Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/VJj1hDomgAZzOcyXPohTFYEYx1U.roa
File: VJj1hDomgAZzOcyXPohTFYEYx1U.roa (raw, json)
Hash identifier: v7qHO5zbTqjixjVHiVcEJscQmPoCZmQkVxcvwXFoY2o=
Subject key identifier: 54:98:F5:84:3A:26:80:06:73:39:CC:97:3E:88:53:15:81:18:C7:55
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01914B884F292F77F84C47A9491F5BA24D59
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/VJj1hDomgAZzOcyXPohTFYEYx1U.roa
Signing time: Tue 13 Aug 2024 11:38:29 +0000
ROA not before: Tue 13 Aug 2024 11:38:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50129
IP address blocks: 5.187.38.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:88:4f:29:2f:77:f8:4c:47:a9:49:1f:5b:a2:4d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Aug 13 11:38:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5498f5843a2680067339cc973e8853158118c755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e8:50:29:0d:ec:97:94:51:32:e7:f2:ba:01:
e1:3d:d1:f1:2a:f5:ab:58:66:02:a9:79:b7:b9:b3:
0e:e7:55:53:57:1a:7d:6c:d0:6c:a8:43:23:13:55:
48:8d:c4:b4:1c:3d:b3:a9:d7:61:f6:e3:c7:8d:ff:
bd:d8:66:87:d7:fb:78:14:f4:7d:1d:d8:c7:ad:39:
68:e6:78:46:1a:9b:0a:cf:2c:ea:61:48:ef:52:05:
33:64:9a:b3:e2:c7:34:73:a3:86:7d:cb:3c:7b:09:
1d:1e:03:81:a1:37:3f:8b:71:62:ae:d0:6d:01:17:
c4:95:90:38:02:ae:69:d7:60:cd:79:f2:cc:f4:86:
2e:61:7c:ef:5e:55:8a:cf:40:10:f2:4c:6f:c7:d6:
84:8f:f1:6a:64:b4:9f:7c:5d:9c:26:49:47:8a:5e:
23:e9:2b:35:54:34:da:f6:ec:b7:10:69:08:78:f7:
54:1b:12:5e:90:06:86:d9:b0:ca:5a:b4:b2:f4:06:
22:42:71:1f:72:64:05:47:0a:98:26:66:ed:b1:ab:
46:0f:2c:e5:4d:03:da:fd:4c:a4:3c:2d:77:0b:cf:
c7:66:55:e9:b1:47:33:a3:c0:ab:30:30:49:58:16:
39:cf:d8:a2:e0:33:96:15:a7:ba:1d:2d:5e:66:11:
9a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:98:F5:84:3A:26:80:06:73:39:CC:97:3E:88:53:15:81:18:C7:55
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/VJj1hDomgAZzOcyXPohTFYEYx1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.38.0/23
95.156.204.0/22
185.104.60.0/23
185.104.153.0/24
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
195.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:10:22:f1:44:ce:c6:7f:98:77:f0:81:7b:5a:4b:dc:61:e2:
0d:24:81:d2:8a:58:7a:f6:1a:30:36:ca:ec:5c:37:93:eb:93:
a7:47:f2:44:88:4d:7a:96:14:52:a6:e8:50:31:63:ed:28:4b:
55:91:3a:0b:a7:77:d7:e8:e9:b7:a2:85:6b:cb:c3:f4:3e:72:
e1:60:58:1b:d7:2a:5a:74:dd:d4:0d:62:8c:c9:56:cb:4c:19:
52:81:13:0e:32:7b:41:67:34:a4:74:9d:a7:18:01:b7:49:9f:
ad:78:80:95:c3:0a:a9:2f:b0:d1:01:bc:ae:09:68:9e:9e:2f:
4c:1d:f9:53:66:2c:7b:a9:88:20:53:23:05:d5:32:e2:12:0f:
de:33:60:53:39:7f:a4:ad:e3:c6:9c:e1:30:7a:1e:5a:86:c1:
65:36:cb:7f:d7:7b:1e:96:bd:cf:85:3b:9f:45:bd:45:57:59:
3e:7d:df:70:7c:7b:45:3b:9c:c7:e5:4c:d6:a3:02:0f:c8:02:
15:5f:cf:dd:43:e0:ea:db:f2:8d:df:3d:96:8a:12:1f:6c:8e:
8a:72:65:a7:19:1d:1f:9b:09:de:bc:c1:79:82:96:16:ba:3d:
c1:ea:fc:02:c4:ce:f6:44:92:77:c2:33:b8:59:da:33:ca:46:
bf:b6:b1:68
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZFLiE8pL3f4TEepSR9bok1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwODEzMTEzODI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDk4ZjU4NDNhMjY4MDA2NzMzOWNjOTczZTg4NTMxNTgxMThjNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uhQKQ3sl5RRMufyugHhPdHxKvWr
WGYCqXm3ubMO51VTVxp9bNBsqEMjE1VIjcS0HD2zqddh9uPHjf+92GaH1/t4FPR9
HdjHrTlo5nhGGpsKzyzqYUjvUgUzZJqz4sc0c6OGfcs8ewkdHgOBoTc/i3FirtBt
ARfElZA4Aq5p12DNefLM9IYuYXzvXlWKz0AQ8kxvx9aEj/FqZLSffF2cJklHil4j
6Ss1VDTa9uy3EGkIePdUGxJekAaG2bDKWrSy9AYiQnEfcmQFRwqYJmbtsatGDyzl
TQPa/UykPC13C8/HZlXpsUczo8CrMDBJWBY5z9ii4DOWFae6HS1eZhGaRwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFSY9YQ6JoAGcznMlz6IUxWBGMdVMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvVkpqMWhEb21nQVp6T2N5WFBvaFRGWUVZeDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBbsmAwQC
X5zMAwQBuWg8AwQAuWiZAwQBuXq6AwQCuZ3UAwQBuaG4AwQBw7X8MA0GCSqGSIb3
DQEBCwUAA4IBAQANECLxRM7Gf5h38IF7WkvcYeINJIHSilh69howNsrsXDeT65On
R/JEiE16lhRSpuhQMWPtKEtVkToLp3fX6Om3ooVry8P0PnLhYFgb1ypadN3UDWKM
yVbLTBlSgRMOMntBZzSkdJ2nGAG3SZ+teICVwwqpL7DRAbyuCWieni9MHflTZix7
qYggUyMF1TLiEg/eM2BTOX+krePGnOEweh5ahsFlNst/13selr3PhTufRb1FV1k+
fd9wfHtFO5zH5UzWowIPyAIVX8/dQ+Dq2/KN3z2WihIfbI6KcmWnGR0fmwnevMF5
gpYWuj3B6vwCxM72RJJ3wjO4Wdozyka/trFo
-----END CERTIFICATE-----
Generated at Wed Aug 14 15:15:13 2024 by rpki-client on console-ams.rpki-client.org