Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sKZ19hOBErkm4jWPZ-gJjwuFD-I.roa
File: sKZ19hOBErkm4jWPZ-gJjwuFD-I.roa (raw, json)
Hash identifier: LS/cEDMj76m0r+EpeP/x0Zm+dmA4Kaz007T780fP4i8=
Subject key identifier: B0:A6:75:F6:13:81:12:B9:26:E2:35:8F:67:E8:09:8F:0B:85:0F:E2
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 0B9ACB7E
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sKZ19hOBErkm4jWPZ-gJjwuFD-I.roa
Signing time: Wed 04 May 2022 07:25:04 +0000
ROA not before: Wed 04 May 2022 07:25:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6718
IP address blocks: 91.250.242.0/24 maxlen: 24
188.119.151.0/24 maxlen: 24
188.119.150.0/24 maxlen: 24
193.32.28.0/24 maxlen: 24
193.32.29.0/24 maxlen: 24
128.0.34.0/24 maxlen: 24
128.0.33.0/24 maxlen: 24
128.0.36.0/24 maxlen: 24
91.239.230.0/24 maxlen: 24
185.36.252.0/24 maxlen: 24
5.154.224.0/24 maxlen: 24
91.216.8.0/24 maxlen: 24
2a05:1c04::/32 maxlen: 32
2a05:1c00::/32 maxlen: 32
2a05:1c02::/32 maxlen: 32
2a00:ece0::/32 maxlen: 32
2a05:1c03::/32 maxlen: 32
2a04:6c80::/48 maxlen: 48
2a05:1c01::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194694014 (0xb9acb7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: May 4 07:25:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0a675f6138112b926e2358f67e8098f0b850fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:9f:ac:ae:a1:9a:02:72:0b:f5:f3:c0:d1:
68:9f:57:bc:d9:9d:f6:39:88:6b:b7:cd:56:c7:f1:
f6:e3:0c:07:12:c4:77:cf:36:62:aa:a2:85:6f:ad:
27:46:ba:bc:0e:c3:e5:22:e5:f5:3b:4f:f7:15:d2:
49:28:93:2b:d9:26:f9:29:c9:83:4b:27:0d:66:55:
ea:fe:e1:6e:a5:d2:06:12:46:e8:15:42:a6:ab:f6:
ec:d8:22:fb:98:22:67:9e:e3:ea:cd:7e:96:8c:ec:
28:c7:25:8a:59:ce:ae:60:a6:7d:60:35:e4:be:cd:
bf:75:08:bd:27:8d:22:3d:62:81:37:b5:35:7c:3c:
c6:ab:ca:08:76:74:91:30:fa:f5:35:7a:68:14:23:
7e:11:5c:c0:5e:00:9e:af:49:06:5c:1e:18:b5:e1:
15:ec:b2:ae:44:f9:7e:94:db:de:8b:b3:ab:ef:dd:
66:1e:4a:5d:52:b5:5c:98:ef:a2:48:fe:e0:e8:43:
de:6e:0f:91:b7:4d:9b:0e:61:55:3c:c6:55:c2:6b:
28:22:96:79:f3:3a:ef:4c:6f:0b:42:3e:52:14:bf:
9d:88:df:b3:d2:3d:be:27:47:e0:33:ef:1c:49:e9:
f4:00:8d:5f:29:4f:60:d5:a9:f2:f7:9c:2d:59:e2:
e0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A6:75:F6:13:81:12:B9:26:E2:35:8F:67:E8:09:8F:0B:85:0F:E2
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sKZ19hOBErkm4jWPZ-gJjwuFD-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.224.0/24
91.216.8.0/24
91.239.230.0/24
91.250.242.0/24
128.0.33.0-128.0.34.255
128.0.36.0/24
185.36.252.0/24
188.119.150.0/23
193.32.28.0/23
IPv6:
2a00:ece0::/32
2a04:6c80::/48
