Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/q54N7A74p9USip0ByDaDAcouf0s.roa
File: q54N7A74p9USip0ByDaDAcouf0s.roa (raw, json)
Hash identifier: 0uRZvsCxMiqG00DPN8Ouz2bRm6URF0BfKf7YHPPXOfw=
Subject key identifier: AB:9E:0D:EC:0E:F8:A7:D5:12:8A:9D:01:C8:36:83:01:CA:2E:7F:4B
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 018226176396F69AA1DF8CB03AE055D43B3F
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/q54N7A74p9USip0ByDaDAcouf0s.roa
Signing time: Fri 22 Jul 2022 13:27:23 +0000
ROA not before: Fri 22 Jul 2022 13:27:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6718
IP address blocks: 91.250.242.0/24 maxlen: 24
193.32.28.0/24 maxlen: 24
128.0.34.0/24 maxlen: 24
128.0.33.0/24 maxlen: 24
128.0.36.0/24 maxlen: 24
91.239.230.0/24 maxlen: 24
185.36.252.0/24 maxlen: 24
5.154.224.0/24 maxlen: 24
91.216.8.0/24 maxlen: 24
2a05:1c04::/32 maxlen: 32
2a05:1c00::/32 maxlen: 32
2a05:1c02::/32 maxlen: 32
2a00:ece0::/32 maxlen: 32
2a05:1c03::/32 maxlen: 32
2a04:6c80::/48 maxlen: 48
2a05:1c01::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:17:63:96:f6:9a:a1:df:8c:b0:3a:e0:55:d4:3b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jul 22 13:27:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab9e0dec0ef8a7d5128a9d01c8368301ca2e7f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3e:73:4b:87:99:27:48:e8:7a:ca:2e:82:07:
cb:6c:f6:84:81:55:a6:18:a7:b5:d5:43:6d:ae:1c:
bc:c2:fb:61:0c:01:cb:af:4d:f4:e2:dd:bd:e7:5b:
96:9a:0a:1d:5d:ae:e3:f7:e0:1e:b0:03:9f:93:ff:
f9:bc:06:33:e2:83:a8:9e:bb:90:cd:56:f8:24:9f:
21:b6:39:d2:32:1e:33:ce:be:f1:0d:e8:a8:00:b2:
66:bf:6f:42:d7:8f:23:b9:86:97:c7:8d:8f:82:40:
8f:6e:df:af:da:c3:00:26:11:13:50:d2:9d:5a:95:
5b:34:51:55:0f:67:38:55:bb:55:6b:91:3b:bd:15:
2e:fa:b4:55:02:ac:aa:d3:a2:e6:47:ec:9f:f3:32:
e4:f0:0c:b9:fa:9c:34:f6:f1:f1:d1:10:bf:e2:a5:
34:9b:be:a7:27:5b:53:57:43:3f:3a:8b:25:aa:f8:
3e:01:f5:d8:1b:7e:f3:75:98:d1:78:31:ef:57:3a:
1d:53:90:42:44:94:8f:a7:c3:43:52:ec:60:fd:c8:
f4:6a:40:56:47:bc:34:e4:57:04:a6:7d:9c:96:ff:
6d:a6:e6:d3:a1:46:6a:a8:ef:7e:46:d0:c6:b9:a8:
a2:0f:bb:10:5f:8b:d9:bd:dd:35:e0:3c:04:0f:f6:
18:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9E:0D:EC:0E:F8:A7:D5:12:8A:9D:01:C8:36:83:01:CA:2E:7F:4B
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/q54N7A74p9USip0ByDaDAcouf0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.224.0/24
91.216.8.0/24
91.239.230.0/24
91.250.242.0/24
