Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/cSIWWeUB2WEI3CduJcBwsLabI9Y.roa
File: cSIWWeUB2WEI3CduJcBwsLabI9Y.roa (raw, json)
Hash identifier: 7Ihfotu3IkgqKha1G4Bk4sR+FIMbGwdCWHTm4WYMXcw=
Subject key identifier: 71:22:16:59:E5:01:D9:61:08:DC:27:6E:25:C0:70:B0:B6:9B:23:D6
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018CC86FC24588A76579860578904A066406
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/cSIWWeUB2WEI3CduJcBwsLabI9Y.roa
Signing time: Tue 02 Jan 2024 04:30:16 +0000
ROA not before: Tue 02 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 92.119.192.0/24 maxlen: 24
45.159.85.0/24 maxlen: 24
193.32.164.0/24 maxlen: 24
193.32.166.0/24 maxlen: 24
193.32.165.0/24 maxlen: 24
45.142.37.0/24 maxlen: 24
45.129.130.0/24 maxlen: 24
45.129.129.0/24 maxlen: 24
45.129.131.0/24 maxlen: 24
193.32.167.0/24 maxlen: 24
193.36.231.0/24 maxlen: 24
176.222.58.0/24 maxlen: 24
45.138.4.0/24 maxlen: 24
45.138.6.0/24 maxlen: 24
45.138.5.0/24 maxlen: 24
45.146.26.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c2:45:88:a7:65:79:86:05:78:90:4a:06:64:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 2 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71221659e501d96108dc276e25c070b0b69b23d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:02:61:32:95:b8:ec:95:2b:ca:2f:16:eb:b5:
e5:1c:1c:95:55:e5:c5:28:86:f7:7a:61:93:e4:88:
ca:23:a3:7c:00:f0:cb:ff:67:70:84:03:4e:16:29:
e3:72:80:bb:1e:95:a4:6a:f8:8b:e7:f4:d2:59:9d:
62:0e:75:af:64:da:22:2c:bd:45:e8:47:8a:90:26:
59:f5:34:da:1c:06:5a:68:a2:fe:e5:a4:57:64:a6:
77:1b:dd:14:01:d6:5b:0b:44:bd:44:80:ea:88:f7:
fb:5f:eb:80:12:1c:9b:9b:14:f4:92:0b:20:95:d4:
47:5f:f4:23:8e:87:13:07:ad:a7:ec:1e:f4:9d:66:
02:ff:e6:71:d6:53:04:44:e4:56:ca:1b:4d:3a:91:
ed:44:1e:18:04:27:a7:3e:b8:34:52:e3:9b:6f:6f:
19:9a:0b:7e:8a:3a:9a:52:e7:b8:42:0a:02:23:43:
50:0e:f0:f8:50:00:42:a5:0d:cb:b0:60:1b:27:40:
9c:d9:32:f1:e0:3a:d1:69:98:1b:8d:97:cf:dc:ed:
45:e1:08:c7:9c:4c:24:10:89:53:44:b6:0a:f4:e7:
5e:46:65:54:f8:f5:fd:7a:de:64:3e:d7:d3:19:39:
f6:2b:2a:8c:05:e4:63:03:fa:e2:dd:0d:99:28:6b:
3a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:22:16:59:E5:01:D9:61:08:DC:27:6E:25:C0:70:B0:B6:9B:23:D6
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/cSIWWeUB2WEI3CduJcBwsLabI9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.129.0-45.129.131.255
45.138.4.0-45.138.6.255
45.142.37.0/24
45.146.26.0/24
45.159.85.0/24
92.119.192.0/24
176.222.58.0/24
193.32.164.0/22
193.36.231.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4f:97:a4:47:f6:99:44:df:0c:16:8e:07:1e:5b:cc:50:7e:
33:30:cd:b7:09:c5:ad:56:37:2f:7f:3d:86:16:1c:c4:1d:b9:
29:26:2b:09:8f:22:c2:23:dc:21:16:bb:a4:d6:81:d4:a0:31:
c5:7d:fe:fa:ca:5d:ab:07:0c:99:3b:f2:52:0b:5c:5e:8d:c1:
5f:3f:f2:7c:5c:7a:ea:75:05:44:ae:9b:fe:ea:29:af:72:da:
d9:36:31:89:ca:6b:14:4d:12:c8:d8:96:95:6b:c3:22:7d:33:
9d:0d:dd:d9:a3:91:f6:20:b4:27:20:c0:65:59:f6:3d:d3:9c:
33:6a:f8:27:f9:62:1d:28:25:1d:60:21:64:8c:be:20:c1:f1:
78:ce:40:17:51:44:ce:6b:81:2b:23:89:05:fb:8c:78:71:86:
5e:1c:e8:b9:34:2c:99:00:94:64:87:b2:e0:13:74:d5:4f:b9:
fe:21:34:4b:a3:68:60:08:6b:38:3e:53:c9:57:74:17:a2:45:
46:9b:d4:c7:fd:d3:63:5f:3d:f4:b8:d3:e2:c4:18:7b:31:56:
b2:3b:5d:fa:33:c3:75:6a:74:cf:56:c7:0a:18:7c:5e:c1:ad:
c0:69:06:37:b8:13:3c:ca:cb:d3:2c:e9:14:50:83:20:ee:e1:
05:60:79:c9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzIb8JFiKdleYYFeJBKBmQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTAyMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTIyMTY1OWU1MDFkOTYxMDhkYzI3NmUyNWMwNzBiMGI2OWIyM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgJhMpW47JUryi8W67XlHByVVeXF
KIb3emGT5IjKI6N8APDL/2dwhANOFinjcoC7HpWkaviL5/TSWZ1iDnWvZNoiLL1F
6EeKkCZZ9TTaHAZaaKL+5aRXZKZ3G90UAdZbC0S9RIDqiPf7X+uAEhybmxT0kgsg
ldRHX/QjjocTB62n7B70nWYC/+Zx1lMERORWyhtNOpHtRB4YBCenPrg0UuObb28Z
mgt+ijqaUue4QgoCI0NQDvD4UABCpQ3LsGAbJ0Cc2TLx4DrRaZgbjZfP3O1F4QjH
nEwkEIlTRLYK9OdeRmVU+PX9et5kPtfTGTn2KyqMBeRjA/ri3Q2ZKGs6tQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHEiFlnlAdlhCNwnbiXAcLC2myPWMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvY1NJV1dlVUIyV0VJM0NkdUpjQndzTGFiSTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAAtgYED
BAItgYAwDAMEAi2KBAMEAC2KBgMEAC2OJQMEAC2SGgMEAC2fVQMEAFx3wAMEALDe
OgMEAsEgpAMEAMEk5zANBgkqhkiG9w0BAQsFAAOCAQEACk+XpEf2mUTfDBaOBx5b
zFB+MzDNtwnFrVY3L389hhYcxB25KSYrCY8iwiPcIRa7pNaB1KAxxX3++spdqwcM
mTvyUgtcXo3BXz/yfFx66nUFRK6b/uopr3La2TYxicprFE0SyNiWlWvDIn0znQ3d
2aOR9iC0JyDAZVn2PdOcM2r4J/liHSglHWAhZIy+IMHxeM5AF1FEzmuBKyOJBfuM
eHGGXhzouTQsmQCUZIey4BN01U+5/iE0S6NoYAhrOD5TyVd0F6JFRpvUx/3TY189
9LjT4sQYezFWsjtd+jPDdWp0z1bHChh8XsGtwGkGN7gTPMrL0yzpFFCDIO7hBWB5
yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org