Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/1-4z03kamuscy__zDsJB0ew8W0ic.roa
File: 1-4z03kamuscy__zDsJB0ew8W0ic.roa (raw, json)
Hash identifier: yX5Xkun0YZDgUlpJYOaHi7NdxL8Pygjw8EftXzXaLbM=
Subject key identifier: FB:8C:F4:DE:46:A6:BA:C7:32:FF:FC:C3:B0:90:74:7B:0F:16:D2:27
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 0182B53C2BF87621C0E419E015C255026B33
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/1-4z03kamuscy__zDsJB0ew8W0ic.roa
Signing time: Fri 19 Aug 2022 08:33:15 +0000
ROA not before: Fri 19 Aug 2022 08:33:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8374
IP address blocks: 5.60.0.0/16 maxlen: 16
5.172.224.0/19 maxlen: 19
46.215.0.0/16 maxlen: 16
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
93.154.128.0/17 maxlen: 17
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
77.112.0.0/14 maxlen: 14
193.41.112.0/23 maxlen: 23
92.60.128.0/20 maxlen: 20
37.247.128.0/17 maxlen: 17
78.30.64.0/18 maxlen: 18
95.40.0.0/15 maxlen: 15
46.168.0.0/15 maxlen: 15
185.4.212.0/22 maxlen: 22
46.76.0.0/15 maxlen: 15
37.7.0.0/16 maxlen: 16
31.0.0.0/15 maxlen: 15
37.209.128.0/19 maxlen: 19
212.2.96.0/19 maxlen: 19
37.152.16.0/20 maxlen: 20
37.248.0.0/15 maxlen: 15
188.125.32.0/19 maxlen: 19
151.248.32.0/20 maxlen: 20
5.174.0.0/16 maxlen: 16
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:3c:2b:f8:76:21:c0:e4:19:e0:15:c2:55:02:6b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Aug 19 08:33:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb8cf4de46a6bac732fffcc3b090747b0f16d227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3f:10:cf:c1:1c:3d:fa:75:df:f7:2a:e5:e7:
ca:c6:12:07:6e:a0:1b:83:1b:fd:1d:c7:6f:d4:8e:
ed:c0:a9:11:68:eb:44:46:be:a0:f1:1f:06:81:f7:
3b:d0:f0:1a:b0:c8:d6:30:82:e1:68:c2:2d:44:8d:
80:d4:8f:fa:95:be:0c:73:7d:b2:99:da:b1:b3:0f:
fc:3c:0d:2a:08:f0:de:35:96:d0:41:d1:e8:46:c6:
1c:39:06:65:d5:bc:ed:53:52:be:06:b4:cc:e2:d6:
ee:97:88:3e:b6:c6:70:9e:a8:89:f1:f9:95:0d:79:
30:03:7e:be:26:fa:48:8f:60:4c:81:66:e6:70:f6:
58:b3:0d:40:e3:09:4d:5a:c9:46:61:20:e1:74:0c:
92:41:37:c6:c7:64:01:2d:8b:67:df:1d:01:ca:bd:
79:cb:5c:cd:e8:56:7d:2c:89:34:e6:b3:bd:2b:4f:
70:df:92:8e:a1:90:3c:28:bc:61:65:2c:27:b6:1e:
2e:61:84:57:7b:2c:ef:bd:f7:5d:ae:fb:69:f7:ca:
12:e8:17:94:77:58:b6:a4:b4:d7:4c:db:e4:2f:10:
19:a9:fd:48:9d:e6:68:12:bc:f1:16:1d:14:e9:b8:
2f:ec:68:ab:87:7f:d9:5e:9d:73:eb:d8:b8:42:9c:
9a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8C:F4:DE:46:A6:BA:C7:32:FF:FC:C3:B0:90:74:7B:0F:16:D2:27
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/1-4z03kamuscy__zDsJB0ew8W0ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.0.0/16
5.172.224.0/19
5.174.0.0/16
31.0.0.0/15
37.7.0.0/16
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.249.255.255
