Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a-5-P--5BtBbWzZYMNhNDXvYfcc.roa
File: a-5-P--5BtBbWzZYMNhNDXvYfcc.roa (raw, json)
Hash identifier: 9TsWTRwKjooU0GRCtVNo1aVza+uqBjitMd+GXjxTMnU=
Subject key identifier: 6B:EE:7E:3F:EF:B9:06:D0:5B:5B:36:58:30:D8:4D:0D:7B:D8:7D:C7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01828E77601FE22694C360AC8377D54C3DDD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a-5-P--5BtBbWzZYMNhNDXvYfcc.roa
Signing time: Thu 11 Aug 2022 19:52:44 +0000
ROA not before: Thu 11 Aug 2022 19:52:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209889
IP address blocks: 194.56.212.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:77:60:1f:e2:26:94:c3:60:ac:83:77:d5:4c:3d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 11 19:52:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bee7e3fefb906d05b5b365830d84d0d7bd87dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5f:21:76:4f:d2:b5:c3:59:0e:88:64:48:72:
c7:da:73:ef:6d:0f:8c:38:dd:dd:27:34:28:4a:ba:
36:5b:a1:5f:ae:a6:f1:55:d6:c7:04:30:15:6a:fd:
aa:00:bb:1d:35:fe:9a:84:2b:fa:e4:75:64:fb:76:
77:8d:54:d3:b1:a4:47:95:7e:2a:77:fc:b8:20:e2:
ba:28:66:a3:eb:15:f6:25:e3:89:19:13:d0:5a:54:
11:a6:40:61:c8:b4:5d:9b:b6:3f:29:d3:21:ba:7d:
35:a8:fe:7e:7c:e6:ec:88:79:23:70:b0:ad:8f:e5:
1d:ad:c0:25:ca:1e:56:91:c4:63:2e:bc:d3:b3:06:
cb:fb:03:ac:72:7a:f6:7e:5c:89:91:9f:0c:d0:9c:
f9:75:25:74:d9:1c:52:c3:d9:b6:aa:ea:de:bb:9b:
f5:22:e0:55:78:7d:98:d4:06:c1:3b:55:86:ae:d8:
90:3b:1f:d7:d3:06:4f:57:04:38:57:dd:1f:bd:95:
f7:5f:40:c3:1c:a7:a7:4b:d7:b7:3e:ea:05:7d:6e:
a8:3b:8d:d0:aa:76:c2:67:4d:ba:e2:bf:8f:a3:90:
17:f9:fa:2f:87:a3:ba:4e:7e:11:63:44:37:1c:60:
c4:ea:c1:bd:b6:49:cf:8f:3b:f2:be:b1:9f:c0:1b:
1a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:EE:7E:3F:EF:B9:06:D0:5B:5B:36:58:30:D8:4D:0D:7B:D8:7D:C7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a-5-P--5BtBbWzZYMNhNDXvYfcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.212.0/23
Signature Algorithm: sha256WithRSAEncryption
95:c6:85:e7:49:59:20:a8:26:aa:39:45:7c:6e:21:90:50:0e:
8f:6b:f8:41:6c:04:de:27:f9:77:9b:9f:9c:f8:83:f6:01:a5:
43:17:03:28:f2:bf:4c:ea:36:74:77:33:8c:bf:c6:f4:3f:1d:
94:a2:61:87:49:7c:f7:af:83:a8:5b:da:17:f2:37:7e:40:b8:
a5:9f:3f:eb:b2:e0:a7:d2:73:2a:86:13:e9:af:42:35:68:65:
56:c7:08:ac:07:c0:ab:95:22:fb:03:87:6e:68:a7:30:d1:59:
cc:86:58:8f:52:a2:0d:6c:3f:e9:45:39:b3:ea:61:b8:53:ad:
4f:94:0a:4d:ef:4b:7d:2f:d0:d4:8b:3a:4d:fb:28:ea:9e:4d:
53:3e:29:65:69:43:cd:82:81:ea:09:a5:07:3c:2b:00:c6:28:
ae:eb:aa:9b:31:81:af:ff:1e:cc:e0:fb:eb:5c:64:0d:c1:e8:
7c:a7:bc:70:a9:14:78:74:58:b8:4e:47:d4:8f:69:0a:fa:b0:
89:46:c9:ea:f2:96:5a:95:e5:16:12:39:83:4c:6f:71:1c:7a:
95:54:31:b9:fb:56:73:4d:3f:5f:c7:72:c7:cf:bc:7a:e4:7a:
58:aa:00:c3:51:97:27:ff:54:9d:96:97:16:2f:60:52:a3:47:
06:f2:9c:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKOd2Af4iaUw2Csg3fVTD3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwODExMTk1MjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmVlN2UzZmVmYjkwNmQwNWI1YjM2NTgzMGQ4NGQwZDdiZDg3ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF8hdk/StcNZDohkSHLH2nPvbQ+M
ON3dJzQoSro2W6FfrqbxVdbHBDAVav2qALsdNf6ahCv65HVk+3Z3jVTTsaRHlX4q
d/y4IOK6KGaj6xX2JeOJGRPQWlQRpkBhyLRdm7Y/KdMhun01qP5+fObsiHkjcLCt
j+UdrcAlyh5WkcRjLrzTswbL+wOscnr2flyJkZ8M0Jz5dSV02RxSw9m2qureu5v1
IuBVeH2Y1AbBO1WGrtiQOx/X0wZPVwQ4V90fvZX3X0DDHKenS9e3PuoFfW6oO43Q
qnbCZ0264r+Po5AX+fovh6O6Tn4RY0Q3HGDE6sG9tknPjzvyvrGfwBsabwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvufj/vuQbQW1s2WDDYTQ172H3HMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYS01LVAtLTVCdEJiV3paWU1OaE5EWHZZZmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjjUMA0G
CSqGSIb3DQEBCwUAA4IBAQCVxoXnSVkgqCaqOUV8biGQUA6Pa/hBbATeJ/l3m5+c
+IP2AaVDFwMo8r9M6jZ0dzOMv8b0Px2UomGHSXz3r4OoW9oX8jd+QLilnz/rsuCn
0nMqhhPpr0I1aGVWxwisB8CrlSL7A4duaKcw0VnMhliPUqINbD/pRTmz6mG4U61P
lApN70t9L9DUizpN+yjqnk1TPillaUPNgoHqCaUHPCsAxiiu66qbMYGv/x7M4Pvr
XGQNweh8p7xwqRR4dFi4TkfUj2kK+rCJRsnq8pZaleUWEjmDTG9xHHqVVDG5+1Zz
TT9fx3LHz7x65HpYqgDDUZcn/1SdlpcWL2BSo0cG8pxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org