Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/jPqhDF25bC2v2ZQP4ey7ader_PE.roa
File: jPqhDF25bC2v2ZQP4ey7ader_PE.roa (raw, json)
Hash identifier: w/0TxDd86P0evW+zWksEJ4W359x5oXj17tXcqh10nN4=
Subject key identifier: 8C:FA:A1:0C:5D:B9:6C:2D:AF:D9:94:0F:E1:EC:BB:69:D7:AB:FC:F1
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A328DB0F02385DF987D661631BF4C
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/jPqhDF25bC2v2ZQP4ey7ader_PE.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15879
IP address blocks: 46.255.104.0/21 maxlen: 24
77.245.80.0/20 maxlen: 24
194.105.138.0/23 maxlen: 24
217.115.192.0/20 maxlen: 24
87.250.128.0/19 maxlen: 24
193.189.134.0/24 maxlen: 24
213.130.160.0/19 maxlen: 24
212.204.192.0/18 maxlen: 24
217.149.64.0/20 maxlen: 24
185.55.128.0/22 maxlen: 24
185.28.148.0/22 maxlen: 24
193.91.48.0/20 maxlen: 24
83.219.64.0/19 maxlen: 24
93.188.248.0/21 maxlen: 24
213.133.32.0/19 maxlen: 24
217.148.80.0/20 maxlen: 24
94.247.192.0/21 maxlen: 24
217.194.96.0/19 maxlen: 24
213.197.192.0/18 maxlen: 24
80.246.176.0/20 maxlen: 24
213.206.64.0/18 maxlen: 24
5.226.40.0/21 maxlen: 24
82.201.0.0/17 maxlen: 24
81.24.48.0/20 maxlen: 24
2001:67c:1a4::/48 maxlen: 48
2001:9a0::/32 maxlen: 48
2a02:f18::/32 maxlen: 48
2001:898::/29 maxlen: 48
2a02:f30::/32 maxlen: 48
2001:14a0::/32 maxlen: 48
2001:40e0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:32:8d:b0:f0:23:85:df:98:7d:66:16:31:bf:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cfaa10c5db96c2dafd9940fe1ecbb69d7abfcf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a6:82:61:b7:a6:b2:a3:60:40:72:e0:43:68:
5c:92:f8:d7:5e:17:66:96:6d:c7:f5:cc:e4:13:d0:
e7:49:a7:0a:1e:4e:de:4c:1e:2f:6d:e8:5b:78:f8:
76:ce:19:7c:bb:7c:e5:ac:68:a9:16:12:b4:19:7d:
67:42:f1:b8:cc:06:54:02:d4:09:65:a6:31:3f:9d:
32:b8:9f:01:88:39:a3:f8:97:fd:b6:f7:29:59:f8:
f7:f6:36:f4:c2:4e:1e:20:c8:7e:de:28:c4:15:d2:
ad:ed:a1:84:be:e5:96:e3:8d:bd:8e:28:81:e2:96:
c0:e8:79:6d:1a:78:7d:71:af:23:0e:35:16:12:25:
a6:e0:7c:6e:58:ad:80:c3:2b:d3:7a:8f:a1:cd:56:
0b:0f:3d:6b:b2:86:e2:fc:da:04:7e:72:95:9f:7e:
c3:b1:ed:4e:54:3b:73:50:c4:23:19:e6:a7:01:b4:
e9:39:59:d1:b6:37:5c:a1:c5:bc:5a:1e:eb:3a:13:
54:10:73:9b:0b:9e:aa:0c:f4:39:99:5f:0e:29:f2:
fb:62:aa:31:3e:46:13:4f:b0:da:0d:30:8c:ae:80:
2a:bd:aa:74:b0:98:df:67:c9:e5:4a:f0:bf:98:c4:
c4:26:45:cd:0a:2a:8e:d8:fc:3f:fe:2e:91:2b:ce:
ed:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:FA:A1:0C:5D:B9:6C:2D:AF:D9:94:0F:E1:EC:BB:69:D7:AB:FC:F1
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/jPqhDF25bC2v2ZQP4ey7ader_PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.40.0/21
46.255.104.0/21
77.245.80.0/20
80.246.176.0/20
81.24.48.0/20
82.201.0.0/17
83.219.64.0/19
87.250.128.0/19
