Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/vB4E-kk86eskwP7klpnGTDHsTTU.roa
File: vB4E-kk86eskwP7klpnGTDHsTTU.roa (raw, json)
Hash identifier: bwaiM+L06GwPWk3GOvg5H2ReW7843L/rB03y7tHAB3A=
Subject key identifier: BC:1E:04:FA:49:3C:E9:EB:24:C0:FE:E4:96:99:C6:4C:31:EC:4D:35
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 01904ED3623F9F2C69AE3E0BD1AA8CC8A5A9
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/vB4E-kk86eskwP7klpnGTDHsTTU.roa
Signing time: Tue 25 Jun 2024 09:56:34 +0000
ROA not before: Tue 25 Jun 2024 09:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8374
IP address blocks: 5.172.224.0/19 maxlen: 19
31.0.0.0/16 maxlen: 16
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
37.152.16.0/20 maxlen: 20
37.209.128.0/19 maxlen: 19
37.247.128.0/17 maxlen: 17
37.247.241.0/28 maxlen: 28
37.248.0.0/15 maxlen: 16
46.76.0.0/15 maxlen: 15
78.30.64.0/18 maxlen: 18
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
92.60.128.0/20 maxlen: 20
93.154.128.0/17 maxlen: 17
151.248.32.0/20 maxlen: 20
185.4.212.0/22 maxlen: 22
188.125.32.0/19 maxlen: 19
193.41.112.0/23 maxlen: 23
212.2.96.0/19 maxlen: 19
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:d3:62:3f:9f:2c:69:ae:3e:0b:d1:aa:8c:c8:a5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Jun 25 09:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc1e04fa493ce9eb24c0fee49699c64c31ec4d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:46:11:6c:5b:1b:f4:76:12:41:df:0d:0e:84:
ef:be:dc:82:9d:b2:d0:93:5b:2f:46:be:26:50:d0:
63:66:2b:d2:8d:7b:b6:9a:2a:d9:e4:5e:ed:95:ae:
8b:ef:9b:da:6e:61:6c:f4:8c:5f:a5:be:2a:35:a2:
db:3e:79:86:4b:0f:7a:a0:84:cd:81:35:da:45:96:
d3:29:3a:e6:23:b5:f3:75:c0:e6:d5:4d:fb:cb:dc:
6d:28:92:4d:21:a7:f6:ce:43:ff:ce:4f:a7:78:cd:
ee:34:7c:de:86:b8:77:5d:3c:95:5d:39:fa:23:5e:
c4:63:66:45:2d:b4:09:ff:f6:86:cf:2b:ad:6b:34:
6d:aa:e1:cf:77:94:18:df:ff:47:42:db:25:e0:51:
6e:ba:e8:ea:54:4c:8e:0d:fd:07:ba:e9:48:a3:ce:
76:8c:ed:06:fc:00:43:f0:23:00:dd:86:5e:f9:74:
1e:04:1c:01:69:b8:e5:db:e1:77:c4:90:49:35:0d:
88:40:14:08:f1:c8:28:88:9f:c1:84:3f:22:fb:56:
ce:95:63:f3:93:47:0f:07:28:d5:5e:41:ec:99:8a:
ab:61:9c:c9:2b:30:66:7e:69:23:d1:3c:a9:12:e8:
09:c3:b4:ca:49:57:03:27:37:cf:15:e5:0e:9f:2e:
20:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1E:04:FA:49:3C:E9:EB:24:C0:FE:E4:96:99:C6:4C:31:EC:4D:35
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/vB4E-kk86eskwP7klpnGTDHsTTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.224.0/19
