Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/lAXyIRoH7Sz3Wi_MPu6IT3inSPQ.roa
File: lAXyIRoH7Sz3Wi_MPu6IT3inSPQ.roa (raw, json)
Hash identifier: p12TDp5tMCIAQIaONgaK94P+4gYm/hnG/a37FKAjj50=
Subject key identifier: 94:05:F2:21:1A:07:ED:2C:F7:5A:2F:CC:3E:EE:88:4F:78:A7:48:F4
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0181F46C588BD310F930D61733A4F9C70744
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/lAXyIRoH7Sz3Wi_MPu6IT3inSPQ.roa
Signing time: Tue 12 Jul 2022 21:59:10 +0000
ROA not before: Tue 12 Jul 2022 21:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 2.59.51.0/24 maxlen: 24
92.119.130.0/24 maxlen: 24
92.119.128.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
194.169.162.0/24 maxlen: 24
194.169.161.0/24 maxlen: 24
2.56.112.0/24 maxlen: 24
77.83.95.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:6c:58:8b:d3:10:f9:30:d6:17:33:a4:f9:c7:07:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 12 21:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9405f2211a07ed2cf75a2fcc3eee884f78a748f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b0:30:34:b9:53:2d:ee:64:fe:d0:c8:e2:0c:
7b:3e:d8:c4:26:62:6a:78:0a:b8:59:86:dd:48:b9:
17:ff:06:f3:62:cd:d2:1b:69:ca:55:c9:ac:a9:6d:
c1:20:ad:a5:28:44:78:31:06:a7:60:94:94:49:88:
a3:f7:d4:d7:d8:67:35:f0:18:c7:0b:8f:be:4d:69:
05:60:17:ef:e2:3c:b9:06:df:65:b8:dd:98:10:f1:
68:a6:a9:31:2a:6c:21:bf:61:72:66:6f:81:b0:c7:
47:d0:0c:a5:31:46:cc:55:dd:ad:8a:3a:fe:63:6a:
aa:73:b1:48:4f:96:ac:08:f5:9d:7a:43:dd:6d:aa:
47:3f:4f:ea:4f:68:2c:95:06:a0:96:b2:76:cc:8e:
be:49:43:dc:ae:3d:67:ec:64:c7:82:6d:80:fe:68:
1e:cb:7a:44:5d:91:2d:22:6e:19:31:8f:d6:57:4b:
71:04:e7:3d:58:2a:b7:b8:85:6f:6e:28:c2:fc:1d:
21:e4:0f:ac:d9:07:3d:66:12:61:96:68:45:9f:da:
08:8b:f7:05:95:9d:77:e3:3b:07:c4:1b:fe:eb:03:
ec:7f:9f:b0:7c:a1:63:ba:cb:e6:cd:d0:a0:fc:e0:
43:1a:94:d8:c5:d3:f5:04:be:40:46:c0:3b:07:8c:
b5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:05:F2:21:1A:07:ED:2C:F7:5A:2F:CC:3E:EE:88:4F:78:A7:48:F4
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/lAXyIRoH7Sz3Wi_MPu6IT3inSPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
2.59.51.0/24
5.183.128.0/24
45.14.220.0/24
77.83.95.0/24
92.119.128.0/24
92.119.130.0/24
194.169.161.0-194.169.162.255
Signature Algorithm: sha256WithRSAEncryption
a7:09:71:4c:96:d6:df:01:b8:29:4f:9e:3e:2f:e6:03:e4:ee:
4e:4d:15:1b:9c:42:fa:71:ba:f9:7c:f4:f2:86:e3:d8:53:4f:
bd:3f:dc:da:14:96:51:16:29:08:2d:88:40:ba:4e:9a:3c:eb:
dd:8e:0c:d0:4c:18:7d:aa:86:c3:d4:0a:23:95:f5:0d:c3:76:
2a:32:97:f8:c9:2b:a4:6b:8a:7a:7f:02:51:d9:86:c2:b5:a5:
e9:fa:ee:2c:93:51:48:46:dd:17:44:bc:b0:56:09:53:0f:0e:
36:3b:27:ec:26:07:82:65:da:a5:74:ea:90:3a:5b:ad:84:88:
87:f7:8b:6c:01:7a:ad:ee:fb:66:6a:07:7f:d2:b0:ab:0e:eb:
1a:e7:ec:ea:26:14:6a:c3:84:7b:cf:7a:db:d4:20:76:f4:20:
35:ac:32:62:e9:fd:df:94:86:f2:a2:c3:1e:e4:34:67:f5:8d:
d2:44:31:e3:bf:f4:f1:a0:56:36:60:7f:d6:d0:21:45:94:ee:
8a:f7:57:20:4b:7c:a3:b8:7a:da:ad:49:47:97:42:77:d4:41:
2b:11:06:0a:01:9e:97:53:b0:b6:39:a8:de:60:03:e6:1b:82:
06:cc:63:0d:51:89:b7:7a:04:22:a2:7d:bd:72:aa:e0:2c:fe:
af:34:12:47
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYH0bFiL0xD5MNYXM6T5xwdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwNzEyMjE1OTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA1ZjIyMTFhMDdlZDJjZjc1YTJmY2MzZWVlODg0Zjc4YTc0OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbAwNLlTLe5k/tDI4gx7PtjEJmJq
eAq4WYbdSLkX/wbzYs3SG2nKVcmsqW3BIK2lKER4MQanYJSUSYij99TX2Gc18BjH
C4++TWkFYBfv4jy5Bt9luN2YEPFopqkxKmwhv2FyZm+BsMdH0AylMUbMVd2tijr+
Y2qqc7FIT5asCPWdekPdbapHP0/qT2gslQaglrJ2zI6+SUPcrj1n7GTHgm2A/mge
y3pEXZEtIm4ZMY/WV0txBOc9WCq3uIVvbijC/B0h5A+s2Qc9ZhJhlmhFn9oIi/cF
lZ134zsHxBv+6wPsf5+wfKFjusvmzdCg/OBDGpTYxdP1BL5ARsA7B4y1hwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJQF8iEaB+0s91ovzD7uiE94p0j0MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvbEFYeUlSb0g3U3ozV2lfTVB1NklUM2luU1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBAjhwAwQA
AjszAwQABbeAAwQALQ7cAwQATVNfAwQAXHeAAwQAXHeCMAwDBADCqaEDBADCqaIw
DQYJKoZIhvcNAQELBQADggEBAKcJcUyW1t8BuClPnj4v5gPk7k5NFRucQvpxuvl8
9PKG49hTT70/3NoUllEWKQgtiEC6Tpo8692ODNBMGH2qhsPUCiOV9Q3Ddioyl/jJ
K6Rrinp/AlHZhsK1pen67iyTUUhG3RdEvLBWCVMPDjY7J+wmB4Jl2qV06pA6W62E
iIf3i2wBeq3u+2ZqB3/SsKsO6xrn7OomFGrDhHvPetvUIHb0IDWsMmLp/d+UhvKi
wx7kNGf1jdJEMeO/9PGgVjZgf9bQIUWU7or3VyBLfKO4etqtSUeXQnfUQSsRBgoB
npdTsLY5qN5gA+YbggbMYw1Ribd6BCKifb1yquAs/q80Ekc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org