Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/W7CUpI0gDth5pxALON6608DNoHA.roa
File: W7CUpI0gDth5pxALON6608DNoHA.roa (raw, json)
Hash identifier: Pc1LP4iqVcxAaxEkADpU2npIaOJrCR/0JeNz+Y6YJBM=
Subject key identifier: 5B:B0:94:A4:8D:20:0E:D8:79:A7:10:0B:38:DE:BA:D3:C0:CD:A0:70
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 01856F025503C32ACD95A4BBFD5FE345C581
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/W7CUpI0gDth5pxALON6608DNoHA.roa
Signing time: Sun 01 Jan 2023 20:25:01 +0000
ROA not before: Sun 01 Jan 2023 20:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8374
IP address blocks: 5.60.0.0/16 maxlen: 16
5.172.224.0/19 maxlen: 19
46.215.0.0/16 maxlen: 16
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
93.154.128.0/17 maxlen: 17
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
77.112.0.0/14 maxlen: 14
193.41.112.0/23 maxlen: 23
92.60.128.0/20 maxlen: 20
37.247.128.0/17 maxlen: 17
78.30.64.0/18 maxlen: 18
95.40.0.0/15 maxlen: 15
46.168.0.0/15 maxlen: 15
185.4.212.0/22 maxlen: 22
46.76.0.0/15 maxlen: 15
37.7.0.0/16 maxlen: 16
31.0.0.0/15 maxlen: 15
37.209.128.0/19 maxlen: 19
212.2.96.0/19 maxlen: 19
37.152.16.0/20 maxlen: 20
37.248.0.0/15 maxlen: 15
188.125.32.0/19 maxlen: 19
151.248.32.0/20 maxlen: 20
5.174.0.0/16 maxlen: 16
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:55:03:c3:2a:cd:95:a4:bb:fd:5f:e3:45:c5:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Jan 1 20:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bb094a48d200ed879a7100b38debad3c0cda070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:f4:17:2c:55:b4:6c:c1:58:59:3b:61:c0:
29:70:51:e5:ce:19:68:bb:6c:ca:74:c0:81:f7:40:
75:02:5d:a5:f0:b3:97:eb:b5:ad:50:1a:6a:86:2a:
b6:c0:ed:1b:95:94:7d:b1:7a:22:40:1b:a0:55:72:
03:60:b2:b6:5d:c4:cd:64:5b:6f:21:8c:4e:4d:4e:
aa:cd:72:74:06:ec:9f:0b:46:41:5f:9f:d2:fe:18:
45:c7:e3:0d:4e:e6:7a:e8:ea:2e:d9:36:62:b0:fd:
0f:aa:1b:e8:ce:29:e2:fa:0a:ce:f9:16:09:32:3f:
e4:05:f4:55:9d:f8:ac:01:e7:89:4a:7b:32:e5:3a:
65:ee:4a:72:0e:11:ad:55:2e:55:46:60:70:6e:41:
68:21:29:bc:2b:69:be:01:7e:76:88:50:29:66:12:
69:20:2c:3d:53:37:ec:f5:2c:5a:01:b0:0b:20:c9:
90:5d:cc:04:c3:bf:15:ae:7e:be:ba:80:40:48:70:
38:64:90:e8:4b:9c:f4:6e:d9:f4:a3:65:40:38:b7:
28:79:0c:9d:91:9c:d7:88:7a:54:34:2e:55:3c:3a:
8c:d7:f6:36:d2:17:c8:7e:41:1b:db:3b:4e:be:ea:
3e:b9:13:2d:cd:ff:20:c5:9c:cf:1e:3e:90:02:1c:
8c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B0:94:A4:8D:20:0E:D8:79:A7:10:0B:38:DE:BA:D3:C0:CD:A0:70
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/W7CUpI0gDth5pxALON6608DNoHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.0.0/16
