Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oRH9Lg0EN08G9yyhB13Mmk7sE14.roa
File: oRH9Lg0EN08G9yyhB13Mmk7sE14.roa (raw, json)
Hash identifier: bGWKhKeToGXRShsmKuehOI3eakS2bsBgvkoA8HBdgBc=
Subject key identifier: A1:11:FD:2E:0D:04:37:4F:06:F7:2C:A1:07:5D:CC:9A:4E:EC:13:5E
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01828D743F01BC7E9F67E63EEFBDB78F0FDA
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oRH9Lg0EN08G9yyhB13Mmk7sE14.roa
Signing time: Thu 11 Aug 2022 15:09:41 +0000
ROA not before: Thu 11 Aug 2022 15:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35277
IP address blocks: 5.189.218.0/24 maxlen: 24
5.189.217.0/24 maxlen: 24
5.189.216.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.188.179.0/24 maxlen: 24
5.101.44.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.101.46.0/24 maxlen: 24
5.101.45.0/24 maxlen: 24
5.188.202.0/24 maxlen: 24
5.188.201.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
91.243.40.0/24 maxlen: 24
91.243.43.0/24 maxlen: 24
5.189.253.0/24 maxlen: 24
5.189.255.0/24 maxlen: 24
5.8.44.0/24 maxlen: 24
5.8.47.0/24 maxlen: 24
5.8.46.0/24 maxlen: 24
5.8.45.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:74:3f:01:bc:7e:9f:67:e6:3e:ef:bd:b7:8f:0f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Aug 11 15:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a111fd2e0d04374f06f72ca1075dcc9a4eec135e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f0:95:62:2d:65:78:79:ec:72:0d:1b:06:f3:
2d:6e:d6:10:20:da:41:d7:80:be:14:b6:9a:16:db:
63:83:6c:70:d2:c5:11:65:39:51:b5:c2:79:45:61:
02:17:8f:ac:0e:82:52:53:50:e9:9b:c9:c0:51:37:
af:b2:dc:d1:00:98:2d:b3:32:bb:58:64:22:46:21:
0d:40:46:31:fe:7c:dc:95:65:14:82:43:fa:e9:2b:
a2:a0:bd:fc:28:3d:97:23:41:6b:38:da:75:10:aa:
06:a9:d9:89:f2:6e:c9:59:a2:6c:53:56:0a:a1:55:
a4:eb:83:1c:3e:a8:66:4f:dc:6b:c6:24:70:74:ac:
15:fc:b1:24:fb:7b:0a:91:33:0e:90:c8:75:49:b5:
27:e2:ac:34:a4:cb:a3:68:12:f9:e9:23:89:f4:bb:
74:49:cf:08:d1:41:21:e3:42:77:67:1c:10:d3:2e:
91:28:7c:9e:78:65:0e:6e:a2:59:ff:d3:bf:0c:c8:
b9:6c:a3:2f:e1:93:bb:db:f5:84:49:19:e9:ed:b9:
27:15:13:26:e1:40:ed:15:d5:ab:59:98:31:8b:3c:
05:6f:c9:c5:d8:1c:18:b2:9f:47:91:73:ba:28:74:
da:c4:1e:c9:49:0d:c6:39:2a:99:a2:57:64:25:c6:
f1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:11:FD:2E:0D:04:37:4F:06:F7:2C:A1:07:5D:CC:9A:4E:EC:13:5E
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oRH9Lg0EN08G9yyhB13Mmk7sE14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/22
