Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/n1yLlXZ5yhrkFYZHzHsXBZYoDUU.roa
File: n1yLlXZ5yhrkFYZHzHsXBZYoDUU.roa (raw, json)
Hash identifier: IcWAIFLaO+1It2rDkRxgvfk59HxCO8tsveB8tJ75W3I=
Subject key identifier: 9F:5C:8B:95:76:79:CA:1A:E4:15:86:47:CC:7B:17:05:96:28:0D:45
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01859C087943CFD1F7402C7B4D9B85B6B506
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/n1yLlXZ5yhrkFYZHzHsXBZYoDUU.roa
Signing time: Tue 10 Jan 2023 14:14:38 +0000
ROA not before: Tue 10 Jan 2023 14:14:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 194.5.92.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
45.66.116.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
109.236.58.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
92.118.114.0/23 maxlen: 23
195.80.51.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:08:79:43:cf:d1:f7:40:2c:7b:4d:9b:85:b6:b5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 10 14:14:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f5c8b957679ca1ae4158647cc7b170596280d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fd:72:37:db:9e:d9:b5:0f:2d:bc:9a:c6:92:
27:22:cb:55:ae:9e:0e:27:c1:1a:84:9b:c1:48:18:
77:46:17:3e:2a:95:74:7c:82:7b:6f:c5:8e:b8:d0:
23:55:6b:6c:ca:f5:2d:14:ad:e5:31:10:e8:ad:c4:
b2:52:f8:87:08:ce:38:19:91:94:75:45:85:92:d2:
c8:64:61:27:73:f6:da:e6:93:c1:24:5a:1d:c7:0e:
07:07:4a:04:20:84:c0:f4:98:86:ee:1b:f7:42:38:
b0:7b:2d:fe:3a:1a:6e:24:e8:e8:0f:b8:b5:4d:60:
01:b9:45:51:1e:7e:63:a7:8f:88:2f:7c:72:e1:d3:
38:64:d1:8d:06:9d:16:b1:f8:a7:16:72:85:af:39:
3b:00:93:63:7b:45:3d:a2:9e:79:c5:ae:55:58:97:
82:de:fd:75:0c:8f:cf:e3:c0:b9:7b:6b:37:7f:02:
72:f0:11:f1:4e:7a:5d:54:99:e0:e6:60:79:17:3c:
82:b6:77:3b:47:e6:48:6e:3b:ff:06:12:69:fa:61:
06:de:ff:2e:69:eb:3d:4c:55:9f:bb:b3:f3:9a:97:
a1:e0:eb:9b:0c:3f:50:b3:3a:a3:a3:75:1e:83:42:
93:b5:55:cd:da:5a:cd:22:15:09:57:f6:42:bf:80:
d2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:5C:8B:95:76:79:CA:1A:E4:15:86:47:CC:7B:17:05:96:28:0D:45
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/n1yLlXZ5yhrkFYZHzHsXBZYoDUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
45.66.116.0/24
91.200.84.0/24
92.118.114.0/23
109.236.56.0-109.236.58.255
194.5.92.0/24
195.80.51.0/24
Signature Algorithm: sha256WithRSAEncryption
22:7c:d6:82:8a:00:f1:d3:d3:4d:45:6f:22:28:9a:c0:31:aa:
80:f8:65:97:7c:ce:01:01:7b:8f:52:c4:da:71:d3:56:e5:59:
bb:9d:04:82:1b:f0:cf:78:e4:b4:47:23:48:6e:e6:a0:18:ad:
a7:7d:5a:51:57:d3:30:6c:31:89:bd:92:0c:ca:ac:8c:44:31:
34:ac:e6:b0:78:88:00:db:a6:65:d0:1b:42:2f:ca:28:c0:b3:
4b:16:70:09:aa:b6:59:12:d6:f0:3c:6c:e1:e9:ce:3f:15:00:
1e:27:40:fe:61:70:dd:fe:4f:2a:b8:15:d7:33:4e:b0:c4:a9:
62:6c:81:37:05:f7:76:c7:b9:5b:2e:30:0d:71:42:a2:a0:af:
64:8d:c3:81:01:26:d1:4a:43:c5:15:8a:c1:70:0c:07:ed:a8:
1d:e1:75:a0:dc:2b:92:fa:fc:d3:d7:fb:04:88:75:85:88:3f:
54:66:60:bc:cb:49:eb:e9:36:fa:cc:47:b3:27:c4:14:d8:37:
7c:3e:99:63:8b:4f:5a:3e:22:62:9a:0f:da:04:a9:01:d5:3d:
e8:7e:03:d4:9f:84:17:92:80:b0:44:bc:3f:68:74:73:a8:f0:
f1:60:53:ce:f4:34:d3:d7:c0:20:78:07:26:e6:3a:43:36:c5:
f9:90:de:af
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYWcCHlDz9H3QCx7TZuFtrUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTEwMTQxNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjVjOGI5NTc2NzljYTFhZTQxNTg2NDdjYzdiMTcwNTk2MjgwZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf1yN9ue2bUPLbyaxpInIstVrp4O
J8EahJvBSBh3Rhc+KpV0fIJ7b8WOuNAjVWtsyvUtFK3lMRDorcSyUviHCM44GZGU
dUWFktLIZGEnc/ba5pPBJFodxw4HB0oEIITA9JiG7hv3Qjiwey3+OhpuJOjoD7i1
TWABuUVRHn5jp4+IL3xy4dM4ZNGNBp0WsfinFnKFrzk7AJNje0U9op55xa5VWJeC
3v11DI/P48C5e2s3fwJy8BHxTnpdVJng5mB5FzyCtnc7R+ZIbjv/BhJp+mEG3v8u
aes9TFWfu7Pzmpeh4OubDD9Qszqjo3Ueg0KTtVXN2lrNIhUJV/ZCv4DSTQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJ9ci5V2ecoa5BWGR8x7FwWWKA1FMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvbjF5TGxYWjV5aHJrRllaSHpIc1hCWllvRFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABSwsAwQA
LUJ0AwQAW8hUAwQBXHZyMAwDBANt7DgDBABt7DoDBADCBVwDBADDUDMwDQYJKoZI
hvcNAQELBQADggEBACJ81oKKAPHT001FbyIomsAxqoD4ZZd8zgEBe49SxNpx01bl
WbudBIIb8M945LRHI0hu5qAYrad9WlFX0zBsMYm9kgzKrIxEMTSs5rB4iADbpmXQ
G0IvyijAs0sWcAmqtlkS1vA8bOHpzj8VAB4nQP5hcN3+Tyq4FdczTrDEqWJsgTcF
93bHuVsuMA1xQqKgr2SNw4EBJtFKQ8UVisFwDAftqB3hdaDcK5L6/NPX+wSIdYWI
P1RmYLzLSevpNvrMR7MnxBTYN3w+mWOLT1o+ImKaD9oEqQHVPeh+A9SfhBeSgLBE
vD9odHOo8PFgU870NNPXwCB4BybmOkM2xfmQ3q8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org