Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/q0wloIUKjSSzK0b3VUU398PAmNQ.roa
File: q0wloIUKjSSzK0b3VUU398PAmNQ.roa (raw, json)
Hash identifier: 1QaDj93JWF9dE+wADUQNSm58yFq0KMVohvlhfnFCIbU=
Subject key identifier: AB:4C:25:A0:85:0A:8D:24:B3:2B:46:F7:55:45:37:F7:C3:C0:98:D4
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 01827F28E6C3FBBF8777619D9590C560DAE0
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/q0wloIUKjSSzK0b3VUU398PAmNQ.roa
Signing time: Mon 08 Aug 2022 20:32:43 +0000
ROA not before: Mon 08 Aug 2022 20:32:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8374
IP address blocks: 5.60.0.0/16 maxlen: 16
5.172.224.0/19 maxlen: 19
46.76.0.0/15 maxlen: 15
37.7.0.0/16 maxlen: 16
46.215.0.0/16 maxlen: 16
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
93.154.128.0/17 maxlen: 17
31.0.0.0/15 maxlen: 15
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
77.112.0.0/14 maxlen: 14
193.41.112.0/23 maxlen: 23
37.209.128.0/19 maxlen: 19
92.60.128.0/20 maxlen: 20
78.30.64.0/18 maxlen: 18
37.152.16.0/20 maxlen: 20
95.40.0.0/15 maxlen: 15
46.168.0.0/15 maxlen: 15
37.248.0.0/15 maxlen: 15
188.125.32.0/19 maxlen: 19
151.248.32.0/20 maxlen: 20
5.174.0.0/16 maxlen: 16
185.4.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7f:28:e6:c3:fb:bf:87:77:61:9d:95:90:c5:60:da:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Aug 8 20:32:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab4c25a0850a8d24b32b46f7554537f7c3c098d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:06:b2:38:68:51:94:01:55:ae:ff:c6:dd:17:
fc:20:7f:7d:49:eb:a1:32:9e:41:07:fb:b6:21:b3:
87:82:7d:0a:b4:09:fd:95:70:fc:4d:14:55:87:84:
a7:a2:ee:a5:0b:ed:0a:bd:46:e6:24:b4:19:cb:2e:
34:ea:37:20:2b:69:27:01:38:27:9f:6e:73:77:e8:
59:af:30:ca:5a:1c:7e:dd:0a:0f:92:5b:e2:d3:a2:
7e:08:05:c2:15:c4:38:05:0b:c1:ad:84:33:89:3e:
2d:bf:09:26:0e:68:7b:0d:58:1f:77:d3:03:ad:38:
3f:d3:e7:8c:df:4e:62:22:5b:e5:7d:f9:b6:e2:13:
37:40:60:da:14:f7:d8:e7:24:9a:16:1e:e0:c6:c5:
f0:f5:c9:9a:6a:18:ff:f5:55:bb:dd:ff:71:50:90:
f4:34:e7:b1:ce:a1:f9:48:e3:6b:06:7b:01:70:8c:
bc:3e:07:4b:bf:b6:ad:05:6a:24:bd:1b:1e:f5:60:
fc:96:9d:23:63:3f:d0:92:03:81:cc:79:c1:2f:0e:
fb:2b:05:9e:f7:db:5a:77:86:92:13:5b:75:f5:3e:
83:9c:01:a4:c8:bd:15:4e:c1:e8:2e:63:74:04:33:
77:12:be:5c:a9:92:18:86:f6:cf:46:c5:bf:e2:da:
fb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4C:25:A0:85:0A:8D:24:B3:2B:46:F7:55:45:37:F7:C3:C0:98:D4
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/q0wloIUKjSSzK0b3VUU398PAmNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.60.0.0/16
5.172.224.0/19
5.174.0.0/16
31.0.0.0/15
37.7.0.0/16
