Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/fdn5JDozStc4vKfMr3bq_P5Da1E.roa
File: fdn5JDozStc4vKfMr3bq_P5Da1E.roa (raw, json)
Hash identifier: pkFniWKmrsiRi/kOJ+idnUUiOjPOjqPT6bkBytM7iZ0=
Subject key identifier: 7D:D9:F9:24:3A:33:4A:D7:38:BC:A7:CC:AF:76:EA:FC:FE:43:6B:51
Certificate issuer: /CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Certificate serial: 11F0E0F7
Authority key identifier: 4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/fdn5JDozStc4vKfMr3bq_P5Da1E.roa
Signing time: Tue 05 Apr 2022 11:25:24 +0000
ROA not before: Tue 05 Apr 2022 11:25:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51407
IP address blocks: 31.13.163.0/24 maxlen: 24
46.32.192.0/21 maxlen: 21
46.32.192.0/23 maxlen: 23
46.32.194.0/23 maxlen: 23
95.215.131.0/24 maxlen: 24
37.60.144.0/23 maxlen: 23
37.60.144.0/21 maxlen: 21
46.32.198.0/23 maxlen: 23
46.32.196.0/23 maxlen: 23
37.60.148.0/23 maxlen: 23
37.60.146.0/23 maxlen: 23
46.32.200.0/24 maxlen: 24
37.60.150.0/23 maxlen: 23
46.32.208.0/24 maxlen: 24
188.227.233.0/24 maxlen: 24
188.227.232.0/24 maxlen: 24
188.227.235.0/24 maxlen: 24
188.227.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300998903 (0x11f0e0f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Validity
Not Before: Apr 5 11:25:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dd9f9243a334ad738bca7ccaf76eafcfe436b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:94:7a:67:51:4a:87:2c:29:35:87:5e:a9:fb:
24:c0:50:17:39:91:26:c5:0d:60:a4:20:49:2f:cb:
46:18:d9:73:46:47:b1:ca:40:4c:26:0f:4b:ae:91:
38:b2:49:26:83:3e:4d:b4:58:f7:f2:4d:14:0f:2b:
ae:79:11:67:46:2e:88:22:cf:ff:4d:23:d4:cc:b6:
7d:26:72:91:1d:65:2a:6a:f9:a8:1c:92:1e:ba:e4:
c8:e8:7d:7b:de:01:e4:a0:db:3d:d7:b2:8b:1c:0d:
62:7d:90:8d:78:29:b6:fc:42:6b:00:04:28:d1:5c:
d9:77:aa:48:3d:67:7d:f0:eb:20:71:a5:e0:3c:7c:
ab:e4:5f:a5:7b:ef:f1:18:81:ae:d9:79:25:71:c3:
a2:35:35:b9:d0:bd:89:f7:d2:02:83:8a:9c:b8:3b:
60:9b:82:d9:d2:dd:ac:35:fa:7d:b6:52:2b:14:9b:
dc:a9:a2:76:e8:52:30:ec:90:cd:52:78:d8:be:26:
ab:4e:74:88:27:76:57:15:7b:3e:7d:56:dd:f3:36:
a0:2f:4b:f4:38:19:0a:75:35:a7:e2:59:98:27:da:
9b:af:e7:b8:9e:40:5d:6f:2b:f2:14:d9:1c:19:26:
1c:ba:a7:9c:ad:1d:1a:9c:4a:fa:92:2b:96:7d:8f:
f5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D9:F9:24:3A:33:4A:D7:38:BC:A7:CC:AF:76:EA:FC:FE:43:6B:51
X509v3 Authority Key Identifier:
keyid:4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/fdn5JDozStc4vKfMr3bq_P5Da1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.163.0/24
37.60.144.0/21
46.32.192.0-46.32.200.255
46.32.208.0/24
