Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/6SfaXsleDUj3jwpSA8V5CUYRSg0.roa
File: 6SfaXsleDUj3jwpSA8V5CUYRSg0.roa (raw, json)
Hash identifier: y4UMLAtbuTE3uPkLYO2kDHXfADjd0tsCRyyRY4EGqy8=
Subject key identifier: E9:27:DA:5E:C9:5E:0D:48:F7:8F:0A:52:03:C5:79:09:46:11:4A:0D
Certificate issuer: /CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Certificate serial: 018C1B1B4F979758442B004352B0A5049CCD
Authority key identifier: 55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/6SfaXsleDUj3jwpSA8V5CUYRSg0.roa
Signing time: Wed 29 Nov 2023 12:43:43 +0000
ROA not before: Wed 29 Nov 2023 12:43:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44814
IP address blocks: 93.94.136.0/21 maxlen: 21
93.94.137.0/24 maxlen: 24
93.94.136.0/24 maxlen: 24
93.94.138.0/24 maxlen: 24
93.94.143.0/24 maxlen: 24
93.94.142.0/24 maxlen: 24
93.94.141.0/24 maxlen: 24
93.94.140.0/24 maxlen: 24
185.7.217.0/24 maxlen: 24
46.253.10.0/24 maxlen: 24
46.253.8.0/24 maxlen: 24
46.253.15.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.205.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
95.169.213.0/24 maxlen: 24
95.169.208.0/20 maxlen: 20
95.169.219.0/24 maxlen: 24
95.169.218.0/24 maxlen: 24
95.169.222.0/24 maxlen: 24
2a01:4a40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:1b:4f:97:97:58:44:2b:00:43:52:b0:a5:04:9c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Validity
Not Before: Nov 29 12:43:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e927da5ec95e0d48f78f0a5203c5790946114a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d7:49:3a:d1:ec:76:ba:20:54:5a:45:12:2f:
c9:04:5c:77:9d:b4:7c:28:10:0a:64:da:ad:67:2d:
5a:3c:d4:9a:ab:3f:f3:cd:9c:a9:7e:cc:f0:ce:21:
51:2e:a6:b5:0c:d6:23:3f:01:06:82:48:3b:4d:ca:
81:f1:3f:98:49:44:27:a1:e0:54:44:d2:dd:2c:ac:
5d:51:10:eb:ef:3a:a4:3a:40:ad:43:aa:c3:25:9d:
eb:10:ec:92:45:db:4f:0b:a9:8c:4d:4b:aa:3a:59:
06:f0:51:fd:13:8a:ed:7c:53:ef:89:32:94:f5:37:
49:44:09:c7:58:1e:1c:0e:91:1a:9e:84:eb:6b:6b:
2b:0b:50:7f:3d:ef:1f:7a:fb:c6:f3:bd:0d:76:ed:
34:43:6c:59:f4:7a:56:c2:5c:61:87:d8:08:d8:b2:
34:15:5f:fc:62:cc:0d:47:97:8e:8e:64:86:77:6c:
a9:0e:11:ee:fb:ff:f4:8b:6d:39:45:5c:1f:36:bf:
54:35:a5:55:08:a5:9b:2a:b9:9e:aa:4b:4f:22:df:
8f:a6:ab:8b:c0:8a:54:cc:2a:8f:0c:42:af:a1:aa:
38:8f:e1:22:80:cd:7f:34:34:6c:28:b0:91:7a:ef:
1b:ab:db:06:b5:42:ba:63:2d:cd:95:4d:fa:5f:78:
c8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:27:DA:5E:C9:5E:0D:48:F7:8F:0A:52:03:C5:79:09:46:11:4A:0D
X509v3 Authority Key Identifier:
keyid:55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/6SfaXsleDUj3jwpSA8V5CUYRSg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VXsKwQuGQqJ909dO1ste4EXme5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.8.0/24
