Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/cn5zRp7iePlubcEL8cXfjNglZbg.roa
File: cn5zRp7iePlubcEL8cXfjNglZbg.roa (raw, json)
Hash identifier: REAY6/q3TxgUrdcDh3SI3Hlb44HLXCmZUOh31oj/JCw=
Subject key identifier: 72:7E:73:46:9E:E2:78:F9:6E:6D:C1:0B:F1:C5:DF:8C:D8:25:65:B8
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 0184D2B976FF013EC1DE03E21A50ED9B854C
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/cn5zRp7iePlubcEL8cXfjNglZbg.roa
Signing time: Fri 02 Dec 2022 12:04:40 +0000
ROA not before: Fri 02 Dec 2022 12:04:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47787
IP address blocks: 193.109.184.0/21 maxlen: 24
185.162.183.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2a12:c1c0::/29 maxlen: 29
2001:b18:bbbb::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:b9:76:ff:01:3e:c1:de:03:e2:1a:50:ed:9b:85:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Dec 2 12:04:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=727e73469ee278f96e6dc10bf1c5df8cd82565b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3d:6b:1b:5b:5b:e4:e8:98:27:46:fd:b0:d5:
e1:e4:c7:bd:9a:ca:ec:0f:59:11:74:ce:b2:d4:97:
44:4d:08:e9:97:f5:5c:35:13:5e:7e:b7:b6:4a:9d:
17:f5:db:a1:21:ff:af:9f:66:85:db:ea:0f:c7:72:
44:0b:6a:43:2e:41:a3:14:75:21:e2:86:ff:ef:62:
8c:6f:67:9e:86:8d:a8:08:a1:9d:4e:98:55:ca:41:
9f:eb:47:e6:ba:00:b5:35:50:17:f6:75:bc:46:6b:
f5:05:de:90:43:5b:1c:68:d1:4f:e5:33:2d:9d:c0:
89:be:e2:bb:4a:60:8c:6a:19:14:8d:4e:44:c1:d0:
e6:ba:48:34:ff:7b:1e:84:ff:6c:d5:38:e9:d1:93:
0d:31:b0:10:aa:fc:93:df:66:b4:a2:88:52:3b:49:
b7:6b:a6:97:9d:46:75:03:df:c7:3a:6a:9e:2e:66:
c8:65:f7:e6:0e:c3:ab:e2:cb:d4:0e:f1:ad:40:f8:
c0:b7:db:7b:f9:37:24:31:ea:1c:6c:36:16:4c:bf:
f2:73:1b:f9:2f:dc:b6:07:72:91:05:e2:72:60:bf:
66:34:a1:e9:7e:52:80:f8:03:4a:60:59:1a:02:6e:
ab:57:dc:49:35:c9:a4:bd:09:d6:17:98:13:20:c7:
f3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7E:73:46:9E:E2:78:F9:6E:6D:C1:0B:F1:C5:DF:8C:D8:25:65:B8
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/cn5zRp7iePlubcEL8cXfjNglZbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.183.0/24
193.109.184.0/21
IPv6:
2001:b18::/32
2a12:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:16:d4:37:72:d6:66:53:c6:6a:62:77:6d:01:c4:df:78:f4:
f0:6c:42:57:9a:96:0d:44:bc:0f:a2:01:3a:f2:e6:d5:7a:75:
1f:42:73:5a:cf:57:25:82:a5:f9:34:f7:d3:8b:c3:12:b1:b5:
dc:90:92:2e:e2:e7:52:92:48:cb:81:00:a8:8e:05:91:f0:60:
45:0f:26:bf:91:55:af:b0:84:71:66:86:d8:13:da:48:bb:17:
cc:96:9d:ab:8b:b3:8b:a4:c6:1c:9f:be:b9:a6:87:79:fe:7f:
63:7a:a0:8a:b6:0d:5e:b0:5f:06:be:44:06:c8:bf:c0:77:63:
95:ea:b1:2c:21:fb:2e:ad:5c:fa:93:e1:f9:75:e6:a3:65:01:
52:34:60:13:0d:39:f1:94:01:8e:a4:46:7d:f4:27:fb:12:69:
44:6a:ae:83:fb:38:ca:cb:5d:ac:58:9e:82:6f:c3:75:10:db:
3d:2e:3e:4a:06:95:72:d1:ec:b7:aa:79:cf:d1:84:69:10:30:
23:b0:dd:9a:e2:84:6d:df:25:0e:9d:09:28:8a:75:f1:6f:e1:
9e:03:a1:1f:95:52:e9:24:d1:4a:f5:e9:e2:21:cf:e5:51:a1:
e9:7d:25:30:bd:31:17:8a:48:22:5b:fd:a6:d8:c0:74:78:15:
3d:4a:2d:eb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYTSuXb/AT7B3gPiGlDtm4VMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjIxMjAyMTIwNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdlNzM0NjllZTI3OGY5NmU2ZGMxMGJmMWM1ZGY4Y2Q4MjU2NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT1rG1tb5OiYJ0b9sNXh5Me9msrs
D1kRdM6y1JdETQjpl/VcNRNefre2Sp0X9duhIf+vn2aF2+oPx3JEC2pDLkGjFHUh
4ob/72KMb2eeho2oCKGdTphVykGf60fmugC1NVAX9nW8Rmv1Bd6QQ1scaNFP5TMt
ncCJvuK7SmCMahkUjU5EwdDmukg0/3sehP9s1Tjp0ZMNMbAQqvyT32a0oohSO0m3
a6aXnUZ1A9/HOmqeLmbIZffmDsOr4svUDvGtQPjAt9t7+TckMeocbDYWTL/ycxv5
L9y2B3KRBeJyYL9mNKHpflKA+ANKYFkaAm6rV9xJNcmkvQnWF5gTIMfz1QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHJ+c0ae4nj5bm3BC/HF34zYJWW4MB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvY241elJwN2llUGx1YmNFTDhjWGZqTmdsWmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAuaK3AwQD
wW24MBQEAgACMA4DBQAgAQsYAwUDKhLBwDANBgkqhkiG9w0BAQsFAAOCAQEADRbU
N3LWZlPGamJ3bQHE33j08GxCV5qWDUS8D6IBOvLm1Xp1H0JzWs9XJYKl+TT304vD
ErG13JCSLuLnUpJIy4EAqI4FkfBgRQ8mv5FVr7CEcWaG2BPaSLsXzJadq4uzi6TG
HJ++uaaHef5/Y3qgirYNXrBfBr5EBsi/wHdjleqxLCH7Lq1c+pPh+XXmo2UBUjRg
Ew058ZQBjqRGffQn+xJpRGqug/s4ystdrFiegm/DdRDbPS4+SgaVctHst6p5z9GE
aRAwI7DdmuKEbd8lDp0JKIp18W/hngOhH5VS6STRSvXp4iHP5VGh6X0lML0xF4pI
Ilv9ptjAdHgVPUot6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org