Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/GyLHOB7Km0L1PtWt5csiYMmGQR0.roa
File: GyLHOB7Km0L1PtWt5csiYMmGQR0.roa (raw, json)
Hash identifier: U0kXdqRIr8tq82WQjOoM2XDUcgPpY8QWjwOX3rOQKMk=
Subject key identifier: 1B:22:C7:38:1E:CA:9B:42:F5:3E:D5:AD:E5:CB:22:60:C9:86:41:1D
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01903A322EDEB135F7496057CDC659249258
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/GyLHOB7Km0L1PtWt5csiYMmGQR0.roa
Signing time: Fri 21 Jun 2024 09:48:05 +0000
ROA not before: Fri 21 Jun 2024 09:48:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 5.187.38.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.157.212.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.188.17.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:32:2e:de:b1:35:f7:49:60:57:cd:c6:59:24:92:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jun 21 09:48:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b22c7381eca9b42f53ed5ade5cb2260c986411d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:95:0f:3a:e0:57:b1:d6:f0:e7:1d:2a:40:8a:
8b:b6:a9:8e:bb:e5:bc:04:15:73:64:0f:74:14:47:
38:14:dc:88:c3:88:a3:0b:79:0a:21:08:9b:5a:05:
83:81:b1:11:2c:33:f8:0a:02:77:da:c6:8e:65:cc:
8c:b0:86:80:b1:e7:9b:db:c4:15:0d:0a:46:54:0a:
52:0e:14:3d:70:a6:37:6c:b2:43:77:6e:28:ac:35:
fb:18:5a:2e:c5:c7:cd:6e:dc:7e:5f:5b:e0:ac:1d:
e5:28:8d:27:3c:9d:9d:8d:07:89:12:24:70:8a:9f:
45:7d:d7:df:d6:b0:75:b3:f3:bd:36:94:18:c0:f0:
aa:65:68:5b:b6:89:4e:b1:dc:6c:10:21:f6:0f:72:
13:f5:80:25:50:00:2b:5a:fc:b7:54:fe:33:a5:42:
bf:d1:e3:1f:5e:13:2e:40:df:c1:68:04:a4:b1:19:
c7:b4:d0:f4:6f:9b:b4:1c:25:3c:a0:e9:60:e7:1c:
43:32:aa:ac:f5:e4:84:49:67:ee:6f:ce:3d:e4:2a:
3e:9a:cb:59:be:5c:cb:e5:a3:54:62:8c:9b:86:d6:
d0:00:3c:2b:42:24:f3:ac:85:13:ed:93:f3:05:ce:
fc:ea:79:7d:c2:c3:a5:d9:75:29:fb:9e:05:cf:af:
4b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:22:C7:38:1E:CA:9B:42:F5:3E:D5:AD:E5:CB:22:60:C9:86:41:1D
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/GyLHOB7Km0L1PtWt5csiYMmGQR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.38.0/23
95.156.204.0/22
185.104.60.0/23
185.104.153.0/24
185.122.186.0/23
185.157.212.0/24
185.157.214.0/23
185.161.184.0/24
185.188.17.0/24
195.181.252.0/23
217.61.242.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:68:13:d8:22:9e:40:f9:ab:cd:c0:7d:17:39:69:a9:7f:84:
c0:dd:56:08:f0:e7:ee:74:8e:6b:f9:b7:6b:42:e6:ff:04:65:
12:c7:be:63:b9:42:cd:06:c4:f5:d7:11:d7:5a:1d:79:87:d2:
45:d8:c1:6e:af:0f:35:1e:d3:11:71:29:35:c7:a1:69:06:ed:
e0:d0:14:f0:67:fa:9c:31:68:e8:67:91:b1:e6:5f:a0:c0:87:
d8:a4:59:d3:0c:bb:91:4f:9d:30:5c:dd:e3:5b:ad:44:3e:4d:
c2:cb:bb:b9:fb:36:6b:7a:5e:66:12:a3:28:9a:ef:44:1a:c8:
0c:f5:6a:fb:d4:02:33:c0:68:78:e7:98:ec:54:85:2d:32:ed:
17:07:72:0d:da:46:2d:98:8a:ba:e3:ae:df:a8:f8:93:01:05:
53:96:05:3b:24:27:5d:e2:c4:f4:02:66:76:60:ad:93:82:fa:
b1:ac:ff:af:6c:b9:32:d2:90:8b:01:cf:eb:53:05:bc:db:1b:
74:f7:70:b7:3b:3f:76:41:df:9d:f5:43:b0:67:a1:c6:09:37:
27:d4:fc:c0:e5:70:a8:c4:45:3c:58:89:25:87:30:58:4a:b5:
c3:4d:fc:76:f0:aa:55:bc:50:66:5c:97:12:86:0d:75:96:fb:
8b:d9:de:a6
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZA6Mi7esTX3SWBXzcZZJJJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwNjIxMDk0ODA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjIyYzczODFlY2E5YjQyZjUzZWQ1YWRlNWNiMjI2MGM5ODY0MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUPOuBXsdbw5x0qQIqLtqmOu+W8
BBVzZA90FEc4FNyIw4ijC3kKIQibWgWDgbERLDP4CgJ32saOZcyMsIaAseeb28QV
DQpGVApSDhQ9cKY3bLJDd24orDX7GFouxcfNbtx+X1vgrB3lKI0nPJ2djQeJEiRw
ip9Ffdff1rB1s/O9NpQYwPCqZWhbtolOsdxsECH2D3IT9YAlUAArWvy3VP4zpUK/
0eMfXhMuQN/BaASksRnHtND0b5u0HCU8oOlg5xxDMqqs9eSESWfub8495Co+mstZ
vlzL5aNUYoybhtbQADwrQiTzrIUT7ZPzBc786nl9wsOl2XUp+54Fz69LIwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBsixzgeyptC9T7VreXLImDJhkEdMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvR3lMSE9CN0ttMEwxUHRXdDVjc2lZTW1HUVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBBbsmAwQC
X5zMAwQBuWg8AwQAuWiZAwQBuXq6AwQAuZ3UAwQBuZ3WAwQAuaG4AwQAubwRAwQB
w7X8AwQB2T3yMA0GCSqGSIb3DQEBCwUAA4IBAQBaaBPYIp5A+avNwH0XOWmpf4TA
3VYI8OfudI5r+bdrQub/BGUSx75juULNBsT11xHXWh15h9JF2MFurw81HtMRcSk1
x6FpBu3g0BTwZ/qcMWjoZ5Gx5l+gwIfYpFnTDLuRT50wXN3jW61EPk3Cy7u5+zZr
el5mEqMomu9EGsgM9Wr71AIzwGh455jsVIUtMu0XB3IN2kYtmIq6467fqPiTAQVT
lgU7JCdd4sT0AmZ2YK2TgvqxrP+vbLky0pCLAc/rUwW82xt093C3Oz92Qd+d9UOw
Z6HGCTcn1PzA5XCoxEU8WIklhzBYSrXDTfx28KpVvFBmXJcShg11lvuL2d6m
-----END CERTIFICATE-----
Generated at Tue Aug 13 15:05:08 2024 by rpki-client on console-fra.rpki-client.org