Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/W56c1rFIEXqOr1s_Ie26khwo_wg.roa
File: W56c1rFIEXqOr1s_Ie26khwo_wg.roa (raw, json)
Hash identifier: nXeyUclu4FqMtmOu/WsmGT8RC6BZmgcRyr23PY4/BNA=
Subject key identifier: 5B:9E:9C:D6:B1:48:11:7A:8E:AF:5B:3F:21:ED:BA:92:1C:28:FF:08
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 018CC8016CF15AA8C9B2E177B79A8DEFFB85
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/W56c1rFIEXqOr1s_Ie26khwo_wg.roa
Signing time: Tue 02 Jan 2024 02:29:45 +0000
ROA not before: Tue 02 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59524
IP address blocks: 145.128.64.0/20 maxlen: 20
145.128.80.0/20 maxlen: 20
145.128.96.0/19 maxlen: 19
145.128.0.0/20 maxlen: 20
145.128.16.0/20 maxlen: 20
91.242.160.0/24 maxlen: 24
145.128.27.0/24 maxlen: 24
145.128.32.0/19 maxlen: 19
2001:67c:104c::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6c:f1:5a:a8:c9:b2:e1:77:b7:9a:8d:ef:fb:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b9e9cd6b148117a8eaf5b3f21edba921c28ff08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:39:40:7a:82:91:e0:98:3d:1d:17:3c:a6:03:
8b:c5:c0:2b:81:a3:e4:a2:6a:fa:60:ab:9e:d9:79:
da:04:45:da:df:b1:7b:6f:84:31:2d:ef:8f:7c:ed:
08:81:97:d7:dc:37:78:7d:6f:5b:0b:33:a8:8b:e2:
67:c4:b8:2c:f1:3d:1c:ab:f8:dc:55:07:2d:ee:bc:
22:9a:5c:36:e3:3b:60:04:9f:84:31:e7:42:82:e6:
e1:15:e6:cf:3b:66:fb:a1:03:d2:e6:d4:bc:e0:1b:
34:c9:a5:d6:5a:cc:b8:99:37:8b:62:5c:1a:41:a7:
27:f2:69:8c:87:13:2b:d6:14:a2:75:47:7c:60:4d:
ee:be:de:70:e3:5f:0d:83:d7:0e:7c:6e:10:c7:95:
c6:75:4d:82:01:e4:97:06:1b:ec:f3:b0:17:c8:db:
0f:95:a4:b2:7d:ae:7c:9b:9a:df:c0:63:75:bb:62:
35:e9:e6:f7:5d:7c:eb:2f:18:41:70:4c:3b:0b:5a:
6a:50:78:18:53:09:18:6a:32:9d:e9:06:a3:4f:ac:
89:58:19:c1:00:a2:3c:39:14:76:6d:28:67:f1:d5:
7c:af:f7:12:5e:26:ba:f7:e1:19:71:3a:38:d7:e3:
9f:e6:6d:19:d9:c0:12:0c:0e:cc:1b:66:06:88:c6:
7f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9E:9C:D6:B1:48:11:7A:8E:AF:5B:3F:21:ED:BA:92:1C:28:FF:08
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/W56c1rFIEXqOr1s_Ie26khwo_wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.160.0/24
145.128.0.0/17
IPv6:
2001:67c:104c::/48
Signature Algorithm: sha256WithRSAEncryption
15:db:e9:37:e1:01:5f:23:46:f3:d2:b2:34:4f:e4:a6:72:b9:
d2:cc:06:30:d0:48:e8:69:8b:63:6a:c0:ff:85:9b:23:9a:ef:
bf:55:01:f0:47:0e:1f:3a:1d:c7:da:92:22:13:17:90:29:80:
aa:a6:dd:40:0d:1f:b3:f5:1a:28:42:a9:79:ff:58:7d:d4:40:
48:4b:f5:8e:81:41:35:89:03:24:d7:06:dc:d9:e4:84:ab:4f:
d8:c1:6e:c5:de:d6:07:fd:57:60:e7:ef:78:17:f0:6b:55:1d:
ac:de:e1:16:3a:1a:82:3d:31:ac:83:7d:86:2c:b9:a6:d2:b0:
ff:82:a9:6c:c6:12:ca:3d:ad:ec:b3:66:37:ad:e3:03:c2:ce:
48:6d:d1:cf:fe:3c:21:c2:83:3f:9d:39:dc:90:b6:a8:61:1b:
04:b9:4e:89:7a:8a:86:0b:ec:90:d7:79:69:f1:3f:43:ec:ab:
0f:c1:f7:bc:58:0a:0d:c5:44:84:a6:ab:c4:39:e6:d0:2a:7b:
4c:b4:45:61:d2:22:8a:41:d6:5b:43:c9:5a:a3:c4:91:4b:37:
20:ca:9b:d0:15:8c:01:45:a9:b2:28:03:ce:3d:a5:b3:7f:ba:
54:27:fc:91:e3:48:e9:cf:92:3c:43:02:ee:4d:65:ce:94:a5:
69:52:4c:c4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIAWzxWqjJsuF3t5qN7/uFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjllOWNkNmIxNDgxMTdhOGVhZjViM2YyMWVkYmE5MjFjMjhmZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzlAeoKR4Jg9HRc8pgOLxcArgaPk
omr6YKue2XnaBEXa37F7b4QxLe+PfO0IgZfX3Dd4fW9bCzOoi+JnxLgs8T0cq/jc
VQct7rwimlw24ztgBJ+EMedCgubhFebPO2b7oQPS5tS84Bs0yaXWWsy4mTeLYlwa
Qacn8mmMhxMr1hSidUd8YE3uvt5w418Ng9cOfG4Qx5XGdU2CAeSXBhvs87AXyNsP
laSyfa58m5rfwGN1u2I16eb3XXzrLxhBcEw7C1pqUHgYUwkYajKd6QajT6yJWBnB
AKI8ORR2bShn8dV8r/cSXia69+EZcTo41+Of5m0Z2cASDA7MG2YGiMZ/ZQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFuenNaxSBF6jq9bPyHtupIcKP8IMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvVzU2YzFyRklFWHFPcjFzX0llMjZraHdvX3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW/KgAwQH
kYAAMA8EAgACMAkDBwAgAQZ8EEwwDQYJKoZIhvcNAQELBQADggEBABXb6TfhAV8j
RvPSsjRP5KZyudLMBjDQSOhpi2NqwP+FmyOa779VAfBHDh86HcfakiITF5ApgKqm
3UANH7P1GihCqXn/WH3UQEhL9Y6BQTWJAyTXBtzZ5ISrT9jBbsXe1gf9V2Dn73gX
8GtVHaze4RY6GoI9MayDfYYsuabSsP+CqWzGEso9reyzZjet4wPCzkht0c/+PCHC
gz+dOdyQtqhhGwS5Tol6ioYL7JDXeWnxP0Psqw/B97xYCg3FRISmq8Q55tAqe0y0
RWHSIopB1ltDyVqjxJFLNyDKm9AVjAFFqbIoA849pbN/ulQn/JHjSOnPkjxDAu5N
Zc6UpWlSTMQ=
-----END CERTIFICATE-----
Generated at Thu Nov 7 13:09:04 2024 by rpki-client on console-fra.rpki-client.org