Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/xESKElybB2qVBC4qf0_Gppn-RIg.roa
File: xESKElybB2qVBC4qf0_Gppn-RIg.roa (raw, json)
Hash identifier: jlO6Siw34JxvYM6jMzQkbsJhltfpvnKw7+6TEvbEJHk=
Subject key identifier: C4:44:8A:12:5C:9B:07:6A:95:04:2E:2A:7F:4F:C6:A6:99:FE:44:88
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 019150E5998D89D2BCAEBBD5CD662F31A1C0
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/xESKElybB2qVBC4qf0_Gppn-RIg.roa
Signing time: Wed 14 Aug 2024 12:38:29 +0000
ROA not before: Wed 14 Aug 2024 12:38:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50129
IP address blocks: 5.187.38.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:e5:99:8d:89:d2:bc:ae:bb:d5:cd:66:2f:31:a1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Aug 14 12:38:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4448a125c9b076a95042e2a7f4fc6a699fe4488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:82:68:18:76:1f:02:6a:f5:b7:2f:35:24:d5:
cb:ab:90:8e:90:f2:5a:1c:58:0e:03:f0:55:04:9c:
88:26:25:4f:a2:a5:76:44:a5:0a:e2:18:5d:52:68:
6c:82:f3:a3:d6:c5:25:8f:87:d0:fe:42:28:ab:16:
2b:20:8c:b5:05:3c:71:c9:36:19:8b:98:7a:a1:60:
85:86:b0:bd:fc:6c:b0:84:bc:1f:91:93:9b:25:3c:
0c:57:48:8c:6c:df:92:de:65:da:bc:49:f7:4c:d9:
f1:6a:3d:cd:4f:31:62:4d:be:55:9d:9b:3c:34:03:
b2:0a:ae:28:29:63:f5:fb:fc:5d:88:3b:ae:9e:48:
7c:fc:5f:8f:a4:44:44:02:a8:50:25:8c:d3:9e:16:
11:30:ee:1a:bc:ce:e9:c1:cb:92:d7:78:4f:88:68:
2d:d9:d1:72:bc:36:39:ac:18:db:1f:ba:ee:d1:ec:
5e:61:7e:f1:0e:8a:90:46:25:d2:37:3e:bb:56:09:
21:4e:80:cd:dc:ce:02:3b:19:a7:f4:9e:c6:5e:9a:
f8:2e:0c:48:99:81:27:dc:aa:62:33:d5:11:43:93:
86:31:94:4f:25:c8:e1:6a:44:4d:2a:08:8c:59:10:
35:61:81:4f:6c:c9:8d:03:92:b8:e5:6f:83:de:ac:
e4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:44:8A:12:5C:9B:07:6A:95:04:2E:2A:7F:4F:C6:A6:99:FE:44:88
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/xESKElybB2qVBC4qf0_Gppn-RIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.38.0/23
95.156.204.0/22
185.104.60.0/23
185.104.153.0/24
185.122.186.0/23
185.161.184.0/23
195.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:03:8a:6c:12:f4:b4:8f:80:0a:5d:e9:2a:f4:5a:0f:d2:81:
bf:16:6b:c4:c5:4f:a3:5b:63:c5:89:84:ff:48:61:fd:42:22:
fe:0f:a7:e1:a3:44:7e:d3:6f:1d:9c:46:55:fc:2b:a6:be:6c:
8a:d1:6c:05:d8:ea:97:37:ce:43:3c:c9:cb:ea:72:eb:28:a9:
16:e8:e3:4c:51:f7:90:20:49:3c:b6:b2:55:39:f5:9b:7c:80:
95:fe:f6:26:54:a6:ef:89:94:52:fe:39:a3:7f:a2:3d:b7:ea:
5f:33:72:56:06:9e:a9:30:79:72:98:95:cf:6a:cd:2b:bb:4b:
d2:9b:9b:c2:cd:65:5b:21:25:e5:81:aa:ee:f0:6b:d3:c6:65:
dd:1f:7e:fd:49:ce:6e:d6:38:5b:6c:21:19:cf:8c:ab:28:25:
f6:1d:1c:34:a5:d9:f3:01:98:3f:bc:0c:16:03:cd:29:ae:55:
8f:ee:ec:b8:18:06:99:bb:e9:89:bb:b3:d4:45:e9:f7:60:64:
6f:d8:47:42:54:9c:bb:d1:30:0e:dc:98:90:77:25:1b:ee:7a:
16:83:a1:42:de:4b:0b:81:5c:ae:e0:61:d5:40:88:d5:ed:19:
3f:45:5f:df:a1:b6:fa:ae:c3:3a:4c:32:bb:ca:87:7d:f1:0d:
10:dd:c7:a3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZFQ5ZmNidK8rrvVzWYvMaHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwODE0MTIzODI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ0OGExMjVjOWIwNzZhOTUwNDJlMmE3ZjRmYzZhNjk5ZmU0NDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoJoGHYfAmr1ty81JNXLq5COkPJa
HFgOA/BVBJyIJiVPoqV2RKUK4hhdUmhsgvOj1sUlj4fQ/kIoqxYrIIy1BTxxyTYZ
i5h6oWCFhrC9/GywhLwfkZObJTwMV0iMbN+S3mXavEn3TNnxaj3NTzFiTb5VnZs8
NAOyCq4oKWP1+/xdiDuunkh8/F+PpEREAqhQJYzTnhYRMO4avM7pwcuS13hPiGgt
2dFyvDY5rBjbH7ru0exeYX7xDoqQRiXSNz67VgkhToDN3M4COxmn9J7GXpr4LgxI
mYEn3KpiM9URQ5OGMZRPJcjhakRNKgiMWRA1YYFPbMmNA5K45W+D3qzkxQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMREihJcmwdqlQQuKn9PxqaZ/kSIMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEveEVTS0VseWJCMnFWQkM0cWYwX0dwcG4tUklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBbsmAwQC
X5zMAwQBuWg8AwQAuWiZAwQBuXq6AwQBuaG4AwQBw7X8MA0GCSqGSIb3DQEBCwUA
A4IBAQAaA4psEvS0j4AKXekq9FoP0oG/FmvExU+jW2PFiYT/SGH9QiL+D6fho0R+
028dnEZV/CumvmyK0WwF2OqXN85DPMnL6nLrKKkW6ONMUfeQIEk8trJVOfWbfICV
/vYmVKbviZRS/jmjf6I9t+pfM3JWBp6pMHlymJXPas0ru0vSm5vCzWVbISXlgaru
8GvTxmXdH379Sc5u1jhbbCEZz4yrKCX2HRw0pdnzAZg/vAwWA80prlWP7uy4GAaZ
u+mJu7PURen3YGRv2EdCVJy70TAO3JiQdyUb7noWg6FC3ksLgVyu4GHVQIjV7Rk/
RV/fobb6rsM6TDK7yod98Q0Q3cej
-----END CERTIFICATE-----
Generated at Fri Aug 16 13:13:21 2024 by rpki-client on console-ams.rpki-client.org