Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/OQjp-luokqHlJkmYaMZ9C7BMcyo.roa
File: OQjp-luokqHlJkmYaMZ9C7BMcyo.roa (raw, json)
Hash identifier: ilcvS5orKc7300yqAXHpi5j/1D+jMOFmuZ+5AE+Ci24=
Subject key identifier: 39:08:E9:FA:5B:A8:92:A1:E5:26:49:98:68:C6:7D:0B:B0:4C:73:2A
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0184E2392C9D183EB012DB53FCDD2C1D319B
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/OQjp-luokqHlJkmYaMZ9C7BMcyo.roa
Signing time: Mon 05 Dec 2022 12:18:28 +0000
ROA not before: Mon 05 Dec 2022 12:18:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207713
IP address blocks: 5.44.42.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
45.80.128.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:39:2c:9d:18:3e:b0:12:db:53:fc:dd:2c:1d:31:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Dec 5 12:18:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3908e9fa5ba892a1e526499868c67d0bb04c732a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:c1:2a:d4:3f:2b:55:2c:33:73:00:8e:ec:
4d:7b:3e:eb:fd:4c:25:c5:1e:71:b6:0f:db:58:50:
68:19:3f:10:6b:97:24:c6:e6:1f:f4:22:b7:52:4f:
5e:29:92:48:c7:07:57:3c:ce:93:1e:cb:99:ec:03:
12:4c:a5:6d:c2:a8:88:3c:ef:a5:11:e2:b4:26:7b:
c7:16:7b:f4:56:8f:83:71:16:f9:69:bc:83:ab:46:
1f:03:07:8b:29:e1:9c:97:7e:27:12:1c:66:99:a6:
14:ad:74:73:1a:82:67:f6:fe:6a:e8:a8:c0:03:32:
7c:af:80:e9:eb:54:72:20:f9:9d:5b:8e:2e:a5:0b:
61:ab:95:de:6d:45:a7:f7:fa:d6:34:a7:ba:9f:d8:
b1:4b:50:48:4c:43:1f:c9:a1:97:30:4e:0a:f6:b0:
0f:87:3c:5e:61:09:3d:74:cd:3a:2e:d9:85:44:a3:
a8:4f:64:cb:96:99:57:62:2e:a6:09:29:8e:ea:2d:
60:e6:ae:07:75:ae:26:8e:88:cb:9f:37:e6:c6:d1:
71:8f:14:55:15:5e:19:14:0a:ef:85:68:a7:fb:38:
88:e5:ed:b0:86:c5:5e:de:6e:06:57:29:cc:bc:16:
2d:f7:37:83:de:ac:ae:dc:e1:4f:b6:39:4c:b9:51:
a9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:08:E9:FA:5B:A8:92:A1:E5:26:49:98:68:C6:7D:0B:B0:4C:73:2A
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/OQjp-luokqHlJkmYaMZ9C7BMcyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
45.80.128.0/24
45.129.184.0/24
195.80.48.0/23
Signature Algorithm: sha256WithRSAEncryption
92:e8:aa:d0:14:90:96:15:b3:6b:a2:a6:1e:4a:42:a9:61:a0:
54:c8:71:bb:92:46:c9:e7:d1:00:97:ad:28:a5:70:73:66:32:
b6:c9:3b:98:05:3b:d4:af:17:50:f5:85:c0:1f:43:67:22:ad:
4c:82:e1:6a:a2:87:bc:58:8b:be:4d:82:6a:47:40:e4:fb:44:
c9:0e:b1:fd:0d:9d:81:7a:56:30:d7:f2:9b:ab:41:2c:6e:86:
78:90:88:25:2a:b9:4f:ce:9c:44:d6:5b:79:b3:3a:c7:8c:11:
9b:65:92:5f:08:84:f3:fc:c9:0b:c6:88:09:a6:b2:00:aa:5b:
de:9d:c9:24:44:e6:97:6e:23:54:b8:d7:99:63:7a:0b:37:09:
01:ec:89:2a:6d:64:3c:76:d6:b6:83:21:e0:c1:b9:ca:d4:a3:
b1:ae:c9:18:a5:c6:ff:25:eb:2b:92:e9:51:79:9e:a6:40:72:
bf:a4:61:d5:ad:29:da:b4:25:4e:23:25:50:7a:6e:65:7d:59:
64:30:b2:00:9a:f2:94:66:eb:54:44:14:5c:6a:a4:50:b3:f7:
a5:c1:7f:37:ea:c6:19:b2:ac:b8:a0:ce:a2:66:e5:7c:12:8a:
a9:1d:31:6d:6c:f2:94:49:10:f3:7e:b9:53:f5:9b:07:d8:e9:
fc:e5:8d:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTiOSydGD6wEttT/N0sHTGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIxMjA1MTIxODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA4ZTlmYTViYTg5MmExZTUyNjQ5OTg2OGM2N2QwYmIwNGM3MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuybBKtQ/K1UsM3MAjuxNez7r/Uwl
xR5xtg/bWFBoGT8Qa5ckxuYf9CK3Uk9eKZJIxwdXPM6THsuZ7AMSTKVtwqiIPO+l
EeK0JnvHFnv0Vo+DcRb5abyDq0YfAweLKeGcl34nEhxmmaYUrXRzGoJn9v5q6KjA
AzJ8r4Dp61RyIPmdW44upQthq5XebUWn9/rWNKe6n9ixS1BITEMfyaGXME4K9rAP
hzxeYQk9dM06LtmFRKOoT2TLlplXYi6mCSmO6i1g5q4Hda4mjojLnzfmxtFxjxRV
FV4ZFArvhWin+ziI5e2whsVe3m4GVynMvBYt9zeD3qyu3OFPtjlMuVGpgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDkI6fpbqJKh5SZJmGjGfQuwTHMqMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvT1FqcC1sdW9rcUhsSmttWWFNWjlDN0JNY3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABSwqAwQA
LVCAAwQALYG4AwQBw1AwMA0GCSqGSIb3DQEBCwUAA4IBAQCS6KrQFJCWFbNroqYe
SkKpYaBUyHG7kkbJ59EAl60opXBzZjK2yTuYBTvUrxdQ9YXAH0NnIq1MguFqooe8
WIu+TYJqR0Dk+0TJDrH9DZ2BelYw1/Kbq0EsboZ4kIglKrlPzpxE1lt5szrHjBGb
ZZJfCITz/MkLxogJprIAqlvenckkROaXbiNUuNeZY3oLNwkB7IkqbWQ8dta2gyHg
wbnK1KOxrskYpcb/JesrkulReZ6mQHK/pGHVrSnatCVOIyVQem5lfVlkMLIAmvKU
ZutURBRcaqRQs/elwX836sYZsqy4oM6iZuV8EoqpHTFtbPKUSRDzfrlT9ZsH2On8
5Y3z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org