Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/B652jH-W7ACV5saPRHdFloX20ts.roa
File: B652jH-W7ACV5saPRHdFloX20ts.roa (raw, json)
Hash identifier: niloTQP7/1iamc8BLdkWmOJc2cOA6mi3TrECGuI5U/M=
Subject key identifier: 07:AE:76:8C:7F:96:EC:00:95:E6:C6:8F:44:77:45:96:85:F6:D2:DB
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 3803C971
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/B652jH-W7ACV5saPRHdFloX20ts.roa
Signing time: Sat 01 Jan 2022 11:02:20 +0000
ROA not before: Sat 01 Jan 2022 11:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47894
IP address blocks: 94.103.36.0/24 maxlen: 24
94.103.35.0/24 maxlen: 24
94.103.38.0/24 maxlen: 24
94.103.37.0/24 maxlen: 24
94.103.33.0/24 maxlen: 24
94.103.32.0/24 maxlen: 24
94.103.34.0/24 maxlen: 24
94.103.43.0/24 maxlen: 24
94.103.42.0/24 maxlen: 24
94.103.44.0/24 maxlen: 24
94.103.40.0/24 maxlen: 24
94.103.39.0/24 maxlen: 24
94.103.41.0/24 maxlen: 24
94.103.45.0/24 maxlen: 24
94.103.46.0/24 maxlen: 24
94.103.47.0/24 maxlen: 24
185.35.20.0/24 maxlen: 24
185.35.22.0/24 maxlen: 24
185.35.21.0/24 maxlen: 24
185.35.23.0/24 maxlen: 24
2a00:7300:42::/48 maxlen: 48
2a00:7300:1::/48 maxlen: 48
2a00:7300::/32 maxlen: 32
2a00:7300:100::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939772273 (0x3803c971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 1 11:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07ae768c7f96ec0095e6c68f4477459685f6d2db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:71:24:86:8a:19:bf:e6:bd:88:77:78:7a:4a:
c0:15:99:ff:48:ee:6f:1e:13:21:4a:9e:8c:cc:1d:
76:b8:80:46:ca:ff:0c:23:33:aa:77:ea:2e:28:9a:
94:3a:c3:f4:27:b4:af:d7:5b:c7:55:16:eb:9d:e8:
bc:13:f8:e2:16:4a:2d:d2:b5:55:31:f9:3d:19:68:
0f:8e:4b:2e:d4:93:41:a5:c7:82:f9:9c:49:01:05:
3e:61:d2:b5:99:30:40:66:e5:d4:cf:65:4d:3d:f0:
67:cf:9d:8c:e2:01:09:ac:5e:7c:0c:4b:a6:9a:dc:
cb:26:3b:24:f1:10:d0:ad:e7:96:c8:91:ae:d7:b9:
7f:2d:3e:8d:98:6e:82:0f:9e:94:fc:36:f0:04:a1:
5e:4e:88:d0:71:dd:99:65:df:4a:87:b1:ad:aa:ab:
b5:dd:12:4b:63:ac:78:ba:67:02:eb:29:cd:68:fc:
1d:81:f3:1b:c0:25:15:8d:c3:64:e9:3c:02:0a:ab:
8a:93:b5:81:b1:8c:92:52:85:bd:34:ab:eb:46:3f:
0b:16:98:28:22:7a:80:a7:45:d0:cb:80:11:07:02:
bd:b2:fe:ae:d7:d0:cf:c5:ca:22:10:67:f9:2b:a5:
b2:3e:5f:70:ea:e4:a3:37:bc:ee:f7:7e:4c:82:a8:
78:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AE:76:8C:7F:96:EC:00:95:E6:C6:8F:44:77:45:96:85:F6:D2:DB
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/B652jH-W7ACV5saPRHdFloX20ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.32.0/20