95.215.131.0/24
188.227.232.0/22
Signature Algorithm: sha256WithRSAEncryption
05:46:18:c7:e8:fb:a4:a4:56:cc:7e:03:59:5c:9f:84:60:ca:
e4:23:76:48:28:79:02:c3:20:e9:ca:0f:55:bd:1d:31:75:f5:
3c:4b:10:bc:0e:9f:b9:a8:53:d6:e7:90:a2:4f:81:9a:03:6a:
84:5a:1e:02:88:06:36:ff:30:9e:7a:42:88:90:e2:ae:83:81:
46:65:5a:90:0b:00:55:03:f6:84:a3:3f:3e:5c:17:08:d5:f3:
ec:3f:e9:cf:84:47:12:e0:89:66:d7:40:41:92:ef:08:2c:fe:
00:49:f5:e3:45:a8:19:82:21:c1:b1:df:ed:eb:1f:35:44:91:
ba:14:c1:e4:0b:cf:98:ce:34:ef:1d:74:c1:ae:75:7b:df:c7:
eb:55:cd:c2:8e:7e:43:98:f9:87:ba:fe:bf:d7:d6:16:13:fc:
7e:8e:26:34:8e:63:a4:cf:37:72:2a:c5:72:00:c3:6e:6b:5a:
0d:84:fc:a1:82:c5:98:fb:fc:e5:eb:9f:d5:2d:1b:d6:b9:a7:
79:a5:3a:25:0f:08:7b:28:1c:6e:d6:0f:f6:da:b5:44:4e:3d:
b1:d2:bf:8f:2b:78:e0:73:e3:a5:90:84:af:9c:d0:d2:01:e9:
38:8f:02:d8:b4:d9:6d:f5:17:ea:3c:f3:83:23:c4:ef:98:f8:
8e:30:c3:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEEfDg9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjU3NzI1YjBhNjA1ZDRkZGNjNDY0YjcwZGNiM2ExNjJhNWYwNTViMB4XDTIyMDQw
NTExMjUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RkOWY5MjQzYTMz
NGFkNzM4YmNhN2NjYWY3NmVhZmNmZTQzNmI1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANaUemdRSocsKTWHXqn7JMBQFzmRJsUNYKQgSS/LRhjZc0ZH
scpATCYPS66ROLJJJoM+TbRY9/JNFA8rrnkRZ0YuiCLP/00j1My2fSZykR1lKmr5
qBySHrrkyOh9e94B5KDbPdeyixwNYn2QjXgptvxCawAEKNFc2XeqSD1nffDrIHGl
4Dx8q+RfpXvv8RiBrtl5JXHDojU1udC9iffSAoOKnLg7YJuC2dLdrDX6fbZSKxSb
3KmiduhSMOyQzVJ42L4mq050iCd2VxV7Pn1W3fM2oC9L9DgZCnU1p+JZmCfam6/n
uJ5AXW8r8hTZHBkmHLqnnK0dGpxK+pIrln2P9bUCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBR92fkkOjNK1zi8p8yvdur8/kNrUTAfBgNVHSMEGDAWgBRLV3JbCmBdTdzE
ZLcNyzoWKl8FWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxZHlXd3BnWFUzY3hHUzNEY3M2RmlwZkJWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8x
L2ZkbjVKRG96U3RjNHZLZk1yM2JxX1A1RGExRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8xL1MxZHlXd3BnWFUz
Y3hHUzNEY3M2RmlwZkJWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAB8NowMEAyU8kDAMAwQGLiDAAwQA
LiDIAwQALiDQAwQAX9eDAwQCvOPoMA0GCSqGSIb3DQEBCwUAA4IBAQAFRhjH6Puk
pFbMfgNZXJ+EYMrkI3ZIKHkCwyDpyg9VvR0xdfU8SxC8Dp+5qFPW55CiT4GaA2qE
Wh4CiAY2/zCeekKIkOKug4FGZVqQCwBVA/aEoz8+XBcI1fPsP+nPhEcS4Ilm10BB
ku8ILP4ASfXjRagZgiHBsd/t6x81RJG6FMHkC8+YzjTvHXTBrnV738frVc3Cjn5D
mPmHuv6/19YWE/x+jiY0jmOkzzdyKsVyAMNua1oNhPyhgsWY+/zl65/VLRvWuad5
pTolDwh7KBxu1g/22rVETj2x0r+PK3jgc+OlkISvnNDSAek4jwLYtNlt9RfqPPOD
I8TvmPiOMMMt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:07 2024 by rpki-client on console-fra.rpki-client.org