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.248.0.0/15
46.76.0.0/15
46.168.0.0/15
46.215.0.0/16
77.112.0.0/14
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
95.40.0.0/15
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
Signature Algorithm: sha256WithRSAEncryption
61:81:f5:7d:77:ed:86:58:f9:a5:23:28:b5:71:da:30:8d:1c:
75:3f:ae:19:38:a3:38:b6:07:72:71:01:ff:b1:17:76:44:85:
82:1a:00:34:80:9c:bf:58:7b:26:4e:36:a5:41:88:d5:59:77:
69:67:3d:f2:d5:2a:57:c0:b7:93:35:65:29:1a:4d:f4:79:14:
b2:88:90:2b:cd:5f:c8:68:c1:bc:fb:74:86:18:18:ab:79:a6:
f9:cb:a7:89:a7:53:3d:3b:72:d8:c2:1e:23:be:1a:ab:2f:11:
ff:9b:97:fc:61:be:c6:2d:f9:c5:51:74:83:9f:6e:d1:d3:82:
19:83:61:91:2b:3b:a3:d4:3a:c1:88:92:60:99:9f:7b:e7:3e:
f9:c7:35:d2:fa:dc:53:b3:30:1c:e1:df:ff:69:87:4c:4f:1b:
84:36:a1:6f:d9:15:2b:a2:9c:c7:49:84:32:06:e6:a0:8f:d5:
54:ff:b9:66:d0:25:e0:cb:07:3c:e5:d5:53:56:90:69:c0:bf:
4f:96:14:86:d7:9b:68:f2:b3:4e:67:4d:5d:6f:67:58:28:d9:
1f:1a:83:39:e9:a6:0f:ea:e3:9f:6a:42:19:1d:71:02:83:e7:
5c:f3:cc:40:c1:7a:50:12:13:85:75:e5:b7:72:2e:f9:17:e1:
74:b4:62:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYJ/KObD+7+Hd2GdlZDFYNrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjIwODA4MjAzMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjRjMjVhMDg1MGE4ZDI0YjMyYjQ2Zjc1NTQ1MzdmN2MzYzA5OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAayOGhRlAFVrv/G3Rf8IH99Seuh
Mp5BB/u2IbOHgn0KtAn9lXD8TRRVh4Snou6lC+0KvUbmJLQZyy406jcgK2knATgn
n25zd+hZrzDKWhx+3QoPklvi06J+CAXCFcQ4BQvBrYQziT4tvwkmDmh7DVgfd9MD
rTg/0+eM305iIlvlffm24hM3QGDaFPfY5ySaFh7gxsXw9cmaahj/9VW73f9xUJD0
NOexzqH5SONrBnsBcIy8PgdLv7atBWokvRse9WD8lp0jYz/QkgOBzHnBLw77KwWe
99tad4aSE1t19T6DnAGkyL0VTsHoLmN0BDN3Er5cqZIYhvbPRsW/4tr7/QIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFKtMJaCFCo0ksytG91VFN/fDwJjUMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvcTB3bG9JVUtqU1N6SzBiM1ZVVTM5OFBBbU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzCBjAQCAAEwgYUDAwAF
PAMEBQWs4AMDAAWuAwMBHwADAwAlBwMEBCVi0AMDACVtAwQEJZgQAwQFJdGAAwMB
JfgDAwEuTAMDAS6oAwMALtcDAwJNcAMEBk4eQAMEBFQnoAMEBVf74AMEBFw8gAME
B12agAMDAV8oAwQEl/ggAwQCuQTUAwQFvH0gAwQBwSlwMA0GCSqGSIb3DQEBCwUA
A4IBAQBhgfV9d+2GWPmlIyi1cdowjRx1P64ZOKM4tgdycQH/sRd2RIWCGgA0gJy/
WHsmTjalQYjVWXdpZz3y1SpXwLeTNWUpGk30eRSyiJArzV/IaMG8+3SGGBireab5
y6eJp1M9O3LYwh4jvhqrLxH/m5f8Yb7GLfnFUXSDn27R04IZg2GRKzuj1DrBiJJg
mZ975z75xzXS+txTszAc4d//aYdMTxuENqFv2RUropzHSYQyBuagj9VU/7lm0CXg
ywc85dVTVpBpwL9PlhSG15to8rNOZ01db2dYKNkfGoM56aYP6uOfakIZHXECg+dc
88xAwXpQEhOFdeW3ci75F+F0tGLg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:57 2024 by rpki-client on console-fra.rpki-client.org