Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/yLmRnoL2sChpiQ0XahrEWXKJj_E.roa
File: yLmRnoL2sChpiQ0XahrEWXKJj_E.roa (raw, json)
Hash identifier: QqPqOb97aZXJkyP5XfZzkIsAlta9ACWnkmhNFRHwIIk=
Subject key identifier: C8:B9:91:9E:82:F6:B0:28:69:89:0D:17:6A:1A:C4:59:72:89:8F:F1
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018CC49338BC558DD823DCD74B17C5E765D0
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/yLmRnoL2sChpiQ0XahrEWXKJj_E.roa
Signing time: Mon 01 Jan 2024 10:30:31 +0000
ROA not before: Mon 01 Jan 2024 10:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197328
IP address blocks: 162.222.88.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
5.255.57.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
185.150.2.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
185.4.225.0/24 maxlen: 24
185.4.227.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
185.212.175.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
185.162.72.0/23 maxlen: 23
2a07:5140::/29 maxlen: 29
2a06:4b40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:38:bc:55:8d:d8:23:dc:d7:4b:17:c5:e7:65:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jan 1 10:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8b9919e82f6b02869890d176a1ac45972898ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5f:79:be:37:b4:23:32:12:1f:a4:19:62:49:
06:d1:29:da:bf:db:78:37:40:41:57:f9:ca:25:70:
21:58:49:83:39:ae:48:1b:90:85:0d:07:2c:1b:13:
10:14:32:2c:15:e6:dc:b4:10:fd:5b:5f:6d:cb:58:
72:8a:79:ce:80:a2:3a:17:99:2e:05:2b:01:69:90:
b5:ea:26:7e:8b:7a:17:85:40:10:ff:de:b0:7d:79:
75:c1:14:9f:21:52:78:a7:26:bf:60:df:9a:ca:65:
de:67:67:f8:10:fb:41:23:23:9b:9b:96:34:ce:0d:
4e:dc:ab:69:90:b3:bb:84:c0:bd:28:8b:f9:fb:4c:
b8:4d:cd:86:38:f1:98:d3:51:3c:68:c7:a4:b4:3d:
d4:2d:38:6a:b8:72:ce:4f:4a:8f:db:71:ce:17:bc:
65:da:53:d5:94:ae:6a:4f:61:44:d0:c5:be:c9:a7:
2b:c8:01:2c:2a:d5:9e:dc:f7:eb:b6:5a:0e:4f:43:
8d:0f:77:c3:67:63:fc:38:4e:31:b9:17:12:1e:7a:
b1:88:39:5f:27:0c:27:85:0e:7f:33:10:69:8b:9b:
c2:69:71:07:84:bb:a1:75:9f:44:14:ba:46:3f:8b:
54:8f:fe:f8:8c:4e:40:33:ce:c0:01:4c:a4:21:6c:
fe:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B9:91:9E:82:F6:B0:28:69:89:0D:17:6A:1A:C4:59:72:89:8F:F1
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/yLmRnoL2sChpiQ0XahrEWXKJj_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.112.0/23
107.150.172.0/24
107.150.177.0/24
162.222.88.0/24
167.160.13.0/24
167.160.27.0/24
185.4.225.0/24
185.4.227.0/24
185.150.2.0/24
185.162.72.0/23
185.212.175.0/24
IPv6:
2a06:4b40::/29
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
8c:43:73:2f:42:a8:13:21:c3:24:9b:49:e7:c9:d0:c6:a3:0b:
a0:d5:77:7a:af:d8:5c:fd:01:df:ef:d8:11:01:f4:33:26:26:
bb:c3:e0:20:3f:8e:df:0e:f9:f8:04:68:9d:25:ea:27:70:11:
b1:64:b0:44:ff:e2:1a:87:72:43:09:1a:66:74:b0:f5:ef:fb:
e5:da:22:97:86:ee:e8:2c:43:95:c2:a4:24:1a:90:1f:04:eb:
a3:76:ae:b8:f0:4b:50:ef:1e:69:31:28:dc:69:fa:d2:ec:57:
c0:32:8b:41:91:ea:eb:cc:d9:5d:02:23:94:48:7a:c7:95:2e:
62:05:a6:bf:92:fb:4b:be:53:53:f9:58:0b:4c:ea:7d:cd:0c:
d2:ae:f5:bd:c4:52:c4:40:06:ac:95:88:32:89:3c:22:bd:8c:
81:b2:9f:fe:3e:20:1f:7b:d0:8a:8b:78:6c:05:3a:19:82:b6:
87:f0:48:2e:6e:60:a2:09:b8:ef:2a:e2:7a:47:69:4f:04:42:
ac:bf:9e:a5:37:32:95:4e:62:e8:c3:08:51:e3:c1:6b:d4:d1:
c6:a8:fb:cf:97:01:1c:26:dc:d4:d4:80:89:79:8f:32:2a:cd:
e4:c3:ab:76:d9:59:15:a0:42:91:20:29:da:52:2f:55:f5:d8:
be:b8:42:bf
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYzEkzi8VY3YI9zXSxfF52XQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjQwMTAxMTAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI5OTE5ZTgyZjZiMDI4Njk4OTBkMTc2YTFhYzQ1OTcyODk4ZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV95vje0IzISH6QZYkkG0Snav9t4
N0BBV/nKJXAhWEmDOa5IG5CFDQcsGxMQFDIsFebctBD9W19ty1hyinnOgKI6F5ku
BSsBaZC16iZ+i3oXhUAQ/96wfXl1wRSfIVJ4pya/YN+aymXeZ2f4EPtBIyObm5Y0
zg1O3KtpkLO7hMC9KIv5+0y4Tc2GOPGY01E8aMektD3ULThquHLOT0qP23HOF7xl
2lPVlK5qT2FE0MW+yacryAEsKtWe3PfrtloOT0OND3fDZ2P8OE4xuRcSHnqxiDlf
JwwnhQ5/MxBpi5vCaXEHhLuhdZ9EFLpGP4tUj/74jE5AM87AAUykIWz+hwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFMi5kZ6C9rAoaYkNF2oaxFlyiY/xMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEveUxtUm5vTDJzQ2hwaVEwWGFockVXWEtKal9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEAAX/OTAM
AwQABf89AwQGBf8AAwQAF/xCAwQBW1xwAwQAa5asAwQAa5axAwQAot5YAwQAp6AN
AwQAp6AbAwQAuQThAwQAuQTjAwQAuZYCAwQBuaJIAwQAudSvMBQEAgACMA4DBQMq
BktAAwUDKgdRQDANBgkqhkiG9w0BAQsFAAOCAQEAjENzL0KoEyHDJJtJ58nQxqML
oNV3eq/YXP0B3+/YEQH0MyYmu8PgID+O3w75+ARonSXqJ3ARsWSwRP/iGodyQwka
ZnSw9e/75doil4bu6CxDlcKkJBqQHwTro3auuPBLUO8eaTEo3Gn60uxXwDKLQZHq
68zZXQIjlEh6x5UuYgWmv5L7S75TU/lYC0zqfc0M0q71vcRSxEAGrJWIMok8Ir2M
gbKf/j4gH3vQiot4bAU6GYK2h/BILm5gogm47yriekdpTwRCrL+epTcylU5i6MMI
UePBa9TRxqj7z5cBHCbc1NSAiXmPMirN5MOrdtlZFaBCkSAp2lIvVfXYvrhCvw==
-----END CERTIFICATE-----
Generated at Thu Jul 25 11:10:05 2024 by rpki-client on console-ams.rpki-client.org