Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/x4ktUBxS8m882QC-uvceD2iQxZQ.roa
File: x4ktUBxS8m882QC-uvceD2iQxZQ.roa (raw, json)
Hash identifier: qj17oDp/vOneVupeMcJhFATswMTYk69ETxq0g5ia+II=
Subject key identifier: C7:89:2D:50:1C:52:F2:6F:3C:D9:00:BE:BA:F7:1E:0F:68:90:C5:94
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 1A7836AD
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/x4ktUBxS8m882QC-uvceD2iQxZQ.roa
Signing time: Sat 01 Jan 2022 05:57:29 +0000
ROA not before: Sat 01 Jan 2022 05:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 5.180.8.0/22 maxlen: 22
5.183.36.0/22 maxlen: 22
185.209.4.0/22 maxlen: 22
83.150.240.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444085933 (0x1a7836ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jan 1 05:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7892d501c52f26f3cd900bebaf71e0f6890c594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b5:89:8d:71:55:de:39:c5:64:22:a1:80:3e:
71:28:0a:3f:d7:fc:1d:86:a7:ee:7f:a7:49:ee:95:
ff:79:c2:e9:32:a9:15:36:b9:02:55:cb:eb:fa:1c:
a0:8d:83:1e:cf:e8:2d:8c:5c:9a:de:21:ba:a8:97:
fe:1f:54:f4:60:ed:88:2c:21:4a:9e:3d:d6:e6:76:
1d:40:f5:24:44:81:9c:2b:58:fb:89:44:38:df:70:
c3:8a:52:51:54:dc:d6:e2:7e:02:96:70:df:4a:69:
64:02:e3:3e:18:a1:0f:fa:b4:57:ed:39:dc:41:6e:
99:81:84:54:33:0f:64:29:8d:f6:c5:7a:fe:d6:bd:
46:87:12:0f:da:a5:b8:c9:45:c9:cf:03:ae:b4:3c:
2e:ae:88:7b:ce:c5:dd:73:be:a1:4d:77:d2:b4:fd:
01:11:d8:c7:62:bc:50:dc:21:ee:fb:7a:c7:22:6a:
90:35:bf:99:55:81:fc:71:fa:be:8a:8d:41:57:71:
ef:0e:0b:30:56:5a:0e:6b:25:af:ba:ab:67:b4:63:
de:3d:99:76:da:14:3e:41:a4:58:39:f0:4a:09:4a:
d3:93:b2:ce:1e:a9:91:3f:c7:37:95:c7:cd:d6:e7:
9b:a1:b2:8f:10:a3:34:ac:dd:8f:c7:f2:a1:c9:3a:
38:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:89:2D:50:1C:52:F2:6F:3C:D9:00:BE:BA:F7:1E:0F:68:90:C5:94
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/x4ktUBxS8m882QC-uvceD2iQxZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.8.0/22
5.183.36.0/22
83.150.240.0/22
185.209.4.0/22
Signature Algorithm: sha256WithRSAEncryption
11:02:ac:2e:b8:b6:58:20:70:1f:bd:2d:8b:d3:bb:bb:9d:f6:
54:62:6e:3c:1a:6b:a5:6d:77:26:97:35:20:b3:a2:78:95:cf:
2e:e0:25:d6:8d:9a:c9:5f:64:88:8a:e0:55:eb:1e:e6:31:98:
ae:93:b6:b0:91:59:6d:c5:69:a3:4e:ae:0f:9f:7b:15:7b:2a:
e5:4d:db:b4:2c:3e:a0:dc:1b:26:6b:98:24:e3:0a:9a:6c:3c:
3e:ad:2d:b2:70:0c:e5:90:f3:f9:5d:cc:3f:3c:c4:a9:4e:43:
a7:82:6b:80:8e:93:85:bd:88:a8:90:76:d5:01:31:9d:46:d8:
a8:25:c3:fb:57:1f:b4:60:47:86:e0:a4:2d:e5:4f:64:5a:68:
f9:3c:5c:0b:f4:c9:81:de:1c:80:df:60:0f:5a:f1:af:56:3d:
6d:1b:3f:f3:a7:8c:39:ec:7d:89:d4:e0:b0:b7:eb:46:d8:fb:
f6:4e:1e:30:69:8f:fc:f5:8d:a2:b6:1e:d6:a1:0f:6a:be:5d:
78:8b:f2:5a:ad:7e:ab:0a:b9:de:7c:5e:5c:7f:98:1d:aa:58:
25:42:b8:f0:7f:97:96:4e:9a:3b:13:9f:24:84:cb:96:d2:d8:
c5:36:a0:42:a0:13:15:59:00:76:71:e9:c3:01:ff:88:37:07:
e4:39:a7:e0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGng2rTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mzk5MWFmY2Q0NTVlYjFiMTc0ZmNmODlmOGUxMGVhZjdmNzBiMzU1MB4XDTIyMDEw
MTA1NTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc4OTJkNTAxYzUy
ZjI2ZjNjZDkwMGJlYmFmNzFlMGY2ODkwYzU5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKq1iY1xVd45xWQioYA+cSgKP9f8HYan7n+nSe6V/3nC6TKp
FTa5AlXL6/ocoI2DHs/oLYxcmt4huqiX/h9U9GDtiCwhSp491uZ2HUD1JESBnCtY
+4lEON9ww4pSUVTc1uJ+ApZw30ppZALjPhihD/q0V+053EFumYGEVDMPZCmN9sV6
/ta9RocSD9qluMlFyc8DrrQ8Lq6Ie87F3XO+oU130rT9ARHYx2K8UNwh7vt6xyJq
kDW/mVWB/HH6voqNQVdx7w4LMFZaDmslr7qrZ7Rj3j2ZdtoUPkGkWDnwSglK05Oy
zh6pkT/HN5XHzdbnm6GyjxCjNKzdj8fyock6OI0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTHiS1QHFLybzzZAL669x4PaJDFlDAfBgNVHSMEGDAWgBSDmRr81FXrGxdP
z4n44Q6vf3CzVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c1a2FfTlJWNnhzWFQ4LUotT0VPcjM5d3MxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNjllZDI5LWFmNGUtNDUyNC1hZGZiLWUxNTQzNzM4MDA5OS8x
L3g0a3RVQnhTOG04ODJRQy11dmNlRDJpUXhaUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NjllZDI5LWFmNGUtNDUyNC1hZGZiLWUxNTQzNzM4MDA5OS8xL2c1a2FfTlJWNnhz
WFQ4LUotT0VPcjM5d3MxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgW0CAMEAgW3JAMEAlOW8AMEArnR
BDANBgkqhkiG9w0BAQsFAAOCAQEAEQKsLri2WCBwH70ti9O7u532VGJuPBprpW13
Jpc1ILOieJXPLuAl1o2ayV9kiIrgVese5jGYrpO2sJFZbcVpo06uD597FXsq5U3b
tCw+oNwbJmuYJOMKmmw8Pq0tsnAM5ZDz+V3MPzzEqU5Dp4JrgI6Thb2IqJB21QEx
nUbYqCXD+1cftGBHhuCkLeVPZFpo+TxcC/TJgd4cgN9gD1rxr1Y9bRs/86eMOex9
idTgsLfrRtj79k4eMGmP/PWNorYe1qEPar5deIvyWq1+qwq53nxeXH+YHapYJUK4
8H+Xlk6aOxOfJITLltLYxTagQqATFVkAdnHpwwH/iDcH5Dmn4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org