Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/6jDV6u3KsoO8ocmYUZk0P-UQhlY.roa
File: 6jDV6u3KsoO8ocmYUZk0P-UQhlY.roa (raw, json)
Hash identifier: xboV5mkIsdSvd9IaE0aR8MdpUC2smy1O+bMg3bpYTBQ=
Subject key identifier: EA:30:D5:EA:ED:CA:B2:83:BC:A1:C9:98:51:99:34:3F:E5:10:86:56
Certificate issuer: /CN=839d363b28f1c9084e1c1986876bb409b79a138c
Certificate serial: 068E47
Authority key identifier: 83:9D:36:3B:28:F1:C9:08:4E:1C:19:86:87:6B:B4:09:B7:9A:13:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g502OyjxyQhOHBmGh2u0CbeaE4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/6jDV6u3KsoO8ocmYUZk0P-UQhlY.roa
Signing time: Sat 29 Jan 2022 19:42:18 +0000
ROA not before: Sat 29 Jan 2022 19:42:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 94.45.178.0/24 maxlen: 24
94.45.173.0/24 maxlen: 24
94.45.179.0/24 maxlen: 24
94.45.174.0/24 maxlen: 24
94.45.177.0/24 maxlen: 24
94.45.180.0/24 maxlen: 24
94.45.182.0/24 maxlen: 24
94.45.183.0/24 maxlen: 24
94.45.189.0/24 maxlen: 24
94.45.188.0/24 maxlen: 24
94.45.191.0/24 maxlen: 24
94.45.164.0/24 maxlen: 24
94.45.166.0/24 maxlen: 24
94.45.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429639 (0x68e47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839d363b28f1c9084e1c1986876bb409b79a138c
Validity
Not Before: Jan 29 19:42:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea30d5eaedcab283bca1c9985199343fe5108656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e2:66:c9:8e:93:7d:a4:12:d2:0c:1d:28:14:
5c:8d:c5:b0:f7:60:4e:b8:e1:89:a5:02:cd:5b:f1:
49:18:8f:f3:8e:93:55:33:aa:6b:e0:eb:a6:72:eb:
b6:fe:c4:5b:2d:12:3f:67:ff:86:f3:0f:5c:01:b1:
9a:ea:cc:77:3d:37:23:8b:cb:70:e2:58:9e:c7:e0:
80:f7:6d:89:f1:41:ce:00:05:42:b8:12:5c:f3:f7:
5e:9b:f0:72:01:64:f1:6a:20:8d:d9:f0:7f:e0:cb:
81:73:a7:59:1f:10:c7:11:90:6c:92:9f:1c:14:ef:
79:40:79:e6:87:c1:11:1a:2b:9b:fd:a7:9d:b4:d0:
14:64:11:63:4a:8a:b8:13:16:2c:43:d9:26:f1:36:
a3:c1:08:6e:e4:b5:75:42:ed:78:cc:ca:30:e8:55:
f4:19:22:6e:d6:b0:36:3e:74:21:fe:bd:1b:b8:fd:
be:46:b6:1f:86:7a:65:69:72:88:dd:94:10:34:f2:
e5:47:bf:16:cf:cb:10:fc:85:38:f1:cd:34:68:dc:
08:15:76:58:23:29:bb:00:15:e9:bf:de:7f:c8:96:
f4:e7:03:dc:8b:63:38:56:40:41:3d:f4:9d:b1:a2:
36:72:40:43:47:51:14:ba:60:21:5a:38:16:28:d9:
e4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:30:D5:EA:ED:CA:B2:83:BC:A1:C9:98:51:99:34:3F:E5:10:86:56
X509v3 Authority Key Identifier:
keyid:83:9D:36:3B:28:F1:C9:08:4E:1C:19:86:87:6B:B4:09:B7:9A:13:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g502OyjxyQhOHBmGh2u0CbeaE4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/6jDV6u3KsoO8ocmYUZk0P-UQhlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/g502OyjxyQhOHBmGh2u0CbeaE4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.45.164.0/24
94.45.166.0/24
