Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/b9f5897Yuplgyy2La1lICi1FiK0.roa
File: b9f5897Yuplgyy2La1lICi1FiK0.roa (raw, json)
Hash identifier: 5k4e6j/wvJ8vde6SndfKqci5Z38QvbSDy82ZvHnV1+E=
Subject key identifier: 6F:D7:F9:F3:DE:D8:BA:99:60:CB:2D:8B:6B:59:48:0A:2D:45:88:AD
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 06416E0E
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/b9f5897Yuplgyy2La1lICi1FiK0.roa
Signing time: Sun 27 Feb 2022 19:38:17 +0000
ROA not before: Sun 27 Feb 2022 19:38:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.89.28.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.86.211.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104951310 (0x6416e0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Feb 27 19:38:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fd7f9f3ded8ba9960cb2d8b6b59480a2d4588ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3f:61:28:7b:ce:6e:58:9f:75:07:8f:06:c5:
40:ba:19:f4:1b:ce:4f:af:cf:54:e1:fd:e6:28:48:
02:35:38:69:af:ab:95:53:48:32:49:68:28:25:0c:
f5:2a:c8:c2:0f:f7:f2:b0:d3:79:5f:eb:40:36:fe:
12:3a:92:3d:68:55:f1:a1:68:75:5f:63:33:9b:47:
e5:5c:7a:a9:ae:39:30:e2:0f:88:0f:b9:6c:6c:3f:
e0:7e:75:ad:28:15:82:96:8f:e9:ae:70:fa:6f:8a:
c2:4d:4e:27:d4:bc:0a:d1:ea:bd:8c:9a:10:2e:c4:
de:49:b0:d0:cb:df:8d:a9:ea:7a:51:2f:49:33:56:
17:8c:0b:65:d3:0a:f6:0e:b4:12:72:4e:c4:d7:7c:
7e:47:62:7e:20:24:e5:f4:80:f1:b9:5c:6b:fd:36:
cd:39:15:02:ec:38:31:84:a3:92:d2:09:06:a8:05:
bc:89:be:d0:45:90:40:0a:c8:27:ee:3e:de:c6:de:
4a:23:4a:1b:a9:75:2d:2a:4d:74:a5:0a:ec:3c:11:
b9:4f:c5:13:85:f9:5c:26:ce:0d:90:28:91:a0:c1:
6a:a1:d7:64:14:61:d3:fa:42:15:2d:82:08:60:8c:
e8:3c:1e:2c:97:96:35:be:0f:b9:27:31:37:8a:5c:
dd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D7:F9:F3:DE:D8:BA:99:60:CB:2D:8B:6B:59:48:0A:2D:45:88:AD
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/b9f5897Yuplgyy2La1lICi1FiK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.86.211.0/24
185.89.28.0/24
185.204.64.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ba:08:a1:0a:99:61:eb:fa:43:ac:40:1d:32:54:d7:a2:7f:
ef:1b:d6:16:e2:a0:45:5f:df:87:41:1d:75:a2:37:d9:1a:f9:
9a:be:dc:68:75:66:70:c3:d7:67:ea:9e:67:4f:d4:dc:ce:b5:
7b:b5:9c:28:76:81:eb:98:88:bc:dd:86:f0:39:b5:0f:02:1c:
bc:cf:16:0f:e7:80:2b:b1:a9:4f:1c:2a:a6:ec:5a:75:e4:6f:
87:07:6d:cf:da:cb:c9:13:a6:35:44:e2:ac:94:ca:5a:46:8e:
55:f2:3f:44:f6:72:7d:44:f8:62:49:7b:25:4f:f3:6c:8a:84:
59:12:38:74:5b:2b:64:3d:cd:e5:8a:74:99:c8:59:8a:4d:a2:
b8:33:3f:99:20:9c:99:06:4d:ea:2e:55:79:0f:61:11:e0:cb:
b2:f9:0f:f7:56:50:14:b0:81:e8:9f:52:42:f3:46:91:a9:d8:
5f:bb:0b:ea:e1:38:10:a0:d6:14:29:18:4c:27:0b:c7:86:b3:
37:ff:7f:27:fc:22:ae:7d:e8:06:52:13:4d:3c:bc:03:27:f6:
b5:5e:e0:9d:5c:22:5c:ab:17:97:b3:6b:81:e7:f5:9f:67:f5:
58:a1:9e:f7:82:12:27:a5:2e:82:c8:59:90:e6:85:14:71:65:
29:72:8f:32
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBkFuDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmM1ZGU3ZDcyNTViN2Q1ODI2MGM2NWExMjBiMTY0ZWYxMGVmOTAzMB4XDTIyMDIy
NzE5MzgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZkN2Y5ZjNkZWQ4
YmE5OTYwY2IyZDhiNmI1OTQ4MGEyZDQ1ODhhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKE/YSh7zm5Yn3UHjwbFQLoZ9BvOT6/PVOH95ihIAjU4aa+r
lVNIMkloKCUM9SrIwg/38rDTeV/rQDb+EjqSPWhV8aFodV9jM5tH5Vx6qa45MOIP
iA+5bGw/4H51rSgVgpaP6a5w+m+Kwk1OJ9S8CtHqvYyaEC7E3kmw0MvfjanqelEv
STNWF4wLZdMK9g60EnJOxNd8fkdifiAk5fSA8blca/02zTkVAuw4MYSjktIJBqgF
vIm+0EWQQArIJ+4+3sbeSiNKG6l1LSpNdKUK7DwRuU/FE4X5XCbODZAokaDBaqHX
ZBRh0/pCFS2CCGCM6DweLJeWNb4PuScxN4pc3QkCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRv1/nz3ti6mWDLLYtrWUgKLUWIrTAfBgNVHSMEGDAWgBRrxd59clW31YJg
xloSCxZO8Q75AzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E4WGVmWEpWdDlXQ1lNWmFFZ3NXVHZFTy1RTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMzIxMDllLTI0YzktNGM4OC1hOGU4LWZkZjY2MzhkMmMwNC8x
L2I5ZjU4OTdZdXBsZ3l5MkxhMWxJQ2kxRmlLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MzIxMDllLTI0YzktNGM4OC1hOGU4LWZkZjY2MzhkMmMwNC8xL2E4WGVmWEpWdDlX
Q1lNWmFFZ3NXVHZFTy1RTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAblLFAMEAblMTgMEArlULAMEALlW
0wMEALlZHAMEALnMQDANBgkqhkiG9w0BAQsFAAOCAQEAGLoIoQqZYev6Q6xAHTJU
16J/7xvWFuKgRV/fh0EddaI32Rr5mr7caHVmcMPXZ+qeZ0/U3M61e7WcKHaB65iI
vN2G8Dm1DwIcvM8WD+eAK7GpTxwqpuxadeRvhwdtz9rLyROmNUTirJTKWkaOVfI/
RPZyfUT4Ykl7JU/zbIqEWRI4dFsrZD3N5Yp0mchZik2iuDM/mSCcmQZN6i5VeQ9h
EeDLsvkP91ZQFLCB6J9SQvNGkanYX7sL6uE4EKDWFCkYTCcLx4azN/9/J/wirn3o
BlITTTy8Ayf2tV7gnVwiXKsXl7Nrgef1n2f1WKGe94ISJ6UugshZkOaFFHFlKXKP
Mg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org