Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EePWvanRGJkalxpyXagmqRGx3Ds.roa
File: EePWvanRGJkalxpyXagmqRGx3Ds.roa (raw, json)
Hash identifier: FkUTOdC9WzwWkryDzPa4F8F7kDi/22A3zBFQCAWL9vo=
Subject key identifier: 11:E3:D6:BD:A9:D1:18:99:1A:97:1A:72:5D:A8:26:A9:11:B1:DC:3B
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0185A514D6460738EA882116AA5D08618515
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EePWvanRGJkalxpyXagmqRGx3Ds.roa
Signing time: Thu 12 Jan 2023 08:24:44 +0000
ROA not before: Thu 12 Jan 2023 08:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 194.5.92.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
45.66.116.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
92.118.114.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:14:d6:46:07:38:ea:88:21:16:aa:5d:08:61:85:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 12 08:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11e3d6bda9d118991a971a725da826a911b1dc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:57:de:55:1d:73:71:1f:af:a5:bf:b0:31:82:
b8:45:c3:a2:bb:a0:6c:b4:1b:0f:cd:b8:7c:77:30:
54:04:94:35:ff:fd:37:dc:01:dc:ea:84:00:dc:6f:
46:2d:d2:b5:c9:c8:dc:0f:44:9d:29:3b:a8:d4:95:
a8:de:ed:9d:91:ac:07:7a:34:7d:31:68:0d:7e:e1:
1d:97:7c:ef:7e:20:68:81:ed:dd:94:43:37:38:93:
85:3c:ed:f7:59:49:2b:55:11:c2:26:82:00:e0:b7:
b7:91:bc:d6:60:6b:1a:b9:e8:1a:dc:45:6e:43:21:
3e:e1:e1:9f:6f:42:fc:eb:f3:4e:72:3c:75:9e:dd:
9c:2e:c8:16:80:c3:75:1c:9b:e3:33:c5:fe:c5:8a:
b7:6a:4d:65:14:c2:d1:57:b1:0d:31:5a:ea:4b:d9:
b5:6e:26:c5:2a:02:53:df:22:98:16:db:b4:c4:71:
49:c4:c9:b1:d0:ac:28:7a:88:c9:3a:9b:94:80:59:
90:98:2e:df:c9:31:a2:15:7b:97:1c:32:24:67:9e:
3b:71:72:cc:17:a0:e2:50:5f:73:a2:94:46:e1:f6:
6c:1d:0d:86:87:23:4a:27:a4:c9:d1:71:e3:92:cd:
37:e5:92:9e:a7:58:e7:ca:ec:cf:c1:95:f5:5b:52:
75:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E3:D6:BD:A9:D1:18:99:1A:97:1A:72:5D:A8:26:A9:11:B1:DC:3B
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EePWvanRGJkalxpyXagmqRGx3Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
45.66.116.0/24
91.200.84.0/24
92.118.114.0/23
194.5.92.0/24
Signature Algorithm: sha256WithRSAEncryption
72:c1:26:44:a2:d9:6c:bf:25:35:d6:f8:56:e0:d2:33:4d:4a:
5c:f0:72:62:d1:fa:94:32:1e:a8:00:73:c1:f9:10:99:a3:b1:
88:f0:c2:db:84:19:4f:c8:9a:63:0c:1b:37:80:89:17:77:69:
27:6b:3f:85:da:1d:62:92:fa:51:75:e1:50:16:e9:0d:d3:02:
2d:0a:90:0d:0a:65:60:d6:18:09:ef:13:9b:f4:19:b6:3a:57:
3f:d8:16:67:d8:62:c3:15:30:a5:d3:a5:15:1b:fe:90:0f:ea:
6e:f5:3a:97:1f:7f:d4:b0:fe:6b:f9:74:3d:4b:73:e0:cc:fe:
93:00:35:18:cd:bf:30:41:12:a4:30:67:f5:a9:61:6a:cd:be:
53:16:4e:20:f6:b2:2b:6f:04:78:7e:a9:68:ea:d4:f0:79:96:
7a:92:f1:ce:3d:fb:87:4f:03:56:be:47:fc:88:b1:76:7e:bd:
68:2f:5e:fa:56:fb:9f:08:a4:95:dc:92:84:72:d8:d7:a2:a9:
91:33:01:17:15:78:60:0e:43:a4:a6:07:48:a0:95:26:f2:57:
01:fc:ab:4d:93:12:aa:21:6b:1d:9c:10:42:f5:55:11:32:8d:
80:2b:5d:57:31:a4:f7:a6:6b:21:98:89:e5:96:56:5e:68:cf:
a6:85:9b:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYWlFNZGBzjqiCEWql0IYYUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTEyMDgyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWUzZDZiZGE5ZDExODk5MWE5NzFhNzI1ZGE4MjZhOTExYjFkYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFfeVR1zcR+vpb+wMYK4RcOiu6Bs
tBsPzbh8dzBUBJQ1//033AHc6oQA3G9GLdK1ycjcD0SdKTuo1JWo3u2dkawHejR9
MWgNfuEdl3zvfiBoge3dlEM3OJOFPO33WUkrVRHCJoIA4Le3kbzWYGsauega3EVu
QyE+4eGfb0L86/NOcjx1nt2cLsgWgMN1HJvjM8X+xYq3ak1lFMLRV7ENMVrqS9m1
bibFKgJT3yKYFtu0xHFJxMmx0KwoeojJOpuUgFmQmC7fyTGiFXuXHDIkZ547cXLM
F6DiUF9zopRG4fZsHQ2GhyNKJ6TJ0XHjks035ZKep1jnyuzPwZX1W1J1KQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBHj1r2p0RiZGpcacl2oJqkRsdw7MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRWVQV3ZhblJHSmthbHhweVhhZ21xUkd4M0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABSwsAwQA
LUJ0AwQAW8hUAwQBXHZyAwQAwgVcMA0GCSqGSIb3DQEBCwUAA4IBAQBywSZEotls
vyU11vhW4NIzTUpc8HJi0fqUMh6oAHPB+RCZo7GI8MLbhBlPyJpjDBs3gIkXd2kn
az+F2h1ikvpRdeFQFukN0wItCpANCmVg1hgJ7xOb9Bm2Olc/2BZn2GLDFTCl06UV
G/6QD+pu9TqXH3/UsP5r+XQ9S3PgzP6TADUYzb8wQRKkMGf1qWFqzb5TFk4g9rIr
bwR4fqlo6tTweZZ6kvHOPfuHTwNWvkf8iLF2fr1oL176VvufCKSV3JKEctjXoqmR
MwEXFXhgDkOkpgdIoJUm8lcB/KtNkxKqIWsdnBBC9VURMo2AK11XMaT3pmshmInl
llZeaM+mhZte
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org