Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Wj-adOYuKyoDZe1QveL6FvUSwUc.roa
File: Wj-adOYuKyoDZe1QveL6FvUSwUc.roa (raw, json)
Hash identifier: E3/aRDdmHrL96thYCzN9d3WuKfx3txV6xBNEV6NxC48=
Subject key identifier: 5A:3F:9A:74:E6:2E:2B:2A:03:65:ED:50:BD:E2:FA:16:F5:12:C1:47
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0185655BF0ADBC6519C5E7B4C4E32EAFD737
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Wj-adOYuKyoDZe1QveL6FvUSwUc.roa
Signing time: Fri 30 Dec 2022 23:26:42 +0000
ROA not before: Fri 30 Dec 2022 23:26:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209945
IP address blocks: 185.255.98.0/23 maxlen: 23
2.56.0.0/22 maxlen: 22
195.149.127.0/24 maxlen: 24
5.252.168.0/22 maxlen: 22
92.118.108.0/24 maxlen: 24
91.201.107.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:65:5b:f0:ad:bc:65:19:c5:e7:b4:c4:e3:2e:af:d7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 30 23:26:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a3f9a74e62e2b2a0365ed50bde2fa16f512c147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:09:c7:55:e6:fd:3b:72:67:ea:82:58:37:f8:
07:5e:a6:27:ca:23:a7:df:96:73:20:ce:e9:45:9f:
b2:ce:dc:5b:b0:32:ca:e8:29:16:39:d7:e8:e0:c2:
ca:95:be:96:ec:31:18:37:b0:70:e4:58:47:a5:9c:
fa:9e:46:ad:cf:56:e5:62:af:45:54:64:d8:ad:2e:
46:39:26:72:6d:ba:84:1b:fb:0c:f0:88:d5:f2:e4:
bb:63:96:0b:26:4b:9d:4a:15:d8:5d:08:13:b7:43:
02:fa:cb:c0:26:0f:06:b2:0d:36:d4:b8:9e:32:58:
aa:f9:cd:a9:58:b5:a2:9a:35:0f:a8:da:df:9c:aa:
25:18:c7:be:87:38:0f:27:37:55:0c:a0:ad:cc:59:
e7:72:5e:d1:7a:c2:a2:35:e2:c3:e6:b1:e6:82:6d:
61:b7:a2:0e:78:84:a7:17:b9:23:9b:ab:69:36:ed:
7c:99:c6:69:fb:40:07:a2:a1:b9:5e:7d:56:87:fd:
41:99:a3:fc:e0:c6:c0:70:54:50:43:bb:a7:4c:82:
8a:02:ea:f8:32:00:42:7f:6d:f1:52:18:a3:38:2d:
b9:dc:26:c9:6e:6b:7b:c1:1d:cb:31:28:a1:4c:f8:
01:9d:b0:46:b6:3a:f9:eb:7b:56:d4:f9:db:d7:31:
31:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3F:9A:74:E6:2E:2B:2A:03:65:ED:50:BD:E2:FA:16:F5:12:C1:47
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Wj-adOYuKyoDZe1QveL6FvUSwUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.252.168.0/22
91.201.107.0/24
92.118.108.0/24
185.255.98.0/23
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:1b:46:c0:41:d8:bb:1a:4e:14:c3:13:5a:b4:6e:b2:e2:c6:
33:53:dc:2b:ce:68:79:11:7c:71:c2:3b:c7:c5:5d:15:fa:db:
03:3b:6f:c2:86:98:c0:8b:9e:73:9d:e0:3d:49:71:65:3b:bd:
71:b1:b2:4b:57:34:3f:5b:a9:e8:d0:02:c9:6a:97:fe:f5:d1:
b0:c0:85:d7:1d:fd:9c:ea:38:70:0f:f6:37:bf:60:59:48:92:
cc:1f:bf:3f:14:76:93:44:97:30:2b:64:e6:5b:eb:16:f8:11:
35:f9:8c:57:1b:bd:b0:5d:fa:f6:82:9e:f1:17:64:db:3f:5d:
3c:2a:9a:2b:1c:f3:cb:40:24:3a:24:f6:69:ae:45:a0:b3:bf:
7c:5d:c2:77:55:e4:7c:dc:73:2d:03:50:c9:87:85:fa:88:a7:
13:8d:16:79:ae:3f:d9:bc:25:c9:cc:66:b1:b6:c6:61:d4:61:
8f:56:21:3f:a1:c9:90:25:8f:bd:be:38:c5:97:c8:bd:c9:ca:
0c:4b:5d:5f:00:29:c8:d9:40:04:19:78:02:ce:6e:c0:1f:54:
ac:3d:18:96:bf:88:7e:8e:bd:0f:f6:76:75:e4:a3:9a:ca:f4:
3d:bb:3e:be:27:55:05:5e:94:62:cd:e1:50:27:17:81:74:91:
16:bb:34:71
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVlW/CtvGUZxee0xOMur9c3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjMwMjMyNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTNmOWE3NGU2MmUyYjJhMDM2NWVkNTBiZGUyZmExNmY1MTJjMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQnHVeb9O3Jn6oJYN/gHXqYnyiOn
35ZzIM7pRZ+yztxbsDLK6CkWOdfo4MLKlb6W7DEYN7Bw5FhHpZz6nkatz1blYq9F
VGTYrS5GOSZybbqEG/sM8IjV8uS7Y5YLJkudShXYXQgTt0MC+svAJg8Gsg021Lie
Mliq+c2pWLWimjUPqNrfnKolGMe+hzgPJzdVDKCtzFnncl7ResKiNeLD5rHmgm1h
t6IOeISnF7kjm6tpNu18mcZp+0AHoqG5Xn1Wh/1BmaP84MbAcFRQQ7unTIKKAur4
MgBCf23xUhijOC253CbJbmt7wR3LMSihTPgBnbBGtjr563tW1Pnb1zExrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFo/mnTmLisqA2XtUL3i+hb1EsFHMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvV2otYWRPWXVLeW9EWmUxUXZlTDZGdlVTd1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjgAAwQC
BfyoAwQAW8lrAwQAXHZsAwQBuf9iAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQAe
G0bAQdi7Gk4UwxNatG6y4sYzU9wrzmh5EXxxwjvHxV0V+tsDO2/ChpjAi55zneA9
SXFlO71xsbJLVzQ/W6no0ALJapf+9dGwwIXXHf2c6jhwD/Y3v2BZSJLMH78/FHaT
RJcwK2TmW+sW+BE1+YxXG72wXfr2gp7xF2TbP108KporHPPLQCQ6JPZprkWgs798
XcJ3VeR83HMtA1DJh4X6iKcTjRZ5rj/ZvCXJzGaxtsZh1GGPViE/ocmQJY+9vjjF
l8i9ycoMS11fACnI2UAEGXgCzm7AH1SsPRiWv4h+jr0P9nZ15KOayvQ9uz6+J1UF
XpRizeFQJxeBdJEWuzRx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org