Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/wV2VCSMjWGpXbXVNqEQYbXkahiU.roa
File: wV2VCSMjWGpXbXVNqEQYbXkahiU.roa (raw, json)
Hash identifier: RPz7hxMjw1nT2icifFToGZY6Zgu5n5/zJEWC4Sl2mSE=
Subject key identifier: C1:5D:95:09:23:23:58:6A:57:6D:75:4D:A8:44:18:6D:79:1A:86:25
Certificate issuer: /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial: 018CC726F112C1AC5DB8604E5025EC24E832
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/wV2VCSMjWGpXbXVNqEQYbXkahiU.roa
Signing time: Mon 01 Jan 2024 22:31:07 +0000
ROA not before: Mon 01 Jan 2024 22:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208041
IP address blocks: 193.160.10.0/23 maxlen: 23
193.160.14.0/23 maxlen: 23
109.197.32.0/23 maxlen: 23
185.222.5.0/24 maxlen: 24
185.222.6.0/24 maxlen: 24
2a0f:d181::/32 maxlen: 32
2a0c:8440::/48 maxlen: 48
2a0f:d180::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f1:12:c1:ac:5d:b8:60:4e:50:25:ec:24:e8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Validity
Not Before: Jan 1 22:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c15d95092323586a576d754da844186d791a8625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:16:9b:72:ec:b5:6a:ce:13:33:30:55:e3:52:
ee:fa:78:b3:e5:7d:96:fa:89:d2:5c:a4:af:fc:fc:
c3:e5:07:41:30:a1:15:82:8c:21:cd:0b:02:e4:7b:
06:dd:8e:31:26:4b:36:6a:24:e4:d4:f7:40:30:39:
d9:53:0f:b1:9a:c7:19:44:21:3f:75:f0:39:d3:3c:
a5:bb:14:ba:48:65:c3:b9:e0:0b:7c:21:44:61:de:
48:0f:5f:6e:87:86:a5:2a:09:81:68:eb:5b:5e:45:
90:ec:3a:28:9f:ad:9d:d3:e1:35:fd:b3:6c:75:50:
ba:24:29:82:28:d1:85:79:5e:a9:89:ea:ce:d3:ca:
a6:31:4d:5a:cf:d8:6c:44:33:ae:73:cf:df:8d:fc:
01:86:e6:2d:23:4d:d9:ae:5d:65:ec:c9:e3:e4:30:
46:e6:10:8f:49:37:3b:01:72:8b:f5:66:ff:a6:79:
1a:37:7f:6c:d1:b2:4b:da:00:d2:4a:e5:f1:d6:74:
2e:a3:48:07:46:4d:f0:59:d7:a0:66:80:ce:62:a6:
a5:11:6f:f8:37:08:ee:56:0b:8a:34:ba:bb:17:92:
ea:c6:51:46:2c:5b:08:fb:d8:e0:58:ab:f5:ed:d4:
ac:fd:8d:58:e9:88:4e:92:73:8c:48:f6:8c:18:a8:
cc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5D:95:09:23:23:58:6A:57:6D:75:4D:A8:44:18:6D:79:1A:86:25
X509v3 Authority Key Identifier:
keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/wV2VCSMjWGpXbXVNqEQYbXkahiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.32.0/23
185.222.5.0-185.222.6.255
193.160.10.0/23
193.160.14.0/23
IPv6:
2a0c:8440::/48
2a0f:d180::/31
Signature Algorithm: sha256WithRSAEncryption
