Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/fGgb4Y8S0yciUWo7JWeeag2_Kvw.roa
File: fGgb4Y8S0yciUWo7JWeeag2_Kvw.roa (raw, json)
Hash identifier: X4rMVwnLZlghvMv+bDmJqiMo3eSj7dqbTHWFGjrpLDg=
Subject key identifier: 7C:68:1B:E1:8F:12:D3:27:22:51:6A:3B:25:67:9E:6A:0D:BF:2A:FC
Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial: 018969653163B2E4B89D6CAD9FA26A850270
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/fGgb4Y8S0yciUWo7JWeeag2_Kvw.roa
Signing time: Tue 18 Jul 2023 14:26:26 +0000
ROA not before: Tue 18 Jul 2023 14:26:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56694
IP address blocks: 94.198.50.0/23 maxlen: 24
185.9.144.0/22 maxlen: 24
188.127.224.0/20 maxlen: 24
94.198.52.0/22 maxlen: 24
188.127.240.0/21 maxlen: 24
188.127.248.0/22 maxlen: 24
188.127.253.0/24 maxlen: 24
188.127.254.0/23 maxlen: 24
185.130.248.0/22 maxlen: 24
152.89.216.0/22 maxlen: 24
2a06:dd00::/29 maxlen: 48
2a06:dd00::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:69:65:31:63:b2:e4:b8:9d:6c:ad:9f:a2:6a:85:02:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
Validity
Not Before: Jul 18 14:26:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c681be18f12d32722516a3b25679e6a0dbf2afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:71:8e:aa:a4:da:84:ad:63:86:13:7c:e7:09:
39:a4:b7:e9:d0:15:d3:87:2f:d1:1d:64:f1:b5:9f:
48:a1:80:34:34:7c:96:78:3b:71:76:99:6f:de:90:
36:a3:f7:14:94:ce:af:31:24:eb:b9:1b:c3:01:71:
57:62:6f:d3:6e:83:70:7c:6c:b4:cc:f5:92:e1:6f:
36:f7:cb:33:5d:73:d8:8a:1f:ef:78:cf:a6:64:bb:
7b:54:2e:8b:26:c9:d0:cf:a0:eb:d0:c1:3c:90:45:
21:46:3d:c8:c1:8b:24:65:06:97:23:f9:a2:3c:11:
19:3f:ed:8c:6d:f3:4b:48:f9:46:6a:6c:88:a4:d0:
fe:ac:7e:64:b9:38:83:2d:be:f0:af:1d:88:3d:4f:
ac:68:de:ed:aa:b0:64:12:c9:30:2f:b9:63:51:1d:
0d:70:1f:4c:74:4f:b0:d4:ea:2a:87:e4:b9:e2:a5:
19:00:42:16:df:61:72:46:4f:95:72:8f:b6:06:99:
1c:e3:a8:ba:d4:60:30:fe:4e:6b:fc:9d:17:85:1c:
7d:08:87:dc:ca:c8:0f:66:91:ed:41:b1:57:97:01:
d9:bd:1e:b9:cb:29:23:7e:9e:c4:d6:9e:96:3d:5a:
6f:63:5c:c8:68:0d:a9:56:b3:88:6d:8d:c1:41:c5:
9e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:68:1B:E1:8F:12:D3:27:22:51:6A:3B:25:67:9E:6A:0D:BF:2A:FC
X509v3 Authority Key Identifier:
keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/fGgb4Y8S0yciUWo7JWeeag2_Kvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.50.0-94.198.55.255
152.89.216.0/22
185.9.144.0/22
185.130.248.0/22
188.127.224.0-188.127.251.255
188.127.253.0-188.127.255.255