5.101.44.0/22
5.188.50.0/24
5.188.179.0/24
5.188.200.0-5.188.202.255
5.189.216.0-5.189.218.255
5.189.253.0/24
5.189.255.0/24
91.243.40.0/24
91.243.43.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:36:b8:78:cc:63:5f:bc:cb:5f:41:2e:9f:7d:a9:ff:59:e5:
8c:ee:1e:66:2d:b4:f7:8a:60:93:fd:fc:2a:b2:3a:1b:ae:f5:
44:5c:16:a8:ed:2e:ac:da:c7:c8:9a:22:50:f5:6f:31:4a:6b:
5d:86:97:d3:93:37:15:2c:67:49:1c:0b:f8:fb:90:a3:31:70:
10:6d:38:cd:da:d6:b3:84:5c:7a:f2:92:fd:d7:82:38:c5:7c:
06:f9:5a:16:33:db:72:30:ed:13:31:08:4f:2e:e9:96:25:7b:
a0:d2:d3:b8:d6:4c:f5:d7:de:80:29:b9:a6:6e:f8:4f:07:f7:
23:87:bd:d2:82:00:3b:e8:59:c4:37:9b:a9:6c:63:7d:a2:27:
f9:79:30:5b:fe:4e:cb:d6:ed:ff:ab:fc:19:9e:94:af:c7:1d:
a9:80:02:4a:0c:75:b4:19:7c:35:0c:60:7b:ef:68:0c:93:8c:
4d:b2:f7:cd:05:ed:ca:8d:df:f6:2e:f1:5f:66:e9:a1:04:38:
7e:6a:03:6c:14:4e:ee:22:79:45:ad:ca:9b:e1:a1:06:17:cd:
28:55:78:23:6d:f0:af:cc:db:6e:fd:7b:98:16:ce:65:29:6d:
ab:a8:cc:63:b8:10:aa:a6:f5:57:b2:b1:d2:e6:69:5e:49:fb:
06:5e:32:e6
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYKNdD8BvH6fZ+Y+7723jw/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIwODExMTUwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTExZmQyZTBkMDQzNzRmMDZmNzJjYTEwNzVkY2M5YTRlZWMxMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivCVYi1leHnscg0bBvMtbtYQINpB
14C+FLaaFttjg2xw0sURZTlRtcJ5RWECF4+sDoJSU1Dpm8nAUTevstzRAJgtszK7
WGQiRiENQEYx/nzclWUUgkP66SuioL38KD2XI0FrONp1EKoGqdmJ8m7JWaJsU1YK
oVWk64McPqhmT9xrxiRwdKwV/LEk+3sKkTMOkMh1SbUn4qw0pMujaBL56SOJ9Lt0
Sc8I0UEh40J3ZxwQ0y6RKHyeeGUObqJZ/9O/DMi5bKMv4ZO72/WESRnp7bknFRMm
4UDtFdWrWZgxizwFb8nF2BwYsp9HkXO6KHTaxB7JSQ3GOSqZoldkJcbx2QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFKER/S4NBDdPBvcsoQddzJpO7BNeMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvb1JIOUxnMEVOMDhHOXl5aEIxM01tazdzRTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCBQgsAwQC
BWUsAwQABbwyAwQABbyzMAwDBAMFvMgDBAAFvMowDAMEAwW92AMEAAW92gMEAAW9
/QMEAAW9/wMEAFvzKAMEAFvzKzANBgkqhkiG9w0BAQsFAAOCAQEAbza4eMxjX7zL
X0Eun32p/1nljO4eZi2094pgk/38KrI6G671RFwWqO0urNrHyJoiUPVvMUprXYaX
05M3FSxnSRwL+PuQozFwEG04zdrWs4RcevKS/deCOMV8BvlaFjPbcjDtEzEITy7p
liV7oNLTuNZM9dfegCm5pm74Twf3I4e90oIAO+hZxDebqWxjfaIn+XkwW/5Oy9bt
/6v8GZ6Ur8cdqYACSgx1tBl8NQxge+9oDJOMTbL3zQXtyo3f9i7xX2bpoQQ4fmoD
bBRO7iJ5Ra3Km+GhBhfNKFV4I23wr8zbbv17mBbOZSltq6jMY7gQqqb1V7Kx0uZp
Xkn7Bl4y5g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org