Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RVEUM1hcVcbZ5oCKQ72F1_oMOPo.roa
File: RVEUM1hcVcbZ5oCKQ72F1_oMOPo.roa (raw, json)
Hash identifier: GH7eUeQcawAgCmbeSElFBnAapCMHSGk/EUTDtt+qFVU=
Subject key identifier: 45:51:14:33:58:5C:55:C6:D9:E6:80:8A:43:BD:85:D7:FA:0C:38:FA
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018D6A4E5BF2F5C8B34B31F36B353FC2CEAB
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RVEUM1hcVcbZ5oCKQ72F1_oMOPo.roa
Signing time: Fri 02 Feb 2024 14:52:16 +0000
ROA not before: Fri 02 Feb 2024 14:52:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202423
IP address blocks: 5.44.43.0/24 maxlen: 24
5.44.45.0/24 maxlen: 24
45.89.188.0/24 maxlen: 24
45.89.189.0/24 maxlen: 24
45.89.191.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
89.191.230.0/24 maxlen: 24
89.191.231.0/24 maxlen: 24
89.191.233.0/24 maxlen: 24
89.191.235.0/24 maxlen: 24
91.107.119.0/24 maxlen: 24
194.116.162.0/24 maxlen: 24
194.116.163.0/24 maxlen: 24
212.60.22.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:4e:5b:f2:f5:c8:b3:4b:31:f3:6b:35:3f:c2:ce:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 2 14:52:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45511433585c55c6d9e6808a43bd85d7fa0c38fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5f:2c:00:af:d0:e5:e6:6f:1b:87:9f:74:be:
4e:d4:73:f1:f9:d6:37:3a:da:b0:1b:1e:a7:7b:58:
5e:cf:ce:a8:f0:79:31:b9:3a:01:70:b4:51:5b:d2:
c0:9c:ca:07:64:8c:c0:d8:2c:16:a0:e1:e9:02:1c:
1a:54:48:58:23:96:77:d9:2b:e4:7f:49:3d:04:43:
6a:fd:a5:b7:db:ac:4b:69:af:c8:6c:80:41:22:9e:
24:b6:e3:0b:83:78:04:c2:73:bb:29:15:6c:c1:e1:
e4:b6:6c:df:30:f7:72:8b:87:f2:35:f1:bf:28:a1:
ba:26:9d:28:ab:dd:7b:84:e4:5a:4c:ea:b9:7c:9e:
76:f1:4b:ed:dd:a7:b2:a5:e9:f7:15:0b:cc:21:d8:
c9:2b:3d:a8:d0:51:1a:3f:b8:d6:a6:2d:f5:76:f2:
4a:34:76:23:45:53:18:02:6d:bf:3c:cf:cd:b8:c6:
c8:07:ad:bd:a5:a7:fb:2d:83:e7:92:ab:89:ae:2d:
c3:7c:b4:77:49:46:f3:32:06:c3:b9:87:30:eb:e2:
af:cb:61:00:2c:7a:e3:d0:60:b9:29:e2:36:a6:c7:
00:53:e4:f4:da:e8:cc:4f:cf:7e:db:91:84:f7:a9:
ee:a0:4a:1b:a7:6d:a9:f1:d5:79:ff:9a:af:15:d1:
88:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:51:14:33:58:5C:55:C6:D9:E6:80:8A:43:BD:85:D7:FA:0C:38:FA
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RVEUM1hcVcbZ5oCKQ72F1_oMOPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.43.0/24
5.44.45.0/24
45.89.188.0/23