IPv6:
2a06:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
00:07:97:1e:fd:fa:f7:90:5e:11:38:b4:7d:e2:83:fd:6c:27:
57:5b:af:20:f1:b8:0d:82:26:4f:0d:99:cf:27:ac:c0:6a:38:
ee:15:c5:64:b3:e1:da:47:33:16:6e:54:73:e4:e0:6f:76:80:
76:ad:94:f4:74:6d:64:0c:fb:f1:07:92:a9:93:10:4a:52:ec:
39:a4:7e:61:2d:b9:79:ab:51:bc:1a:1c:43:ae:82:81:e3:fa:
24:4a:0e:44:e1:f2:86:6b:1a:75:a0:2f:b9:9c:85:3b:86:e9:
d8:51:4b:0c:83:de:e7:41:1c:14:b0:53:3c:d2:59:87:5b:a8:
6a:5d:b8:f1:0d:c3:10:de:1e:3a:17:98:8d:da:2c:0e:93:47:
fd:7b:40:c8:62:cd:50:b5:9f:3a:5e:00:a4:e6:ff:15:4f:b1:
e2:73:b1:52:2e:65:f1:4b:b1:72:c0:e4:97:0a:6f:3a:5b:5d:
ec:71:5a:86:f8:22:ca:80:ee:de:6d:6a:c4:75:18:da:c3:d4:
11:41:ae:d9:8f:70:83:0b:34:2e:eb:5b:e3:2c:40:1f:27:cb:
d5:49:a3:6a:61:b3:e0:56:26:ac:d5:e8:d0:5b:2e:20:bd:1e:
8f:95:1b:f4:61:db:7e:91:de:e9:7b:16:f7:d3:73:5d:b9:da:
64:58:11:0b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYlpZTFjsuS4nWytn6JqhQJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDVi
MzJjZjIwHhcNMjMwNzE4MTQyNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzY4MWJlMThmMTJkMzI3MjI1MTZhM2IyNTY3OWU2YTBkYmYyYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XGOqqTahK1jhhN85wk5pLfp0BXT
hy/RHWTxtZ9IoYA0NHyWeDtxdplv3pA2o/cUlM6vMSTruRvDAXFXYm/TboNwfGy0
zPWS4W8298szXXPYih/veM+mZLt7VC6LJsnQz6Dr0ME8kEUhRj3IwYskZQaXI/mi
PBEZP+2MbfNLSPlGamyIpND+rH5kuTiDLb7wrx2IPU+saN7tqrBkEskwL7ljUR0N
cB9MdE+w1Ooqh+S54qUZAEIW32FyRk+Vco+2Bpkc46i61GAw/k5r/J0XhRx9CIfc
ysgPZpHtQbFXlwHZvR65yykjfp7E1p6WPVpvY1zIaA2pVrOIbY3BQcWeDwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHxoG+GPEtMnIlFqOyVnnmoNvyr8MB8GA1UdIwQY
MBaAFNViDOxwl00DfXdpdYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTkt
YmU0MzRjYjlmOGY4LzEvZkdnYjRZOFMweWNpVVdvN0pXZWVhZzJfS3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4
LzEvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7MAwDBAFexjID
BANexjADBAKYWdgDBAK5CZADBAK5gvgwDAMEBbx/4AMEArx/+DALAwQAvH/9AwMH
vAAwDQQCAAIwBwMFAyoG3QAwDQYJKoZIhvcNAQELBQADggEBAAAHlx79+veQXhE4
tH3ig/1sJ1dbryDxuA2CJk8Nmc8nrMBqOO4VxWSz4dpHMxZuVHPk4G92gHatlPR0
bWQM+/EHkqmTEEpS7DmkfmEtuXmrUbwaHEOugoHj+iRKDkTh8oZrGnWgL7mchTuG
6dhRSwyD3udBHBSwUzzSWYdbqGpduPENwxDeHjoXmI3aLA6TR/17QMhizVC1nzpe
AKTm/xVPseJzsVIuZfFLsXLA5JcKbzpbXexxWob4IsqA7t5tasR1GNrD1BFBrtmP
cIMLNC7rW+MsQB8ny9VJo2phs+BWJqzV6NBbLiC9Ho+VG/Rh236R3ul7FvfTc125
2mRYEQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:35 2024 by rpki-client on console-fra.rpki-client.org