Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/EvtYVG2wsznfHJ-tZFoKd1PwOi8.roa
File: EvtYVG2wsznfHJ-tZFoKd1PwOi8.roa (raw, json)
Hash identifier: zNMwoYRN5ukvz3NrZMkKhNWJux8UhANb9unVvcwkRRY=
Subject key identifier: 12:FB:58:54:6D:B0:B3:39:DF:1C:9F:AD:64:5A:0A:77:53:F0:3A:2F
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018DB2B28A8662E493F2EF80224CA7DBB41D
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/EvtYVG2wsznfHJ-tZFoKd1PwOi8.roa
Signing time: Fri 16 Feb 2024 16:14:21 +0000
ROA not before: Fri 16 Feb 2024 16:14:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8374
IP address blocks: 5.60.0.0/16 maxlen: 16
5.172.224.0/19 maxlen: 19
5.174.0.0/16 maxlen: 16
31.0.0.0/15 maxlen: 15
37.7.0.0/16 maxlen: 16
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
37.152.16.0/20 maxlen: 20
37.209.128.0/19 maxlen: 19
37.247.128.0/17 maxlen: 17
37.247.241.0/28 maxlen: 28
37.248.0.0/15 maxlen: 15
46.76.0.0/15 maxlen: 15
46.168.0.0/15 maxlen: 15
46.215.0.0/16 maxlen: 16
77.112.0.0/14 maxlen: 14
78.30.64.0/18 maxlen: 18
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
92.60.128.0/20 maxlen: 20
93.154.128.0/17 maxlen: 17
95.40.0.0/15 maxlen: 15
151.248.32.0/20 maxlen: 20
185.4.212.0/22 maxlen: 22
188.125.32.0/19 maxlen: 19
193.41.112.0/23 maxlen: 23
212.2.96.0/19 maxlen: 19
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:b2:8a:86:62:e4:93:f2:ef:80:22:4c:a7:db:b4:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Feb 16 16:14:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12fb58546db0b339df1c9fad645a0a7753f03a2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:87:2b:52:30:76:70:81:20:3f:f9:dc:74:38:
a7:2b:3b:fd:8c:8c:e2:5a:c9:f7:3f:dd:cf:f2:31:
9d:f1:b6:bc:02:fb:a0:a0:82:3f:3e:ec:4d:aa:d8:
33:1f:dc:b1:7f:f0:c9:41:68:7d:4e:47:11:9b:bb:
12:c3:8f:7f:14:d0:bb:b6:35:87:9a:b7:ef:81:bd:
27:e1:74:c7:79:7a:ea:52:b4:f9:13:25:48:3b:89:
83:01:8c:70:0f:7a:2a:ff:64:98:ba:80:e9:f1:ed:
28:46:22:f3:20:16:95:b3:d3:3b:8b:98:dd:71:fd:
ef:21:1e:3a:ba:f2:7f:fe:a9:04:16:b2:f7:10:d1:
94:67:3a:74:2b:6c:91:1c:b7:dc:73:ec:7c:54:fe:
65:db:b8:c5:fc:71:e9:37:d3:8b:6b:d9:1a:c9:d5:
a1:e0:04:c8:fa:38:2a:35:76:87:d6:60:72:0b:d5:
f6:ab:24:88:1b:23:5a:80:d3:37:2f:15:df:d8:5b:
a5:ef:45:81:78:a5:a6:a6:a7:19:c4:80:3f:16:75:
8c:b9:57:5f:1d:bb:76:31:ce:b1:70:9b:29:8d:c6:
27:d8:92:7d:59:da:bb:88:86:32:9e:20:a6:a5:1d:
d6:95:85:71:56:b2:38:23:13:96:57:c8:b2:16:9d:
4f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FB:58:54:6D:B0:B3:39:DF:1C:9F:AD:64:5A:0A:77:53:F0:3A:2F
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/EvtYVG2wsznfHJ-tZFoKd1PwOi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.0.0/16