94.45.172.0-94.45.174.255
94.45.177.0-94.45.180.255
94.45.182.0/23
94.45.188.0/23
94.45.191.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:a2:7f:24:21:58:e4:90:f2:06:d5:20:a3:5b:6a:b6:79:e6:
0e:b0:20:65:99:44:93:2f:e3:92:ba:5b:d7:e3:e3:1f:36:5c:
0d:da:92:94:9b:5e:6c:98:9e:0b:6b:cf:06:92:a6:9f:d0:5f:
bb:91:5c:22:ae:8b:56:84:e8:da:bb:8e:21:d3:76:e3:07:e1:
f4:f0:e2:21:05:b3:33:22:76:9d:a5:9c:0e:78:ba:45:01:bf:
18:31:c4:6c:8d:8d:b5:55:19:c8:d8:10:66:b3:91:97:92:ba:
c1:82:d6:8a:fa:ec:a6:27:9a:ac:66:5b:fd:4e:ca:0d:77:f8:
16:8a:c5:ce:4b:c8:91:29:91:89:65:85:d5:e5:12:b7:dd:13:
7c:09:57:a0:79:0e:4b:d9:6e:b9:19:16:c3:0f:2a:39:c4:ea:
ec:48:85:f9:e7:d8:01:d7:3a:cd:50:c4:b3:06:c1:0a:c0:11:
8c:de:fb:81:18:31:48:fe:a1:e3:9c:25:20:19:48:18:7c:2e:
f4:39:3b:52:89:cc:4d:40:2b:96:1c:54:26:77:4e:76:5a:2d:
90:c8:b6:bd:20:21:28:29:35:94:c2:98:c6:62:ce:6d:6a:b7:
33:2b:4d:97:ae:4f:4a:d3:06:a0:ee:cd:04:17:fc:77:0d:fb:
0f:fe:41:dc
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIDBo5HMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgz
OWQzNjNiMjhmMWM5MDg0ZTFjMTk4Njg3NmJiNDA5Yjc5YTEzOGMwHhcNMjIwMTI5
MTk0MjE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlYTMwZDVlYWVkY2Fi
MjgzYmNhMWM5OTg1MTk5MzQzZmU1MTA4NjU2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoOJmyY6TfaQS0gwdKBRcjcWw92BOuOGJpQLNW/FJGI/zjpNV
M6pr4Oumcuu2/sRbLRI/Z/+G8w9cAbGa6sx3PTcji8tw4liex+CA922J8UHOAAVC
uBJc8/dem/ByAWTxaiCN2fB/4MuBc6dZHxDHEZBskp8cFO95QHnmh8ERGiub/aed
tNAUZBFjSoq4ExYsQ9km8TajwQhu5LV1Qu14zMow6FX0GSJu1rA2PnQh/r0buP2+
RrYfhnplaXKI3ZQQNPLlR78Wz8sQ/IU48c00aNwIFXZYIym7ABXpv95/yJb05wPc
i2M4VkBBPfSdsaI2ckBDR1EUumAhWjgWKNnkowIDAQABo4ICPTCCAjkwHQYDVR0O
BBYEFOow1ertyrKDvKHJmFGZND/lEIZWMB8GA1UdIwQYMBaAFIOdNjso8ckIThwZ
hodrtAm3mhOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZzUwMk95anh5UWhPSEJtR2gydTBDYmVhRTR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Zi9hOWU4YTYtMWNmMi00Yzg3LWI0OWEtNTIyODgyM2ZiOTdiLzEv
NmpEVjZ1M0tzb084b2NtWVVaazBQLVVRaGxZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9h
OWU4YTYtMWNmMi00Yzg3LWI0OWEtNTIyODgyM2ZiOTdiLzEvZzUwMk95anh5UWhP
SEJtR2gydTBDYmVhRTR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFMG
CCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAXi2kAwQAXi2mMAwDBAJeLawDBABe
La4wDAMEAF4tsQMEAF4ttAMEAV4ttgMEAV4tvAMEAF4tvzANBgkqhkiG9w0BAQsF
AAOCAQEA3aJ/JCFY5JDyBtUgo1tqtnnmDrAgZZlEky/jkrpb1+PjHzZcDdqSlJte
bJieC2vPBpKmn9Bfu5FcIq6LVoTo2ruOIdN24wfh9PDiIQWzMyJ2naWcDni6RQG/
GDHEbI2NtVUZyNgQZrORl5K6wYLWivrspiearGZb/U7KDXf4ForFzkvIkSmRiWWF
1eUSt90TfAlXoHkOS9luuRkWww8qOcTq7EiF+efYAdc6zVDEswbBCsARjN77gRgx
SP6h45wlIBlIGHwu9Dk7UonMTUArlhxUJndOdlotkMi2vSAhKCk1lMKYxmLObWq3
MytNl65PStMGoO7NBBf8dw37D/5B3A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:35 2023 by rpki-client on console-ams.rpki-client.org