Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/b5XSG2lT9Fxp6MJ95FcnSKRLYks.roa
File: b5XSG2lT9Fxp6MJ95FcnSKRLYks.roa (raw, json)
Hash identifier: pLQygwIE4POLxIuw2BNwMV600ObQqpZ75QOCW5vGreM=
Subject key identifier: 6F:95:D2:1B:69:53:F4:5C:69:E8:C2:7D:E4:57:27:48:A4:4B:62:4B
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 05A02A96
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/b5XSG2lT9Fxp6MJ95FcnSKRLYks.roa
Signing time: Mon 27 Jun 2022 06:36:40 +0000
ROA not before: Mon 27 Jun 2022 06:36:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51295
IP address blocks: 185.179.156.0/22 maxlen: 22
185.248.196.0/22 maxlen: 22
194.165.26.0/24 maxlen: 24
45.153.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94382742 (0x5a02a96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jun 27 06:36:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f95d21b6953f45c69e8c27de4572748a44b624b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:17:ea:fe:bf:29:c7:01:b9:37:8a:38:d2:7a:
11:e8:0b:d6:1b:3d:95:94:e4:45:7e:c8:df:db:ee:
7b:88:56:91:67:a5:7b:81:d4:a2:64:32:27:2a:a3:
ef:cd:72:ad:e2:aa:c8:16:de:de:5f:86:7a:e8:de:
d7:b3:61:f7:7b:8a:7b:e0:3f:ea:27:2e:00:7d:82:
2d:b4:1b:46:a5:93:4c:03:bb:d8:25:76:dd:1c:5d:
01:9e:2f:6f:75:13:28:44:88:6d:0f:42:d1:96:26:
2a:dd:20:56:c8:b4:e2:f4:7e:90:45:96:e4:a3:c3:
4b:3e:20:79:0d:61:d5:7a:37:ad:51:80:fe:ed:dc:
b5:27:ca:49:65:19:ad:9f:b0:d0:81:45:ee:b8:08:
21:22:9c:69:e1:5d:b2:60:72:e2:fc:45:82:a0:3e:
49:2f:0e:0d:21:f8:97:9d:b2:f8:cd:0f:da:5b:78:
88:ab:72:1e:9f:ee:b3:82:a6:46:58:6c:98:37:c4:
c6:20:af:38:40:b5:88:0c:a6:42:b3:22:da:1a:a2:
fb:12:c8:03:c2:23:b5:42:a7:e6:65:81:58:e9:45:
18:c6:18:c2:8c:5c:08:f0:64:3f:c8:62:a5:61:fd:
15:8d:55:5b:9b:35:fd:98:88:20:4f:91:f2:10:a8:
c8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:95:D2:1B:69:53:F4:5C:69:E8:C2:7D:E4:57:27:48:A4:4B:62:4B
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/b5XSG2lT9Fxp6MJ95FcnSKRLYks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.89.0/24
185.179.156.0/22
185.248.196.0/22
194.165.26.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:60:9b:67:ef:35:c0:5e:9d:5f:54:d6:73:ef:95:db:e2:f2:
0f:42:89:bb:a8:42:e6:64:4a:6f:29:80:f3:d1:f2:7a:71:fc:
bc:ca:e2:80:f8:e9:23:e5:2d:1c:40:e1:c7:30:94:8c:f2:a3:
cd:52:3b:39:c9:1a:ff:24:2e:18:08:c8:ee:7e:63:e8:e9:07:
6b:57:c5:b8:2b:a4:08:f2:f2:cc:66:a2:31:7b:62:5e:3c:1b:
b2:d2:56:65:50:23:f9:67:e7:4c:d6:74:74:3f:e0:59:97:c3:
75:09:b9:6d:de:d1:3c:73:5c:91:1e:37:27:d8:7c:e6:66:a8:
fe:44:0a:46:48:6d:69:49:61:18:49:58:84:f7:e1:3c:c7:6c:
91:87:ac:c6:81:bb:8f:f5:5d:bb:25:e7:74:9c:6a:d9:0d:23:
9e:fa:32:7a:dc:80:58:bf:ea:78:69:a9:36:74:fd:e7:e1:ff:
ad:61:0e:e7:c1:87:38:d6:97:dc:f2:ee:87:42:4a:24:92:b8:
ba:a8:53:e4:ab:2b:9c:04:ce:6f:2b:81:80:c6:82:75:fe:3b:
32:27:69:99:95:5e:35:28:b0:dd:09:34:ac:ac:90:56:e7:10:
dd:2e:75:4e:8d:69:66:03:e6:24:99:04:47:0b:ab:50:b9:99:
26:af:30:04
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBaAqljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTgyNDdkM2Y4MTQ3MmRiYmEwNmRiZWE5YmQxOWM3ODVkMThiYWJlMB4XDTIyMDYy
NzA2MzY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY5NWQyMWI2OTUz
ZjQ1YzY5ZThjMjdkZTQ1NzI3NDhhNDRiNjI0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsX6v6/KccBuTeKONJ6EegL1hs9lZTkRX7I39vue4hWkWel
e4HUomQyJyqj781yreKqyBbe3l+Geuje17Nh93uKe+A/6icuAH2CLbQbRqWTTAO7
2CV23RxdAZ4vb3UTKESIbQ9C0ZYmKt0gVsi04vR+kEWW5KPDSz4geQ1h1Xo3rVGA
/u3ctSfKSWUZrZ+w0IFF7rgIISKcaeFdsmBy4vxFgqA+SS8ODSH4l52y+M0P2lt4
iKtyHp/us4KmRlhsmDfExiCvOEC1iAymQrMi2hqi+xLIA8IjtUKn5mWBWOlFGMYY
woxcCPBkP8hipWH9FY1VW5s1/ZiIIE+R8hCoyE0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRvldIbaVP0XGnown3kVydIpEtiSzAfBgNVHSMEGDAWgBTZgkfT+BRy27oG
2+qb0Zx4XRi6vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8x
L2I1WFNHMmxUOUZ4cDZNSjk1RmNuU0tSTFlrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8xLzJZSkgwX2dVY3R1
NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC2ZWQMEArmznAMEArn4xAMEAMKl
GjANBgkqhkiG9w0BAQsFAAOCAQEAXWCbZ+81wF6dX1TWc++V2+LyD0KJu6hC5mRK
bymA89HyenH8vMrigPjpI+UtHEDhxzCUjPKjzVI7Ocka/yQuGAjI7n5j6OkHa1fF
uCukCPLyzGaiMXtiXjwbstJWZVAj+WfnTNZ0dD/gWZfDdQm5bd7RPHNckR43J9h8
5mao/kQKRkhtaUlhGElYhPfhPMdskYesxoG7j/VduyXndJxq2Q0jnvoyetyAWL/q
eGmpNnT95+H/rWEO58GHONaX3PLuh0JKJJK4uqhT5KsrnATObyuBgMaCdf47Midp
mZVeNSiw3Qk0rKyQVucQ3S51To1pZgPmJJkERwurULmZJq8wBA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:00 2023 by rpki-client on console-ams.rpki-client.org