5.172.224.0/19
5.174.0.0/16
31.0.0.0/15
37.7.0.0/16
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.249.255.255
46.76.0.0/15
46.168.0.0/15
46.215.0.0/16
77.112.0.0/14
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
95.40.0.0/15
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
58:64:9b:5b:6d:17:be:7f:8f:dc:cd:f6:43:d6:8e:e9:e1:5d:
2f:8b:4e:8e:33:bc:51:5c:8c:55:c5:91:1c:28:7a:d3:7b:82:
a5:db:36:53:37:2b:55:c1:d9:ec:a2:26:cf:5f:1a:5a:a8:11:
da:c0:0e:e0:cd:53:48:b6:ec:d6:e0:56:6c:99:48:0c:7c:15:
34:ba:ff:fd:48:e1:0b:f3:db:b9:fa:3a:51:de:9c:5c:89:db:
28:a6:ff:28:e0:7a:dc:b9:c8:aa:9d:42:b4:60:b5:20:0b:42:
25:53:35:3f:30:cd:87:fa:d0:37:31:58:c6:0d:4c:b1:f9:94:
8f:4a:ba:31:c6:1a:e2:ea:15:9d:28:ec:e0:e5:aa:65:2f:91:
d2:62:04:61:8e:fc:1d:91:60:f2:92:a7:cb:c2:bb:82:e0:af:
e7:a4:52:aa:e9:95:ef:2a:6c:b6:1d:9d:57:6d:09:27:9e:b9:
29:4f:84:2d:14:e9:9f:37:57:c9:2b:19:59:89:06:5b:ff:05:
9a:d7:03:97:f2:1e:53:76:83:1c:c1:90:71:65:5e:40:81:05:
be:da:e2:ff:38:0d:af:a5:16:47:69:1e:ed:62:c2:f9:e2:00:
0f:5f:d8:bf:3c:b4:73:7d:f7:35:ae:95:34:4d:db:59:bc:67:
2d:24:08:89
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAY2ysoqGYuST8u+AIkyn27QdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwMjE2MTYxNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmZiNTg1NDZkYjBiMzM5ZGYxYzlmYWQ2NDVhMGE3NzUzZjAzYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYcrUjB2cIEgP/ncdDinKzv9jIzi
Wsn3P93P8jGd8ba8AvugoII/PuxNqtgzH9yxf/DJQWh9TkcRm7sSw49/FNC7tjWH
mrfvgb0n4XTHeXrqUrT5EyVIO4mDAYxwD3oq/2SYuoDp8e0oRiLzIBaVs9M7i5jd
cf3vIR46uvJ//qkEFrL3ENGUZzp0K2yRHLfcc+x8VP5l27jF/HHpN9OLa9kaydWh
4ATI+jgqNXaH1mByC9X2qySIGyNagNM3LxXf2Ful70WBeKWmpqcZxIA/FnWMuVdf
Hbt2Mc6xcJspjcYn2JJ9Wdq7iIYyniCmpR3WlYVxVrI4IxOWV8iyFp1PxwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFBL7WFRtsLM53xyfrWRaCndT8DovMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvRXZ0WVZHMndzem5mSEotdFpGb0tkMVB3T2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBmgQCAAEwgZMDAwAF
PAMEBQWs4AMDAAWuAwMBHwADAwAlBwMEBCVi0AMDACVtAwQEJZgQAwQFJdGAMAsD
BAcl94ADAwEl+AMDAS5MAwMBLqgDAwAu1wMDAk1wAwQGTh5AAwQEVCegAwQFV/vg
AwQEXDyAAwQHXZqAAwMBXygDBASX+CADBAK5BNQDBAW8fSADBAHBKXADBAXUAmAw
FAQCAAIwDgMFBCoBAuADBQAqAbuAMA0GCSqGSIb3DQEBCwUAA4IBAQBYZJtbbRe+
f4/czfZD1o7p4V0vi06OM7xRXIxVxZEcKHrTe4Kl2zZTNytVwdnsoibPXxpaqBHa
wA7gzVNItuzW4FZsmUgMfBU0uv/9SOEL89u5+jpR3pxcidsopv8o4HrcuciqnUK0
YLUgC0IlUzU/MM2H+tA3MVjGDUyx+ZSPSroxxhri6hWdKOzg5aplL5HSYgRhjvwd
kWDykqfLwruC4K/npFKq6ZXvKmy2HZ1XbQknnrkpT4QtFOmfN1fJKxlZiQZb/wWa
1wOX8h5TdoMcwZBxZV5AgQW+2uL/OA2vpRZHaR7tYsL54gAPX9i/PLRzffc1rpU0
TdtZvGctJAiJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:57 2024 by rpki-client on console-fra.rpki-client.org