Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_kdy6GcDwGnN8O3fZ8AvGyHP9eA.roa
File: _kdy6GcDwGnN8O3fZ8AvGyHP9eA.roa (raw, json)
Hash identifier: IiJBU5Bukh5YTBAo/9EWbbqrk2tWB3Luls6gkhPtRmc=
Subject key identifier: FE:47:72:E8:67:03:C0:69:CD:F0:ED:DF:67:C0:2F:1B:21:CF:F5:E0
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DC9082CAF1646780413C42773FE53
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_kdy6GcDwGnN8O3fZ8AvGyHP9eA.roa
Signing time: Sun 01 Jan 2023 20:55:01 +0000
ROA not before: Sun 01 Jan 2023 20:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 92.119.130.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
92.119.128.0/24 maxlen: 24
194.169.162.0/24 maxlen: 24
194.169.161.0/24 maxlen: 24
2.56.112.0/24 maxlen: 24
77.83.95.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c9:08:2c:af:16:46:78:04:13:c4:27:73:fe:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe4772e86703c069cdf0eddf67c02f1b21cff5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:85:a3:65:de:97:20:12:ae:a3:e0:71:dd:30:
c7:eb:20:01:2b:81:be:4f:2b:30:4f:a1:62:ad:4e:
54:b8:b0:88:d4:cd:bc:9b:a7:66:cf:89:1e:55:b2:
2a:c2:cc:52:ad:9a:97:57:3d:54:95:3f:46:31:e6:
19:35:08:87:48:47:9f:65:8b:ab:c0:a4:b6:16:9a:
69:9e:1f:03:6a:d7:c7:c4:98:06:c2:fc:c3:3d:25:
27:aa:93:ae:a4:59:17:26:6b:b7:1d:13:a8:3d:3c:
b9:41:37:c8:8d:b8:dd:43:35:a0:ba:d0:29:81:00:
16:ee:fd:c3:fa:11:bf:90:cd:b0:44:4b:a6:ab:1b:
e2:ca:32:54:68:d1:9c:0b:b7:f3:8b:1e:d3:f5:91:
85:d1:46:d8:4c:32:01:b3:15:28:11:d8:d3:27:2b:
dd:02:b8:62:f4:ac:2d:b9:d5:68:73:f3:ef:c3:32:
18:39:9a:5e:6a:d1:20:55:af:66:3d:ab:e6:0e:75:
ce:e5:83:b8:77:46:76:26:48:3f:58:9e:0f:2e:39:
fc:20:bb:91:f0:34:07:19:5a:c8:ef:e3:f0:f2:f0:
c9:05:8b:8a:5e:90:b3:b5:19:d5:3d:86:ab:f4:65:
2d:e4:af:92:43:01:73:be:dc:b5:d3:c7:da:7e:59:
c0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:47:72:E8:67:03:C0:69:CD:F0:ED:DF:67:C0:2F:1B:21:CF:F5:E0
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_kdy6GcDwGnN8O3fZ8AvGyHP9eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
77.83.95.0/24
92.119.128.0/24
92.119.130.0/24
194.169.161.0-194.169.162.255
Signature Algorithm: sha256WithRSAEncryption
a2:e3:2b:7c:16:49:44:74:9e:dd:46:96:b8:4c:7a:67:31:0e:
d9:ed:00:6c:11:04:37:d7:29:51:ba:16:3f:99:f3:5e:53:4d:
84:4e:eb:50:86:af:b6:54:92:3d:1d:fd:d1:04:1a:41:a9:55:
05:5b:8d:5a:b6:fc:64:25:fc:be:ef:be:af:03:c2:98:0e:76:
e2:4b:ce:cd:58:81:d1:98:6c:bf:50:8b:99:82:d4:aa:0a:8a:
42:a3:b2:5b:b6:6d:d8:a0:ef:79:f5:8f:66:ee:ae:4b:0d:f4:
f9:4e:22:92:66:6a:d2:9a:25:3a:05:68:45:8b:9c:c6:3d:8f:
51:85:6c:89:28:10:fd:88:48:d8:fc:df:a7:7a:3f:8b:6e:2b:
42:c4:d5:8a:67:dd:3e:d0:72:4d:0d:0b:e0:ac:1e:bc:ea:3c:
53:e8:ba:e6:98:9b:32:b6:ab:7a:25:09:14:9f:07:f1:9e:ff:
ec:41:44:c1:f2:3e:4a:14:fb:df:80:2f:f9:7c:15:ca:d2:85:
03:d2:08:a6:f8:fc:2d:00:0a:c8:3d:20:6c:78:97:5f:35:ea:
f6:78:ed:6d:f2:b1:d6:37:cf:47:2f:da:92:8d:35:b0:c3:87:
22:32:8a:1c:c1:dd:31:2f:53:10:86:88:c0:23:2e:b7:7b:28:
3f:03:c3:9c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvHckILK8WRngEE8Qnc/5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ3NzJlODY3MDNjMDY5Y2RmMGVkZGY2N2MwMmYxYjIxY2ZmNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4WjZd6XIBKuo+Bx3TDH6yABK4G+
TyswT6FirU5UuLCI1M28m6dmz4keVbIqwsxSrZqXVz1UlT9GMeYZNQiHSEefZYur
wKS2Fpppnh8DatfHxJgGwvzDPSUnqpOupFkXJmu3HROoPTy5QTfIjbjdQzWgutAp
gQAW7v3D+hG/kM2wREumqxviyjJUaNGcC7fzix7T9ZGF0UbYTDIBsxUoEdjTJyvd
Arhi9KwtudVoc/PvwzIYOZpeatEgVa9mPavmDnXO5YO4d0Z2Jkg/WJ4PLjn8ILuR
8DQHGVrI7+Pw8vDJBYuKXpCztRnVPYar9GUt5K+SQwFzvty108faflnAswIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFP5HcuhnA8BpzfDt32fALxshz/XgMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvX2tkeTZHY0R3R25OOE8zZlo4QXZHeUhQOWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBAjhwAwQA
BbeAAwQATVNfAwQAXHeAAwQAXHeCMAwDBADCqaEDBADCqaIwDQYJKoZIhvcNAQEL
BQADggEBAKLjK3wWSUR0nt1GlrhMemcxDtntAGwRBDfXKVG6Fj+Z815TTYRO61CG
r7ZUkj0d/dEEGkGpVQVbjVq2/GQl/L7vvq8DwpgOduJLzs1YgdGYbL9Qi5mC1KoK
ikKjslu2bdig73n1j2burksN9PlOIpJmatKaJToFaEWLnMY9j1GFbIkoEP2ISNj8
36d6P4tuK0LE1Ypn3T7Qck0NC+CsHrzqPFPouuaYmzK2q3olCRSfB/Ge/+xBRMHy
PkoU+9+AL/l8FcrShQPSCKb4/C0ACsg9IGx4l1816vZ47W3ysdY3z0cv2pKNNbDD
hyIyihzB3TEvUxCGiMAjLrd7KD8Dw5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org