Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/tbC19LudzJmpnjU2Z3j2Juwlfyg.roa
File: tbC19LudzJmpnjU2Z3j2Juwlfyg.roa (raw, json)
Hash identifier: H+W8xJg0SUl3nd7gaENFD7y1g3OEqGFTQcrytK2rWUI=
Subject key identifier: B5:B0:B5:F4:BB:9D:CC:99:A9:9E:35:36:67:78:F6:26:EC:25:7F:28
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 018CC56E4C0DB79B7A160E27AD386A1A5A58
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/tbC19LudzJmpnjU2Z3j2Juwlfyg.roa
Signing time: Mon 01 Jan 2024 14:29:49 +0000
ROA not before: Mon 01 Jan 2024 14:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/19 maxlen: 19
83.172.160.0/21 maxlen: 21
83.172.168.0/22 maxlen: 22
83.172.180.0/22 maxlen: 22
83.172.184.0/21 maxlen: 21
2a02:cec0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4c:0d:b7:9b:7a:16:0e:27:ad:38:6a:1a:5a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Jan 1 14:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5b0b5f4bb9dcc99a99e35366778f626ec257f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:19:51:af:06:02:59:89:29:db:45:e3:a1:44:
b5:38:4e:f1:24:47:8e:83:68:f4:85:14:cc:b4:66:
10:4d:c1:82:e3:6f:cb:af:50:d6:77:d3:0b:a7:da:
c2:c6:a2:56:77:c2:17:2f:7a:fd:b0:0f:12:01:cb:
f7:9a:d1:64:a0:a1:30:2f:16:0f:cf:9d:7d:72:23:
11:1c:98:b9:f1:a2:7e:30:29:b7:32:f6:19:82:38:
28:40:d5:52:ad:8c:7e:0d:1e:97:2b:e9:11:ed:df:
c5:29:ab:d0:f1:53:f2:77:35:c5:48:35:cc:7d:e5:
70:bc:46:78:17:0e:b4:45:20:ef:3b:ac:be:81:9b:
7a:95:66:c0:78:10:8b:9a:26:e6:13:0a:c8:b2:e2:
d6:08:8b:1e:72:8b:dd:9a:49:54:73:f2:0b:5b:cc:
c3:85:56:63:5b:fb:83:4c:b0:29:b0:5e:c5:2f:58:
1d:6a:f4:c4:91:34:0c:74:15:25:e0:6f:f4:80:b0:
62:f0:ca:90:6b:aa:16:5a:69:76:9d:19:29:bb:69:
9e:07:f9:a1:94:fe:fc:6b:57:34:78:d3:6e:3e:c7:
ea:a0:8a:10:2f:12:11:92:2b:97:7d:df:7b:9b:ed:
46:6e:44:12:34:59:e3:87:ef:53:db:d2:cf:d9:36:
c0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B0:B5:F4:BB:9D:CC:99:A9:9E:35:36:67:78:F6:26:EC:25:7F:28
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/tbC19LudzJmpnjU2Z3j2Juwlfyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0-83.172.171.255
83.172.180.0-83.172.191.255
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
b3:34:e3:ad:af:a8:15:85:2a:34:5c:18:d6:27:38:4f:4f:3c:
13:d2:55:27:71:39:e2:e8:8f:35:6c:98:4f:40:ba:86:1c:4a:
8b:eb:b0:d9:e4:46:84:82:13:81:c3:5e:80:52:0a:a2:66:0d:
fc:df:27:bb:5a:7c:b1:98:7e:04:3c:77:e7:99:26:36:d5:14:
e2:a5:d4:26:ce:95:11:53:bb:1c:26:6e:3e:ee:ea:a3:70:8e:
7e:6d:50:ad:1b:9e:cf:60:24:12:7b:75:3f:ee:5c:d5:10:ea:
a3:dc:d3:8d:0a:65:de:f1:03:03:b8:51:4e:e7:6f:13:a6:55:
4a:01:ec:db:3f:b7:61:9d:1f:ff:81:66:60:08:94:5e:18:8f:
bd:f3:e6:e2:dc:87:84:8b:01:f7:ac:c8:fc:76:cb:ae:b2:98:
89:ed:26:8c:70:5b:17:49:f3:1e:4b:ce:8c:e7:d4:ff:60:27:
58:da:56:a3:26:d1:4f:1e:4b:a3:3a:1a:6f:bc:6a:cd:f1:54:
c7:ea:80:b1:29:5d:85:cc:48:50:54:33:34:9e:08:75:52:bb:
a4:65:23:de:a2:3a:b7:75:e2:1b:63:a3:dd:28:5c:2a:9f:cd:
9e:32:ef:c0:60:51:97:4d:c5:20:73:87:ad:3b:35:48:52:ca:
54:4d:05:ea
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzFbkwNt5t6Fg4nrThqGlpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjQwMTAxMTQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIwYjVmNGJiOWRjYzk5YTk5ZTM1MzY2Nzc4ZjYyNmVjMjU3ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRlRrwYCWYkp20XjoUS1OE7xJEeO
g2j0hRTMtGYQTcGC42/Lr1DWd9MLp9rCxqJWd8IXL3r9sA8SAcv3mtFkoKEwLxYP
z519ciMRHJi58aJ+MCm3MvYZgjgoQNVSrYx+DR6XK+kR7d/FKavQ8VPydzXFSDXM
feVwvEZ4Fw60RSDvO6y+gZt6lWbAeBCLmibmEwrIsuLWCIsecovdmklUc/ILW8zD
hVZjW/uDTLApsF7FL1gdavTEkTQMdBUl4G/0gLBi8MqQa6oWWml2nRkpu2meB/mh
lP78a1c0eNNuPsfqoIoQLxIRkiuXfd97m+1GbkQSNFnjh+9T29LP2TbAuQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFLWwtfS7ncyZqZ41Nmd49ibsJX8oMB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvdGJDMTlMdWR6Sm1wbmpVMlozajJKdXdsZnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAdTrIAD
BAJTrKgwDAMEAlOstAMEBlOsgDANBAIAAjAHAwUCKgLOwDANBgkqhkiG9w0BAQsF
AAOCAQEAszTjra+oFYUqNFwY1ic4T088E9JVJ3E54uiPNWyYT0C6hhxKi+uw2eRG
hIITgcNegFIKomYN/N8nu1p8sZh+BDx355kmNtUU4qXUJs6VEVO7HCZuPu7qo3CO
fm1QrRuez2AkEnt1P+5c1RDqo9zTjQpl3vEDA7hRTudvE6ZVSgHs2z+3YZ0f/4Fm
YAiUXhiPvfPm4tyHhIsB96zI/HbLrrKYie0mjHBbF0nzHkvOjOfU/2AnWNpWoybR
Tx5Lozoab7xqzfFUx+qAsSldhcxIUFQzNJ4IdVK7pGUj3qI6t3XiG2Oj3ShcKp/N
njLvwGBRl03FIHOHrTs1SFLKVE0F6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:51 2024 by rpki-client on console-ams.rpki-client.org