Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/WBB5TI-7IIiyHUMiWhvCX8ouBt8.roa
File: WBB5TI-7IIiyHUMiWhvCX8ouBt8.roa (raw, json)
Hash identifier: /fl+DdPF2xNapAA1oQQd2b8pLeKVV5UeTyewDYaaZvU=
Subject key identifier: 58:10:79:4C:8F:BB:20:88:B2:1D:43:22:5A:1B:C2:5F:CA:2E:06:DF
Certificate issuer: /CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Certificate serial: 0185724C8C2FEC6F66B160450AD042832045
Authority key identifier: 45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/WBB5TI-7IIiyHUMiWhvCX8ouBt8.roa
Signing time: Mon 02 Jan 2023 11:44:57 +0000
ROA not before: Mon 02 Jan 2023 11:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49289
IP address blocks: 185.63.132.0/23 maxlen: 23
159.255.136.0/22 maxlen: 22
185.63.135.0/24 maxlen: 24
185.63.134.0/24 maxlen: 24
159.255.144.0/22 maxlen: 22
188.94.120.0/21 maxlen: 21
171.22.233.0/24 maxlen: 24
171.22.232.0/24 maxlen: 24
171.22.235.0/24 maxlen: 24
171.22.234.0/24 maxlen: 24
93.185.112.0/20 maxlen: 20
178.239.32.0/20 maxlen: 20
2a00:c50::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:8c:2f:ec:6f:66:b1:60:45:0a:d0:42:83:20:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Validity
Not Before: Jan 2 11:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5810794c8fbb2088b21d43225a1bc25fca2e06df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c0:57:1e:4b:58:3f:3f:f6:e2:c3:38:6e:40:
41:49:3f:84:0f:02:f0:a7:0f:cd:ab:5b:1b:4f:85:
19:1d:5e:d2:2d:5a:93:d4:7c:eb:42:23:21:15:db:
03:ad:f6:6b:47:40:4e:f7:67:38:73:f0:62:81:a8:
2b:4c:9a:9c:76:c3:97:f2:ec:6a:b4:ab:3a:b0:57:
5a:5e:93:a7:a0:37:60:be:59:66:67:93:d4:0c:32:
03:68:63:5a:c8:bf:8a:b2:a4:98:a8:f9:34:a8:63:
3a:a1:e0:22:99:8a:a9:bc:6c:63:c5:b0:88:13:03:
49:24:dd:51:08:77:e1:13:db:d5:cf:69:bf:d3:74:
6a:55:b2:4d:80:6d:cd:17:c8:d2:57:10:bb:f4:87:
3e:2c:d7:77:6a:53:32:19:69:39:46:af:f9:27:76:
53:e4:18:d5:ec:87:f7:73:d6:b4:6a:ac:f4:65:6a:
2c:8a:2e:89:f2:18:bf:31:80:46:8e:4a:40:c3:42:
bd:29:76:7d:84:79:9a:a9:85:6d:65:e0:0a:83:ec:
61:77:e3:a4:30:60:6e:13:a0:aa:19:ba:d4:6a:92:
e3:03:22:bc:68:01:ea:fc:76:4e:b1:22:42:b3:50:
28:75:30:78:57:c9:a3:47:b6:2d:12:4a:fb:5d:f2:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:10:79:4C:8F:BB:20:88:B2:1D:43:22:5A:1B:C2:5F:CA:2E:06:DF
X509v3 Authority Key Identifier:
keyid:45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/WBB5TI-7IIiyHUMiWhvCX8ouBt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.112.0/20
159.255.136.0/22
159.255.144.0/22
171.22.232.0/22
178.239.32.0/20
185.63.132.0/22
