Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/5jdPjSSy-6Y7fp3rNxjR-FYuWn4.roa
File: 5jdPjSSy-6Y7fp3rNxjR-FYuWn4.roa (raw, json)
Hash identifier: 3lsJiZeWqAtyHYikpJ2Xyi4bW90dGTTbbIYk0ycAir8=
Subject key identifier: E6:37:4F:8D:24:B2:FB:A6:3B:7E:9D:EB:37:18:D1:F8:56:2E:5A:7E
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 01852C2FC0BF15712DCDA58909F4FA692ED0
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/5jdPjSSy-6Y7fp3rNxjR-FYuWn4.roa
Signing time: Mon 19 Dec 2022 21:00:04 +0000
ROA not before: Mon 19 Dec 2022 21:00:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48265
IP address blocks: 91.210.137.0/24 maxlen: 24
91.210.138.0/24 maxlen: 24
91.210.136.0/24 maxlen: 24
91.210.139.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.129.0/24 maxlen: 24
109.104.130.0/24 maxlen: 24
109.104.128.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.145.0/24 maxlen: 24
109.104.144.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2c:2f:c0:bf:15:71:2d:cd:a5:89:09:f4:fa:69:2e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Dec 19 21:00:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6374f8d24b2fba63b7e9deb3718d1f8562e5a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ed:b8:54:75:94:7b:98:08:35:45:a9:ad:5a:
99:6f:f7:bb:f9:62:d7:9a:ab:a7:86:2c:f6:07:aa:
1d:d3:ad:f2:9e:79:ea:6b:41:b8:ab:f0:69:dc:5f:
ad:b4:a4:23:f3:7f:4b:50:7d:24:48:6f:5e:73:fd:
5c:c9:a6:7f:0a:f1:2c:6e:22:52:d1:8f:b3:e9:f0:
df:16:e9:9c:d7:8a:6e:61:af:c3:55:5e:2d:9a:f2:
22:03:54:1b:6f:57:98:b4:28:02:87:60:d1:d4:ef:
25:dc:96:21:8a:1f:f9:27:47:d1:2f:58:67:50:6a:
15:b6:4a:ee:cf:9e:5d:a6:e4:1e:af:38:22:3e:7c:
1b:ce:9f:aa:6e:ff:2f:b8:99:fc:a8:80:ae:8a:71:
5f:ba:db:b7:5f:2e:86:e5:ea:89:0e:c4:c4:25:fc:
39:44:bd:72:cc:25:21:24:10:08:2b:bc:fd:bf:43:
68:1a:7b:30:69:6f:7e:21:52:90:3f:73:91:2c:e8:
4e:1d:e4:61:cb:50:fa:18:76:3a:55:df:8b:06:bb:
3d:f2:2b:21:5c:82:61:eb:a9:49:f5:f4:09:52:66:
2d:6a:78:17:f8:06:17:4f:ad:4c:b7:0c:c0:70:8d:
aa:16:9a:85:2f:cf:0c:b0:e2:0c:4f:00:4c:19:fc:
41:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:37:4F:8D:24:B2:FB:A6:3B:7E:9D:EB:37:18:D1:F8:56:2E:5A:7E
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/5jdPjSSy-6Y7fp3rNxjR-FYuWn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.136.0/22
109.104.128.0-109.104.130.255
109.104.132.0-109.104.134.255
109.104.136.0/24
109.104.138.0/24
109.104.144.0/23
109.104.157.0-109.104.158.255
Signature Algorithm: sha256WithRSAEncryption
b9:40:4b:d4:7e:c2:7d:05:72:54:7d:f8:64:3e:12:bc:95:3b:
7e:0a:f2:4b:ee:b5:9a:2b:b0:aa:5d:b3:90:19:df:01:f4:5b:
45:4c:a6:53:6c:58:2c:d6:d7:16:4b:b9:14:90:18:cc:2e:b8:
a5:cd:0b:3d:c4:16:e6:ff:a1:bf:46:a5:42:00:70:56:4a:62:
d7:0a:26:0a:4e:cb:e1:f4:ee:05:30:4d:8d:f9:1a:f8:06:91:
ba:1c:74:8c:36:64:12:14:c6:ed:4d:ee:06:dc:f4:37:83:12:
b5:1e:28:bd:e0:40:02:76:0d:36:cb:57:97:4b:dc:8c:b4:a3:
02:f4:ae:f2:17:b3:91:a4:6f:4f:04:79:f5:63:e8:9f:85:57:
a0:c2:59:4d:9c:8b:b9:3a:9f:7d:8d:06:e1:6f:a6:37:4f:99:
ce:14:9f:89:00:7f:80:b4:a2:3b:8f:36:d1:6b:27:d6:6a:57:
a4:ad:27:0f:ca:bd:05:8a:e2:cb:13:94:04:1d:65:ab:60:c3:
49:d3:7a:ea:e9:c4:62:1b:49:25:dc:28:17:d1:e2:da:0e:b3:
c9:81:1e:41:00:e2:ba:04:f5:65:9b:20:e4:31:5e:39:ca:6d:
3e:ec:c6:94:fe:6c:fd:94:9b:79:e8:cc:90:bc:a8:a7:08:8f:
5c:ec:48:ee
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYUsL8C/FXEtzaWJCfT6aS7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjIxMjE5MjEwMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM3NGY4ZDI0YjJmYmE2M2I3ZTlkZWIzNzE4ZDFmODU2MmU1YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu24VHWUe5gINUWprVqZb/e7+WLX
mqunhiz2B6od063ynnnqa0G4q/Bp3F+ttKQj839LUH0kSG9ec/1cyaZ/CvEsbiJS
0Y+z6fDfFumc14puYa/DVV4tmvIiA1Qbb1eYtCgCh2DR1O8l3JYhih/5J0fRL1hn
UGoVtkruz55dpuQerzgiPnwbzp+qbv8vuJn8qICuinFfutu3Xy6G5eqJDsTEJfw5
RL1yzCUhJBAIK7z9v0NoGnswaW9+IVKQP3ORLOhOHeRhy1D6GHY6Vd+LBrs98ish
XIJh66lJ9fQJUmYtangX+AYXT61MtwzAcI2qFpqFL88MsOIMTwBMGfxBJwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOY3T40ksvumO36d6zcY0fhWLlp+MB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xLzVqZFBqU1N5LTZZN2ZwM3JOeGpSLUZZdVduNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBAJb0ogw
DAMEB21ogAMEAG1ogjAMAwQCbWiEAwQAbWiGAwQAbWiIAwQAbWiKAwQBbWiQMAwD
BABtaJ0DBABtaJ4wDQYJKoZIhvcNAQELBQADggEBALlAS9R+wn0FclR9+GQ+EryV
O34K8kvutZorsKpds5AZ3wH0W0VMplNsWCzW1xZLuRSQGMwuuKXNCz3EFub/ob9G
pUIAcFZKYtcKJgpOy+H07gUwTY35GvgGkbocdIw2ZBIUxu1N7gbc9DeDErUeKL3g
QAJ2DTbLV5dL3Iy0owL0rvIXs5Gkb08EefVj6J+FV6DCWU2ci7k6n32NBuFvpjdP
mc4Un4kAf4C0ojuPNtFrJ9ZqV6StJw/KvQWK4ssTlAQdZatgw0nTeurpxGIbSSXc
KBfR4toOs8mBHkEA4roE9WWbIOQxXjnKbT7sxpT+bP2Um3nozJC8qKcIj1zsSO4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:26 2024 by rpki-client on console-fra.rpki-client.org