185.35.20.0/22
IPv6:
2a00:7300::/32
Signature Algorithm: sha256WithRSAEncryption
07:8c:81:34:8c:95:76:d7:73:04:fb:06:3c:ba:ab:12:40:c6:
ee:ae:c7:6f:f9:20:d8:08:a7:48:0e:df:9a:ef:db:82:d7:ba:
10:78:bf:c1:81:00:ee:00:d8:5b:86:62:83:bf:26:77:26:42:
a0:1c:b7:f5:e3:a0:3e:ec:23:b7:ae:ba:96:42:9f:07:f5:4a:
f3:df:1f:2c:c0:05:11:78:01:d2:db:1a:04:f9:95:4b:47:fd:
55:f5:d2:4e:02:75:fe:a4:e4:f4:4a:fb:2f:46:2f:a9:c8:8b:
03:e2:fc:95:d2:f4:dd:ad:2d:1d:66:97:d1:e2:74:7a:1b:8e:
17:f2:f2:2f:78:2f:9a:db:a4:29:3c:98:65:67:98:e4:55:29:
0a:b4:b7:30:fd:eb:2b:ea:30:28:4c:57:83:2d:55:9c:e4:9b:
1f:c7:90:a4:6b:c8:b9:08:f6:ae:30:87:77:c7:de:c9:37:02:
12:b6:14:7e:16:8b:75:c4:9b:c3:0d:d9:ed:cf:98:b9:d0:86:
e0:d1:62:72:82:91:aa:c2:c2:6c:07:d7:45:cc:0a:ea:59:b0:
75:c7:98:a6:e0:b6:11:62:b5:a6:6f:33:1d:42:e7:79:f4:1e:
b1:51:31:ea:e0:db:bb:8a:48:10:29:fc:2c:98:9d:8f:9e:6d:
4b:1c:ad:9c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEOAPJcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTAxODE1YzZmOThmM2EyYjYxODRhZmViZjE4ZWEzNDFiZTg4MmVhMB4XDTIyMDEw
MTExMDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDdhZTc2OGM3Zjk2
ZWMwMDk1ZTZjNjhmNDQ3NzQ1OTY4NWY2ZDJkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIVxJIaKGb/mvYh3eHpKwBWZ/0jubx4TIUqejMwddriARsr/
DCMzqnfqLiialDrD9Ce0r9dbx1UW653ovBP44hZKLdK1VTH5PRloD45LLtSTQaXH
gvmcSQEFPmHStZkwQGbl1M9lTT3wZ8+djOIBCaxefAxLpprcyyY7JPEQ0K3nlsiR
rte5fy0+jZhugg+elPw28AShXk6I0HHdmWXfSoexraqrtd0SS2OseLpnAuspzWj8
HYHzG8AlFY3DZOk8AgqripO1gbGMklKFvTSr60Y/CxaYKCJ6gKdF0MuAEQcCvbL+
rtfQz8XKIhBn+Sulsj5fcOrkoze87vd+TIKoeKkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQHrnaMf5bsAJXmxo9Ed0WWhfbS2zAfBgNVHSMEGDAWgBTlAYFcb5jzorYY
Sv6/GOo0G+iC6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRR0JYRy1ZODZLMkdFci12eGpxTkJ2b2d1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8x
L0I2NTJqSC1XN0FDVjVzYVBSSGRGbG9YMjB0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8xLzVRR0JYRy1ZODZL
MkdFci12eGpxTkJ2b2d1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBF5nIAMEArkjFDANBAIAAjAHAwUA
KgBzADANBgkqhkiG9w0BAQsFAAOCAQEAB4yBNIyVdtdzBPsGPLqrEkDG7q7Hb/kg
2AinSA7fmu/bgte6EHi/wYEA7gDYW4Zig78mdyZCoBy39eOgPuwjt666lkKfB/VK
898fLMAFEXgB0tsaBPmVS0f9VfXSTgJ1/qTk9Er7L0YvqciLA+L8ldL03a0tHWaX
0eJ0ehuOF/LyL3gvmtukKTyYZWeY5FUpCrS3MP3rK+owKExXgy1VnOSbH8eQpGvI
uQj2rjCHd8feyTcCErYUfhaLdcSbww3Z7c+YudCG4NFicoKRqsLCbAfXRcwK6lmw
dceYpuC2EWK1pm8zHULnefQesVEx6uDbu4pIECn8LJidj55tSxytnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org