Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/TSoxZIBD3J2eySJj28I5KQTx2i8.roa
File: TSoxZIBD3J2eySJj28I5KQTx2i8.roa (raw, json)
Hash identifier: 5NSr3gtaLo8sRIxSRPEvUOQaPpTOXTkK+mcn9nbQeYE=
Subject key identifier: 4D:2A:31:64:80:43:DC:9D:9E:C9:22:63:DB:C2:39:29:04:F1:DA:2F
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01917A536A3D55337487EA69BAAEF09C8148
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/TSoxZIBD3J2eySJj28I5KQTx2i8.roa
Signing time: Thu 22 Aug 2024 13:42:52 +0000
ROA not before: Thu 22 Aug 2024 13:42:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 5.187.38.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:53:6a:3d:55:33:74:87:ea:69:ba:ae:f0:9c:81:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Aug 22 13:42:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d2a31648043dc9d9ec92263dbc2392904f1da2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9a:b9:fb:d6:1f:06:7b:f0:a6:6a:da:57:cb:
41:30:a0:6e:a8:7c:b0:e0:4b:2a:d4:c0:e1:7d:eb:
78:69:2e:f8:4b:21:9a:64:f7:b2:c1:be:c9:a4:46:
9d:63:ab:6d:5a:f1:81:dd:be:55:37:a8:e6:d1:41:
18:b5:b5:de:81:07:d4:6b:61:a5:0e:53:82:5e:b7:
70:37:99:fa:73:f3:59:08:32:1a:79:d9:ce:d3:e4:
b9:88:7e:7d:fe:b6:22:aa:8b:11:ab:08:2a:49:c8:
51:31:ff:74:cc:0a:de:47:b3:fe:c2:97:a2:d2:5f:
fa:0b:3c:83:d9:6d:ed:58:e4:d0:59:00:19:aa:96:
0d:0e:ea:7b:94:4f:5e:d0:2a:3e:21:3a:49:75:84:
d1:8b:df:31:6e:d5:c4:5f:cd:20:3a:72:53:98:df:
a3:7b:a5:46:61:13:19:c3:b0:c6:67:9a:91:f4:c1:
41:ea:30:d9:7a:d6:06:8b:f3:29:10:b4:d6:54:8a:
f2:a6:01:3f:20:e1:c3:55:11:39:59:70:30:f6:0e:
91:14:a3:7c:82:d1:ae:de:17:45:32:7e:5d:77:a6:
a5:8b:a7:d0:c6:3e:2b:87:71:e3:da:c1:06:94:d5:
54:18:78:2f:07:49:e2:43:51:4f:3d:4e:8c:96:e5:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2A:31:64:80:43:DC:9D:9E:C9:22:63:DB:C2:39:29:04:F1:DA:2F
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/TSoxZIBD3J2eySJj28I5KQTx2i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.38.0/23
185.104.153.0/24
185.122.186.0/23
195.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
42:28:29:9c:33:4e:06:52:55:98:98:ba:3d:24:47:36:67:a9:
81:89:43:cd:ce:b9:db:64:b7:50:d3:03:70:0a:0d:bb:38:06:
c0:27:0a:06:a9:d6:d1:1c:d6:5f:08:9d:ac:61:02:ce:5f:52:
3d:ee:f9:84:6a:57:f2:b5:68:fa:41:49:24:99:ea:d5:d0:97:
be:51:df:7c:61:93:d9:d3:ee:00:ea:dd:49:88:bb:b5:af:5f:
ee:b9:49:ed:8c:c3:b4:fb:d8:cd:c3:4a:54:16:29:65:e1:92:
1a:ff:f7:15:55:1d:3e:b8:a3:67:d3:df:c5:ab:19:2e:7e:94:
aa:ad:e1:ca:84:0a:c3:31:43:f9:0b:57:20:e7:7d:bd:c6:40:
4c:2c:b5:df:2f:98:e0:e7:99:14:48:bc:8a:9d:9a:be:07:8b:
1f:f3:69:af:71:59:ed:27:e3:b6:c9:84:8b:66:b5:85:b6:36:
87:18:e7:af:cb:8d:22:53:1c:b3:14:c0:4f:3e:87:cf:de:d0:
c6:83:d8:0e:36:76:55:6b:5d:02:c0:17:af:9a:05:45:47:0a:
71:c8:82:18:d1:b6:1d:92:9c:1d:40:54:b5:23:99:27:03:f1:
c4:05:e6:fa:d2:08:41:8f:e2:1e:93:10:c4:f0:7f:55:09:5b:
e9:d0:aa:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZF6U2o9VTN0h+ppuq7wnIFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwODIyMTM0MjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDJhMzE2NDgwNDNkYzlkOWVjOTIyNjNkYmMyMzkyOTA0ZjFkYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5q5+9YfBnvwpmraV8tBMKBuqHyw
4Esq1MDhfet4aS74SyGaZPeywb7JpEadY6ttWvGB3b5VN6jm0UEYtbXegQfUa2Gl
DlOCXrdwN5n6c/NZCDIaednO0+S5iH59/rYiqosRqwgqSchRMf90zAreR7P+wpei
0l/6CzyD2W3tWOTQWQAZqpYNDup7lE9e0Co+ITpJdYTRi98xbtXEX80gOnJTmN+j
e6VGYRMZw7DGZ5qR9MFB6jDZetYGi/MpELTWVIrypgE/IOHDVRE5WXAw9g6RFKN8
gtGu3hdFMn5dd6ali6fQxj4rh3Hj2sEGlNVUGHgvB0niQ1FPPU6MluWcXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE0qMWSAQ9ydnskiY9vCOSkE8dovMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvVFNveFpJQkQzSjJleVNKajI4STVLUVR4Mmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbsmAwQA
uWiZAwQBuXq6AwQBw7X8MA0GCSqGSIb3DQEBCwUAA4IBAQBCKCmcM04GUlWYmLo9
JEc2Z6mBiUPNzrnbZLdQ0wNwCg27OAbAJwoGqdbRHNZfCJ2sYQLOX1I97vmEalfy
tWj6QUkkmerV0Je+Ud98YZPZ0+4A6t1JiLu1r1/uuUntjMO0+9jNw0pUFill4ZIa
//cVVR0+uKNn09/FqxkufpSqreHKhArDMUP5C1cg5329xkBMLLXfL5jg55kUSLyK
nZq+B4sf82mvcVntJ+O2yYSLZrWFtjaHGOevy40iUxyzFMBPPofP3tDGg9gONnZV
a10CwBevmgVFRwpxyIIY0bYdkpwdQFS1I5knA/HEBeb60ghBj+IekxDE8H9VCVvp
0KrG
-----END CERTIFICATE-----
Generated at Mon Sep 30 10:56:32 2024 by rpki-client on console-fra.rpki-client.org