Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_rwQyT39nicin718fKX5Y-MJXnY.roa
File: _rwQyT39nicin718fKX5Y-MJXnY.roa (raw, json)
Hash identifier: tHKvrTR9IQm3+bglqXs/NIoeiGfI8ge5v/OE3iqKra0=
Subject key identifier: FE:BC:10:C9:3D:FD:9E:27:22:9F:BD:7C:7C:A5:F9:63:E3:09:5E:76
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018CC86FBDCF93098FC20BF4A8193A70576B
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_rwQyT39nicin718fKX5Y-MJXnY.roa
Signing time: Tue 02 Jan 2024 04:30:15 +0000
ROA not before: Tue 02 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 5.183.129.0/24 maxlen: 24
194.32.239.0/24 maxlen: 24
194.32.238.0/24 maxlen: 24
45.14.222.0/24 maxlen: 24
91.188.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:bd:cf:93:09:8f:c2:0b:f4:a8:19:3a:70:57:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 2 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=febc10c93dfd9e27229fbd7c7ca5f963e3095e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:40:57:74:92:27:c5:b1:7c:bd:45:7b:1c:62:
cb:1b:10:b1:dc:de:84:8c:a4:f1:7c:30:59:9b:3b:
7b:5e:8a:a2:9b:34:cc:1d:35:1b:54:a5:0e:7c:9e:
bc:96:29:21:79:aa:60:5b:b8:b9:e9:4b:6b:bf:eb:
ca:d4:f3:7f:2e:88:35:76:30:8e:ea:1e:64:6b:e6:
c1:4a:ce:8b:55:a3:c6:7c:2d:ba:94:0f:e0:b1:e1:
d0:b2:7f:2c:a8:47:db:18:a2:fb:00:b4:aa:30:21:
22:f8:fe:9f:28:71:b8:a5:e9:b7:c1:b0:ab:cf:6e:
a7:cd:3a:09:0b:65:0c:2c:89:ad:0e:c4:c5:82:94:
00:5b:bf:65:e1:52:54:45:20:b3:7d:c9:6c:88:e9:
98:c2:37:06:44:d2:f4:f0:b6:e1:24:6d:07:91:eb:
8b:ec:a0:67:44:79:11:dd:6a:4b:97:0e:f8:1b:5b:
dd:9b:1d:fc:29:12:18:1b:0b:bb:55:37:06:10:00:
58:8c:28:c7:2e:25:4b:d7:76:b8:3a:25:a8:e3:d1:
b5:5c:bf:01:ca:06:61:4f:c8:72:f2:f7:d6:b0:ee:
8b:93:b5:19:b4:75:19:36:21:84:6e:ad:72:02:c6:
00:f5:99:92:c7:4e:14:9f:df:40:7f:de:87:a9:79:
53:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:BC:10:C9:3D:FD:9E:27:22:9F:BD:7C:7C:A5:F9:63:E3:09:5E:76
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_rwQyT39nicin718fKX5Y-MJXnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.129.0/24
45.14.222.0/24
91.188.212.0/22
194.32.238.0/23
Signature Algorithm: sha256WithRSAEncryption
73:f5:02:a6:b2:5b:80:a5:b8:e2:29:7c:98:d4:94:a2:38:46:
bd:ba:5f:75:2c:7e:e9:a5:0a:81:33:a5:4b:9a:fd:0a:ce:c4:
a4:ac:68:f2:86:d4:67:c9:51:8a:7d:b7:6d:af:c6:78:8b:ee:
fc:d0:9e:cc:5d:e7:f0:32:22:ff:66:c7:28:63:3d:ca:2c:56:
84:48:17:cc:77:b0:3f:27:9a:24:1a:e5:8d:9b:cc:54:a7:d8:
00:9b:bc:94:da:a4:44:59:b4:f1:7b:19:ad:03:c8:ae:a0:67:
a8:32:db:3d:25:35:12:6f:56:0d:b1:43:1d:3a:ca:ce:de:5c:
5b:20:be:74:da:bb:d3:65:ce:86:b2:96:c6:c3:73:83:9b:99:
4c:bd:6b:53:36:00:f8:97:58:a2:f1:f8:ca:2e:4b:0c:d2:ad:
26:b6:d9:d1:e8:27:b7:d6:f5:fc:a8:ac:ac:79:8f:f8:af:94:
5e:a2:27:f3:b7:2d:8a:ed:16:be:ad:24:87:09:27:e6:d6:b0:
60:3d:95:6e:cb:e5:05:4e:c9:d1:40:4b:2d:07:df:54:4d:05:
10:68:50:72:eb:37:18:9c:7f:b8:0c:0d:10:ec:0f:fc:77:8b:
4d:3c:0b:84:9b:bc:db:ca:e2:3f:95:87:71:8b:37:7f:83:e4:
ff:3d:f9:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb73PkwmPwgv0qBk6cFdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTAyMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWJjMTBjOTNkZmQ5ZTI3MjI5ZmJkN2M3Y2E1Zjk2M2UzMDk1ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEBXdJInxbF8vUV7HGLLGxCx3N6E
jKTxfDBZmzt7XoqimzTMHTUbVKUOfJ68likheapgW7i56Utrv+vK1PN/Log1djCO
6h5ka+bBSs6LVaPGfC26lA/gseHQsn8sqEfbGKL7ALSqMCEi+P6fKHG4pem3wbCr
z26nzToJC2UMLImtDsTFgpQAW79l4VJURSCzfclsiOmYwjcGRNL08LbhJG0HkeuL
7KBnRHkR3WpLlw74G1vdmx38KRIYGwu7VTcGEABYjCjHLiVL13a4OiWo49G1XL8B
ygZhT8hy8vfWsO6Lk7UZtHUZNiGEbq1yAsYA9ZmSx04Un99Af96HqXlTRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP68EMk9/Z4nIp+9fHyl+WPjCV52MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvX3J3UXlUMzluaWNpbjcxOGZLWDVZLU1KWG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbeBAwQA
LQ7eAwQCW7zUAwQBwiDuMA0GCSqGSIb3DQEBCwUAA4IBAQBz9QKmsluApbjiKXyY
1JSiOEa9ul91LH7ppQqBM6VLmv0KzsSkrGjyhtRnyVGKfbdtr8Z4i+780J7MXefw
MiL/ZscoYz3KLFaESBfMd7A/J5okGuWNm8xUp9gAm7yU2qREWbTxexmtA8iuoGeo
Mts9JTUSb1YNsUMdOsrO3lxbIL502rvTZc6GspbGw3ODm5lMvWtTNgD4l1ii8fjK
LksM0q0mttnR6Ce31vX8qKyseY/4r5Reoifzty2K7Ra+rSSHCSfm1rBgPZVuy+UF
TsnRQEstB99UTQUQaFBy6zcYnH+4DA0Q7A/8d4tNPAuEm7zbyuI/lYdxizd/g+T/
Pflx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org