45.89.191.0/24
45.129.186.0/24
89.191.225.0/24
89.191.230.0/23
89.191.233.0/24
89.191.235.0/24
91.107.119.0/24
194.116.162.0/23
212.60.22.0/24
Signature Algorithm: sha256WithRSAEncryption
58:89:3b:71:3d:c9:ee:2c:1d:60:4d:c1:22:92:5b:b3:ac:94:
22:59:a8:90:74:a2:0b:b0:f3:72:1a:2b:6c:d6:52:83:12:a3:
e5:00:8b:d0:88:e5:5c:4b:9f:32:6d:6a:3a:6b:a2:10:78:52:
f8:bb:b4:b3:d1:26:8d:fd:05:ae:16:d2:f1:b5:ce:37:9a:8f:
60:5c:35:80:93:e0:e1:e7:9b:fe:61:c0:4f:9f:f2:ed:b4:d8:
71:c7:df:a2:7d:8c:eb:b9:46:78:7c:df:b4:9e:35:c0:39:43:
a8:43:33:18:7f:9f:94:7d:08:b9:2a:d6:5b:22:78:4c:f7:a6:
1d:90:0e:16:d4:f6:61:06:3d:73:c6:e2:72:6f:9e:c4:ba:df:
33:6d:99:2b:46:5c:0d:58:8e:a3:3e:6d:59:e8:1a:fd:b5:8e:
d9:63:c2:f8:8e:80:19:70:e1:c5:b9:7a:b0:08:bb:a9:02:e3:
1c:07:40:80:3d:9c:78:69:3a:6d:77:c0:37:b1:4f:07:44:10:
c2:e3:f5:16:67:b7:91:a3:fb:94:35:97:c8:59:10:de:92:4e:
40:46:8e:65:c8:27:22:31:cd:cd:e9:72:87:f2:28:22:64:36:
ec:5c:d5:2b:75:7d:65:39:40:52:16:58:0b:57:1a:81:91:1e:
ab:c4:e0:44
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY1qTlvy9cizSzHzazU/ws6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMjAyMTQ1MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTUxMTQzMzU4NWM1NWM2ZDllNjgwOGE0M2JkODVkN2ZhMGMzOGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V8sAK/Q5eZvG4efdL5O1HPx+dY3
OtqwGx6ne1hez86o8HkxuToBcLRRW9LAnMoHZIzA2CwWoOHpAhwaVEhYI5Z32Svk
f0k9BENq/aW326xLaa/IbIBBIp4ktuMLg3gEwnO7KRVsweHktmzfMPdyi4fyNfG/
KKG6Jp0oq917hORaTOq5fJ528Uvt3aeypen3FQvMIdjJKz2o0FEaP7jWpi31dvJK
NHYjRVMYAm2/PM/NuMbIB629paf7LYPnkquJri3DfLR3SUbzMgbDuYcw6+Kvy2EA
LHrj0GC5KeI2pscAU+T02ujMT89+25GE96nuoEobp22p8dV5/5qvFdGIiwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEVRFDNYXFXG2eaAikO9hdf6DDj6MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvUlZFVU0xaGNWY2JaNW9DS1E3MkYxX29NT1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABSwrAwQA
BSwtAwQBLVm8AwQALVm/AwQALYG6AwQAWb/hAwQBWb/mAwQAWb/pAwQAWb/rAwQA
W2t3AwQBwnSiAwQA1DwWMA0GCSqGSIb3DQEBCwUAA4IBAQBYiTtxPcnuLB1gTcEi
kluzrJQiWaiQdKILsPNyGits1lKDEqPlAIvQiOVcS58ybWo6a6IQeFL4u7Sz0SaN
/QWuFtLxtc43mo9gXDWAk+Dh55v+YcBPn/LttNhxx9+ifYzruUZ4fN+0njXAOUOo
QzMYf5+UfQi5KtZbInhM96YdkA4W1PZhBj1zxuJyb57Eut8zbZkrRlwNWI6jPm1Z
6Br9tY7ZY8L4joAZcOHFuXqwCLupAuMcB0CAPZx4aTptd8A3sU8HRBDC4/UWZ7eR
o/uUNZfIWRDekk5ARo5lyCciMc3N6XKH8igiZDbsXNUrdX1lOUBSFlgLVxqBkR6r
xOBE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org