Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/yqjbJH4JPjC3mypWHfwtuSqcHTU.roa
File: yqjbJH4JPjC3mypWHfwtuSqcHTU.roa (raw, json)
Hash identifier: a20JjKJ7rh9DAaOrESlxhIsDBElchMJE+UPXajrFrmI=
Subject key identifier: CA:A8:DB:24:7E:09:3E:30:B7:9B:2A:56:1D:FC:2D:B9:2A:9C:1D:35
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01916A570641CF7C228EF0D954F8C514B107
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/yqjbJH4JPjC3mypWHfwtuSqcHTU.roa
Signing time: Mon 19 Aug 2024 11:12:53 +0000
ROA not before: Mon 19 Aug 2024 11:12:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50129
IP address blocks: 5.187.38.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:57:06:41:cf:7c:22:8e:f0:d9:54:f8:c5:14:b1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Aug 19 11:12:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caa8db247e093e30b79b2a561dfc2db92a9c1d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1d:d6:c3:f7:e7:55:ab:89:73:2a:3b:62:82:
de:46:eb:c0:c4:1f:9a:04:87:7b:5e:44:af:92:9a:
6d:b1:91:ec:54:c7:34:73:88:93:9b:15:95:2c:04:
a6:df:85:ad:1b:53:ef:16:f9:15:fd:44:5d:f2:db:
40:29:4a:25:00:1f:04:68:99:8e:c1:35:5b:df:4c:
a5:6a:cf:3c:57:08:c0:ac:c9:6c:64:7b:9e:d8:8f:
0c:1d:a7:37:45:87:c4:8d:a0:bb:73:7a:bb:fe:a2:
45:73:86:a1:1b:86:55:1e:2d:94:53:0d:c8:22:0c:
2e:c6:8d:64:e1:27:3d:ff:45:81:62:3e:e7:68:98:
84:95:ba:6a:bf:d1:16:9f:e3:0b:f6:90:ad:8d:79:
1f:62:40:20:d2:15:17:9c:62:ce:f4:fe:31:a1:76:
5c:e7:18:71:83:09:57:51:2c:42:02:c8:36:0d:9e:
7a:3e:c1:14:12:29:17:cf:da:66:73:d8:b8:08:ac:
29:12:67:b9:4e:45:3f:1f:1f:7e:74:3e:43:3b:02:
f4:15:55:29:27:fb:36:62:47:de:93:7a:95:43:af:
ec:94:0f:1b:45:f0:a0:f8:c9:87:0c:ed:0f:9c:06:
04:88:85:2f:f4:22:b2:6c:49:1a:9e:32:95:47:6d:
1e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A8:DB:24:7E:09:3E:30:B7:9B:2A:56:1D:FC:2D:B9:2A:9C:1D:35
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/yqjbJH4JPjC3mypWHfwtuSqcHTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.38.0/23
185.104.153.0/24
185.122.186.0/23
195.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:61:77:53:3c:79:4f:14:81:01:17:be:74:4a:bf:10:41:ea:
39:e3:75:1e:23:33:3e:1f:6d:0a:94:67:d4:9b:c8:0a:9e:9d:
d3:da:16:63:d9:e0:25:f6:eb:2a:a6:6d:a8:db:a7:a5:c9:7e:
dd:79:a1:82:00:d1:35:b2:77:1a:32:85:88:7e:bd:c4:74:e6:
b4:81:a1:e7:c2:2b:b4:fa:fd:08:28:62:88:7f:79:a9:d0:06:
d1:3b:13:75:18:28:72:95:a8:e7:80:65:2f:16:2d:3c:04:5b:
e8:13:38:54:38:c3:0d:39:55:cb:9d:60:ee:da:1f:03:7d:20:
25:90:d9:bb:a7:98:65:fb:9c:28:d5:f6:8c:f9:4f:b6:6a:d1:
0d:1f:42:79:a2:90:e2:aa:bd:ec:7c:6f:35:f3:47:94:0a:ec:
43:6e:f4:af:8d:bc:ea:cf:45:aa:5d:9e:78:9b:28:20:00:0c:
c5:35:18:9b:74:30:b0:c8:b8:31:97:96:c9:9f:b6:5e:79:39:
ee:ad:f9:78:96:89:d0:c2:e4:ea:94:9d:e6:05:a9:44:ca:39:
95:bd:47:69:2f:8b:54:e4:c2:a2:7a:80:ef:2c:33:1a:62:f1:
b3:68:0d:4e:14:37:31:e0:c5:ed:0e:ab:cc:ea:d4:18:81:c9:
df:d3:28:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFqVwZBz3wijvDZVPjFFLEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwODE5MTExMjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWE4ZGIyNDdlMDkzZTMwYjc5YjJhNTYxZGZjMmRiOTJhOWMxZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB3Ww/fnVauJcyo7YoLeRuvAxB+a
BId7XkSvkpptsZHsVMc0c4iTmxWVLASm34WtG1PvFvkV/URd8ttAKUolAB8EaJmO
wTVb30ylas88VwjArMlsZHue2I8MHac3RYfEjaC7c3q7/qJFc4ahG4ZVHi2UUw3I
Igwuxo1k4Sc9/0WBYj7naJiElbpqv9EWn+ML9pCtjXkfYkAg0hUXnGLO9P4xoXZc
5xhxgwlXUSxCAsg2DZ56PsEUEikXz9pmc9i4CKwpEme5TkU/Hx9+dD5DOwL0FVUp
J/s2Ykfek3qVQ6/slA8bRfCg+MmHDO0PnAYEiIUv9CKybEkanjKVR20eIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMqo2yR+CT4wt5sqVh38LbkqnB01MB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEveXFqYkpINEpQakMzbXlwV0hmd3R1U3FjSFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbsmAwQA
uWiZAwQBuXq6AwQBw7X8MA0GCSqGSIb3DQEBCwUAA4IBAQCeYXdTPHlPFIEBF750
Sr8QQeo543UeIzM+H20KlGfUm8gKnp3T2hZj2eAl9usqpm2o26elyX7deaGCANE1
sncaMoWIfr3EdOa0gaHnwiu0+v0IKGKIf3mp0AbROxN1GChylajngGUvFi08BFvo
EzhUOMMNOVXLnWDu2h8DfSAlkNm7p5hl+5wo1faM+U+2atENH0J5opDiqr3sfG81
80eUCuxDbvSvjbzqz0WqXZ54myggAAzFNRibdDCwyLgxl5bJn7ZeeTnurfl4lonQ
wuTqlJ3mBalEyjmVvUdpL4tU5MKieoDvLDMaYvGzaA1OFDcx4MXtDqvM6tQYgcnf
0yjz
-----END CERTIFICATE-----
Generated at Mon Sep 30 14:02:05 2024 by rpki-client on console-ams.rpki-client.org