46.253.10.0/24
46.253.15.0/24
93.94.136.0/21
95.169.192.0/24
95.169.201.0/24
95.169.204.0/23
95.169.208.0/20
185.7.217.0/24
IPv6:
2a01:4a40::/32
Signature Algorithm: sha256WithRSAEncryption
95:1e:1d:5e:a2:d1:d3:c1:51:b3:46:57:f1:af:c6:6f:8a:ae:
0d:33:30:38:97:af:a0:0c:66:16:8c:d4:ae:14:ad:6c:b6:62:
70:42:df:d5:33:e1:dd:18:0c:76:6f:a5:b0:5b:77:76:c4:86:
f6:ce:e3:69:24:66:e4:f9:d0:3e:c2:8a:b4:d3:fe:e1:73:19:
bb:06:a1:fb:70:90:03:7b:e1:17:7a:0d:15:49:b3:d2:eb:38:
5a:a6:ea:f8:25:3b:62:4e:aa:b0:c7:82:2a:20:2b:a3:48:48:
53:7d:d0:f3:02:f3:c0:99:72:9c:4b:b4:c5:41:9e:1c:c0:69:
c0:04:5d:ea:c7:d1:e8:53:55:94:9e:f2:d7:98:aa:d1:32:a6:
2a:d5:d8:10:4c:3b:42:35:b9:34:cf:d0:67:9a:d5:00:3e:9a:
74:17:d8:35:9f:74:62:00:ce:3c:c0:7e:91:d2:28:d9:7f:91:
6b:43:4a:48:e6:8e:3f:55:21:78:1a:2d:f1:39:54:d0:e9:86:
5b:27:4c:11:27:b1:59:a3:26:64:27:c7:60:3d:6f:47:4c:4e:
90:47:80:d7:e2:69:20:d7:dd:c8:18:ca:94:6c:f4:da:f5:be:
16:9c:6f:69:64:4d:bc:b4:31:8c:e0:7d:3c:9f:3f:2f:ab:b9:
19:1b:59:0d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYwbG0+Xl1hEKwBDUrClBJzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1N2IwYWMxMGI4NjQyYTI3ZGQzZDc0ZWQ2Y2I1ZWUwNDVl
NjdiOTcwHhcNMjMxMTI5MTI0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTI3ZGE1ZWM5NWUwZDQ4Zjc4ZjBhNTIwM2M1NzkwOTQ2MTE0YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApddJOtHsdrogVFpFEi/JBFx3nbR8
KBAKZNqtZy1aPNSaqz/zzZypfszwziFRLqa1DNYjPwEGgkg7TcqB8T+YSUQnoeBU
RNLdLKxdURDr7zqkOkCtQ6rDJZ3rEOySRdtPC6mMTUuqOlkG8FH9E4rtfFPviTKU
9TdJRAnHWB4cDpEanoTra2srC1B/Pe8fevvG870Ndu00Q2xZ9HpWwlxhh9gI2LI0
FV/8YswNR5eOjmSGd2ypDhHu+//0i205RVwfNr9UNaVVCKWbKrmeqktPIt+PpquL
wIpUzCqPDEKvoao4j+EigM1/NDRsKLCReu8bq9sGtUK6Yy3NlU36X3jI9wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOkn2l7JXg1I948KUgPFeQlGEUoNMB8GA1UdIwQY
MBaAFFV7CsELhkKifdPXTtbLXuBF5nuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYt
ZmJlMWEwZDBhYTk4LzEvNlNmYVhzbGVEVWozandwU0E4VjVDVVlSU2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYtZmJlMWEwZDBhYTk4
LzEvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQALv0IAwQA
Lv0KAwQALv0PAwQDXV6IAwQAX6nAAwQAX6nJAwQBX6nMAwQEX6nQAwQAuQfZMA0E
AgACMAcDBQAqAUpAMA0GCSqGSIb3DQEBCwUAA4IBAQCVHh1eotHTwVGzRlfxr8Zv
iq4NMzA4l6+gDGYWjNSuFK1stmJwQt/VM+HdGAx2b6WwW3d2xIb2zuNpJGbk+dA+
woq00/7hcxm7BqH7cJADe+EXeg0VSbPS6zhapur4JTtiTqqwx4IqICujSEhTfdDz
AvPAmXKcS7TFQZ4cwGnABF3qx9HoU1WUnvLXmKrRMqYq1dgQTDtCNbk0z9BnmtUA
Ppp0F9g1n3RiAM48wH6R0ijZf5FrQ0pI5o4/VSF4Gi3xOVTQ6YZbJ0wRJ7FZoyZk
J8dgPW9HTE6QR4DX4mkg193IGMqUbPTa9b4WnG9pZE28tDGM4H08nz8vq7kZG1kN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:50 2024 by rpki-client on console-ams.rpki-client.org