188.94.120.0/21
IPv6:
2a00:c50::/29
Signature Algorithm: sha256WithRSAEncryption
4a:c6:9f:12:a6:f0:b6:94:7b:4f:14:7a:bd:a1:3c:6a:38:d3:
db:0c:bc:71:66:86:3a:98:9f:fb:21:d5:46:3a:a7:80:c0:22:
c9:82:da:b6:2b:d4:a7:0a:6e:ce:30:0d:be:da:d5:8b:22:b5:
49:3f:99:17:db:61:6a:69:dc:45:37:88:94:dc:f8:b4:1f:c1:
93:e6:4f:e1:dd:11:86:4c:ec:27:3a:a4:3b:ad:58:0d:40:dc:
04:16:b6:47:38:d1:a5:6e:b9:36:45:71:c2:80:4f:7b:20:dc:
0f:31:36:70:60:4a:ff:35:9f:b0:e7:f6:b4:53:44:74:8e:8a:
92:b2:9a:11:4c:97:85:68:23:20:f8:25:00:1e:a7:e1:5b:6b:
02:a3:d1:f8:dc:36:23:36:fa:d6:04:9d:c7:6a:32:eb:2b:22:
33:36:2c:53:46:8f:ba:61:e4:51:32:21:41:15:43:bc:c1:ed:
d9:61:4a:d6:44:49:b0:fb:d1:6e:7d:e6:8d:a4:39:1e:a0:9f:
40:42:14:af:8d:44:ff:28:50:25:91:d2:d4:3d:12:e0:86:ff:
c6:4a:71:7f:75:65:b7:20:4c:af:4a:39:4e:bf:07:39:d4:50:
d8:6c:a9:dd:2e:b8:e8:87:c1:9c:8e:c7:c9:e4:c0:4b:6a:1a:
20:ac:e2:8e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVyTIwv7G9msWBFCtBCgyBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZjllMzJmZjZhZjNkNWU1ZDc3YmRiYjk4ZGEzN2QwYjhl
NDQ1MTkwHhcNMjMwMTAyMTE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODEwNzk0YzhmYmIyMDg4YjIxZDQzMjI1YTFiYzI1ZmNhMmUwNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cBXHktYPz/24sM4bkBBST+EDwLw
pw/Nq1sbT4UZHV7SLVqT1HzrQiMhFdsDrfZrR0BO92c4c/BigagrTJqcdsOX8uxq
tKs6sFdaXpOnoDdgvllmZ5PUDDIDaGNayL+KsqSYqPk0qGM6oeAimYqpvGxjxbCI
EwNJJN1RCHfhE9vVz2m/03RqVbJNgG3NF8jSVxC79Ic+LNd3alMyGWk5Rq/5J3ZT
5BjV7If3c9a0aqz0ZWosii6J8hi/MYBGjkpAw0K9KXZ9hHmaqYVtZeAKg+xhd+Ok
MGBuE6CqGbrUapLjAyK8aAHq/HZOsSJCs1AodTB4V8mjR7YtEkr7XfLctwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFgQeUyPuyCIsh1DIlobwl/KLgbfMB8GA1UdIwQY
MBaAFEX54y/2rz1eXXe9u5jaN9C45EUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYt
OGVlMGExMmEzNTliLzEvV0JCNVRJLTdJSWl5SFVNaVdodkNYOG91QnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYtOGVlMGExMmEzNTli
LzEvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEXblwAwQC
n/+IAwQCn/+QAwQCqxboAwQEsu8gAwQCuT+EAwQDvF54MA0EAgACMAcDBQMqAAxQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBKxp8SpvC2lHtPFHq9oTxqONPbDLxxZoY6mJ/7
IdVGOqeAwCLJgtq2K9SnCm7OMA2+2tWLIrVJP5kX22FqadxFN4iU3Pi0H8GT5k/h
3RGGTOwnOqQ7rVgNQNwEFrZHONGlbrk2RXHCgE97INwPMTZwYEr/NZ+w5/a0U0R0
joqSspoRTJeFaCMg+CUAHqfhW2sCo9H43DYjNvrWBJ3HajLrKyIzNixTRo+6YeRR
MiFBFUO8we3ZYUrWREmw+9FufeaNpDkeoJ9AQhSvjUT/KFAlkdLUPRLghv/GSnF/
dWW3IEyvSjlOvwc51FDYbKndLrjoh8GcjsfJ5MBLahogrOKO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:05 2024 by rpki-client on console-ams.rpki-client.org