Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/Y5R5ZX7kABqnCzXclxqzZoJ2G3I.roa
File: Y5R5ZX7kABqnCzXclxqzZoJ2G3I.roa (raw, json)
Hash identifier: reDpL6gsHJTC+9CxINJxC4EWsGgmGwjQLMt5PeGbPUo=
Subject key identifier: 63:94:79:65:7E:E4:00:1A:A7:0B:35:DC:97:1A:B3:66:82:76:1B:72
Certificate issuer: /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial: 03F09988
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/Y5R5ZX7kABqnCzXclxqzZoJ2G3I.roa
Signing time: Sat 01 Jan 2022 06:00:46 +0000
ROA not before: Sat 01 Jan 2022 06:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64473
IP address blocks: 91.200.176.0/24 maxlen: 24
107.150.174.0/24 maxlen: 24
5.183.79.0/24 maxlen: 24
2a07:22c0:c100::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66099592 (0x3f09988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
Validity
Not Before: Jan 1 06:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=639479657ee4001aa70b35dc971ab36682761b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:60:da:22:e2:64:2b:ea:4f:f3:5e:95:82:99:
8b:52:22:21:a4:27:59:19:ff:33:5a:55:5e:ec:e1:
b5:8c:f3:23:ec:75:2a:a2:7b:d6:8e:19:2b:cb:00:
8f:17:b5:eb:13:e4:f7:26:47:6e:9f:34:e8:e2:e2:
b7:e0:9c:0d:56:a8:6c:54:c0:1e:86:21:66:54:b1:
cb:59:46:3c:0f:1b:87:61:db:90:9c:31:1b:a7:76:
f3:c2:b9:2b:ee:b1:10:55:71:65:16:8f:e2:f7:f8:
3f:75:18:26:78:0d:ae:bc:c7:b9:8f:fe:af:95:0a:
72:24:98:fd:c6:78:59:c6:1e:6d:60:4a:34:f9:67:
45:ab:8a:7c:5b:4b:20:3a:62:e4:e8:36:ad:3e:52:
6a:27:41:d8:23:de:7e:d4:d5:0e:81:c8:bc:a1:db:
71:22:70:9b:c4:fe:6f:b0:83:47:58:0c:7a:87:7b:
5e:9e:b9:0b:98:65:9d:48:42:48:e7:4f:55:e8:48:
ae:21:4d:cd:90:63:9b:58:d3:1d:6c:fb:89:5d:6c:
a2:78:cb:15:d2:38:ac:fd:b2:4a:23:b2:91:91:46:
3c:7e:96:9d:2c:2a:20:e4:fd:40:ca:6a:68:5d:0b:
d5:74:5d:0d:fc:43:a8:8a:b8:8a:f4:eb:5a:3d:b5:
c3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:94:79:65:7E:E4:00:1A:A7:0B:35:DC:97:1A:B3:66:82:76:1B:72
X509v3 Authority Key Identifier:
keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/Y5R5ZX7kABqnCzXclxqzZoJ2G3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.79.0/24
91.200.176.0/24
107.150.174.0/24
IPv6:
2a07:22c0:c100::/40
Signature Algorithm: sha256WithRSAEncryption
1a:d7:f3:dd:fd:fe:7c:1f:81:d0:c4:d3:5c:b9:25:d6:0a:4f:
1f:d8:e9:e1:1e:b1:4f:48:ee:39:4c:42:15:27:84:c6:21:59:
e2:18:99:92:26:09:66:d4:20:cb:3c:ba:a1:15:32:86:16:93:
2e:25:c4:fc:a0:f0:01:74:85:48:c7:e5:c3:cf:b4:1b:1c:6b:
c6:bb:33:27:4d:5a:7e:4e:3d:5e:4f:2f:74:a2:79:9e:ec:25:
93:fd:04:01:62:1d:02:6e:a2:5e:a6:98:e2:4c:f5:43:b6:32:
64:83:5b:b8:e9:f8:dd:e9:83:5d:fd:c9:5a:b0:73:0b:32:fe:
bc:2a:77:aa:72:ca:f0:9c:4d:1e:dc:d2:29:4e:69:72:99:8b:
ec:0c:c0:36:23:5d:7e:c0:d7:19:b2:27:a1:f8:9e:ee:96:8c:
c2:5e:bc:11:a0:d3:38:42:ad:4d:62:a7:bd:46:01:39:ae:61:
41:d9:b4:92:db:2c:c2:9e:05:51:78:0f:63:a1:25:bc:5e:5a:
3b:f6:af:a7:19:7d:3a:07:23:c5:ba:92:a2:05:86:2d:00:9c:
95:e1:78:c7:7e:12:d1:76:69:34:4f:4d:95:ea:21:f4:6e:8f:
62:f2:43:25:51:2c:94:f7:a4:ed:cd:30:27:75:7e:39:2f:0c:
ef:92:3a:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEA/CZiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmFiNmMxMWQ0MTE2MmRiMDMwNjg1OGY4M2U1ZTY1MTIxMTMyYTZiMB4XDTIyMDEw
MTA2MDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM5NDc5NjU3ZWU0
MDAxYWE3MGIzNWRjOTcxYWIzNjY4Mjc2MWI3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpg2iLiZCvqT/NelYKZi1IiIaQnWRn/M1pVXuzhtYzzI+x1
KqJ71o4ZK8sAjxe16xPk9yZHbp806OLit+CcDVaobFTAHoYhZlSxy1lGPA8bh2Hb
kJwxG6d288K5K+6xEFVxZRaP4vf4P3UYJngNrrzHuY/+r5UKciSY/cZ4WcYebWBK
NPlnRauKfFtLIDpi5Og2rT5SaidB2CPeftTVDoHIvKHbcSJwm8T+b7CDR1gMeod7
Xp65C5hlnUhCSOdPVehIriFNzZBjm1jTHWz7iV1sonjLFdI4rP2ySiOykZFGPH6W
nSwqIOT9QMpqaF0L1XRdDfxDqIq4ivTrWj21w0ECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRjlHllfuQAGqcLNdyXGrNmgnYbcjAfBgNVHSMEGDAWgBR7q2wR1BFi2wMG
hY+D5eZRIRMqazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U2dHNFZFFSWXRzREJvV1BnLVhtVVNFVEttcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8x
L1k1UjVaWDdrQUJxbkN6WGNseHF6Wm9KMkczSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
ZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8xL2U2dHNFZFFSWXRz
REJvV1BnLVhtVVNFVEttcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGAQCAAEwEgMEAAW3TwMEAFvIsAMEAGuWrjAOBAIA
AjAIAwYAKgciwMEwDQYJKoZIhvcNAQELBQADggEBABrX8939/nwfgdDE01y5JdYK
Tx/Y6eEesU9I7jlMQhUnhMYhWeIYmZImCWbUIMs8uqEVMoYWky4lxPyg8AF0hUjH
5cPPtBsca8a7MydNWn5OPV5PL3SieZ7sJZP9BAFiHQJuol6mmOJM9UO2MmSDW7jp
+N3pg139yVqwcwsy/rwqd6pyyvCcTR7c0ilOaXKZi+wMwDYjXX7A1xmyJ6H4nu6W
jMJevBGg0zhCrU1ip71GATmuYUHZtJLbLMKeBVF4D2OhJbxeWjv2r6cZfToHI8W6
kqIFhi0AnJXheMd+EtF2aTRPTZXqIfRuj2LyQyVRLJT3pO3NMCd1fjkvDO+SOg8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:35 2024 by rpki-client on console-ams.rpki-client.org