Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/J0KQ6AqlBZxab0dQQYhMWGAAPgE.roa
File: J0KQ6AqlBZxab0dQQYhMWGAAPgE.roa (raw, json)
Hash identifier: bLmhovv/HZ8LlKkMGEudwwBWqdBbQ3yYrIAOTramIy0=
Subject key identifier: 27:42:90:E8:0A:A5:05:9C:5A:6F:47:50:41:88:4C:58:60:00:3E:01
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018E421FA63B6D965CBFF0D7DE219633D3D6
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/J0KQ6AqlBZxab0dQQYhMWGAAPgE.roa
Signing time: Fri 15 Mar 2024 12:39:14 +0000
ROA not before: Fri 15 Mar 2024 12:39:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50129
IP address blocks: 5.187.38.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:1f:a6:3b:6d:96:5c:bf:f0:d7:de:21:96:33:d3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Mar 15 12:39:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=274290e80aa5059c5a6f475041884c5860003e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:77:51:6c:39:ca:63:6e:6c:e3:14:f4:2b:89:
4d:9a:b6:b3:81:7c:a5:bb:67:ae:2e:0c:a5:e3:f9:
fc:6d:18:bd:b5:ed:75:f4:66:34:ce:68:d1:f2:cf:
6f:d6:24:8b:58:ff:c5:9a:e5:7e:51:c2:74:8b:2e:
71:ae:9c:14:a2:1f:ec:df:42:a0:28:bd:53:e2:9b:
fa:d3:1f:c2:ee:af:3e:ba:01:3a:d2:38:ac:04:42:
f7:28:b3:0b:2b:51:9e:96:18:de:19:8c:e9:1d:6b:
81:7e:50:26:bb:95:9b:b5:77:ca:85:4c:eb:36:9f:
62:a7:ff:53:75:fe:8d:63:2b:77:2f:d8:e3:31:55:
0b:73:6c:1e:83:84:2b:6a:03:47:5e:99:03:5a:ea:
b8:5a:c3:eb:7a:9e:18:ea:b5:38:4d:b3:50:d2:7a:
b6:68:a2:d1:2b:67:ba:a9:ab:b9:31:64:92:7d:b4:
08:f5:c3:6d:6a:24:66:5c:b3:34:c4:6a:ba:5d:ad:
5c:ac:d2:78:93:a9:ed:53:bd:d9:73:64:52:46:99:
17:9e:e6:ae:26:ad:88:aa:5a:c3:5b:7e:07:9a:ad:
40:47:4f:d1:7c:56:05:c8:73:3d:9c:9a:4a:4a:7f:
94:1b:16:92:b5:7c:c4:5d:4f:ce:2b:53:9b:c4:68:
67:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:42:90:E8:0A:A5:05:9C:5A:6F:47:50:41:88:4C:58:60:00:3E:01
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/J0KQ6AqlBZxab0dQQYhMWGAAPgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.38.0/23
95.156.204.0/22
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
195.181.252.0/23
217.61.242.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:04:2f:c6:d8:b0:2a:2f:b1:72:a5:12:bf:84:62:90:30:fa:
47:33:9d:32:b6:b2:c9:76:5f:3c:3e:61:7a:f2:45:69:51:e5:
9e:75:57:eb:57:29:d6:0b:8a:dd:9b:60:35:ae:d9:c6:b3:62:
d4:90:95:5d:2a:24:05:4a:10:c2:98:5e:80:94:11:53:03:7c:
14:1c:22:9c:7c:3a:10:22:91:c5:02:bd:36:7c:c2:ce:79:dd:
39:fa:04:b6:38:bf:3a:bb:c6:c5:64:37:f1:ee:54:e4:50:9c:
dd:fc:62:da:ee:ea:23:14:7c:60:ec:f8:3e:ea:17:1f:a2:ad:
f6:65:b3:63:04:74:04:a0:69:1b:f2:1e:4e:9d:5b:72:d9:8e:
91:09:44:45:c5:f7:e0:07:60:f3:23:09:45:a8:e1:b5:8e:ed:
4c:7a:b3:84:d2:8f:f1:09:24:12:06:5a:3a:e5:55:6f:6d:06:
d0:b8:13:8c:af:59:91:7f:ed:80:98:0a:bf:7e:96:c6:31:f0:
5d:e1:c1:34:3b:84:8f:80:ed:c8:de:85:57:af:1d:28:43:e4:
a3:c7:cf:b8:64:0f:d7:cc:20:64:e8:27:d1:f0:e7:a6:49:ce:
07:bd:ec:cf:1d:fc:64:2b:71:a7:5d:b1:f5:3b:8e:c9:5a:5a:
42:ee:23:86
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY5CH6Y7bZZcv/DX3iGWM9PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwMzE1MTIzOTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzQyOTBlODBhYTUwNTljNWE2ZjQ3NTA0MTg4NGM1ODYwMDAzZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3dRbDnKY25s4xT0K4lNmrazgXyl
u2euLgyl4/n8bRi9te119GY0zmjR8s9v1iSLWP/FmuV+UcJ0iy5xrpwUoh/s30Kg
KL1T4pv60x/C7q8+ugE60jisBEL3KLMLK1GelhjeGYzpHWuBflAmu5WbtXfKhUzr
Np9ip/9Tdf6NYyt3L9jjMVULc2weg4QragNHXpkDWuq4WsPrep4Y6rU4TbNQ0nq2
aKLRK2e6qau5MWSSfbQI9cNtaiRmXLM0xGq6Xa1crNJ4k6ntU73Zc2RSRpkXnuau
Jq2IqlrDW34Hmq1AR0/RfFYFyHM9nJpKSn+UGxaStXzEXU/OK1ObxGhnbwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCdCkOgKpQWcWm9HUEGITFhgAD4BMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvSjBLUTZBcWxCWnhhYjBkUVFZaE1XR0FBUGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBBbsmAwQC
X5zMAwQBuWg8MAwDBAC5aJkDBAK5aJgDBAG5eroDBAK5ndQDBAG5obgDBAHDtfwD
BAHZPfIwDQYJKoZIhvcNAQELBQADggEBAF0EL8bYsCovsXKlEr+EYpAw+kcznTK2
ssl2Xzw+YXryRWlR5Z51V+tXKdYLit2bYDWu2cazYtSQlV0qJAVKEMKYXoCUEVMD
fBQcIpx8OhAikcUCvTZ8ws553Tn6BLY4vzq7xsVkN/HuVORQnN38Ytru6iMUfGDs
+D7qFx+irfZls2MEdASgaRvyHk6dW3LZjpEJREXF9+AHYPMjCUWo4bWO7Ux6s4TS
j/EJJBIGWjrlVW9tBtC4E4yvWZF/7YCYCr9+lsYx8F3hwTQ7hI+A7cjehVevHShD
5KPHz7hkD9fMIGToJ9Hw56ZJzge97M8d/GQrcaddsfU7jslaWkLuI4Y=
-----END CERTIFICATE-----
Generated at Fri Jun 21 14:52:29 2024 by rpki-client on console-ams.rpki-client.org