Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/rPr9HI_17z2nYbLim6mgMBQ0k3o.roa
File: rPr9HI_17z2nYbLim6mgMBQ0k3o.roa (raw, json)
Hash identifier: UFDCQtMHdn8LEZcfwVEaayB35TAhG+03VlGClVOm6hw=
Subject key identifier: AC:FA:FD:1C:8F:F5:EF:3D:A7:61:B2:E2:9B:A9:A0:30:14:34:93:7A
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 0BC62225
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/rPr9HI_17z2nYbLim6mgMBQ0k3o.roa
Signing time: Fri 20 May 2022 10:20:59 +0000
ROA not before: Fri 20 May 2022 10:20:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6718
IP address blocks: 91.250.242.0/24 maxlen: 24
193.32.28.0/24 maxlen: 24
193.32.29.0/24 maxlen: 24
128.0.34.0/24 maxlen: 24
128.0.33.0/24 maxlen: 24
128.0.36.0/24 maxlen: 24
91.239.230.0/24 maxlen: 24
185.36.252.0/24 maxlen: 24
5.154.224.0/24 maxlen: 24
91.216.8.0/24 maxlen: 24
2a05:1c04::/32 maxlen: 32
2a05:1c00::/32 maxlen: 32
2a05:1c02::/32 maxlen: 32
2a00:ece0::/32 maxlen: 32
2a05:1c03::/32 maxlen: 32
2a04:6c80::/48 maxlen: 48
2a05:1c01::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197534245 (0xbc62225)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: May 20 10:20:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acfafd1c8ff5ef3da761b2e29ba9a0301434937a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ec:93:f7:52:c7:07:e4:97:c7:c7:78:7f:04:
1c:ba:c2:ad:c4:e6:7a:ee:25:2a:23:df:ab:32:bc:
cd:0c:cf:3a:79:a7:85:0e:3d:d9:e5:f1:be:ea:0a:
07:0e:25:d7:3c:50:a0:4f:a7:a9:64:89:53:32:35:
66:22:c2:8b:8f:ac:30:89:e5:d0:b5:39:97:b4:27:
c9:7c:de:7d:2a:16:83:93:54:dc:89:4e:4e:1d:4d:
ef:9e:cc:71:f6:aa:a6:74:88:f6:a4:11:0f:fa:16:
bc:2f:58:3b:34:d4:ef:d0:89:c9:de:03:59:cd:14:
09:aa:46:96:ef:5d:da:8a:d1:3a:b6:1e:69:93:a0:
d2:81:10:67:b2:a4:3d:1f:db:23:b3:ea:f2:23:d8:
ef:ca:56:14:95:df:a0:cb:8a:e5:98:e5:2d:2f:a6:
af:b5:1a:c3:7b:bb:ea:69:e7:c2:57:56:7f:55:de:
4e:8f:42:f7:78:e9:49:4e:3f:ae:1e:97:33:50:b0:
e5:b2:81:4d:27:d3:19:51:48:03:e2:2b:e9:08:46:
be:cd:a6:91:64:3a:62:fb:26:fc:fa:d5:07:15:05:
a7:27:89:d0:88:ce:0e:d1:33:dc:16:8b:7f:19:ec:
2a:4c:ad:44:6d:fe:b3:b5:c8:b3:a9:0d:41:b3:72:
17:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FA:FD:1C:8F:F5:EF:3D:A7:61:B2:E2:9B:A9:A0:30:14:34:93:7A
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/rPr9HI_17z2nYbLim6mgMBQ0k3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.224.0/24
91.216.8.0/24
91.239.230.0/24
91.250.242.0/24
128.0.33.0-128.0.34.255
128.0.36.0/24
185.36.252.0/24
193.32.28.0/23
IPv6:
2a00:ece0::/32
2a04:6c80::/48
2a05:1c00::-2a05:1c04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:72:4b:12:47:22:88:a4:0d:7a:22:6c:36:ab:93:bd:3b:9b:
62:1e:66:72:90:3d:ef:fa:a6:55:83:de:5b:ac:f1:bb:3f:d5:
4e:d3:5d:a0:69:f7:58:2f:a3:8d:93:76:39:da:f0:a9:d8:3f:
03:a2:47:94:8d:61:44:17:64:a0:b5:1e:cf:d5:74:4b:0b:5f:
a8:b6:33:93:3f:87:d4:97:84:a5:ed:a6:a8:5f:87:78:fa:ec:
44:b9:ff:06:61:44:fd:52:64:85:30:54:05:84:d0:8c:e6:af:
ce:9e:c6:6b:1e:9e:9b:e0:e9:64:e4:41:59:96:6b:7f:c5:0b:
26:dd:de:47:bb:2a:7f:d5:9c:aa:c1:18:d1:f9:bf:5c:a4:f0:
8c:7e:76:c5:90:ec:c5:e8:67:30:ff:9c:90:11:40:79:9c:e5:
69:a7:70:6f:81:6e:33:66:d4:35:90:3a:dc:f2:59:18:95:1f:
f2:6d:e6:54:21:36:78:94:1b:77:68:90:e7:0d:dd:e5:ef:b9:
2a:a7:cd:5a:12:4a:a3:6d:fe:df:36:63:d3:5b:67:b3:3e:e2:
a2:92:6a:d0:d8:7e:48:e8:a0:c9:b3:cb:b6:3a:7f:53:20:93:
ac:d0:b3:6d:7a:2f:51:dd:ab:79:84:60:58:fa:d5:d1:1d:03:
67:09:cc:98
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIEC8YiJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGMyMGFlMWRhY2NhMzE4MTViMjc0NzAyOTI3YzFhNWE5ZGJjN2IzMB4XDTIyMDUy
MDEwMjA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNmYWZkMWM4ZmY1
ZWYzZGE3NjFiMmUyOWJhOWEwMzAxNDM0OTM3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDsk/dSxwfkl8fHeH8EHLrCrcTmeu4lKiPfqzK8zQzPOnmn
hQ492eXxvuoKBw4l1zxQoE+nqWSJUzI1ZiLCi4+sMInl0LU5l7QnyXzefSoWg5NU
3IlOTh1N757McfaqpnSI9qQRD/oWvC9YOzTU79CJyd4DWc0UCapGlu9d2orROrYe
aZOg0oEQZ7KkPR/bI7Pq8iPY78pWFJXfoMuK5ZjlLS+mr7Uaw3u76mnnwldWf1Xe
To9C93jpSU4/rh6XM1Cw5bKBTSfTGVFIA+Ir6QhGvs2mkWQ6Yvsm/PrVBxUFpyeJ
0IjODtEz3BaLfxnsKkytRG3+s7XIs6kNQbNyF6MCAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBSs+v0cj/XvPadhsuKbqaAwFDSTejAfBgNVHSMEGDAWgBSwwgrh2syjGBWy
dHApJ8GlqdvHszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NNSUs0ZHJNb3hnVnNuUndLU2ZCcGFuYng3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8x
L3JQcjlISV8xN3oyblliTGltNm1nTUJRMGszby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
ODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8xL3NNSUs0ZHJNb3hn
VnNuUndLU2ZCcGFuYng3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwPgQCAAEwOAMEAAWa4AMEAFvYCAMEAFvv5gMEAFv6
8jAMAwQAgAAhAwQAgAAiAwQAgAAkAwQAuST8AwQBwSAcMCUEAgACMB8DBQAqAOzg
AwcAKgRsgAAAMA0DBAIqBRwDBQAqBRwEMA0GCSqGSIb3DQEBCwUAA4IBAQB1cksS
RyKIpA16Imw2q5O9O5tiHmZykD3v+qZVg95brPG7P9VO012gafdYL6ONk3Y52vCp
2D8DokeUjWFEF2SgtR7P1XRLC1+otjOTP4fUl4Sl7aaoX4d4+uxEuf8GYUT9UmSF
MFQFhNCM5q/OnsZrHp6b4Olk5EFZlmt/xQsm3d5Huyp/1ZyqwRjR+b9cpPCMfnbF
kOzF6Gcw/5yQEUB5nOVpp3BvgW4zZtQ1kDrc8lkYlR/ybeZUITZ4lBt3aJDnDd3l
77kqp81aEkqjbf7fNmPTW2ezPuKikmrQ2H5I6KDJs8u2On9TIJOs0LNtei9R3at5
hGBY+tXRHQNnCcyY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:36 2023 by rpki-client on console-fra.rpki-client.org