Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/5T4aw1l0d0VW3CXJVo-tRer2bhI.roa
File: 5T4aw1l0d0VW3CXJVo-tRer2bhI.roa (raw, json)
Hash identifier: 7BkCXeA7k4WfZYMBcDuRpENnvXRkyLiRHrXbTNPe2Ls=
Subject key identifier: E5:3E:1A:C3:59:74:77:45:56:DC:25:C9:56:8F:AD:45:EA:F6:6E:12
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 018520EF0AD634E714C65B8345D426090280
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/5T4aw1l0d0VW3CXJVo-tRer2bhI.roa
Signing time: Sat 17 Dec 2022 16:33:34 +0000
ROA not before: Sat 17 Dec 2022 16:33:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6696
IP address blocks: 94.139.39.0/24 maxlen: 24
109.69.217.16/28 maxlen: 28
62.112.29.0/24 maxlen: 24
62.112.31.0/24 maxlen: 24
94.139.37.0/24 maxlen: 24
94.139.36.0/24 maxlen: 24
94.139.34.0/23 maxlen: 23
46.18.36.0/22 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.33.0/24 maxlen: 24
5.149.136.0/23 maxlen: 23
5.149.138.0/24 maxlen: 24
5.149.140.0/23 maxlen: 23
5.149.142.0/24 maxlen: 24
86.107.124.0/23 maxlen: 23
86.107.120.0/22 maxlen: 22
87.238.225.0/24 maxlen: 24
86.107.126.0/24 maxlen: 24
87.238.228.0/22 maxlen: 24
185.64.64.0/22 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.221.192/28 maxlen: 28
185.185.229.0/24 maxlen: 24
185.185.228.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.219.0/24 maxlen: 24
109.69.220.0/23 maxlen: 23
109.69.220.0/24 maxlen: 24
109.69.222.0/24 maxlen: 24
109.69.221.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
85.88.34.0/24 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:20:ef:0a:d6:34:e7:14:c6:5b:83:45:d4:26:09:02:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Dec 17 16:33:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e53e1ac35974774556dc25c9568fad45eaf66e12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c8:7c:e6:27:eb:7c:5f:48:f3:3e:07:b5:61:
ae:5c:96:79:7f:66:7c:95:7b:3f:e4:89:14:80:07:
5e:67:18:64:14:05:46:51:0b:56:b2:c3:35:c7:51:
f7:e7:b6:1d:53:05:70:08:09:15:40:4a:10:47:76:
aa:c7:b7:ff:7e:3c:51:68:1d:c8:0f:31:32:cd:9b:
b4:cf:8c:d8:4d:17:22:3c:5b:28:9e:db:88:08:26:
7c:88:79:23:64:c7:d1:2a:89:34:e8:9f:ba:bd:0b:
bc:67:b0:98:3d:88:6f:b4:6b:e2:3e:52:1f:d7:f9:
0e:00:a1:2b:12:0f:e5:40:0b:c1:12:ef:ad:34:d2:
1e:12:95:43:8a:18:3b:25:59:4c:be:f5:85:8c:40:
61:c9:a1:b5:74:2b:9b:40:6b:77:32:d3:46:9a:a5:
d5:31:7d:cc:24:85:62:3b:66:2f:65:50:0b:8a:fd:
28:f3:e1:65:6a:db:a7:58:05:71:05:fb:31:c4:1e:
33:74:9f:1a:a8:f0:00:27:7c:67:4a:e3:1f:ab:9c:
57:51:3e:a8:54:ed:12:7a:fb:33:55:73:47:0a:4d:
41:5b:36:d6:e6:b9:7c:5f:5d:d4:d5:c1:36:ee:bc:
d1:50:e1:5c:4f:f6:f5:93:a1:93:8c:2e:14:30:b8:
09:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3E:1A:C3:59:74:77:45:56:DC:25:C9:56:8F:AD:45:EA:F6:6E:12
