Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/p1w-SYp3eQCjO1jghg-EQCpG0LU.roa
File: p1w-SYp3eQCjO1jghg-EQCpG0LU.roa (raw, json)
Hash identifier: rwWudxKgo+YT9Ai0A/TFVzzODEFoNNp/yDVY0jgAUI8=
Subject key identifier: A7:5C:3E:49:8A:77:79:00:A3:3B:58:E0:86:0F:84:40:2A:46:D0:B5
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018F1EC60CE8B2F1989CC699689A079B0EE6
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/p1w-SYp3eQCjO1jghg-EQCpG0LU.roa
Signing time: Sat 27 Apr 2024 08:57:26 +0000
ROA not before: Sat 27 Apr 2024 08:57:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.57.210.0/24 maxlen: 24
31.222.245.0/24 maxlen: 24
88.151.112.0/24 maxlen: 24
146.19.109.0/24 maxlen: 24
193.163.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1e:c6:0c:e8:b2:f1:98:9c:c6:99:68:9a:07:9b:0e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Apr 27 08:57:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a75c3e498a777900a33b58e0860f84402a46d0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:26:e1:95:cf:6a:41:dd:26:f2:ec:81:6e:
61:dc:2a:e5:fe:05:7f:6a:97:e3:55:15:a8:c9:be:
d4:1e:47:52:95:46:f4:a2:7f:8c:6c:5b:bb:ac:08:
7f:a8:f7:91:5b:ca:df:40:be:bc:3d:53:b4:98:a0:
ff:71:e1:fb:a1:56:df:90:36:ec:ad:07:61:8b:c2:
d0:11:fd:3f:7c:5e:fd:80:a0:9b:11:0a:10:81:a6:
4c:e1:39:a1:10:5c:93:3f:ed:fe:02:67:49:e1:14:
c5:34:df:f4:6b:72:51:36:4c:27:7d:23:c6:80:d0:
bc:ee:5d:11:b6:12:86:e6:94:6f:ea:77:3a:45:96:
7c:7f:73:ff:78:85:db:87:7e:ba:a9:19:f3:7c:c7:
9e:dd:82:c3:11:73:1d:aa:af:3e:d9:51:c2:b6:fa:
5d:32:db:0b:85:65:50:32:c2:8d:e3:9b:83:83:33:
1d:0c:be:26:e5:87:5b:6d:77:e5:93:79:7c:42:2c:
5e:c4:fe:8a:98:f8:44:e0:2e:62:e5:c2:85:d0:95:
58:e8:ed:ec:08:06:ed:a2:86:c7:e8:4f:bc:f4:b8:
a7:58:10:cd:3f:e9:d9:64:13:da:6b:a8:70:22:b7:
16:67:ba:1b:34:24:e7:1e:15:14:b7:b7:83:2f:42:
2d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5C:3E:49:8A:77:79:00:A3:3B:58:E0:86:0F:84:40:2A:46:D0:B5
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/p1w-SYp3eQCjO1jghg-EQCpG0LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.210.0/24
31.222.245.0/24
88.151.112.0/24
146.19.109.0/24
193.163.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:22:ed:cc:bd:dd:51:29:16:85:7b:1c:32:9f:f8:3d:84:2a:
53:93:e0:e9:a3:0a:ee:c9:29:29:41:ec:19:92:34:67:97:5e:
c5:d0:82:2b:07:b5:d5:fd:3d:4e:66:ef:dd:e7:51:b9:8e:19:
d6:e6:3e:d7:60:94:db:1e:99:10:56:b7:6a:45:8d:a7:f9:5b:
6e:06:d1:60:ac:55:7b:54:dd:1a:f0:aa:c4:97:c1:9c:46:56:
f9:31:97:81:dd:a5:7d:86:77:47:b1:96:5c:97:b4:a6:da:cf:
67:79:df:eb:47:f5:8f:4b:89:e3:28:f4:ea:a1:9a:a3:44:80:
da:a1:17:1d:b6:06:96:2e:de:e6:d6:8f:8c:93:f3:50:1a:1a:
ea:aa:53:57:15:c1:70:00:ca:5b:b5:08:4f:89:f4:f0:ba:74:
91:07:0b:f7:76:b1:53:ac:76:5e:e3:a6:e4:a5:44:5e:77:9b:
2b:8a:ff:a4:aa:9c:e6:fb:e3:5b:32:1e:af:e6:f6:01:c5:22:
27:1c:8c:ce:a5:f2:d1:30:99:a1:5b:52:96:33:03:2a:7c:60:
66:e4:6e:76:7b:43:08:df:86:e8:4d:d3:13:df:36:c3:0b:da:
b9:cc:82:81:c5:ec:ce:03:b4:68:13:34:d5:c4:2f:38:15:be:
78:6c:5b:87
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8exgzosvGYnMaZaJoHmw7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNDI3MDg1NzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVjM2U0OThhNzc3OTAwYTMzYjU4ZTA4NjBmODQ0MDJhNDZkMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpcm4ZXPakHdJvLsgW5h3Crl/gV/
apfjVRWoyb7UHkdSlUb0on+MbFu7rAh/qPeRW8rfQL68PVO0mKD/ceH7oVbfkDbs
rQdhi8LQEf0/fF79gKCbEQoQgaZM4TmhEFyTP+3+AmdJ4RTFNN/0a3JRNkwnfSPG
gNC87l0RthKG5pRv6nc6RZZ8f3P/eIXbh366qRnzfMee3YLDEXMdqq8+2VHCtvpd
MtsLhWVQMsKN45uDgzMdDL4m5YdbbXflk3l8QixexP6KmPhE4C5i5cKF0JVY6O3s
CAbtoobH6E+89LinWBDNP+nZZBPaa6hwIrcWZ7obNCTnHhUUt7eDL0It+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKdcPkmKd3kAoztY4IYPhEAqRtC1MB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvcDF3LVNZcDNlUUNqTzFqZ2hnLUVRQ3BHMExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABTnSAwQA
H971AwQAWJdwAwQAkhNtAwQAwaMUMA0GCSqGSIb3DQEBCwUAA4IBAQCoIu3Mvd1R
KRaFexwyn/g9hCpTk+DpowruySkpQewZkjRnl17F0IIrB7XV/T1OZu/d51G5jhnW
5j7XYJTbHpkQVrdqRY2n+VtuBtFgrFV7VN0a8KrEl8GcRlb5MZeB3aV9hndHsZZc
l7Sm2s9ned/rR/WPS4njKPTqoZqjRIDaoRcdtgaWLt7m1o+Mk/NQGhrqqlNXFcFw
AMpbtQhPifTwunSRBwv3drFTrHZe46bkpURed5sriv+kqpzm++NbMh6v5vYBxSIn
HIzOpfLRMJmhW1KWMwMqfGBm5G52e0MI34boTdMT3zbDC9q5zIKBxezOA7RoEzTV
xC84Fb54bFuH
-----END CERTIFICATE-----
Generated at Wed May 15 15:01:20 2024 by rpki-client on console-ams.rpki-client.org