Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/B5TV3DNVNzPi30cJBCR8XusRGrI.roa
File: B5TV3DNVNzPi30cJBCR8XusRGrI.roa (raw, json)
Hash identifier: t206Dva8oNMDyPJ0wCw1+ZZ46J1sMlmhWs3nuOpTjkA=
Subject key identifier: 07:94:D5:DC:33:55:37:33:E2:DF:47:09:04:24:7C:5E:EB:11:1A:B2
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 05A6BA5A
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/B5TV3DNVNzPi30cJBCR8XusRGrI.roa
Signing time: Tue 01 Feb 2022 19:19:05 +0000
ROA not before: Tue 01 Feb 2022 19:19:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 94.177.17.0/24 maxlen: 24
93.114.83.0/24 maxlen: 24
93.114.129.0/24 maxlen: 24
86.106.135.0/24 maxlen: 24
86.104.228.0/24 maxlen: 24
89.32.127.0/24 maxlen: 24
89.21.64.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94812762 (0x5a6ba5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Feb 1 19:19:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0794d5dc33553733e2df470904247c5eeb111ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b5:63:4f:38:8b:58:aa:a9:19:0e:33:cf:3b:
02:86:a2:eb:59:c7:5f:62:44:28:e9:bc:83:c1:ac:
90:2e:16:df:66:4f:3b:83:8a:78:a5:c8:e3:ac:8f:
ca:1b:d8:06:46:6b:ab:8f:0a:ec:71:7c:f4:53:8e:
9b:ce:18:c9:f9:bb:a9:04:1a:85:1d:42:3f:3b:aa:
9e:bf:b7:8b:66:59:4c:51:31:27:de:17:c3:de:34:
bb:56:97:de:df:f4:63:83:32:a6:b0:5d:a0:f6:ec:
fa:7c:8c:c7:46:32:0c:2e:80:a1:59:d2:7c:93:4b:
fb:83:c8:6a:a9:2c:54:18:c2:13:b1:37:71:56:0c:
b9:ad:13:72:6d:1b:ba:19:b9:27:44:0e:1c:cc:93:
b5:10:e2:b4:0d:b1:c9:a3:01:19:2d:78:a0:8c:f9:
44:57:06:f8:de:69:1e:9e:28:ce:8d:63:e2:63:3b:
90:d2:8f:ef:e2:0d:95:fc:3b:b0:b5:69:45:ab:15:
24:03:cb:b1:23:f1:29:a5:4e:60:59:2c:7a:3f:c8:
05:64:e3:4e:ee:cb:a6:24:e9:24:f9:e0:60:54:08:
21:c7:db:25:3c:0e:3e:50:2e:81:28:71:af:f3:46:
f7:ae:d7:6d:59:30:9b:9a:49:5f:29:bc:f8:ac:7c:
e2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:94:D5:DC:33:55:37:33:E2:DF:47:09:04:24:7C:5E:EB:11:1A:B2
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/B5TV3DNVNzPi30cJBCR8XusRGrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.228.0/24
86.106.135.0/24
89.21.64.0/22
89.32.127.0/24
93.114.83.0/24
93.114.129.0/24
94.177.17.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:cb:de:11:a7:7c:cc:76:55:a5:64:01:1e:75:57:8b:79:b8:
3c:ec:13:a4:00:0f:08:ec:98:56:38:7f:ad:ce:0a:ac:4a:a3:
21:c6:e9:09:fd:9f:13:cd:e5:91:df:59:1f:e3:f4:d8:00:fc:
07:45:b2:73:bd:01:75:63:0c:be:ac:80:b2:48:6f:97:89:6c:
a7:57:a1:99:02:b9:9c:d1:d5:b0:0a:06:40:a5:d6:5e:12:76:
e0:fa:0e:87:f0:c7:67:63:79:11:38:2d:45:da:a9:90:8f:17:
1b:95:0d:a8:49:eb:63:9c:8c:a8:66:9d:9f:08:69:38:52:9f:
1c:04:22:7a:ca:47:cd:0f:11:03:c9:3b:21:f4:16:97:83:7f:
fd:68:42:4f:f0:03:a6:43:8d:d7:e1:f9:e3:55:99:76:0d:0b:
56:fc:6a:1a:7e:c9:ec:42:60:d5:a7:13:f9:2a:e0:f8:c1:d4:
be:eb:7d:d8:2b:04:40:90:f7:d0:aa:07:40:1f:3b:bf:d9:31:
54:17:5a:10:8d:2a:05:b6:c9:c2:48:8a:53:d9:fd:85:80:78:
a4:ec:a8:77:96:f3:32:57:c6:b7:25:ed:8f:2e:fb:15:06:92:
81:03:d4:8f:a3:f5:1f:74:bc:e5:39:99:c0:7c:6b:3f:00:d3:
b7:7c:2c:37
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBaa6WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDIw
MTE5MTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc5NGQ1ZGMzMzU1
MzczM2UyZGY0NzA5MDQyNDdjNWVlYjExMWFiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+1Y084i1iqqRkOM887Aoai61nHX2JEKOm8g8GskC4W32ZP
O4OKeKXI46yPyhvYBkZrq48K7HF89FOOm84Yyfm7qQQahR1CPzuqnr+3i2ZZTFEx
J94Xw940u1aX3t/0Y4MyprBdoPbs+nyMx0YyDC6AoVnSfJNL+4PIaqksVBjCE7E3
cVYMua0Tcm0buhm5J0QOHMyTtRDitA2xyaMBGS14oIz5RFcG+N5pHp4ozo1j4mM7
kNKP7+INlfw7sLVpRasVJAPLsSPxKaVOYFksej/IBWTjTu7LpiTpJPngYFQIIcfb
JTwOPlAugShxr/NG967XbVkwm5pJXym8+Kx84lsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQHlNXcM1U3M+LfRwkEJHxe6xEasjAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L0I1VFYzRE5WTnpQaTMwY0pCQ1I4WHVzUkdySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFZo5AMEAFZqhwMEAlkVQAMEAFkg
fwMEAF1yUwMEAF1ygQMEAF6xETANBgkqhkiG9w0BAQsFAAOCAQEAW8veEad8zHZV
pWQBHnVXi3m4POwTpAAPCOyYVjh/rc4KrEqjIcbpCf2fE83lkd9ZH+P02AD8B0Wy
c70BdWMMvqyAskhvl4lsp1ehmQK5nNHVsAoGQKXWXhJ24PoOh/DHZ2N5ETgtRdqp
kI8XG5UNqEnrY5yMqGadnwhpOFKfHAQiespHzQ8RA8k7IfQWl4N//WhCT/ADpkON
1+H541WZdg0LVvxqGn7J7EJg1acT+Srg+MHUvut92CsEQJD30KoHQB87v9kxVBda
EI0qBbbJwkiKU9n9hYB4pOyod5bzMlfGtyXtjy77FQaSgQPUj6P1H3S85TmZwHxr
PwDTt3wsNw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org