Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/a5JA3_1ua3YFDRPkt5LIgTbRkmU.roa
File: a5JA3_1ua3YFDRPkt5LIgTbRkmU.roa (raw, json)
Hash identifier: MkfqAiWwhyqsmBEL884q1f+2t3zsISf/iOlhWmhgOxE=
Subject key identifier: 6B:92:40:DF:FD:6E:6B:76:05:0D:13:E4:B7:92:C8:81:36:D1:92:65
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 0186DC181F7B2D8C1FF2E3E2E79A1D6448E2
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/a5JA3_1ua3YFDRPkt5LIgTbRkmU.roa
Signing time: Mon 13 Mar 2023 17:50:13 +0000
ROA not before: Mon 13 Mar 2023 17:50:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47787
IP address blocks: 193.109.184.0/21 maxlen: 24
82.215.71.0/24 maxlen: 24
185.162.183.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2a12:c1c0::/29 maxlen: 29
2001:b18:bbbb::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:dc:18:1f:7b:2d:8c:1f:f2:e3:e2:e7:9a:1d:64:48:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Mar 13 17:50:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9240dffd6e6b76050d13e4b792c88136d19265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:a5:96:ac:f2:c4:e8:ad:43:04:cd:2b:69:
f9:7b:9d:23:58:93:d0:5d:be:f3:26:6e:28:76:13:
b9:8f:05:08:20:8d:e2:23:ff:1f:a2:b2:7f:3d:45:
9e:6f:1b:11:2c:a8:b1:e4:3c:44:5f:2c:da:81:b7:
26:ee:3a:aa:94:58:8b:6c:5e:fb:ea:6e:ff:91:c4:
25:a1:c4:e2:1f:e1:1f:c1:cd:d3:68:60:7b:c3:d9:
2e:4f:bc:48:38:49:01:b0:66:9d:47:79:99:0b:67:
07:b0:88:89:1d:17:2c:2a:8d:af:3b:d3:ff:fc:a0:
be:c1:9a:7a:90:25:16:39:e6:ae:fa:37:6a:5b:ae:
0c:f6:c1:9b:2d:3d:07:58:88:c9:8d:a0:a2:17:cd:
81:90:35:f4:a3:af:b7:e9:d8:55:f5:a0:f4:85:3e:
53:47:f2:40:da:9c:ef:ad:fc:98:8b:cb:c9:c6:0f:
85:44:cc:3e:85:ab:0e:33:cc:33:7c:a1:7a:6c:a1:
67:e2:db:55:e4:1b:cb:fc:6d:09:f5:f1:27:ad:c6:
b8:a2:9c:d6:5b:24:04:c7:bf:95:5e:c1:e9:c2:f8:
83:8e:7a:80:09:e0:ca:e1:56:6f:8a:89:68:5e:e7:
d7:90:69:31:18:56:58:c0:80:3f:da:d4:40:ca:e4:
e0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:92:40:DF:FD:6E:6B:76:05:0D:13:E4:B7:92:C8:81:36:D1:92:65
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/a5JA3_1ua3YFDRPkt5LIgTbRkmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.71.0/24
185.162.183.0/24
193.109.184.0/21
IPv6:
2001:b18::/32
2a12:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:81:f0:13:6b:d6:13:b5:18:84:a1:84:99:27:2d:13:9f:99:
54:21:c0:9f:66:6b:4f:78:ec:9c:ad:fc:e5:86:24:1b:94:4d:
27:73:38:59:1f:df:aa:cb:77:d8:4f:0c:a0:11:6a:59:fa:57:
fc:59:c0:b7:95:d2:f8:2a:c8:f5:7f:5a:15:73:e4:b2:7a:d4:
5f:0a:f4:b0:a3:ff:e4:ae:a7:a1:cb:88:44:d0:09:78:ab:16:
15:a7:af:40:3e:36:5f:54:0b:aa:88:cf:43:2d:ed:14:5a:88:
65:bf:24:8b:70:71:c4:57:33:16:9b:6c:70:ce:1d:5c:62:5d:
28:00:00:dd:c3:0f:93:0c:ce:37:92:e9:19:f2:8c:3c:02:80:
16:66:a6:56:50:3c:8c:1b:1d:ec:9a:2c:11:62:37:ff:99:0e:
c7:ae:40:72:7b:01:c0:c4:51:5d:d9:07:c2:c4:e4:79:6d:6b:
01:24:07:9c:2b:bf:2a:3b:59:02:b0:7f:45:17:da:14:ce:fd:
5b:06:be:a9:9a:83:9c:20:3c:ef:ec:19:54:a2:52:d3:7d:5b:
1c:ea:e2:03:cc:1a:9d:20:44:38:8b:13:1c:cc:fa:69:a2:f5:
c8:6b:9a:de:80:ff:f4:f7:b6:d2:54:32:9d:0e:19:bc:d8:aa:
59:e7:28:6e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYbcGB97LYwf8uPi55odZEjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjMwMzEzMTc1MDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjkyNDBkZmZkNmU2Yjc2MDUwZDEzZTRiNzkyYzg4MTM2ZDE5MjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTCllqzyxOitQwTNK2n5e50jWJPQ
Xb7zJm4odhO5jwUIII3iI/8forJ/PUWebxsRLKix5DxEXyzagbcm7jqqlFiLbF77
6m7/kcQlocTiH+Efwc3TaGB7w9kuT7xIOEkBsGadR3mZC2cHsIiJHRcsKo2vO9P/
/KC+wZp6kCUWOeau+jdqW64M9sGbLT0HWIjJjaCiF82BkDX0o6+36dhV9aD0hT5T
R/JA2pzvrfyYi8vJxg+FRMw+hasOM8wzfKF6bKFn4ttV5BvL/G0J9fEnrca4opzW
WyQEx7+VXsHpwviDjnqACeDK4VZvioloXufXkGkxGFZYwIA/2tRAyuTgdQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGuSQN/9bmt2BQ0T5LeSyIE20ZJlMB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvYTVKQTNfMXVhM1lGRFJQa3Q1TElnVGJSa21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAUtdHAwQA
uaK3AwQDwW24MBQEAgACMA4DBQAgAQsYAwUDKhLBwDANBgkqhkiG9w0BAQsFAAOC
AQEAFYHwE2vWE7UYhKGEmSctE5+ZVCHAn2ZrT3jsnK385YYkG5RNJ3M4WR/fqst3
2E8MoBFqWfpX/FnAt5XS+CrI9X9aFXPksnrUXwr0sKP/5K6nocuIRNAJeKsWFaev
QD42X1QLqojPQy3tFFqIZb8ki3BxxFczFptscM4dXGJdKAAA3cMPkwzON5LpGfKM
PAKAFmamVlA8jBsd7JosEWI3/5kOx65AcnsBwMRRXdkHwsTkeW1rASQHnCu/KjtZ
ArB/RRfaFM79Wwa+qZqDnCA87+wZVKJS031bHOriA8wanSBEOIsTHMz6aaL1yGua
3oD/9Pe20lQynQ4ZvNiqWecobg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org