Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/D5VCdqnr8AlSST3zXr70gT6MSvU.roa
File: D5VCdqnr8AlSST3zXr70gT6MSvU.roa (raw, json)
Hash identifier: B3CDOvIywh3QdrAxyzn3Eziq7I85HSx4OyCAO0Hy+Qs=
Subject key identifier: 0F:95:42:76:A9:EB:F0:09:52:49:3D:F3:5E:BE:F4:81:3E:8C:4A:F5
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 0182F3D5AAD53E0437901454615ACF3C5505
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/D5VCdqnr8AlSST3zXr70gT6MSvU.roa
Signing time: Wed 31 Aug 2022 12:17:22 +0000
ROA not before: Wed 31 Aug 2022 12:17:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44854
IP address blocks: 103.229.81.0/24 maxlen: 24
185.219.6.0/24 maxlen: 24
103.243.124.0/22 maxlen: 24
27.123.244.0/22 maxlen: 22
93.114.180.0/23 maxlen: 24
2a10:e300:35::/48 maxlen: 48
2a10:e300::/32 maxlen: 48
2a10:e300:26::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f3:d5:aa:d5:3e:04:37:90:14:54:61:5a:cf:3c:55:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Aug 31 12:17:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f954276a9ebf00952493df35ebef4813e8c4af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b0:0d:64:3e:2c:c0:24:5d:05:dc:7b:22:4f:
51:6d:70:f3:d6:c4:61:c6:8a:34:b7:a1:b4:48:83:
29:35:e5:c6:b4:b1:aa:ff:88:09:6f:98:8d:0a:b0:
34:b9:a2:d9:55:cb:ef:a2:ec:ba:27:ea:cb:76:0f:
d6:1c:2a:80:f9:0f:da:61:28:e5:e2:ee:dc:f2:f6:
ba:82:47:28:fd:25:4e:03:c8:cb:ed:a3:50:24:12:
86:b2:b0:ca:07:42:57:bd:a1:93:d8:6a:38:e2:b3:
06:d9:5f:44:28:a5:45:f4:7a:a9:27:bd:a7:43:b1:
80:43:2c:e7:9c:93:46:c7:30:35:09:fa:c3:19:dc:
e6:41:d7:f2:eb:8a:60:23:24:28:5b:2c:c5:62:b1:
d5:95:9e:0a:86:36:69:97:07:21:90:5f:2d:0f:d8:
61:78:15:a7:a7:f6:47:53:4a:c0:de:8d:49:b7:53:
e4:86:6b:9e:24:40:0b:bb:85:7e:ec:94:36:19:d4:
9f:02:95:96:b1:cc:c9:81:50:c3:3a:f7:02:9f:ef:
3f:18:28:51:e4:7e:76:5e:17:c6:7e:94:18:4d:55:
aa:93:48:76:26:34:1e:c6:36:82:16:ad:ad:9a:d5:
9c:e4:07:97:6f:23:91:09:3a:cf:f3:e0:b7:bb:4c:
74:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:95:42:76:A9:EB:F0:09:52:49:3D:F3:5E:BE:F4:81:3E:8C:4A:F5
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/D5VCdqnr8AlSST3zXr70gT6MSvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.123.244.0/22
93.114.180.0/23
103.229.81.0/24
103.243.124.0/22
185.219.6.0/24
IPv6:
2a10:e300::/32
Signature Algorithm: sha256WithRSAEncryption
6d:1c:da:c3:9f:bd:1b:49:7c:ab:15:1c:1e:63:d3:06:ad:8a:
09:f3:17:ea:3d:92:14:00:5d:f2:bf:b0:8b:8f:30:56:30:e2:
c7:57:cd:f3:16:9d:e3:91:dd:a2:a9:e4:0f:8e:62:29:55:c7:
81:d5:b9:07:74:79:9f:cd:52:40:43:12:d0:5a:f5:3d:05:24:
be:43:83:c2:5a:90:0e:ae:d2:39:fb:f4:09:b9:81:8b:f0:2e:
05:91:e1:e3:18:1e:88:88:de:b0:b2:71:8b:df:cc:09:a3:d8:
3c:99:62:61:b3:4a:35:a6:fb:11:86:5b:6c:00:50:c6:ac:e0:
e0:08:04:d2:8f:c6:ea:56:aa:4b:7d:81:7a:c7:35:6d:e3:34:
05:b7:69:cf:bd:72:73:8d:6d:f0:7b:4f:8a:56:4e:71:e1:31:
16:8b:e2:99:fd:fc:a7:22:fd:bb:f0:14:71:da:e1:e4:8d:b8:
b2:70:32:52:62:76:55:af:fd:e8:9c:a2:c8:ac:de:33:df:e5:
64:bd:29:68:52:cd:35:bd:5e:a8:7b:af:18:42:a1:b9:82:89:
0a:8c:23:27:2e:44:fd:d7:4b:12:3b:41:1b:7d:08:39:25:00:
a4:ca:66:8e:fc:2f:ea:cf:b6:9c:bd:aa:3d:6b:18:91:34:6a:
fe:8c:d0:46
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYLz1arVPgQ3kBRUYVrPPFUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjIwODMxMTIxNzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk1NDI3NmE5ZWJmMDA5NTI0OTNkZjM1ZWJlZjQ4MTNlOGM0YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrANZD4swCRdBdx7Ik9RbXDz1sRh
xoo0t6G0SIMpNeXGtLGq/4gJb5iNCrA0uaLZVcvvouy6J+rLdg/WHCqA+Q/aYSjl
4u7c8va6gkco/SVOA8jL7aNQJBKGsrDKB0JXvaGT2Go44rMG2V9EKKVF9HqpJ72n
Q7GAQyznnJNGxzA1CfrDGdzmQdfy64pgIyQoWyzFYrHVlZ4KhjZplwchkF8tD9hh
eBWnp/ZHU0rA3o1Jt1PkhmueJEALu4V+7JQ2GdSfApWWsczJgVDDOvcCn+8/GChR
5H52XhfGfpQYTVWqk0h2JjQexjaCFq2tmtWc5AeXbyORCTrP8+C3u0x0uQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFA+VQnap6/AJUkk9816+9IE+jEr1MB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvRDVWQ2RxbnI4QWxTU1QzelhyNzBnVDZNU3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCG3v0AwQB
XXK0AwQAZ+VRAwQCZ/N8AwQAudsGMA0EAgACMAcDBQAqEOMAMA0GCSqGSIb3DQEB
CwUAA4IBAQBtHNrDn70bSXyrFRweY9MGrYoJ8xfqPZIUAF3yv7CLjzBWMOLHV83z
Fp3jkd2iqeQPjmIpVceB1bkHdHmfzVJAQxLQWvU9BSS+Q4PCWpAOrtI5+/QJuYGL
8C4FkeHjGB6IiN6wsnGL38wJo9g8mWJhs0o1pvsRhltsAFDGrODgCATSj8bqVqpL
fYF6xzVt4zQFt2nPvXJzjW3we0+KVk5x4TEWi+KZ/fynIv278BRx2uHkjbiycDJS
YnZVr/3onKLIrN4z3+VkvSloUs01vV6oe68YQqG5gokKjCMnLkT910sSO0EbfQg5
JQCkymaO/C/qz7acvao9axiRNGr+jNBG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org