46.76.0.0/15
46.168.0.0/15
46.215.0.0/16
77.112.0.0/14
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
95.40.0.0/15
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
04:94:8c:77:f2:32:b7:39:9c:6a:3c:34:88:1c:20:12:7f:cc:
fe:56:90:e7:ca:06:cd:43:2d:20:5a:dc:2f:98:0b:74:d6:c8:
86:2d:3f:67:0c:15:2d:df:70:ec:94:b3:c2:f9:44:5c:90:73:
81:11:8a:ee:b8:f1:94:68:3d:80:2e:97:cd:ce:27:ec:f1:d3:
e6:d6:34:92:35:fe:77:08:15:0b:d4:a0:49:8c:7c:29:34:70:
16:61:66:2f:eb:62:1d:23:40:44:38:8e:d1:86:ed:88:de:98:
15:fb:ff:7a:3e:bf:6b:35:3d:3e:c5:26:2d:3a:8f:7c:e3:4c:
72:23:49:e7:0b:4a:5e:b2:06:34:36:d5:93:e3:ee:d6:a3:cc:
85:0f:71:ee:39:c4:e2:69:ab:3c:38:b6:02:34:e8:87:c2:16:
b4:86:c4:81:23:2d:44:cd:22:df:bb:5c:b3:b2:a4:2f:66:fb:
94:c8:81:f2:7d:48:f9:dd:be:4b:bb:b0:e7:3f:99:25:eb:14:
45:0b:19:a8:5f:b3:69:7a:19:72:52:81:6c:8c:64:4e:32:4f:
b3:c0:fb:e6:53:42:71:8d:b8:5b:0d:8a:bd:6b:88:50:cf:d6:
49:3e:c3:48:b2:a8:b5:ce:94:e9:46:e1:53:59:3d:55:ce:23:
77:89:bb:11
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYK1PCv4diHA5BngFcJVAmszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjIwODE5MDgzMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjhjZjRkZTQ2YTZiYWM3MzJmZmZjYzNiMDkwNzQ3YjBmMTZkMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T8Qz8EcPfp13/cq5efKxhIHbqAb
gxv9Hcdv1I7twKkRaOtERr6g8R8Ggfc70PAasMjWMILhaMItRI2A1I/6lb4Mc32y
mdqxsw/8PA0qCPDeNZbQQdHoRsYcOQZl1bztU1K+BrTM4tbul4g+tsZwnqiJ8fmV
DXkwA36+JvpIj2BMgWbmcPZYsw1A4wlNWslGYSDhdAySQTfGx2QBLYtn3x0Byr15
y1zN6FZ9LIk05rO9K09w35KOoZA8KLxhZSwnth4uYYRXeyzvvfddrvtp98oS6BeU
d1i2pLTXTNvkLxAZqf1IneZoErzxFh0U6bgv7Girh3/ZXp1z69i4QpyaQwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFPuM9N5GprrHMv/8w7CQdHsPFtInMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvMS00ejAza2FtdXNjeV9fekRzSkIwZXc4VzBpYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjYvNjkwMzU3LWRmYmUtNGQ4Ni1hZmQ2LTkxNjRlMzUyYTgz
Yy8xLzRwdWF3dTlqRzVMb0wxbGRjLVI1TElGdXh1WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBxgYIKwYBBQUHAQcBAf8EgbYwgbMwgZoEAgABMIGTAwMA
BTwDBAUFrOADAwAFrgMDAR8AAwMAJQcDBAQlYtADAwAlbQMEBCWYEAMEBSXRgDAL
AwQHJfeAAwMBJfgDAwEuTAMDAS6oAwMALtcDAwJNcAMEBk4eQAMEBFQnoAMEBVf7
4AMEBFw8gAMEB12agAMDAV8oAwQEl/ggAwQCuQTUAwQFvH0gAwQBwSlwAwQF1AJg
MBQEAgACMA4DBQQqAQLgAwUAKgG7gDANBgkqhkiG9w0BAQsFAAOCAQEABJSMd/Iy
tzmcajw0iBwgEn/M/laQ58oGzUMtIFrcL5gLdNbIhi0/ZwwVLd9w7JSzwvlEXJBz
gRGK7rjxlGg9gC6Xzc4n7PHT5tY0kjX+dwgVC9SgSYx8KTRwFmFmL+tiHSNARDiO
0YbtiN6YFfv/ej6/azU9PsUmLTqPfONMciNJ5wtKXrIGNDbVk+Pu1qPMhQ9x7jnE
4mmrPDi2AjToh8IWtIbEgSMtRM0i37tcs7KkL2b7lMiB8n1I+d2+S7uw5z+ZJesU
RQsZqF+zaXoZclKBbIxkTjJPs8D75lNCcY24Ww2KvWuIUM/WST7DSLKotc6U6Ubh
U1k9Vc4jd4m7EQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:57 2025 by rpki-client