Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/56AIr59RgqXBo-kqvylk-9KOyOw.roa
File: 56AIr59RgqXBo-kqvylk-9KOyOw.roa (raw, json)
Hash identifier: 0FrpIjJ2MUid5SX9SlqqIl4tKhH6tpyFkbCy5IcDeMk=
Subject key identifier: E7:A0:08:AF:9F:51:82:A5:C1:A3:E9:2A:BF:29:64:FB:D2:8E:C8:EC
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 018571154FFC3E4D83B472E7D930BF395ED0
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/56AIr59RgqXBo-kqvylk-9KOyOw.roa
Signing time: Mon 02 Jan 2023 06:05:00 +0000
ROA not before: Mon 02 Jan 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5503
IP address blocks: 213.18.192.0/18 maxlen: 24
212.132.128.0/19 maxlen: 24
217.177.64.0/19 maxlen: 24
185.192.228.0/22 maxlen: 24
212.132.64.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.180.0.0/17 maxlen: 24
217.177.128.0/17 maxlen: 24
194.154.0.0/19 maxlen: 24
212.132.32.0/19 maxlen: 24
217.181.0.0/17 maxlen: 24
62.171.192.0/18 maxlen: 24
217.179.0.0/16 maxlen: 24
194.238.0.0/17 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:4f:fc:3e:4d:83:b4:72:e7:d9:30:bf:39:5e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7a008af9f5182a5c1a3e92abf2964fbd28ec8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:33:c0:1a:b0:e1:ca:6e:dd:09:b6:85:fd:a1:
38:dd:df:f4:89:2d:32:0e:eb:39:f4:65:56:e6:6c:
43:3c:4b:93:a2:4d:db:76:ec:94:55:24:d6:51:6a:
66:70:8a:d7:11:25:1c:b6:65:92:64:4c:28:e8:d4:
24:6b:e5:88:9f:93:2f:93:92:66:3d:03:1a:19:ac:
8c:d1:9c:fd:d9:00:cf:e1:61:0e:a3:52:0a:ed:6c:
12:fa:48:54:52:3f:5d:18:c8:22:ad:93:d2:cf:13:
a3:ee:2c:93:85:02:7c:c2:04:59:2b:1a:3d:5c:90:
71:0e:d4:64:30:69:d5:37:44:53:cd:e4:d5:09:03:
ee:79:b3:76:73:37:fa:b0:e4:9c:9f:a4:ef:47:6b:
61:3a:dc:c2:c4:85:98:f0:2f:42:33:9b:5c:e4:8c:
8a:5f:b9:77:cc:d9:84:1a:53:24:60:99:6c:13:b3:
36:29:d5:ad:f7:1a:dd:d4:94:c4:65:80:cb:38:68:
82:70:48:d1:08:e4:07:9c:17:6d:53:b1:bf:f8:29:
fa:40:a3:a9:46:85:b1:95:4c:b7:82:a6:a1:1e:48:
d7:6b:02:07:cd:ce:6f:ce:41:39:27:15:1a:1c:fd:
0a:ba:ab:7a:61:e1:32:9c:c6:d4:24:4d:40:d8:b3:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A0:08:AF:9F:51:82:A5:C1:A3:E9:2A:BF:29:64:FB:D2:8E:C8:EC
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/56AIr59RgqXBo-kqvylk-9KOyOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.0.0/17
212.132.32.0-212.132.159.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.177.128.0/17
217.179.0.0-217.180.127.255
217.181.0.0/17
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:c7:68:f4:98:23:04:f4:2a:e4:d7:f0:a7:ac:39:dc:6d:3d:
5d:bf:52:f7:1f:ca:2d:69:3f:8b:11:2a:b6:e5:ca:30:41:82:
46:1e:a1:92:10:52:c1:ea:42:8c:01:ae:32:bc:0c:12:e1:0c:
88:a6:2f:b1:94:f8:05:54:93:31:24:ee:8f:48:4e:2c:f9:09:
94:b9:ce:cf:27:ad:3b:48:4c:71:88:f1:b9:e1:1c:12:68:be:
f6:cb:c3:ef:5d:95:19:1c:a4:4b:e3:ce:ae:f1:fe:ac:6b:c0:
dc:f9:a2:36:15:8b:fa:54:ce:ba:4b:59:d5:2b:10:ba:4f:3d:
0d:65:9f:b8:37:14:cd:77:ca:28:47:54:92:7b:f3:fa:9f:ed:
ab:39:b0:3f:3f:cf:f6:54:7e:03:97:2a:1f:8d:0a:93:77:38:
82:4e:d1:88:2f:7a:0c:12:5a:36:03:c0:c3:1a:72:82:93:0a:
27:c7:d1:7a:a0:65:a4:da:d1:14:b1:8c:77:b6:b3:20:23:94:
f3:c9:79:a8:c7:f9:4c:98:de:74:84:54:7c:22:67:5e:70:a6:
9a:1f:3c:eb:41:a4:6b:2b:4b:16:60:7a:60:69:a7:f2:9b:3a:
9b:01:0f:df:88:fc:45:c0:cd:6b:77:d5:1d:09:e7:47:88:7d:
ee:87:cb:c0
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYVxFU/8Pk2DtHLn2TC/OV7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2EwMDhhZjlmNTE4MmE1YzFhM2U5MmFiZjI5NjRmYmQyOGVjOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzPAGrDhym7dCbaF/aE43d/0iS0y
Dus59GVW5mxDPEuTok3bduyUVSTWUWpmcIrXESUctmWSZEwo6NQka+WIn5Mvk5Jm
PQMaGayM0Zz92QDP4WEOo1IK7WwS+khUUj9dGMgirZPSzxOj7iyThQJ8wgRZKxo9
XJBxDtRkMGnVN0RTzeTVCQPuebN2czf6sOScn6TvR2thOtzCxIWY8C9CM5tc5IyK
X7l3zNmEGlMkYJlsE7M2KdWt9xrd1JTEZYDLOGiCcEjRCOQHnBdtU7G/+Cn6QKOp
RoWxlUy3gqahHkjXawIHzc5vzkE5JxUaHP0Kuqt6YeEynMbUJE1A2LNTywIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFOegCK+fUYKlwaPpKr8pZPvSjsjsMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvNTZBSXI1OVJncVhCby1rcXZ5bGstOUtPeU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQGPqvAAwQC
ucDkAwQFwpoAAwQHwu4AMAwDBAXUhCADBAXUhIADBAbVEsAwCwMDANmxAwQF2bFA
AwQH2bGAMAsDAwDZswMEB9m0AAMEB9m1ADANBAIAAjAHAwUAKgIPsDANBgkqhkiG
9w0BAQsFAAOCAQEACsdo9JgjBPQq5Nfwp6w53G09Xb9S9x/KLWk/ixEqtuXKMEGC
Rh6hkhBSwepCjAGuMrwMEuEMiKYvsZT4BVSTMSTuj0hOLPkJlLnOzyetO0hMcYjx
ueEcEmi+9svD712VGRykS+POrvH+rGvA3PmiNhWL+lTOuktZ1SsQuk89DWWfuDcU
zXfKKEdUknvz+p/tqzmwPz/P9lR+A5cqH40Kk3c4gk7RiC96DBJaNgPAwxpygpMK
J8fReqBlpNrRFLGMd7azICOU88l5qMf5TJjedIRUfCJnXnCmmh8860GkaytLFmB6
YGmn8ps6mwEP34j8RcDNa3fVHQnnR4h97ofLwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:08 2024 by rpki-client on console-fra.rpki-client.org