31.0.0.0/16
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.249.255.255
46.76.0.0/15
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
61:0e:3d:23:c0:af:ff:ab:bb:b7:f3:b9:fd:94:c4:5b:f7:14:
4d:54:43:e6:86:14:0b:4b:89:cc:79:1a:d7:12:c2:ba:93:5d:
41:a1:f7:fd:11:20:62:89:23:35:52:a9:bd:20:6d:ec:db:c1:
38:24:e9:f1:46:a0:64:c4:96:c3:11:d6:a1:1d:df:9b:f8:14:
3d:0b:72:88:8f:b7:30:53:f5:02:47:9d:bd:6a:00:7c:ff:67:
de:a9:95:59:38:cb:3f:ec:78:c6:2d:90:12:8f:1d:96:e7:2b:
29:1e:cb:70:06:39:84:f6:b6:2d:cd:7e:5e:12:da:04:5c:8e:
3b:9e:69:5a:cf:dd:9b:74:d3:67:d0:1e:07:79:ef:bf:13:8f:
e1:42:57:67:83:a8:9b:ef:66:7d:05:f1:c4:c2:65:47:2c:2e:
4f:a8:05:cf:45:49:5b:a5:90:56:58:45:36:ba:86:99:4c:7c:
27:0a:48:a5:62:66:77:50:b7:ae:3f:a2:85:b0:2b:8e:0a:8b:
f9:8a:9f:ad:58:91:fe:20:3d:34:aa:d0:83:ad:d7:1d:fa:f1:
5a:2b:10:de:be:5a:4c:39:73:83:d7:c1:ce:02:2c:9a:31:4d:
00:cf:0d:cd:7e:c9:34:fd:3e:51:3b:14:46:d0:36:0b:e2:13:
cc:b9:d6:6b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZBO02I/nyxprj4L0aqMyKWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwNjI1MDk1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFlMDRmYTQ5M2NlOWViMjRjMGZlZTQ5Njk5YzY0YzMxZWM0ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUYRbFsb9HYSQd8NDoTvvtyCnbLQ
k1svRr4mUNBjZivSjXu2mirZ5F7tla6L75vabmFs9Ixfpb4qNaLbPnmGSw96oITN
gTXaRZbTKTrmI7XzdcDm1U37y9xtKJJNIaf2zkP/zk+neM3uNHzehrh3XTyVXTn6
I17EY2ZFLbQJ//aGzyutazRtquHPd5QY3/9HQtsl4FFuuujqVEyODf0HuulIo852
jO0G/ABD8CMA3YZe+XQeBBwBabjl2+F3xJBJNQ2IQBQI8cgoiJ/BhD8i+1bOlWPz
k0cPByjVXkHsmYqrYZzJKzBmfmkj0TypEugJw7TKSVcDJzfPFeUOny4gSQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFLweBPpJPOnrJMD+5JaZxkwx7E01MB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvdkI0RS1razg2ZXNrd1A3a2xwbkdUREhzVFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwAwQFBazg
AwMAHwADBAQlYtADAwAlbQMEBCWYEAMEBSXRgDALAwQHJfeAAwMBJfgDAwEuTAME
Bk4eQAMEBFQnoAMEBVf74AMEBFw8gAMEB12agAMEBJf4IAMEArkE1AMEBbx9IAME
AcEpcAMEBdQCYDAUBAIAAjAOAwUEKgEC4AMFACoBu4AwDQYJKoZIhvcNAQELBQAD
ggEBAGEOPSPAr/+ru7fzuf2UxFv3FE1UQ+aGFAtLicx5GtcSwrqTXUGh9/0RIGKJ
IzVSqb0gbezbwTgk6fFGoGTElsMR1qEd35v4FD0LcoiPtzBT9QJHnb1qAHz/Z96p
lVk4yz/seMYtkBKPHZbnKykey3AGOYT2ti3Nfl4S2gRcjjueaVrP3Zt002fQHgd5
778Tj+FCV2eDqJvvZn0F8cTCZUcsLk+oBc9FSVulkFZYRTa6hplMfCcKSKViZndQ
t64/ooWwK44Ki/mKn61Ykf4gPTSq0IOt1x368VorEN6+Wkw5c4PXwc4CLJoxTQDP
Dc1+yTT9PlE7FEbQNgviE8y51ms=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:55 2025 by rpki-client