Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/PEt4zP0tIZqyHxw8jDpE19YWc_U.roa
File: PEt4zP0tIZqyHxw8jDpE19YWc_U.roa (raw, json)
Hash identifier: lTyR3LjWj9adMG5IO5WwdroRG1Kj7k2AYaHfVcR67Qw=
Subject key identifier: 3C:4B:78:CC:FD:2D:21:9A:B2:1F:1C:3C:8C:3A:44:D7:D6:16:73:F5
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 096167FD
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/PEt4zP0tIZqyHxw8jDpE19YWc_U.roa
Signing time: Mon 16 May 2022 05:39:40 +0000
ROA not before: Mon 16 May 2022 05:39:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59508
IP address blocks: 5.159.96.0/20 maxlen: 24
5.159.97.0/24 maxlen: 24
5.252.28.0/22 maxlen: 22
5.252.28.0/23 maxlen: 23
178.213.16.0/21 maxlen: 21
185.42.164.0/22 maxlen: 22
91.236.196.0/22 maxlen: 22
91.236.197.0/24 maxlen: 24
91.236.198.0/24 maxlen: 24
91.236.199.0/24 maxlen: 24
2a09:4140::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157378557 (0x96167fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: May 16 05:39:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c4b78ccfd2d219ab21f1c3c8c3a44d7d61673f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b7:d3:23:62:ff:61:55:ab:2d:57:b2:52:09:
19:6f:15:47:42:8c:6c:65:29:6e:83:11:02:05:47:
36:96:b4:43:7f:81:72:1a:f8:42:32:e6:32:4a:95:
68:ff:8a:46:3b:4a:16:47:af:d6:eb:91:db:ec:ef:
47:49:77:ff:b2:42:6b:cf:61:7a:49:f5:d0:b3:3e:
03:08:4d:48:5e:dc:13:5f:8d:46:b6:6a:e9:79:6d:
b3:99:e8:df:5f:f5:97:81:b7:cb:f9:59:25:17:ed:
b6:8b:74:f6:01:01:60:65:b8:12:5b:63:48:7f:88:
fe:1f:0d:5c:4b:6f:78:22:69:e7:91:8e:7c:f3:c0:
96:bd:50:3e:ae:b4:dc:76:46:25:00:d0:28:fb:18:
aa:02:54:10:f5:15:56:8e:53:08:dc:64:e1:8a:36:
97:d2:48:fd:ca:f4:86:ef:74:18:88:a9:d3:bd:37:
3d:06:a7:ea:96:32:23:98:70:eb:2f:46:9a:c6:f6:
ee:ba:f3:db:09:d4:a7:f4:55:b9:ee:ce:08:69:f0:
47:ec:5a:87:ac:92:36:d8:2f:dc:07:85:a1:df:9c:
c8:6f:6a:0f:af:41:58:3b:35:f0:65:85:a3:f6:dc:
4c:21:ff:c1:17:f8:93:43:bd:ea:00:ed:e5:02:ef:
6f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:4B:78:CC:FD:2D:21:9A:B2:1F:1C:3C:8C:3A:44:D7:D6:16:73:F5
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/PEt4zP0tIZqyHxw8jDpE19YWc_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.96.0/20
5.252.28.0/22
91.236.196.0/22
178.213.16.0/21
185.42.164.0/22
IPv6:
2a09:4140::/29
Signature Algorithm: sha256WithRSAEncryption
4c:9e:52:66:02:70:64:44:2f:59:68:19:58:46:5b:13:c0:bb:
25:ca:50:00:3c:9f:70:e1:d1:df:01:13:35:ba:3e:82:06:78:
da:67:d1:06:c5:11:10:5a:a2:14:d8:6e:fb:62:f1:29:56:d9:
a4:93:fd:75:89:4c:90:4d:9d:66:83:0d:cd:b2:15:72:9d:09:
f1:01:0d:53:4d:04:dd:9a:1a:04:c6:a1:6d:7c:00:b0:8f:d7:
4e:e1:e4:c6:5d:28:b2:4b:72:52:ea:a5:f8:e3:ec:4e:b1:06:
0d:b7:14:3a:a1:a1:98:de:e7:a6:97:f9:82:f0:7a:2e:89:0c:
9e:42:51:bc:74:7a:d1:c9:17:1d:ab:2c:cc:2d:b5:7e:92:57:
45:04:de:cb:5a:03:b5:cd:25:08:03:06:ff:ee:7d:d0:6a:f2:
03:3d:d8:07:54:b1:00:82:62:c4:08:07:21:32:d4:d5:f4:a7:
8f:bc:c7:e7:5f:3e:d5:f0:ae:73:20:91:51:c3:65:e2:41:d0:
6e:d9:6b:1e:48:4a:bf:88:84:01:d8:6e:a8:f7:42:25:d2:2e:
ac:f6:a3:fa:b3:bc:d3:30:75:6f:66:c8:df:d9:9d:0a:da:af:
9d:2f:c6:4e:c5:11:54:01:88:f0:66:c9:04:b0:c8:61:7f:2a:
19:7f:a2:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECWFn/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDNlYmE2ODczYzViNTA3NWIzYzQzOWY3ZmVlYjU0YWYxZjEwZGE5MB4XDTIyMDUx
NjA1Mzk0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M0Yjc4Y2NmZDJk
MjE5YWIyMWYxYzNjOGMzYTQ0ZDdkNjE2NzNmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ230yNi/2FVqy1XslIJGW8VR0KMbGUpboMRAgVHNpa0Q3+B
chr4QjLmMkqVaP+KRjtKFkev1uuR2+zvR0l3/7JCa89hekn10LM+AwhNSF7cE1+N
RrZq6Xlts5no31/1l4G3y/lZJRfttot09gEBYGW4EltjSH+I/h8NXEtveCJp55GO
fPPAlr1QPq603HZGJQDQKPsYqgJUEPUVVo5TCNxk4Yo2l9JI/cr0hu90GIip0703
PQan6pYyI5hw6y9Gmsb27rrz2wnUp/RVue7OCGnwR+xah6ySNtgv3AeFod+cyG9q
D69BWDs18GWFo/bcTCH/wRf4k0O96gDt5QLvb9cCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQ8S3jM/S0hmrIfHDyMOkTX1hZz9TAfBgNVHSMEGDAWgBQNPrpoc8W1B1s8
Q59/7rVK8fENqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RUNjZhSFBGdFFkYlBFT2ZmLTYxU3ZIeERhay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvMzM4M2YxLTA0MjgtNDY0Yi1iZDFlLTI3OTk4YmYxNzQ2NS8x
L1BFdDR6UDB0SVpxeUh4dzhqRHBFMTlZV2NfVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
MzM4M2YxLTA0MjgtNDY0Yi1iZDFlLTI3OTk4YmYxNzQ2NS8xL0RUNjZhSFBGdFFk
YlBFT2ZmLTYxU3ZIeERhay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBAWfYAMEAgX8HAMEAlvsxAMEA7LV
EAMEArkqpDANBAIAAjAHAwUDKglBQDANBgkqhkiG9w0BAQsFAAOCAQEATJ5SZgJw
ZEQvWWgZWEZbE8C7JcpQADyfcOHR3wETNbo+ggZ42mfRBsUREFqiFNhu+2LxKVbZ
pJP9dYlMkE2dZoMNzbIVcp0J8QENU00E3ZoaBMahbXwAsI/XTuHkxl0osktyUuql
+OPsTrEGDbcUOqGhmN7nppf5gvB6LokMnkJRvHR60ckXHasszC21fpJXRQTey1oD
tc0lCAMG/+590GryAz3YB1SxAIJixAgHITLU1fSnj7zH518+1fCucyCRUcNl4kHQ
btlrHkhKv4iEAdhuqPdCJdIurPaj+rO80zB1b2bI39mdCtqvnS/GTsURVAGI8GbJ
BLDIYX8qGX+icA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:10 2024 by rpki-client on console-fra.rpki-client.org