Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/6XTbKlpLkdFezV3Kj6TrRJwISSY.roa
File: 6XTbKlpLkdFezV3Kj6TrRJwISSY.roa (raw, json)
Hash identifier: k1L4KBc0dJHChlbDn99w3P6r97ix+jtc/pt8I4LTj3I=
Subject key identifier: E9:74:DB:2A:5A:4B:91:D1:5E:CD:5D:CA:8F:A4:EB:44:9C:08:49:26
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 060E50C5
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/6XTbKlpLkdFezV3Kj6TrRJwISSY.roa
Signing time: Fri 11 Mar 2022 20:37:34 +0000
ROA not before: Fri 11 Mar 2022 20:37:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 93.114.129.0/24 maxlen: 24
86.106.135.0/24 maxlen: 24
86.104.228.0/24 maxlen: 24
89.32.127.0/24 maxlen: 24
89.21.64.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101601477 (0x60e50c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Mar 11 20:37:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e974db2a5a4b91d15ecd5dca8fa4eb449c084926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6d:a5:16:ee:78:34:da:22:96:0e:58:62:14:
a2:49:bf:2e:fe:e9:13:c7:0b:20:de:80:1a:93:7a:
fd:8d:7d:49:46:ef:1b:8b:8f:38:d7:72:1b:c5:de:
f5:21:5e:ae:0c:7a:01:e7:a1:11:45:f7:24:54:2a:
8c:d4:a0:ae:3f:81:cf:2f:52:b4:e3:41:c9:ba:48:
89:fa:7d:c5:93:fb:eb:83:10:a3:19:b1:a1:9e:34:
c0:cf:8c:64:a4:3f:43:df:96:26:4c:2e:27:3e:b0:
fe:30:3c:63:c8:6d:68:9a:a0:9b:6d:8c:29:10:40:
b5:d4:a1:43:02:da:21:4f:5e:3f:16:5e:10:b3:56:
cc:96:28:a3:8c:28:8c:69:36:78:cc:c1:16:1c:f3:
21:96:99:61:89:f0:93:70:a2:09:01:8f:5f:96:58:
f5:78:2e:9c:8d:9b:07:9c:06:aa:58:a8:03:3f:65:
95:d6:e1:e0:bb:28:e5:bf:cd:ed:ac:62:84:a3:72:
da:eb:6f:fa:9c:24:6f:1e:7e:6f:39:70:42:89:a0:
ae:10:59:01:4f:3e:94:8b:7d:8e:4d:ab:20:6b:cc:
01:bd:77:50:ae:d2:cc:69:5d:fd:4d:01:1b:39:33:
a3:7f:db:4f:b9:6f:04:72:22:fe:20:89:d3:bc:68:
1e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:74:DB:2A:5A:4B:91:D1:5E:CD:5D:CA:8F:A4:EB:44:9C:08:49:26
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/6XTbKlpLkdFezV3Kj6TrRJwISSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.228.0/24
86.106.135.0/24
89.21.64.0/22
89.32.127.0/24
93.114.129.0/24
Signature Algorithm: sha256WithRSAEncryption
40:14:ed:82:4c:ce:7b:8e:60:0c:dc:1e:ad:5f:6c:8c:d6:f1:
26:0b:8b:92:dd:61:7e:2f:bb:1f:f7:35:8b:6e:d4:b5:82:55:
63:e8:2b:bf:df:e8:64:33:c9:ad:3b:71:73:41:19:95:69:2f:
21:53:a2:dd:20:54:6b:19:6a:fd:98:2b:cc:bb:a0:67:4f:b6:
b8:0f:ff:e1:8b:e2:c7:e9:75:1f:1f:04:13:56:c8:80:c7:7c:
13:1f:12:58:bb:e2:7b:bf:85:2d:95:54:38:21:a2:af:8a:03:
6e:9a:a5:9f:f8:ee:9a:59:9e:1d:11:1e:1f:46:77:76:eb:d8:
3c:4f:dd:7d:3b:75:74:eb:23:42:db:46:6e:84:2f:0b:56:fe:
3f:e4:76:f1:6d:f8:7f:2e:52:d2:6f:cd:ce:c5:27:d0:d4:63:
30:d1:fe:01:55:58:82:80:af:01:4e:52:aa:8f:0c:2a:d1:db:
fc:2e:71:12:17:2e:46:bd:ca:c4:c3:82:62:1f:91:80:11:63:
33:71:9d:ae:22:4f:43:eb:fd:ff:b8:26:a0:6c:5b:05:31:dc:
f5:58:b9:f1:0f:72:f8:45:84:ef:29:c6:45:ea:31:ee:ed:fe:
46:aa:6e:2e:36:9b:04:9b:89:2d:e7:9d:f8:47:1e:82:c7:99:
7e:56:ce:7e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBg5QxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDMx
MTIwMzczNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTk3NGRiMmE1YTRi
OTFkMTVlY2Q1ZGNhOGZhNGViNDQ5YzA4NDkyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5tpRbueDTaIpYOWGIUokm/Lv7pE8cLIN6AGpN6/Y19SUbv
G4uPONdyG8Xe9SFergx6AeehEUX3JFQqjNSgrj+Bzy9StONBybpIifp9xZP764MQ
oxmxoZ40wM+MZKQ/Q9+WJkwuJz6w/jA8Y8htaJqgm22MKRBAtdShQwLaIU9ePxZe
ELNWzJYoo4wojGk2eMzBFhzzIZaZYYnwk3CiCQGPX5ZY9XgunI2bB5wGqlioAz9l
ldbh4Lso5b/N7axihKNy2utv+pwkbx5+bzlwQomgrhBZAU8+lIt9jk2rIGvMAb13
UK7SzGld/U0BGzkzo3/bT7lvBHIi/iCJ07xoHokCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTpdNsqWkuR0V7NXcqPpOtEnAhJJjAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
LzZYVGJLbHBMa2RGZXpWM0tqNlRyUkp3SVNTWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFZo5AMEAFZqhwMEAlkVQAMEAFkg
fwMEAF1ygTANBgkqhkiG9w0BAQsFAAOCAQEAQBTtgkzOe45gDNwerV9sjNbxJguL
kt1hfi+7H/c1i27UtYJVY+grv9/oZDPJrTtxc0EZlWkvIVOi3SBUaxlq/ZgrzLug
Z0+2uA//4Yvix+l1Hx8EE1bIgMd8Ex8SWLvie7+FLZVUOCGir4oDbpqln/jumlme
HREeH0Z3duvYPE/dfTt1dOsjQttGboQvC1b+P+R28W34fy5S0m/NzsUn0NRjMNH+
AVVYgoCvAU5Sqo8MKtHb/C5xEhcuRr3KxMOCYh+RgBFjM3GdriJPQ+v9/7gmoGxb
BTHc9Vi58Q9y+EWE7ynGReox7u3+RqpuLjabBJuJLeed+EcegseZflbOfg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org