Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/F5x_tPHD07Us3qyKBLUDx7usw2c.roa
File: F5x_tPHD07Us3qyKBLUDx7usw2c.roa (raw, json)
Hash identifier: SRHiaQWzZHyGa5Mkt5/7D1DRZlAWKl5DflApkO8IrGc=
Subject key identifier: 17:9C:7F:B4:F1:C3:D3:B5:2C:DE:AC:8A:04:B5:03:C7:BB:AC:C3:67
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018221FA884F7AC34A5425C04AC0B6C9FBDB
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/F5x_tPHD07Us3qyKBLUDx7usw2c.roa
Signing time: Thu 21 Jul 2022 18:17:23 +0000
ROA not before: Thu 21 Jul 2022 18:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/22 maxlen: 24
45.137.18.0/24 maxlen: 24
81.28.254.0/23 maxlen: 24
91.239.148.0/23 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.199.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:21:fa:88:4f:7a:c3:4a:54:25:c0:4a:c0:b6:c9:fb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jul 21 18:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=179c7fb4f1c3d3b52cdeac8a04b503c7bbacc367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:43:59:8d:74:e5:c6:3f:2b:d8:21:a4:b8:06:
2a:10:2a:2e:fc:df:40:7f:1d:16:95:4d:46:71:ef:
a7:ce:a8:c7:1f:6c:ba:36:7a:97:f2:17:da:23:fc:
1b:96:26:05:a1:7d:5c:f9:85:f5:b1:ce:0e:9d:17:
9e:45:9e:f3:b2:3e:59:8c:46:b7:89:8c:de:ee:95:
bc:44:a9:93:44:c5:a3:f0:f0:06:c0:30:86:9c:e5:
d1:ac:4d:eb:7f:3a:17:1e:16:98:84:43:5c:23:08:
2e:4b:fb:b1:49:8f:94:54:86:9c:25:ad:95:fb:53:
b5:3f:99:18:7a:44:b0:3b:ec:42:15:5c:28:5c:25:
ce:96:4e:f2:0e:74:84:fd:17:ca:9e:74:6f:3d:b9:
bd:66:1c:6a:d0:a9:f8:2a:ed:77:ad:81:9e:a6:55:
31:26:99:35:04:2a:85:8b:c0:d5:1e:80:ff:50:66:
60:e3:84:83:db:e7:9a:1f:87:96:32:f2:67:d1:6b:
7c:2f:fd:7a:7d:59:39:78:2e:95:f9:7c:f3:c3:e8:
07:87:fc:25:ac:e6:80:f7:ea:1d:da:52:68:fb:d4:
a4:ed:6c:6a:60:07:d0:68:bb:5c:3d:4f:c5:b2:2b:
b8:4e:d7:9c:a0:cb:91:78:e6:2e:d7:94:c3:fb:89:
84:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9C:7F:B4:F1:C3:D3:B5:2C:DE:AC:8A:04:B5:03:C7:BB:AC:C3:67
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/F5x_tPHD07Us3qyKBLUDx7usw2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
45.137.18.0/24
81.28.254.0/23
91.239.148.0/23
91.244.199.0/24
176.105.228.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:4c:6d:96:27:b2:c1:7c:62:bc:dd:57:ae:b4:a7:49:49:79:
6e:cf:45:8a:c6:e8:1d:68:cf:79:63:37:ec:8c:c5:39:d0:db:
6a:42:68:b7:b3:55:03:67:0b:37:77:59:5f:0e:8a:fc:46:dd:
2d:47:a9:2b:37:09:e2:05:0d:b3:ba:08:5c:e7:59:73:ab:d4:
cc:71:f0:ad:6a:12:76:9a:44:36:8d:8c:ad:70:6b:07:6e:5b:
50:c8:90:9f:df:4d:54:82:4c:bb:f6:fb:69:c4:e6:bd:d5:f6:
18:99:0f:0e:b7:bc:c0:65:b4:17:74:85:ab:e8:26:25:db:7e:
dd:7c:99:e4:35:ef:a6:a3:34:fb:4b:cf:ee:dd:fd:54:21:23:
22:63:ff:6d:4c:fa:10:31:99:26:74:ff:69:84:0d:84:ae:4b:
6b:1a:33:11:4e:92:f4:5e:28:a2:ff:19:14:99:90:27:ff:e1:
19:50:d1:fd:40:32:6a:e6:92:0f:88:98:21:87:e1:e3:f1:97:
24:d1:73:92:97:8a:1f:fa:3c:bd:18:79:6a:ea:86:07:50:f8:
34:9a:7d:d3:9b:97:fb:e8:74:0a:7d:d4:2b:ee:2a:ee:bd:f5:
ba:61:41:b5:ac:b2:fe:5c:6a:b8:05:b0:d5:59:93:79:41:4a:
dc:0d:cc:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYIh+ohPesNKVCXASsC2yfvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjIwNzIxMTgxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzljN2ZiNGYxYzNkM2I1MmNkZWFjOGEwNGI1MDNjN2JiYWNjMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0NZjXTlxj8r2CGkuAYqECou/N9A
fx0WlU1Gce+nzqjHH2y6NnqX8hfaI/wbliYFoX1c+YX1sc4OnReeRZ7zsj5ZjEa3
iYze7pW8RKmTRMWj8PAGwDCGnOXRrE3rfzoXHhaYhENcIwguS/uxSY+UVIacJa2V
+1O1P5kYekSwO+xCFVwoXCXOlk7yDnSE/RfKnnRvPbm9Zhxq0Kn4Ku13rYGeplUx
Jpk1BCqFi8DVHoD/UGZg44SD2+eaH4eWMvJn0Wt8L/16fVk5eC6V+Xzzw+gHh/wl
rOaA9+od2lJo+9Sk7WxqYAfQaLtcPU/Fsiu4TtecoMuReOYu15TD+4mE/QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBecf7Txw9O1LN6sigS1A8e7rMNnMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvRjV4X3RQSEQwN1VzM3F5S0JMVUR4N3VzdzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYRQAwQA
LYkSAwQBURz+AwQBW++UAwQAW/THAwQCsGnkMA0GCSqGSIb3DQEBCwUAA4IBAQCc
TG2WJ7LBfGK83VeutKdJSXluz0WKxugdaM95YzfsjMU50NtqQmi3s1UDZws3d1lf
Dor8Rt0tR6krNwniBQ2zughc51lzq9TMcfCtahJ2mkQ2jYytcGsHbltQyJCf301U
gky79vtpxOa91fYYmQ8Ot7zAZbQXdIWr6CYl237dfJnkNe+mozT7S8/u3f1UISMi
Y/9tTPoQMZkmdP9phA2ErktrGjMRTpL0Xiii/xkUmZAn/+EZUNH9QDJq5pIPiJgh
h+Hj8Zck0XOSl4of+jy9GHlq6oYHUPg0mn3Tm5f76HQKfdQr7iruvfW6YUG1rLL+
XGq4BbDVWZN5QUrcDcyu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:00 2024 by rpki-client on console-fra.rpki-client.org