0a:8d:18:7f:11:77:ac:69:8c:b5:f6:7b:77:b0:10:c6:e7:2f:
9c:56:67:ee:ab:4d:b7:65:71:e6:2a:26:c8:63:24:e0:5e:7c:
57:80:b3:1a:d9:75:72:16:bb:d8:3d:89:0e:e8:95:02:66:94:
60:d6:ee:eb:59:f8:e9:20:68:c4:a0:2c:82:ba:42:56:33:b2:
92:d5:9c:76:45:ab:81:67:74:5d:01:ce:e6:80:5c:1f:ea:4e:
0d:f5:0c:83:9f:3e:d2:7f:5a:76:29:56:58:1e:6d:be:94:6c:
f1:81:c1:72:dd:fd:6c:6e:85:14:fc:68:1b:a0:a0:50:11:c5:
6f:fd:ee:24:5c:d8:e4:00:af:5c:b5:17:91:d2:76:8e:52:fa:
fa:3d:ee:84:94:20:18:61:f5:af:c9:4f:36:43:10:92:c6:f7:
27:c4:a6:5c:cc:34:e1:5f:0e:15:11:af:55:c9:72:a4:e4:0d:
a3:e2:af:d7:63:cb:a9:32:1e:13:a1:27:8b:5e:c4:91:99:9d:
15:0c:ca:91:b3:bb:5d:d0:91:5a:45:2d:56:9e:f1:4f:fa:63:
3c:f7:c2:77:03:e8:ec:3b:aa:e0:ab:f0:be:16:fa:e7:2c:91:
2e:20:0c:90:a0:16:b0:57:8c:65:be:41:6e:08:ee:a2:00:01:
89:c3:03:fc
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzHJvESwaxduGBOUCXsJOgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MWVjYzFhNzRjZjkyYWI2MTljNWY3MTAxMjM5MzdjZTUw
ZDljNDMwHhcNMjQwMTAxMjIzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTVkOTUwOTIzMjM1ODZhNTc2ZDc1NGRhODQ0MTg2ZDc5MWE4NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRabcuy1as4TMzBV41Lu+niz5X2W
+onSXKSv/PzD5QdBMKEVgowhzQsC5HsG3Y4xJks2aiTk1PdAMDnZUw+xmscZRCE/
dfA50zyluxS6SGXDueALfCFEYd5ID19uh4alKgmBaOtbXkWQ7Doon62d0+E1/bNs
dVC6JCmCKNGFeV6pierO08qmMU1az9hsRDOuc8/fjfwBhuYtI03Zrl1l7Mnj5DBG
5hCPSTc7AXKL9Wb/pnkaN39s0bJL2gDSSuXx1nQuo0gHRk3wWdegZoDOYqalEW/4
NwjuVguKNLq7F5LqxlFGLFsI+9jgWKv17dSs/Y1Y6YhOknOMSPaMGKjMuQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMFdlQkjI1hqV211TahEGG15GoYlMB8GA1UdIwQY
MBaAFFgezBp0z5KrYZxfcQEjk3zlDZxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYt
ZGE4OGI2YmRiMzE2LzEvd1YyVkNTTWpXR3BYYlhWTnFFUVliWGthaGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYtZGE4OGI2YmRiMzE2
LzEvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQBbcUgMAwD
BAC53gUDBAC53gYDBAHBoAoDBAHBoA4wFgQCAAIwEAMHACoMhEAAAAMFASoP0YAw
DQYJKoZIhvcNAQELBQADggEBAAqNGH8Rd6xpjLX2e3ewEMbnL5xWZ+6rTbdlceYq
JshjJOBefFeAsxrZdXIWu9g9iQ7olQJmlGDW7utZ+OkgaMSgLIK6QlYzspLVnHZF
q4FndF0BzuaAXB/qTg31DIOfPtJ/WnYpVlgebb6UbPGBwXLd/WxuhRT8aBugoFAR
xW/97iRc2OQAr1y1F5HSdo5S+vo97oSUIBhh9a/JTzZDEJLG9yfEplzMNOFfDhUR
r1XJcqTkDaPir9djy6kyHhOhJ4texJGZnRUMypGzu13QkVpFLVae8U/6Yzz3wncD
6Ow7quCr8L4W+ucskS4gDJCgFrBXjGW+QW4I7qIAAYnDA/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:39 2024 by rpki-client on console-ams.rpki-client.org