Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/esg4TXj3ShPu0Xnj-wiyNm6DIrE.roa
File: esg4TXj3ShPu0Xnj-wiyNm6DIrE.roa (raw, json)
Hash identifier: md+sUbA6MnZBK4cyOZLnO/I1AxkfBvtXVCxOF6O6DFU=
Subject key identifier: 7A:C8:38:4D:78:F7:4A:13:EE:D1:79:E3:FB:08:B2:36:6E:83:22:B1
Certificate issuer: /CN=26862926a857491554bee94951bb5fa670207d9e
Certificate serial: 018CC56E51266740C41808C677043AE72C74
Authority key identifier: 26:86:29:26:A8:57:49:15:54:BE:E9:49:51:BB:5F:A6:70:20:7D:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JoYpJqhXSRVUvulJUbtfpnAgfZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/esg4TXj3ShPu0Xnj-wiyNm6DIrE.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 91.132.141.0/24 maxlen: 24
91.132.140.0/24 maxlen: 24
91.132.143.0/24 maxlen: 24
91.132.142.0/24 maxlen: 24
185.234.58.0/24 maxlen: 24
185.234.57.0/24 maxlen: 24
185.234.56.0/24 maxlen: 24
185.234.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:51:26:67:40:c4:18:08:c6:77:04:3a:e7:2c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26862926a857491554bee94951bb5fa670207d9e
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ac8384d78f74a13eed179e3fb08b2366e8322b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b5:74:51:bc:ea:fb:19:8c:ce:c7:37:dd:a8:
99:4d:f4:65:cc:df:16:ee:d9:1a:62:db:bb:bb:52:
39:84:3b:5e:1a:d8:71:dd:cf:26:3a:68:97:8e:cf:
d6:59:0f:34:7d:8b:3a:31:4f:a5:f8:89:42:75:35:
4e:c9:dd:39:c5:fd:52:a2:8c:47:01:76:d7:a2:67:
1d:0e:8d:6e:d9:9d:23:ea:10:ed:5c:7d:10:84:7a:
a0:b4:73:0d:8b:1b:5e:c6:dc:63:03:44:84:d8:49:
49:2f:98:eb:c6:de:38:33:79:43:4b:37:09:1e:b6:
8e:b5:d7:9a:78:b2:45:86:69:a5:f5:92:3b:9d:45:
2b:9e:24:e2:19:c6:29:11:9b:b3:42:70:2d:83:b3:
2a:92:ce:2c:e6:ea:53:89:82:23:65:14:fe:c9:d1:
5a:2e:76:30:9a:7f:a3:11:2a:4a:96:09:15:e1:75:
fd:ff:77:90:73:3a:28:d7:d0:e2:f9:b7:07:4e:6e:
77:0e:5a:da:ca:09:01:8b:27:ef:c6:1f:ce:38:c4:
87:87:d5:5a:66:da:3d:a7:c6:a6:56:25:1c:be:8b:
98:55:dd:27:77:57:d6:ff:12:24:4a:7c:df:be:d3:
c3:e3:77:c0:93:ec:5c:e9:76:f5:e5:99:1e:5f:b4:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C8:38:4D:78:F7:4A:13:EE:D1:79:E3:FB:08:B2:36:6E:83:22:B1
X509v3 Authority Key Identifier:
keyid:26:86:29:26:A8:57:49:15:54:BE:E9:49:51:BB:5F:A6:70:20:7D:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JoYpJqhXSRVUvulJUbtfpnAgfZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/esg4TXj3ShPu0Xnj-wiyNm6DIrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/JoYpJqhXSRVUvulJUbtfpnAgfZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.140.0/22