5.172.224.0/19
5.174.0.0/16
31.0.0.0/15
37.7.0.0/16
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.249.255.255
46.76.0.0/15
46.168.0.0/15
46.215.0.0/16
77.112.0.0/14
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
95.40.0.0/15
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
2c:cf:0e:0a:bf:9e:bc:44:4f:88:1d:db:86:0c:d5:54:42:fe:
5d:01:0c:8a:d3:ff:6d:73:7b:8c:7c:f7:18:4a:15:78:0f:ae:
96:1f:26:12:1c:f7:0a:98:94:80:94:06:f6:4b:c4:86:83:23:
bc:0a:75:d7:ca:26:56:0a:42:20:aa:e8:31:d2:5a:86:0e:6c:
0f:c9:2d:c1:19:17:bf:9f:db:22:60:9f:d8:bc:7e:bc:4c:d9:
cd:81:2b:e1:f1:37:e9:0f:a1:04:1d:95:4e:3b:0a:c8:e7:54:
79:50:c2:b8:12:a2:ea:3b:5f:f7:e3:2f:00:c5:91:be:86:93:
31:72:ec:bc:1d:1f:15:30:c9:a6:47:4e:3d:1e:93:ca:68:e0:
b8:b6:c9:df:3e:0d:7c:c2:e6:3b:7e:ac:57:49:b5:08:1b:62:
dd:93:87:74:59:f4:b5:0a:f3:a1:a8:b3:a7:a3:21:db:6b:8f:
af:82:9f:5a:a2:f8:8a:79:42:7d:a4:53:97:78:70:87:1d:92:
36:28:75:f1:0e:5c:f1:ff:b5:a3:b8:c7:29:a8:49:4d:d9:be:
d0:d9:db:a5:4e:12:04:15:59:c8:f5:1d:74:6f:9a:2e:81:3d:
cb:9b:e5:6c:a2:b7:ab:8f:15:d1:d3:2c:a9:ea:96:e5:e8:69:
5d:3e:f9:5a
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYVvAlUDwyrNlaS7/V/jRcWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmIwOTRhNDhkMjAwZWQ4NzlhNzEwMGIzOGRlYmFkM2MwY2RhMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvv0FyxVtGzBWFk7YcApcFHlzhlo
u2zKdMCB90B1Al2l8LOX67WtUBpqhiq2wO0blZR9sXoiQBugVXIDYLK2XcTNZFtv
IYxOTU6qzXJ0BuyfC0ZBX5/S/hhFx+MNTuZ66Oou2TZisP0Pqhvozini+grO+RYJ
Mj/kBfRVnfisAeeJSnsy5Tpl7kpyDhGtVS5VRmBwbkFoISm8K2m+AX52iFApZhJp
ICw9Uzfs9SxaAbALIMmQXcwEw78Vrn6+uoBASHA4ZJDoS5z0btn0o2VAOLcoeQyd
kZzXiHpUNC5VPDqM1/Y20hfIfkEb2ztOvuo+uRMtzf8gxZzPHj6QAhyM8wIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFFuwlKSNIA7YeacQCzjeutPAzaBwMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvVzdDVXBJMGdEdGg1cHhBTE9ONjYwOEROb0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBmgQCAAEwgZMDAwAF
PAMEBQWs4AMDAAWuAwMBHwADAwAlBwMEBCVi0AMDACVtAwQEJZgQAwQFJdGAMAsD
BAcl94ADAwEl+AMDAS5MAwMBLqgDAwAu1wMDAk1wAwQGTh5AAwQEVCegAwQFV/vg
AwQEXDyAAwQHXZqAAwMBXygDBASX+CADBAK5BNQDBAW8fSADBAHBKXADBAXUAmAw
FAQCAAIwDgMFBCoBAuADBQAqAbuAMA0GCSqGSIb3DQEBCwUAA4IBAQAszw4Kv568
RE+IHduGDNVUQv5dAQyK0/9tc3uMfPcYShV4D66WHyYSHPcKmJSAlAb2S8SGgyO8
CnXXyiZWCkIgqugx0lqGDmwPyS3BGRe/n9siYJ/YvH68TNnNgSvh8TfpD6EEHZVO
OwrI51R5UMK4EqLqO1/34y8AxZG+hpMxcuy8HR8VMMmmR049HpPKaOC4tsnfPg18
wuY7fqxXSbUIG2Ldk4d0WfS1CvOhqLOnoyHba4+vgp9aoviKeUJ9pFOXeHCHHZI2
KHXxDlzx/7WjuMcpqElN2b7Q2dulThIEFVnI9R10b5ougT3Lm+VsorerjxXR0yyp
6pbl6GldPvla
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:00 2024 by rpki-client on console-ams.rpki-client.org