Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/Gv_x5R_8mmVBHFUJgLcluLOHTG4.roa
File: Gv_x5R_8mmVBHFUJgLcluLOHTG4.roa (raw, json)
Hash identifier: 2rDRuLtSi3tXlz3RWWj+QGp6YH6OlzoBcC29u1akNSs=
Subject key identifier: 1A:FF:F1:E5:1F:FC:9A:65:41:1C:55:09:80:B7:25:B8:B3:87:4C:6E
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018EC83FF95E13763E5824CE45EB04C3D3A6
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/Gv_x5R_8mmVBHFUJgLcluLOHTG4.roa
Signing time: Wed 10 Apr 2024 13:43:39 +0000
ROA not before: Wed 10 Apr 2024 13:43:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.57.210.0/24 maxlen: 24
31.222.245.0/24 maxlen: 24
146.19.109.0/24 maxlen: 24
193.163.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c8:3f:f9:5e:13:76:3e:58:24:ce:45:eb:04:c3:d3:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Apr 10 13:43:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1afff1e51ffc9a65411c550980b725b8b3874c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fb:a5:29:03:ad:0e:a1:60:84:12:58:1b:fb:
d0:b6:13:09:3e:63:43:1d:ca:bf:50:d3:12:16:76:
1a:7e:0d:be:d4:ad:3e:51:49:98:96:2d:d4:47:3b:
7d:9c:39:5a:84:f8:ed:ac:61:74:06:e4:13:37:63:
d5:89:55:e9:ed:9a:8e:87:b2:4c:bc:34:bd:ed:9d:
3f:b7:ec:be:06:f7:eb:3d:83:e9:bc:6b:59:ec:a0:
d1:b3:9b:e8:89:d2:fe:58:85:69:bc:cc:2c:2b:89:
2f:91:64:26:d5:44:68:a8:15:98:88:48:a2:24:68:
c3:38:f3:8d:b9:21:b4:5d:45:aa:70:e5:0f:85:d9:
95:1c:b6:a5:f2:0c:31:f3:0c:56:c1:ff:bc:b3:ae:
2e:e8:8e:a8:12:31:59:cf:66:16:be:46:53:26:dd:
08:c8:d2:48:96:aa:af:c3:ae:38:03:3a:1f:a7:7d:
84:fc:70:42:b3:3e:55:52:84:db:ff:6e:87:ee:ec:
41:4e:4d:c6:36:8e:87:e5:83:b7:70:91:7c:dd:c9:
7c:b2:79:ea:ef:ef:d1:58:d1:f9:7b:c0:0d:87:83:
02:5e:9b:b9:7d:2c:3f:57:71:cd:03:5f:cd:ae:cb:
00:bc:59:6c:31:19:e1:7f:04:27:4a:a6:c2:77:ad:
1f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FF:F1:E5:1F:FC:9A:65:41:1C:55:09:80:B7:25:B8:B3:87:4C:6E
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/Gv_x5R_8mmVBHFUJgLcluLOHTG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.210.0/24
31.222.245.0/24
146.19.109.0/24
193.163.20.0/24
Signature Algorithm: sha256WithRSAEncryption
34:e6:36:13:e9:31:25:55:4e:9d:e2:bd:98:65:20:1d:90:5d:
df:c8:16:ca:76:27:0a:d6:4e:a2:c3:72:7b:bc:e4:44:b8:40:
60:ee:0f:e5:52:1f:bd:43:ef:a0:a0:e5:b7:23:13:53:7d:56:
6a:cc:34:0b:2f:a4:ce:6f:c0:fc:7a:fa:8e:34:ec:05:63:29:
ea:7f:36:95:41:30:a7:1d:7a:e6:d1:c9:86:9a:48:32:a6:e2:
cb:84:4f:5b:48:95:e8:d5:b8:e6:21:e7:ae:4c:48:93:9d:62:
9e:cb:fe:d3:43:90:79:69:3b:64:69:71:73:a9:c2:ca:bb:18:
17:ad:9d:a6:78:15:26:a8:11:00:bc:bb:fb:e9:15:e2:82:f5:
0c:33:6c:79:72:0f:a0:c4:c1:bc:4d:75:4a:7d:da:36:6c:22:
f4:a8:75:c8:4d:62:3f:b2:4f:13:4f:e5:a4:de:e4:14:5c:2c:
f4:96:9a:34:8f:dc:23:64:51:9f:37:4b:ec:93:94:03:f1:b4:
3e:b4:ce:9a:aa:05:c8:5e:0a:d4:28:08:af:be:8f:0d:b8:a1:
07:18:60:25:dd:3a:76:21:0f:2c:54:c8:d9:98:68:35:5b:aa:
9b:d5:cf:a0:47:e4:af:2c:fb:4e:0a:b1:3d:3a:2c:1e:87:aa:
89:00:9e:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7IP/leE3Y+WCTOResEw9OmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNDEwMTM0MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWZmZjFlNTFmZmM5YTY1NDExYzU1MDk4MGI3MjViOGIzODc0YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/ulKQOtDqFghBJYG/vQthMJPmND
Hcq/UNMSFnYafg2+1K0+UUmYli3URzt9nDlahPjtrGF0BuQTN2PViVXp7ZqOh7JM
vDS97Z0/t+y+BvfrPYPpvGtZ7KDRs5voidL+WIVpvMwsK4kvkWQm1URoqBWYiEii
JGjDOPONuSG0XUWqcOUPhdmVHLal8gwx8wxWwf+8s64u6I6oEjFZz2YWvkZTJt0I
yNJIlqqvw644Azofp32E/HBCsz5VUoTb/26H7uxBTk3GNo6H5YO3cJF83cl8snnq
7+/RWNH5e8ANh4MCXpu5fSw/V3HNA1/NrssAvFlsMRnhfwQnSqbCd60f2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBr/8eUf/JplQRxVCYC3Jbizh0xuMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvR3ZfeDVSXzhtbVZCSEZVSmdMY2x1TE9IVEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABTnSAwQA
H971AwQAkhNtAwQAwaMUMA0GCSqGSIb3DQEBCwUAA4IBAQA05jYT6TElVU6d4r2Y
ZSAdkF3fyBbKdicK1k6iw3J7vOREuEBg7g/lUh+9Q++goOW3IxNTfVZqzDQLL6TO
b8D8evqONOwFYynqfzaVQTCnHXrm0cmGmkgypuLLhE9bSJXo1bjmIeeuTEiTnWKe
y/7TQ5B5aTtkaXFzqcLKuxgXrZ2meBUmqBEAvLv76RXigvUMM2x5cg+gxMG8TXVK
fdo2bCL0qHXITWI/sk8TT+Wk3uQUXCz0lpo0j9wjZFGfN0vsk5QD8bQ+tM6aqgXI
XgrUKAivvo8NuKEHGGAl3Tp2IQ8sVMjZmGg1W6qb1c+gR+SvLPtOCrE9Oiweh6qJ
AJ40
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org