2a05:1c00::-2a05:1c04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6a:2d:3d:1e:e7:7c:0c:ca:b2:43:96:97:7d:f5:55:a8:ff:82:
b8:68:42:b8:51:c1:e1:0b:bb:b0:b0:8c:06:d6:03:63:b0:10:
9d:1c:bc:84:fe:99:3e:7a:38:3f:2f:11:1c:fc:3d:7e:a2:24:
9d:a7:07:49:c0:12:57:74:1e:ee:e9:a1:96:81:4d:d7:2e:55:
86:41:bb:c7:d3:2b:f2:88:ae:8d:37:46:7a:6e:b3:6c:50:89:
20:e1:e8:c2:86:58:f9:25:a2:7c:4c:c0:4c:2f:41:d4:85:00:
07:90:cc:c1:a0:53:85:ab:74:6b:42:70:5d:6b:77:3a:21:86:
5d:67:fb:e4:96:22:b3:dc:cb:bb:0b:cd:1e:75:90:2e:2e:e8:
99:65:f8:ed:1f:73:d7:ae:4b:f8:64:4f:d4:5e:66:5d:80:26:
9b:29:09:c4:d2:40:24:23:8a:fc:1e:0e:97:e1:30:eb:7d:a5:
a2:6a:f0:c2:5e:c6:b5:07:af:23:0e:f2:3a:5c:5d:a3:b8:2b:
aa:71:25:bb:f8:1a:0e:4f:8c:1c:8c:a9:82:66:5c:07:04:d4:
89:ad:8d:2b:bc:86:67:78:d2:bf:97:c6:78:0e:86:55:af:8e:
ff:88:a1:18:cb:65:a9:21:8c:5a:c9:49:47:44:bb:3f:36:64:
52:8e:7c:cf
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIEC5rLfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGMyMGFlMWRhY2NhMzE4MTViMjc0NzAyOTI3YzFhNWE5ZGJjN2IzMB4XDTIyMDUw
NDA3MjUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBhNjc1ZjYxMzgx
MTJiOTI2ZTIzNThmNjdlODA5OGYwYjg1MGZlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMySn6yuoZoCcgv188DRaJ9XvNmd9jmIa7fNVsfx9uMMBxLE
d882YqqihW+tJ0a6vA7D5SLl9TtP9xXSSSiTK9km+SnJg0snDWZV6v7hbqXSBhJG
6BVCpqv27Ngi+5giZ57j6s1+lozsKMclilnOrmCmfWA15L7Nv3UIvSeNIj1igTe1
NXw8xqvKCHZ0kTD69TV6aBQjfhFcwF4Anq9JBlweGLXhFeyyrkT5fpTb3ouzq+/d
Zh5KXVK1XJjvokj+4OhD3m4PkbdNmw5hVTzGVcJrKCKWefM670xvC0I+UhS/nYjf
s9I9vidH4DPvHEnp9ACNXylPYNWp8vecLVni4OcCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBSwpnX2E4ESuSbiNY9n6AmPC4UP4jAfBgNVHSMEGDAWgBSwwgrh2syjGBWy
dHApJ8GlqdvHszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NNSUs0ZHJNb3hnVnNuUndLU2ZCcGFuYng3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8x
L3NLWjE5aE9CRXJrbTRqV1BaLWdKand1RkQtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
ODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8xL3NNSUs0ZHJNb3hn
VnNuUndLU2ZCcGFuYng3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wRAQCAAEwPgMEAAWa4AMEAFvYCAMEAFvv5gMEAFv6
8jAMAwQAgAAhAwQAgAAiAwQAgAAkAwQAuST8AwQBvHeWAwQBwSAcMCUEAgACMB8D
BQAqAOzgAwcAKgRsgAAAMA0DBAIqBRwDBQAqBRwEMA0GCSqGSIb3DQEBCwUAA4IB
AQBqLT0e53wMyrJDlpd99VWo/4K4aEK4UcHhC7uwsIwG1gNjsBCdHLyE/pk+ejg/
LxEc/D1+oiSdpwdJwBJXdB7u6aGWgU3XLlWGQbvH0yvyiK6NN0Z6brNsUIkg4ejC
hlj5JaJ8TMBML0HUhQAHkMzBoFOFq3RrQnBda3c6IYZdZ/vkliKz3Mu7C80edZAu
LuiZZfjtH3PXrkv4ZE/UXmZdgCabKQnE0kAkI4r8Hg6X4TDrfaWiavDCXsa1B68j
DvI6XF2juCuqcSW7+BoOT4wcjKmCZlwHBNSJrY0rvIZneNK/l8Z4DoZVr47/iKEY
y2WpIYxayUlHRLs/NmRSjnzP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org