Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/xs_SlLE8etPHNgvriWcgvPqH6Y4.roa
File: xs_SlLE8etPHNgvriWcgvPqH6Y4.roa (raw, json)
Hash identifier: CFQRUNm755oCpMtZqDldleXVmReg5Q6QeylPBwrDFfU=
Subject key identifier: C6:CF:D2:94:B1:3C:7A:D3:C7:36:0B:EB:89:67:20:BC:FA:87:E9:8E
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0530C4D4
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/xs_SlLE8etPHNgvriWcgvPqH6Y4.roa
Signing time: Tue 24 May 2022 14:45:15 +0000
ROA not before: Tue 24 May 2022 14:45:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.208.69.0/24 maxlen: 24
91.208.73.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
194.156.150.0/24 maxlen: 24
194.156.150.0/23 maxlen: 24
45.83.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87082196 (0x530c4d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 24 14:45:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6cfd294b13c7ad3c7360beb896720bcfa87e98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c8:d3:60:13:be:f0:c0:3d:4f:b8:90:fc:da:
13:1b:df:ef:51:55:41:fa:d4:c9:a4:36:34:0f:4f:
22:8d:6a:bc:9c:04:b8:b4:ca:e7:72:5d:14:df:c8:
33:7e:04:72:fe:54:c2:d9:3f:08:7e:a1:90:30:d4:
f0:94:5e:c3:9b:12:a9:73:9d:22:03:4f:51:de:b7:
dc:71:c0:d5:0c:90:4a:3d:3e:a6:fc:08:41:e4:15:
88:64:5f:54:6e:f3:ee:a5:81:98:be:3a:25:aa:21:
1e:5f:7e:41:a8:a4:b8:29:1d:71:87:56:61:a9:d2:
5b:c3:b6:d7:de:cd:96:b3:89:59:33:98:d0:82:4b:
89:6b:b1:b9:39:85:d4:fb:30:b2:a2:83:6f:7f:b4:
c2:13:5d:b9:28:16:75:58:ac:86:e3:c8:64:9f:4a:
a5:8b:1a:90:35:cf:d5:f4:7d:e0:22:96:73:4e:01:
ba:1d:86:91:a7:4f:c0:21:58:23:22:a3:68:6c:b5:
b6:2d:d1:f6:48:9b:f1:1a:bc:af:76:f3:7a:10:72:
f5:4a:53:ef:c2:95:47:17:74:24:a6:41:24:5e:ca:
9c:5d:36:a2:14:fe:69:b9:2a:ef:81:71:54:35:8e:
67:04:a6:ec:11:76:42:19:df:f5:50:c1:6c:95:60:
ee:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CF:D2:94:B1:3C:7A:D3:C7:36:0B:EB:89:67:20:BC:FA:87:E9:8E
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/xs_SlLE8etPHNgvriWcgvPqH6Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.238.0/24
91.208.69.0/24
91.208.73.0/24
194.156.150.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:31:5d:e5:5d:ab:fe:62:d5:42:38:40:d8:0e:e4:e5:83:21:
93:dd:9b:65:da:d5:c6:dc:06:18:75:82:d3:2c:71:fe:0a:d6:
ce:b7:ec:6d:a7:78:61:c9:42:90:e4:48:79:e5:87:3a:12:b9:
9e:61:c0:8e:ed:b5:d7:33:b5:6f:1e:2b:bc:15:58:52:88:eb:
67:4d:81:ce:96:de:b7:44:cc:f9:90:f8:1e:16:74:cc:89:f3:
fa:fb:b5:c9:d2:c3:c7:7d:61:4c:7d:d7:9c:82:70:04:26:4b:
bd:5c:e5:f7:22:82:e2:f1:05:5f:47:89:ec:18:0e:bf:97:46:
54:09:04:f8:e4:89:13:b2:3b:21:58:6c:95:54:86:2d:b5:98:
1d:50:58:0c:7b:8f:d0:7c:7e:80:09:04:d1:e7:69:24:54:5b:
21:ec:2e:03:ad:16:ab:68:c3:9e:e5:27:47:5a:5d:ca:c7:dd:
0d:63:4a:fd:be:16:c0:25:18:f8:c4:9d:a7:04:dc:e4:1f:6f:
67:ab:1b:e7:8e:6f:1b:a2:81:9e:38:74:ee:d1:a0:13:3b:48:
0f:8e:85:74:f5:52:ed:bd:a4:76:bb:37:24:5c:49:04:af:33:
85:97:36:39:8f:e4:1c:e9:4b:68:ad:55:a0:fe:ba:77:b1:d0:
90:df:40:83
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBTDE1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDUy
NDE0NDUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZjZmQyOTRiMTNj
N2FkM2M3MzYwYmViODk2NzIwYmNmYTg3ZTk4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzI02ATvvDAPU+4kPzaExvf71FVQfrUyaQ2NA9PIo1qvJwE
uLTK53JdFN/IM34Ecv5Uwtk/CH6hkDDU8JRew5sSqXOdIgNPUd633HHA1QyQSj0+
pvwIQeQViGRfVG7z7qWBmL46JaohHl9+QaikuCkdcYdWYanSW8O2197NlrOJWTOY
0IJLiWuxuTmF1PswsqKDb3+0whNduSgWdVishuPIZJ9KpYsakDXP1fR94CKWc04B
uh2GkadPwCFYIyKjaGy1ti3R9kib8Rq8r3bzehBy9UpT78KVRxd0JKZBJF7KnF02
ohT+abkq74FxVDWOZwSm7BF2Qhnf9VDBbJVg7kcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTGz9KUsTx608c2C+uJZyC8+ofpjjAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
L3hzX1NsTEU4ZXRQSE5ndnJpV2NndlBxSDZZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC1T7gMEAFvQRQMEAFvQSQMEAcKc
ljANBgkqhkiG9w0BAQsFAAOCAQEAKjFd5V2r/mLVQjhA2A7k5YMhk92bZdrVxtwG
GHWC0yxx/grWzrfsbad4YclCkORIeeWHOhK5nmHAju211zO1bx4rvBVYUojrZ02B
zpbet0TM+ZD4HhZ0zInz+vu1ydLDx31hTH3XnIJwBCZLvVzl9yKC4vEFX0eJ7BgO
v5dGVAkE+OSJE7I7IVhslVSGLbWYHVBYDHuP0Hx+gAkE0edpJFRbIewuA60Wq2jD
nuUnR1pdysfdDWNK/b4WwCUY+MSdpwTc5B9vZ6sb545vG6KBnjh07tGgEztID46F
dPVS7b2kdrs3JFxJBK8zhZc2OY/kHOlLaK1VoP66d7HQkN9Agw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org