Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/pYcXvv7jo6B727ldKSUuI8hHUsg.roa
File: pYcXvv7jo6B727ldKSUuI8hHUsg.roa (raw, json)
Hash identifier: cO105yKWKufEqLaQTgzWcKvCIX0XMyoiIPqlxqXaUuw=
Subject key identifier: A5:87:17:BE:FE:E3:A3:A0:7B:DB:B9:5D:29:25:2E:23:C8:47:52:C8
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018E526B433E55283E89351F103922A18FCD
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/pYcXvv7jo6B727ldKSUuI8hHUsg.roa
Signing time: Mon 18 Mar 2024 16:35:44 +0000
ROA not before: Mon 18 Mar 2024 16:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.57.210.0/24 maxlen: 24
31.222.245.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
146.19.109.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
193.163.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:6b:43:3e:55:28:3e:89:35:1f:10:39:22:a1:8f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Mar 18 16:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a58717befee3a3a07bdbb95d29252e23c84752c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:85:a6:8e:e6:da:6a:13:80:57:de:86:db:b4:
24:c4:a6:6c:c9:7c:b2:a6:07:83:61:1f:d7:1e:38:
52:80:b4:97:89:bc:f8:10:cf:fe:d1:09:23:60:b6:
3b:b7:ea:10:3b:c1:a4:05:35:c9:bd:eb:76:43:6c:
ff:49:4f:12:64:06:bc:3c:7f:8b:82:2c:ca:e2:6e:
ef:6e:cc:32:d2:8f:2b:b0:f4:85:8b:8f:c3:95:7c:
3d:4a:da:5d:c1:06:89:74:30:f6:bf:a2:ed:af:e0:
c2:ab:89:c1:50:11:f4:c4:14:ba:e8:2d:de:39:86:
1c:ea:e6:3f:06:84:4a:96:d3:e9:30:c6:4f:35:e3:
08:a7:55:0c:4f:b6:65:9a:b4:e8:ab:56:64:dc:ae:
d6:b7:98:cf:b3:f1:74:af:ae:14:9e:45:9e:d9:01:
94:b1:d9:ad:0c:29:1c:23:0e:28:4f:72:cc:33:ba:
58:f2:9b:a7:6d:cd:48:3f:85:b2:ad:bd:2b:8e:0b:
cd:ba:01:ce:67:c8:8d:3b:c7:3c:32:8a:ed:d0:94:
16:48:4f:7d:53:74:ec:67:c0:b2:25:c0:d7:be:c1:
bd:e5:8a:b1:46:83:1d:84:e9:03:3b:5b:8d:7f:49:
a5:b9:6c:f4:72:53:90:4b:a4:74:58:14:22:7e:bb:
37:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:87:17:BE:FE:E3:A3:A0:7B:DB:B9:5D:29:25:2E:23:C8:47:52:C8
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/pYcXvv7jo6B727ldKSUuI8hHUsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.210.0/24
31.222.245.0/24
77.72.83.0/24
91.212.169.0/24
146.19.109.0/24
176.116.17.0/24
193.163.20.0/24
Signature Algorithm: sha256WithRSAEncryption
94:8b:e3:80:f7:cb:59:2e:53:57:fc:cf:94:cc:cd:2c:00:40:
ef:7f:89:90:89:6f:cd:69:f1:18:0a:7d:ea:30:53:aa:a3:50:
52:a4:cd:e7:84:dd:d4:b6:04:ea:5a:b2:07:16:1e:29:5f:9a:
1a:40:9d:c8:94:0e:bc:a4:76:cf:a1:52:76:ad:0e:59:dd:71:
a2:72:c6:02:63:d5:7a:24:19:63:4e:e0:98:a3:11:a2:fb:ce:
ae:bf:e1:30:9d:7b:80:06:b3:74:01:62:63:2f:dc:aa:50:b9:
29:06:f2:d4:20:e8:00:18:b9:ec:fa:02:0f:a3:d2:b0:fc:67:
f7:5b:5e:db:af:0d:0e:92:a6:d9:5a:74:b9:86:33:49:22:4e:
f1:8f:c2:ad:41:91:09:3b:aa:fa:09:f3:7f:31:47:b1:35:29:
e2:34:84:c2:21:fb:64:76:95:fd:5c:89:e4:d5:0a:29:33:49:
49:7f:ff:6c:5e:69:dc:aa:70:9b:ff:0e:15:0b:1e:3a:1e:ab:
f0:da:bb:9f:f4:78:14:45:8d:89:35:d0:3f:0a:2c:2c:76:4b:
71:02:4e:bf:28:ed:fd:20:04:b5:86:1c:32:21:15:a4:39:c3:
e1:47:1d:ab:30:bb:76:02:21:ec:2e:e3:87:ed:73:6b:8a:fa:
0b:01:d5:3b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY5Sa0M+VSg+iTUfEDkioY/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwMzE4MTYzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg3MTdiZWZlZTNhM2EwN2JkYmI5NWQyOTI1MmUyM2M4NDc1MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYWmjubaahOAV96G27QkxKZsyXyy
pgeDYR/XHjhSgLSXibz4EM/+0QkjYLY7t+oQO8GkBTXJvet2Q2z/SU8SZAa8PH+L
gizK4m7vbswy0o8rsPSFi4/DlXw9StpdwQaJdDD2v6Ltr+DCq4nBUBH0xBS66C3e
OYYc6uY/BoRKltPpMMZPNeMIp1UMT7ZlmrToq1Zk3K7Wt5jPs/F0r64UnkWe2QGU
sdmtDCkcIw4oT3LMM7pY8punbc1IP4Wyrb0rjgvNugHOZ8iNO8c8Mort0JQWSE99
U3TsZ8CyJcDXvsG95YqxRoMdhOkDO1uNf0mluWz0clOQS6R0WBQifrs3JwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKWHF77+46Oge9u5XSklLiPIR1LIMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvcFljWHZ2N2pvNkI3MjdsZEtTVXVJOGhIVXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABTnSAwQA
H971AwQATUhTAwQAW9SpAwQAkhNtAwQAsHQRAwQAwaMUMA0GCSqGSIb3DQEBCwUA
A4IBAQCUi+OA98tZLlNX/M+UzM0sAEDvf4mQiW/NafEYCn3qMFOqo1BSpM3nhN3U
tgTqWrIHFh4pX5oaQJ3IlA68pHbPoVJ2rQ5Z3XGicsYCY9V6JBljTuCYoxGi+86u
v+EwnXuABrN0AWJjL9yqULkpBvLUIOgAGLns+gIPo9Kw/Gf3W17brw0OkqbZWnS5
hjNJIk7xj8KtQZEJO6r6CfN/MUexNSniNITCIftkdpX9XInk1QopM0lJf/9sXmnc
qnCb/w4VCx46Hqvw2ruf9HgURY2JNdA/CiwsdktxAk6/KO39IAS1hhwyIRWkOcPh
Rx2rMLt2AiHsLuOH7XNrivoLAdU7
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:40:17 2024 by rpki-client on console-ams.rpki-client.org