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/5T4aw1l0d0VW3CXJVo-tRer2bhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.136.0-5.149.138.255
5.149.140.0-5.149.142.255
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.88.34.0/24
85.119.216.0/21
86.107.120.0-86.107.126.255
87.238.225.0/24
87.238.228.0/22
94.139.34.0-94.139.37.255
94.139.39.0/24
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
94:60:0e:87:c9:d0:20:d1:f2:74:92:f5:91:23:7d:cf:60:44:
5d:5c:8a:f9:c4:3e:1e:d4:fe:dd:c2:21:cf:a4:5a:70:01:57:
86:f6:5d:bd:ed:13:8b:e5:3b:bd:a7:68:d9:88:bd:b5:31:e6:
69:70:d5:e0:58:be:a4:e1:33:1c:4c:79:b7:f9:43:f0:18:c9:
9a:bb:a3:ba:7e:1b:2b:18:e2:f7:a9:72:c4:03:ea:84:32:b1:
03:61:27:c0:84:63:8b:d1:07:3c:6f:fe:ac:1b:20:ab:2e:12:
fb:e9:9a:e0:55:ac:2d:c3:9d:df:c8:7f:2d:da:10:ae:33:aa:
03:5f:63:c0:b0:4f:fa:e3:7e:b2:ad:01:9b:d0:ae:e6:12:e1:
6c:4a:c8:16:87:fb:aa:49:6a:78:68:84:f2:4d:f6:8f:00:7a:
cd:95:b8:3d:b0:1b:cd:f2:34:df:21:50:e7:88:88:cd:95:01:
ff:15:b1:33:2b:70:8b:0b:45:14:8d:14:51:5a:3f:6f:cf:ef:
dc:f5:1e:01:fa:9a:42:a2:30:b2:dd:4e:0e:02:ce:b3:1d:56:
12:a2:6b:53:4a:55:b2:5f:7c:38:c3:12:c3:36:1a:2c:77:55:
7a:f7:6a:09:ac:08:8f:31:d7:31:ab:61:77:47:da:c0:bb:8d:
6a:20:01:99
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYUg7wrWNOcUxluDRdQmCQKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjIxMjE3MTYzMzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTNlMWFjMzU5NzQ3NzQ1NTZkYzI1Yzk1NjhmYWQ0NWVhZjY2ZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnch85ifrfF9I8z4HtWGuXJZ5f2Z8
lXs/5IkUgAdeZxhkFAVGUQtWssM1x1H357YdUwVwCAkVQEoQR3aqx7f/fjxRaB3I
DzEyzZu0z4zYTRciPFsontuICCZ8iHkjZMfRKok06J+6vQu8Z7CYPYhvtGviPlIf
1/kOAKErEg/lQAvBEu+tNNIeEpVDihg7JVlMvvWFjEBhyaG1dCubQGt3MtNGmqXV
MX3MJIViO2YvZVALiv0o8+FlatunWAVxBfsxxB4zdJ8aqPAAJ3xnSuMfq5xXUT6o
VO0SevszVXNHCk1BWzbW5rl8X13U1cE27rzRUOFcT/b1k6GTjC4UMLgJnQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFOU+GsNZdHdFVtwlyVaPrUXq9m4SMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvNVQ0YXcxbDBkMFZXM0NYSlZvLXRSZXIyYmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYwDAME
AwWViAMEAAWVijAMAwQCBZWMAwQABZWOAwQDJRMIMAwDBAAuEiEDBAMuEiADBAA+
cB0DBAA+cB8DBABVWCIDBANVd9gwDAMEA1ZreAMEAFZrfgMEAFfu4QMEAlfu5DAM
AwQBXosiAwQBXoskAwQAXosnAwQBbUXYMAwDBABtRdsDBABtRd4DBAK5QEADBAG5
ueQwDQQCAAIwBwMFACoAFSgwDQYJKoZIhvcNAQELBQADggEBAJRgDofJ0CDR8nSS
9ZEjfc9gRF1civnEPh7U/t3CIc+kWnABV4b2Xb3tE4vlO72naNmIvbUx5mlw1eBY
vqThMxxMebf5Q/AYyZq7o7p+GysY4vepcsQD6oQysQNhJ8CEY4vRBzxv/qwbIKsu
EvvpmuBVrC3Dnd/Ify3aEK4zqgNfY8CwT/rjfrKtAZvQruYS4WxKyBaH+6pJanho
hPJN9o8Aes2VuD2wG83yNN8hUOeIiM2VAf8VsTMrcIsLRRSNFFFaP2/P79z1HgH6
mkKiMLLdTg4CzrMdVhKia1NKVbJffDjDEsM2Gix3VXr3agmsCI8x1zGrYXdH2sC7
jWogAZk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:00 2023 by rpki-client on console-fra.rpki-client.org