185.234.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:8b:8a:44:b3:9e:6c:9c:03:64:0f:66:1c:51:1b:b9:b3:e7:
17:d8:73:28:23:66:07:2b:25:a8:6b:63:72:f7:31:7d:4b:5d:
71:07:76:bb:2f:99:fb:8a:4a:6a:a8:b3:23:f2:6e:66:5e:71:
cd:c2:9e:b7:f3:31:b9:df:30:70:73:c6:aa:d4:b4:11:bc:6b:
4b:8a:d8:5d:b5:ba:a3:26:29:ef:75:96:e1:d3:fa:6b:e3:f0:
21:d4:fd:7c:05:6c:b0:a1:d0:0d:f1:af:2a:ba:f6:4f:42:7e:
8e:8e:1a:16:3b:10:87:87:8d:e5:f7:03:e3:13:12:3d:af:1a:
39:70:06:f3:ac:cc:6e:6b:89:2f:21:b5:d1:9f:00:f6:ef:0c:
15:e3:a1:32:34:d5:b7:f4:3a:9c:08:e5:6c:40:24:ee:db:29:
da:21:b6:10:da:5d:9f:78:88:6c:01:fc:63:dc:b0:9a:26:a3:
3e:14:21:c7:d1:d2:ce:e9:5a:a8:2c:37:bb:be:41:f3:5a:05:
1c:d7:cd:65:f8:83:17:19:28:6f:83:5e:53:27:16:ea:7c:7a:
74:88:8c:45:8d:4b:9d:6c:4b:a3:03:d5:04:a2:ba:fd:14:79:
12:b0:94:79:a2:d5:32:d5:d2:6b:0d:52:94:25:76:a7:84:c3:
ab:77:33:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFblEmZ0DEGAjGdwQ65yx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODYyOTI2YTg1NzQ5MTU1NGJlZTk0OTUxYmI1ZmE2NzAy
MDdkOWUwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM4Mzg0ZDc4Zjc0YTEzZWVkMTc5ZTNmYjA4YjIzNjZlODMyMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrV0Ubzq+xmMzsc33aiZTfRlzN8W
7tkaYtu7u1I5hDteGthx3c8mOmiXjs/WWQ80fYs6MU+l+IlCdTVOyd05xf1SooxH
AXbXomcdDo1u2Z0j6hDtXH0QhHqgtHMNixtextxjA0SE2ElJL5jrxt44M3lDSzcJ
HraOtdeaeLJFhmml9ZI7nUUrniTiGcYpEZuzQnAtg7Mqks4s5upTiYIjZRT+ydFa
LnYwmn+jESpKlgkV4XX9/3eQczoo19Di+bcHTm53DlraygkBiyfvxh/OOMSHh9Va
Zto9p8amViUcvouYVd0nd1fW/xIkSnzfvtPD43fAk+xc6Xb15ZkeX7TUnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHrIOE1490oT7tF54/sIsjZugyKxMB8GA1UdIwQY
MBaAFCaGKSaoV0kVVL7pSVG7X6ZwIH2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9ZcEpxaFhTUlZVdnVsSlVidGZwbkFnZlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDQ2YmYtNTQ0NC00M2FhLThjZDQt
ZTdiMGVlMGY0OThjLzEvZXNnNFRYajNTaFB1MFhuai13aXlObTZESXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDQ2YmYtNTQ0NC00M2FhLThjZDQtZTdiMGVlMGY0OThj
LzEvSm9ZcEpxaFhTUlZVdnVsSlVidGZwbkFnZlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW4SMAwQC
ueo4MA0GCSqGSIb3DQEBCwUAA4IBAQAKi4pEs55snANkD2YcURu5s+cX2HMoI2YH
KyWoa2Ny9zF9S11xB3a7L5n7ikpqqLMj8m5mXnHNwp638zG53zBwc8aq1LQRvGtL
ithdtbqjJinvdZbh0/pr4/Ah1P18BWywodAN8a8quvZPQn6OjhoWOxCHh43l9wPj
ExI9rxo5cAbzrMxua4kvIbXRnwD27wwV46EyNNW39DqcCOVsQCTu2ynaIbYQ2l2f
eIhsAfxj3LCaJqM+FCHH0dLO6VqoLDe7vkHzWgUc181l+IMXGShvg15TJxbqfHp0
iIxFjUudbEujA9UEorr9FHkSsJR5otUy1dJrDVKUJXanhMOrdzOn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:31 2024 by rpki-client on console-ams.rpki-client.org