Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/pSOoH-5dWbXBN8lxfSrecRqbc10.roa
File: pSOoH-5dWbXBN8lxfSrecRqbc10.roa (raw, json)
Hash identifier: HEu3nVHtLjBIREyq/E7dvq63d6Dfiupg/7ihfHCPQP0=
Subject key identifier: A5:23:A8:1F:EE:5D:59:B5:C1:37:C9:71:7D:2A:DE:71:1A:9B:73:5D
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 06557F43
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/pSOoH-5dWbXBN8lxfSrecRqbc10.roa
Signing time: Sun 20 Mar 2022 10:58:57 +0000
ROA not before: Sun 20 Mar 2022 10:58:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62164
IP address blocks: 45.11.88.0/23 maxlen: 24
185.149.233.0/24 maxlen: 24
185.149.234.0/23 maxlen: 23
193.39.184.0/24 maxlen: 24
5.181.164.0/23 maxlen: 23
185.202.174.0/24 maxlen: 24
2a0a:1f46::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106266435 (0x6557f43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Mar 20 10:58:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a523a81fee5d59b5c137c9717d2ade711a9b735d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:29:f9:fe:68:bd:ac:d6:41:11:33:ad:a2:00:
6e:9b:c2:65:40:06:7a:bb:4b:74:0a:9d:e6:9d:8b:
81:02:73:63:26:43:16:6c:f5:eb:a7:6e:38:1a:3d:
4d:63:3e:17:5a:ad:ed:f3:1b:9c:85:56:d9:38:52:
e6:c2:32:34:17:66:22:55:71:6a:5c:13:a7:51:6c:
5e:63:ac:73:9e:6a:12:d7:d4:94:88:d7:e1:bd:e7:
32:5b:60:9b:66:94:ef:ae:c9:4a:2c:2f:ec:82:9a:
d9:6a:3c:57:0c:18:90:00:25:72:17:0f:04:32:32:
c5:f6:fc:fe:65:91:5f:b9:42:a6:29:ab:36:57:54:
de:67:b5:7a:da:fb:16:be:b5:46:6c:6c:5b:1b:74:
bb:58:11:3c:ec:0f:ea:e6:28:38:0f:3a:4e:90:8e:
cc:62:67:f9:18:0c:53:26:df:af:32:09:f4:0d:ac:
26:76:85:a5:53:98:5f:0f:4b:3d:85:5c:8e:44:6d:
01:04:64:9b:3f:19:9c:a1:c7:57:dc:f2:70:6b:8a:
d6:99:ee:8a:e1:a1:db:df:07:d3:55:22:88:5e:00:
17:39:c5:65:fd:a7:82:a9:de:5c:04:2c:bc:c3:a4:
a1:a8:da:1f:81:a1:8f:ce:31:a8:c6:18:95:81:5c:
5f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:23:A8:1F:EE:5D:59:B5:C1:37:C9:71:7D:2A:DE:71:1A:9B:73:5D
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/pSOoH-5dWbXBN8lxfSrecRqbc10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.164.0/23
45.11.88.0/23
185.149.233.0-185.149.235.255
185.202.174.0/24
193.39.184.0/24
IPv6:
2a0a:1f46::/32
Signature Algorithm: sha256WithRSAEncryption
2e:42:7a:38:2f:3f:79:01:49:44:f6:7c:97:a2:fb:f1:db:fb:
30:68:f8:5f:66:16:d4:d3:c3:a9:1b:e2:85:4d:07:e8:91:04:
b4:ef:25:4b:ae:04:2b:e8:f8:bc:aa:11:9f:78:dc:b4:53:cd:
d0:83:d7:73:fa:dd:ef:8a:d7:56:37:c7:02:38:74:0f:75:d6:
5f:d1:a5:a0:e5:e2:56:b5:0a:80:a9:31:6c:59:1f:65:24:a5:
65:c2:04:de:be:7e:3e:a1:35:54:a6:dd:e4:3e:09:69:3e:29:
78:e6:e7:49:d5:ac:0f:d1:f8:5c:eb:18:2e:31:0a:db:84:36:
ae:8f:72:73:0b:ca:e3:fc:1e:d7:82:d2:99:ae:fa:fb:11:ca:
7a:85:4a:70:d0:f2:9a:d5:da:63:27:d1:8e:1e:59:1e:9f:f7:
43:13:65:06:41:fd:11:f0:c0:0d:76:22:c2:63:1d:65:e5:09:
f1:d3:e0:9b:aa:a1:a6:00:ec:ad:1f:f2:db:c0:a1:de:44:fa:
a9:7c:8b:79:4f:00:30:05:73:95:ba:9c:e8:4c:69:2c:10:fb:
29:72:c9:d9:43:3b:30:53:91:37:65:7c:a3:7b:e2:6a:ea:bf:
53:41:8f:ea:cf:8c:b1:89:00:65:8e:10:4e:d1:f5:b0:5d:5f:
59:9d:20:78
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEBlV/QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWM4YjczYWI3YmRlYjc2ZmY0OGIyY2EwOTk2MTZlZGJlNzFjNDI2MB4XDTIyMDMy
MDEwNTg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUyM2E4MWZlZTVk
NTliNWMxMzdjOTcxN2QyYWRlNzExYTliNzM1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOMp+f5ovazWQREzraIAbpvCZUAGertLdAqd5p2LgQJzYyZD
Fmz166duOBo9TWM+F1qt7fMbnIVW2ThS5sIyNBdmIlVxalwTp1FsXmOsc55qEtfU
lIjX4b3nMltgm2aU767JSiwv7IKa2Wo8VwwYkAAlchcPBDIyxfb8/mWRX7lCpimr
NldU3me1etr7Fr61RmxsWxt0u1gRPOwP6uYoOA86TpCOzGJn+RgMUybfrzIJ9A2s
JnaFpVOYXw9LPYVcjkRtAQRkmz8ZnKHHV9zycGuK1pnuiuGh298H01UiiF4AFznF
Zf2ngqneXAQsvMOkoajaH4Ghj84xqMYYlYFcX90CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBSlI6gf7l1ZtcE3yXF9Kt5xGptzXTAfBgNVHSMEGDAWgBSByLc6t73rdv9I
ssoJlhbtvnHEJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8x
L3BTT29ILTVkV2JYQk44bHhmU3JlY1JxYmMxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8xL2djaTNPcmU5NjNi
X1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAQW1pAMEAS0LWDAMAwQAuZXpAwQC
uZXoAwQAucquAwQAwSe4MA0EAgACMAcDBQAqCh9GMA0GCSqGSIb3DQEBCwUAA4IB
AQAuQno4Lz95AUlE9nyXovvx2/swaPhfZhbU08OpG+KFTQfokQS07yVLrgQr6Pi8
qhGfeNy0U83Qg9dz+t3vitdWN8cCOHQPddZf0aWg5eJWtQqAqTFsWR9lJKVlwgTe
vn4+oTVUpt3kPglpPil45udJ1awP0fhc6xguMQrbhDauj3JzC8rj/B7XgtKZrvr7
Ecp6hUpw0PKa1dpjJ9GOHlken/dDE2UGQf0R8MANdiLCYx1l5Qnx0+CbqqGmAOyt
H/LbwKHeRPqpfIt5TwAwBXOVupzoTGksEPspcsnZQzswU5E3ZXyje+Jq6r9TQY/q
z4yxiQBljhBO0fWwXV9ZnSB4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org