Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5Im5kVLrpU-OSWmQlRwXb0Dzpq8.roa
File: 5Im5kVLrpU-OSWmQlRwXb0Dzpq8.roa (raw, json)
Hash identifier: jIHZvydcnxOwvLKLlaReTUZR7LAWNeiF++wEwa04g3s=
Subject key identifier: E4:89:B9:91:52:EB:A5:4F:8E:49:69:90:95:1C:17:6F:40:F3:A6:AF
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01899C9D39192CCEEC3DB83DC804030FBBDD
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5Im5kVLrpU-OSWmQlRwXb0Dzpq8.roa
Signing time: Fri 28 Jul 2023 13:08:16 +0000
ROA not before: Fri 28 Jul 2023 13:08:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 212.60.22.0/24 maxlen: 24
5.44.43.0/24 maxlen: 24
5.44.45.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
89.191.227.0/24 maxlen: 24
89.191.230.0/24 maxlen: 24
89.191.231.0/24 maxlen: 24
89.191.233.0/24 maxlen: 24
89.191.235.0/24 maxlen: 24
194.116.162.0/24 maxlen: 24
194.116.163.0/24 maxlen: 24
45.89.188.0/24 maxlen: 24
45.89.189.0/24 maxlen: 24
45.89.191.0/24 maxlen: 24
91.107.119.0/24 maxlen: 24
92.118.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:9d:39:19:2c:ce:ec:3d:b8:3d:c8:04:03:0f:bb:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 28 13:08:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e489b99152eba54f8e496990951c176f40f3a6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5e:ba:b3:be:fb:41:74:b3:b2:de:f0:27:e0:
a7:c9:9c:2f:22:90:f5:67:fb:4c:70:46:91:d0:a1:
b4:ab:d1:85:f2:14:77:97:0a:11:ab:f7:44:de:a3:
ba:2d:b2:f8:ec:a9:81:b2:f8:9e:39:db:85:43:d5:
07:1a:ab:b7:e2:41:8a:67:69:07:f6:44:3f:dc:ef:
78:e7:49:57:07:6b:44:d7:61:65:13:94:ef:a9:80:
e9:a4:44:f6:f4:e8:f7:a4:a9:43:12:9c:5c:c4:f9:
81:0e:04:b2:3d:a2:7b:aa:01:4e:10:ba:73:36:cd:
02:12:63:9b:31:bb:ba:cf:7a:f3:6e:bf:ca:5f:15:
89:93:a2:75:19:66:1d:1e:2f:1b:dd:fe:46:a3:0e:
71:2d:d0:e7:6e:f8:71:d0:4a:ae:c8:20:8c:b5:c2:
68:d0:c3:75:2d:d4:69:3c:79:48:9d:9f:74:f7:a0:
49:cc:4a:10:dd:14:61:64:02:56:d6:98:a5:ad:f5:
d7:18:eb:c3:a5:c6:bb:c9:2d:b2:ee:8c:26:37:48:
49:db:90:42:e2:94:6a:62:6c:0a:23:43:75:1f:9a:
5c:81:40:d7:fd:6b:52:65:5e:e2:14:4e:1b:58:08:
19:88:40:85:16:62:5b:5e:9f:99:4c:03:be:58:4a:
75:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:89:B9:91:52:EB:A5:4F:8E:49:69:90:95:1C:17:6F:40:F3:A6:AF
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5Im5kVLrpU-OSWmQlRwXb0Dzpq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.43.0/24
5.44.45.0/24
45.89.188.0/23
45.89.191.0/24
45.129.186.0/24
