Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zU5Vt30W_Gmk8gmuyoOkMK8dqAU.roa
File: zU5Vt30W_Gmk8gmuyoOkMK8dqAU.roa (raw, json)
Hash identifier: MkrLNT5BSg1vfX4QktWa81JKajL4RZKfPEEwEgZb1ME=
Subject key identifier: CD:4E:55:B7:7D:16:FC:69:A4:F2:09:AE:CA:83:A4:30:AF:1D:A8:05
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A197AFE499E201BDAA9C5AFF1365B668D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zU5Vt30W_Gmk8gmuyoOkMK8dqAU.roa
Signing time: Mon 21 Aug 2023 19:03:25 +0000
ROA not before: Mon 21 Aug 2023 19:03:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209945
IP address blocks: 5.182.28.0/22 maxlen: 22
185.255.98.0/23 maxlen: 23
2.56.0.0/22 maxlen: 22
5.252.168.0/22 maxlen: 22
92.118.108.0/24 maxlen: 24
91.201.107.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:19:7a:fe:49:9e:20:1b:da:a9:c5:af:f1:36:5b:66:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 21 19:03:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd4e55b77d16fc69a4f209aeca83a430af1da805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4b:f7:c4:7c:51:32:37:79:63:a8:45:6b:fa:
2d:e8:1c:4d:b0:d2:42:d6:23:50:5c:76:46:40:1f:
c0:23:55:16:60:8f:0f:e3:14:75:57:8d:fe:b5:1b:
92:da:e7:19:32:b0:e0:17:d5:50:16:e8:11:81:f8:
1a:15:e4:69:91:d8:d7:b8:5a:60:b5:4d:90:d7:9a:
e3:92:1e:f1:4f:1f:9d:9c:03:33:2a:15:e2:fc:ea:
0a:37:34:bb:a8:7a:83:10:a9:d7:ba:ae:5d:63:29:
54:a0:c8:10:f8:eb:cf:39:e6:c2:6e:58:dc:82:0f:
18:51:e2:c8:21:66:6c:f3:e2:8a:0f:de:f6:52:b3:
46:52:92:23:ac:ac:74:f3:a8:3e:9d:27:70:e9:60:
63:db:0a:bc:6e:f3:18:a8:cd:12:8f:9c:ce:5f:3f:
2e:37:7b:29:c5:ce:73:5b:96:23:c2:8d:02:60:75:
12:c7:c9:f7:a0:18:e3:63:d0:0f:78:87:03:d1:af:
da:11:ff:e1:c6:86:11:74:92:bb:5b:0b:d7:e7:0f:
c2:83:af:5d:56:48:b9:59:cc:20:69:a9:16:e3:ae:
3e:b6:09:16:48:57:cf:6e:70:fa:92:14:b0:44:50:
e4:4e:b5:df:3f:60:1e:be:6e:54:49:cb:51:2a:fd:
d0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:4E:55:B7:7D:16:FC:69:A4:F2:09:AE:CA:83:A4:30:AF:1D:A8:05
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zU5Vt30W_Gmk8gmuyoOkMK8dqAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.182.28.0/22
5.252.168.0/22
91.201.107.0/24
92.118.108.0/24
185.255.98.0/23
Signature Algorithm: sha256WithRSAEncryption
89:8b:e9:e6:85:22:75:f0:cc:99:3d:75:fd:0b:0d:83:16:df:
8e:5a:06:7f:47:39:27:d1:16:29:f7:b8:db:af:2e:56:68:2e:
4a:bf:06:90:83:ae:44:64:6f:37:c9:3e:7d:bf:a3:95:a7:0b:
92:98:c2:cf:a6:c6:f5:52:d3:9f:60:49:1e:65:5f:42:87:9d:
1c:dc:84:6c:cd:de:47:1a:c1:f0:d5:e5:0b:ec:45:95:43:72:
5c:87:01:35:43:1d:54:ee:58:8c:a9:ba:59:3f:91:39:97:45:
51:8b:49:d0:0a:6e:1e:b0:dc:58:07:c1:bd:10:8f:8d:2a:af:
d0:e0:5d:83:0e:fc:39:3a:29:6c:d5:ce:d7:22:15:7e:c2:7a:
d6:0c:64:32:79:99:12:89:12:4e:0d:2b:70:d1:ba:19:8b:8a:
4e:9c:17:14:03:e0:b6:68:d2:c0:20:e4:37:ef:1f:02:a3:92:
f3:10:94:53:93:7b:8a:fb:46:4c:5b:38:4c:a8:c5:6c:0d:28:
e9:1c:27:64:41:cb:75:d9:d8:73:f3:c6:b1:ba:0a:93:9e:2d:
d7:ee:ca:f0:52:3f:01:52:9e:e2:13:0f:3e:94:2f:9b:64:63:
a6:3c:63:dc:d6:71:78:9c:db:3f:f4:78:a1:cb:03:83:2c:b1:
2a:b3:49:af
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYoZev5JniAb2qnFr/E2W2aNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODIxMTkwMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDRlNTViNzdkMTZmYzY5YTRmMjA5YWVjYTgzYTQzMGFmMWRhODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kv3xHxRMjd5Y6hFa/ot6BxNsNJC
1iNQXHZGQB/AI1UWYI8P4xR1V43+tRuS2ucZMrDgF9VQFugRgfgaFeRpkdjXuFpg
tU2Q15rjkh7xTx+dnAMzKhXi/OoKNzS7qHqDEKnXuq5dYylUoMgQ+OvPOebCbljc
gg8YUeLIIWZs8+KKD972UrNGUpIjrKx086g+nSdw6WBj2wq8bvMYqM0Sj5zOXz8u
N3spxc5zW5Yjwo0CYHUSx8n3oBjjY9APeIcD0a/aEf/hxoYRdJK7WwvX5w/Cg69d
Vki5WcwgaakW464+tgkWSFfPbnD6khSwRFDkTrXfP2Aevm5USctRKv3QRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM1OVbd9FvxppPIJrsqDpDCvHagFMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvelU1VnQzMFdfR21rOGdtdXlvT2tNSzhkcUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjgAAwQC
BbYcAwQCBfyoAwQAW8lrAwQAXHZsAwQBuf9iMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
i+nmhSJ18MyZPXX9Cw2DFt+OWgZ/Rzkn0RYp97jbry5WaC5KvwaQg65EZG83yT59
v6OVpwuSmMLPpsb1UtOfYEkeZV9Ch50c3IRszd5HGsHw1eUL7EWVQ3JchwE1Qx1U
7liMqbpZP5E5l0VRi0nQCm4esNxYB8G9EI+NKq/Q4F2DDvw5Oils1c7XIhV+wnrW
DGQyeZkSiRJODStw0boZi4pOnBcUA+C2aNLAIOQ37x8Co5LzEJRTk3uK+0ZMWzhM
qMVsDSjpHCdkQct12dhz88axugqTni3X7srwUj8BUp7iEw8+lC+bZGOmPGPc1nF4
nNs/9HihywODLLEqs0mv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org