93.188.248.0/21
94.247.192.0/21
185.28.148.0/22
185.55.128.0/22
193.91.48.0/20
193.189.134.0/24
194.105.138.0/23
212.204.192.0/18
213.130.160.0/19
213.133.32.0/19
213.197.192.0/18
213.206.64.0/18
217.115.192.0/20
217.148.80.0/20
217.149.64.0/20
217.194.96.0/19
IPv6:
2001:67c:1a4::/48
2001:898::/29
2001:9a0::/32
2001:14a0::/32
2001:40e0::/32
2a02:f18::/32
2a02:f30::/32
Signature Algorithm: sha256WithRSAEncryption
81:3f:3e:c4:ce:3d:c7:e4:f1:11:b2:37:12:67:4f:c8:e0:53:
a9:01:3d:a0:31:26:c9:50:f8:2d:25:19:cb:d8:86:fa:7d:d4:
a8:df:9b:31:96:1a:22:3d:e0:41:bc:f4:0c:9b:8b:6f:5b:ec:
07:a3:07:3b:f8:8d:d2:af:2b:d5:70:97:b2:ae:77:cb:07:4a:
89:08:6a:97:e0:4f:b3:4b:f8:99:50:bb:ab:f5:cb:02:1e:42:
2c:52:c4:1b:79:ad:f2:37:48:0a:84:16:89:bf:4a:54:f0:23:
85:f9:08:7d:8f:c3:8c:60:07:06:ab:7e:1e:7a:cc:ab:49:cc:
35:be:fd:ca:2d:ea:c7:f6:f5:b8:97:c4:ef:37:41:88:a7:52:
0f:63:7f:ac:30:4c:76:25:34:c4:70:ee:9d:11:21:62:2e:94:
98:ee:9a:a9:ad:52:8a:b9:a1:ab:3d:93:18:fa:cc:06:a3:93:
cd:12:9d:34:6b:fa:0f:8e:ba:10:5a:ec:e0:39:9d:91:71:49:
29:05:1b:b0:79:66:79:67:c9:a9:ef:86:34:e4:45:9a:7a:cc:
c9:6f:a7:2a:cb:d9:8f:a1:7c:f4:74:b5:a5:29:03:93:93:84:
dd:95:7b:7f:39:0c:d8:48:82:a1:fa:bf:4c:5f:79:f3:14:f7:
f2:e6:b3:a3
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYVyOjKNsPAjhd+YfWYWMb9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2ZhYTEwYzVkYjk2YzJkYWZkOTk0MGZlMWVjYmI2OWQ3YWJmY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKaCYbemsqNgQHLgQ2hckvjXXhdm
lm3H9czkE9DnSacKHk7eTB4vbehbePh2zhl8u3zlrGipFhK0GX1nQvG4zAZUAtQJ
ZaYxP50yuJ8BiDmj+Jf9tvcpWfj39jb0wk4eIMh+3ijEFdKt7aGEvuWW4429jiiB
4pbA6HltGnh9ca8jDjUWEiWm4HxuWK2AwyvTeo+hzVYLDz1rsobi/NoEfnKVn37D
se1OVDtzUMQjGeanAbTpOVnRtjdcocW8Wh7rOhNUEHObC56qDPQ5mV8OKfL7Yqox
PkYTT7DaDTCMroAqvap0sJjfZ8nlSvC/mMTEJkXNCiqO2Pw//i6RK87ttQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFIz6oQxduWwtr9mUD+Hsu2nXq/zxMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvalBxaERGMjViQzJ2MlpRUDRleTdhZGVyX1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBlwQCAAEwgZADBAMF
4igDBAMu/2gDBARN9VADBARQ9rADBARRGDADBAdSyQADBAVT20ADBAVX+oADBANd
vPgDBANe98ADBAK5HJQDBAK5N4ADBATBWzADBADBvYYDBAHCaYoDBAbUzMADBAXV
gqADBAXVhSADBAbVxcADBAbVzkADBATZc8ADBATZlFADBATZlUADBAXZwmAwOQQC
AAIwMwMHACABBnwBpAMFAyABCJgDBQAgAQmgAwUAIAEUoAMFACABQOADBQAqAg8Y
AwUAKgIPMDANBgkqhkiG9w0BAQsFAAOCAQEAgT8+xM49x+TxEbI3EmdPyOBTqQE9
oDEmyVD4LSUZy9iG+n3UqN+bMZYaIj3gQbz0DJuLb1vsB6MHO/iN0q8r1XCXsq53
ywdKiQhql+BPs0v4mVC7q/XLAh5CLFLEG3mt8jdICoQWib9KVPAjhfkIfY/DjGAH
Bqt+HnrMq0nMNb79yi3qx/b1uJfE7zdBiKdSD2N/rDBMdiU0xHDunREhYi6UmO6a
qa1Sirmhqz2TGPrMBqOTzRKdNGv6D466EFrs4DmdkXFJKQUbsHlmeWfJqe+GNORF
mnrMyW+nKsvZj6F89HS1pSkDk5OE3ZV7fzkM2EiCofq/TF958xT38uazow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org