt6q7DTLLdwVDYOk1i7bTZI9l/thIgomJMztPX75i4QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDhpLIHMt7Q1zlEqlAgtS6cXCEfSMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvT0drc2djeTN0RFhPVVNxVUNDMUxweGNJUjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCAjpMAwQA
BSz4AwQCLUMEAwQALhAgAwQALv5pAwQAUEnzAwQAV+yQAwQCXHeoAwQAXZ1sAwQA
bc25AwQCiTsEAwQAkv+7AwQAstTiAwQCuUjwAwQC1a08MA0GCSqGSIb3DQEBCwUA
A4IBAQCW8iLASLoy9vSx4PElwW70aprxFPZpZ5ELneArdavJyNeXUYj/RtU6Fj5V
zeQ2iJFEIYgIg93Itt/KUCV9LMraCpAvOaD2FXYl6jWXN+2Ll/jRwnScPBiPlssr
uKW+kMeUKr8C8g971kRufCxKc9KC+fLlcUjiovVa2IDy+okkRUSVmQ5gWmyZy9Ke
lag9z9v4OWx3w2f8sFps/CCkz30UwO52INAT2n00oqDOE0Gzkwomc7mwMvnfkOg1
FlkiiF/Oeia1w6isk2q/ygI2wDDLpVZ617oKpfxZ7ED6Yui00xFDKUa8dpVBPrtM
oCHGB3+GHF32w2K4kChYEylcxku4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org