128.0.33.0-128.0.34.255
128.0.36.0/24
185.36.252.0/24
193.32.28.0/24
IPv6:
2a00:ece0::/32
2a04:6c80::/48
2a05:1c00::-2a05:1c04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6a:5d:ba:30:d1:3f:da:68:14:36:9d:c3:69:5a:d3:f9:6c:eb:
27:9f:ad:0f:71:dd:b0:d7:de:4f:7a:19:6a:91:83:a2:1f:bd:
fc:09:3e:3b:8c:f8:71:30:e8:1e:68:3d:0d:29:ba:c5:ca:3a:
e6:20:b1:18:ac:b0:21:cb:d2:1a:d7:e5:58:bc:16:4d:78:12:
14:c6:fd:e1:1f:96:d8:1d:c2:3c:6b:00:9e:6b:e1:56:96:01:
ad:21:e3:48:e9:de:92:28:c2:36:fa:76:11:cd:b1:1d:87:b2:
47:6b:6b:3e:ec:b2:f4:76:97:bc:d0:53:d0:ce:7d:ec:49:4e:
3f:c8:67:5f:dd:de:f6:1d:c0:02:12:16:ae:07:16:46:e3:53:
55:53:ef:2d:4d:08:30:fa:e9:40:79:81:b1:d2:fd:0a:e5:07:
5b:35:5a:57:c3:e0:b5:97:a6:ab:18:7a:7d:5b:22:41:9f:6d:
f1:98:e0:19:f2:7d:2a:58:3b:6b:c7:8b:fa:81:7a:4c:0f:08:
f8:4c:31:32:a8:ad:26:12:23:3a:ad:e5:56:38:3b:38:84:01:
0c:36:61:e9:01:db:ae:0c:fa:e3:2e:a4:a5:ad:93:96:f4:df:
8d:f4:e2:5d:1b:63:55:ea:50:61:80:16:da:0f:25:ac:a7:69:
85:40:c1:4f
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYImF2OW9pqh34ywOuBV1Ds/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjIwNzIyMTMyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjllMGRlYzBlZjhhN2Q1MTI4YTlkMDFjODM2ODMwMWNhMmU3ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz5zS4eZJ0joesouggfLbPaEgVWm
GKe11UNtrhy8wvthDAHLr0304t2951uWmgodXa7j9+AesAOfk//5vAYz4oOonruQ
zVb4JJ8htjnSMh4zzr7xDeioALJmv29C148juYaXx42PgkCPbt+v2sMAJhETUNKd
WpVbNFFVD2c4VbtVa5E7vRUu+rRVAqyq06LmR+yf8zLk8Ay5+pw09vHx0RC/4qU0
m76nJ1tTV0M/Ooslqvg+AfXYG37zdZjReDHvVzodU5BCRJSPp8NDUuxg/cj0akBW
R7w05FcEpn2clv9tpubToUZqqO9+RtDGuaiiD7sQX4vZvd014DwED/YYHwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFKueDewO+KfVEoqdAcg2gwHKLn9LMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvcTU0TjdBNzRwOVVTaXAwQnlEYURBY291ZjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzA+BAIAATA4AwQABZrgAwQA
W9gIAwQAW+/mAwQAW/ryMAwDBACAACEDBACAACIDBACAACQDBAC5JPwDBADBIBww
JQQCAAIwHwMFACoA7OADBwAqBGyAAAAwDQMEAioFHAMFACoFHAQwDQYJKoZIhvcN
AQELBQADggEBAGpdujDRP9poFDadw2la0/ls6yefrQ9x3bDX3k96GWqRg6IfvfwJ
PjuM+HEw6B5oPQ0pusXKOuYgsRissCHL0hrX5Vi8Fk14EhTG/eEfltgdwjxrAJ5r
4VaWAa0h40jp3pIowjb6dhHNsR2Hskdraz7ssvR2l7zQU9DOfexJTj/IZ1/d3vYd
wAISFq4HFkbjU1VT7y1NCDD66UB5gbHS/QrlB1s1WlfD4LWXpqsYen1bIkGfbfGY
4BnyfSpYO2vHi/qBekwPCPhMMTKorSYSIzqt5VY4OziEAQw2YekB264M+uMupKWt
k5b034304l0bY1XqUGGAFtoPJaynaYVAwU8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org