89.191.225.0/24
89.191.227.0/24
89.191.230.0/23
89.191.233.0/24
89.191.235.0/24
91.107.119.0/24
92.118.113.0/24
185.247.185.0/24
194.116.162.0/23
212.60.22.0/24
Signature Algorithm: sha256WithRSAEncryption
15:45:1c:f2:f5:f7:44:a5:00:0d:c0:98:45:23:2c:8c:9d:3b:
0e:78:5f:0b:b6:8a:ad:50:d9:89:e4:54:f5:43:db:d8:76:da:
94:14:df:8a:6b:4d:6e:16:fe:0f:31:58:c3:d0:9d:6f:6e:bd:
6c:6c:23:55:04:2e:5a:31:31:97:c8:e5:4f:45:89:e7:fd:f9:
50:87:cf:b4:70:a2:bd:7e:d1:9b:be:b6:69:f5:0d:ce:02:5e:
b6:a4:99:14:9b:fb:1e:1f:e8:64:dd:75:c9:bf:3b:0e:ba:63:
1f:6e:af:b5:7e:6e:80:70:51:0a:0a:bf:7f:22:ca:2e:dc:86:
29:53:2a:e3:cf:b8:a0:75:5e:ad:80:e2:18:82:90:fe:ca:02:
7d:9b:4c:ec:50:ef:b3:f0:e7:39:62:bb:56:ba:be:1f:df:2c:
a1:fc:cd:bb:4f:4e:a4:8f:b6:95:b1:69:5e:bb:49:5a:dd:be:
bb:87:89:60:c2:ea:c9:d4:2d:61:73:23:af:ed:94:e5:79:35:
0e:7a:cf:6c:6d:f3:62:90:77:72:22:ca:9a:ce:2d:54:24:48:
54:5b:af:01:03:10:7e:19:93:4a:3e:46:64:02:24:0c:6b:57:
65:30:45:78:fd:2f:a1:38:e0:c1:6d:79:82:2b:3a:55:88:6a:
31:66:d7:8b
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYmcnTkZLM7sPbg9yAQDD7vdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzI4MTMwODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDg5Yjk5MTUyZWJhNTRmOGU0OTY5OTA5NTFjMTc2ZjQwZjNhNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV66s777QXSzst7wJ+CnyZwvIpD1
Z/tMcEaR0KG0q9GF8hR3lwoRq/dE3qO6LbL47KmBsvieOduFQ9UHGqu34kGKZ2kH
9kQ/3O9450lXB2tE12FlE5TvqYDppET29Oj3pKlDEpxcxPmBDgSyPaJ7qgFOELpz
Ns0CEmObMbu6z3rzbr/KXxWJk6J1GWYdHi8b3f5Gow5xLdDnbvhx0EquyCCMtcJo
0MN1LdRpPHlInZ9096BJzEoQ3RRhZAJW1pilrfXXGOvDpca7yS2y7owmN0hJ25BC
4pRqYmwKI0N1H5pcgUDX/WtSZV7iFE4bWAgZiECFFmJbXp+ZTAO+WEp1PQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOSJuZFS66VPjklpkJUcF29A86avMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvNUltNWtWTHJwVS1PU1dtUWxSd1hiMER6cHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABSwrAwQA
BSwtAwQBLVm8AwQALVm/AwQALYG6AwQAWb/hAwQAWb/jAwQBWb/mAwQAWb/pAwQA
Wb/rAwQAW2t3AwQAXHZxAwQAufe5AwQBwnSiAwQA1DwWMA0GCSqGSIb3DQEBCwUA
A4IBAQAVRRzy9fdEpQANwJhFIyyMnTsOeF8LtoqtUNmJ5FT1Q9vYdtqUFN+Ka01u
Fv4PMVjD0J1vbr1sbCNVBC5aMTGXyOVPRYnn/flQh8+0cKK9ftGbvrZp9Q3OAl62
pJkUm/seH+hk3XXJvzsOumMfbq+1fm6AcFEKCr9/Isou3IYpUyrjz7igdV6tgOIY
gpD+ygJ9m0zsUO+z8Oc5YrtWur4f3yyh/M27T06kj7aVsWleu0la3b67h4lgwurJ
1C1hcyOv7ZTleTUOes9sbfNikHdyIsqazi1UJEhUW68BAxB+GZNKPkZkAiQMa1dl
MEV4/S+hOODBbXmCKzpViGoxZteL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org