Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/5qpp5mMXXf_YPR1bPgvcqwggh_4.roa
File: 5qpp5mMXXf_YPR1bPgvcqwggh_4.roa (raw, json)
Hash identifier: kvKIfMeFXaQuMzDEiDrB7E10fSukhLh5quUZDRetivM=
Subject key identifier: E6:AA:69:E6:63:17:5D:FF:D8:3D:1D:5B:3E:0B:DC:AB:08:20:87:FE
Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Certificate serial: 01835F0906B850DFC513781E2293011F8F18
Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/5qpp5mMXXf_YPR1bPgvcqwggh_4.roa
Signing time: Wed 21 Sep 2022 07:52:50 +0000
ROA not before: Wed 21 Sep 2022 07:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200602
IP address blocks: 185.54.103.0/24 maxlen: 32
5.63.188.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:09:06:b8:50:df:c5:13:78:1e:22:93:01:1f:8f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Validity
Not Before: Sep 21 07:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6aa69e663175dffd83d1d5b3e0bdcab082087fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:73:3a:39:0b:53:2d:19:31:75:39:ed:ef:01:
2a:8d:31:50:1c:f1:29:9c:30:fe:69:63:fd:83:77:
dd:6a:de:a3:92:12:66:23:f8:14:db:0a:65:76:9b:
9e:35:de:f7:a6:4d:e8:b4:93:8d:67:02:a6:8b:54:
08:f3:3f:a9:37:72:5b:b1:b6:08:bd:ee:54:eb:1d:
c7:ae:70:ec:d4:5f:1f:fd:a6:5e:b0:76:00:19:e5:
b4:cc:c8:2e:82:16:95:bd:a7:5d:c6:ee:1e:28:c9:
7f:13:f7:71:ec:d5:6a:8a:12:64:3d:1b:16:c0:2e:
93:4f:eb:5d:98:f6:c6:68:0f:5e:99:3c:3a:42:3f:
76:7a:57:e0:2e:c7:6d:f3:64:29:a7:5d:0e:e1:58:
86:4b:04:b4:6d:1e:9f:b6:a0:5f:69:d5:1a:e9:93:
e5:e3:c1:0c:c9:9c:b1:47:0f:fd:17:8d:ef:04:a7:
bb:f5:30:20:0f:d7:3c:8c:98:6b:3f:9d:0d:08:77:
ec:b5:b7:95:2b:ae:32:0a:dd:8b:29:cb:ff:e1:e3:
c2:5e:ca:f5:a2:37:0a:d8:0c:f6:24:2e:4e:21:8a:
a3:fa:6d:54:ef:7b:2c:74:e6:65:b4:4f:ba:1f:05:
c8:25:c3:d9:cd:80:f8:ff:8b:bd:fa:98:f0:a6:de:
ec:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AA:69:E6:63:17:5D:FF:D8:3D:1D:5B:3E:0B:DC:AB:08:20:87:FE
X509v3 Authority Key Identifier:
keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/5qpp5mMXXf_YPR1bPgvcqwggh_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.188.0/23
185.54.103.0/24
Signature Algorithm: sha256WithRSAEncryption
15:5d:65:d0:ed:63:e8:8d:b7:05:81:34:08:74:78:e0:13:6d:
be:58:a9:7c:e5:85:bb:10:fb:74:fd:d7:6d:60:d1:68:19:13:
d8:45:3b:3e:cd:96:e1:13:25:49:f3:0e:da:81:c0:78:7a:d5:
db:2b:f6:8c:e2:b6:43:6e:69:3c:95:d6:48:f8:8f:35:f9:ee:
ca:78:95:6d:c9:e3:3d:9b:17:f1:1f:41:87:06:1a:47:50:cc:
c7:00:14:1a:03:d0:bb:05:4a:e4:ad:74:bc:85:74:41:eb:a3:
7a:83:db:f2:ec:22:4c:f2:02:20:ad:25:e6:d4:38:dc:c8:67:
6f:dd:a7:81:e2:2d:5a:75:71:7b:59:01:b3:b2:27:e1:bc:15:
81:be:3f:a4:10:8a:3d:11:29:34:56:54:38:fc:42:0c:23:56:
60:13:18:0f:4b:74:f5:7e:c5:41:ae:aa:49:a2:ef:64:d7:39:
ac:1b:b4:95:4a:14:71:06:12:b6:c4:1b:17:29:49:67:e8:be:
49:16:a4:6e:7b:40:16:16:10:78:06:ff:fd:eb:6e:cb:d8:00:
a8:d4:bd:36:9e:7b:ea:a0:17:78:6d:45:1e:41:df:b8:8c:97:
a8:de:c7:d1:5d:ec:b9:30:7c:04:9d:83:7a:fe:2e:36:b5:58:
63:11:c1:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNfCQa4UN/FE3geIpMBH48YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5
ZGYzZDYwHhcNMjIwOTIxMDc1MjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmFhNjllNjYzMTc1ZGZmZDgzZDFkNWIzZTBiZGNhYjA4MjA4N2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHM6OQtTLRkxdTnt7wEqjTFQHPEp
nDD+aWP9g3fdat6jkhJmI/gU2wpldpueNd73pk3otJONZwKmi1QI8z+pN3JbsbYI
ve5U6x3HrnDs1F8f/aZesHYAGeW0zMgughaVvaddxu4eKMl/E/dx7NVqihJkPRsW
wC6TT+tdmPbGaA9emTw6Qj92elfgLsdt82Qpp10O4ViGSwS0bR6ftqBfadUa6ZPl
48EMyZyxRw/9F43vBKe79TAgD9c8jJhrP50NCHfstbeVK64yCt2LKcv/4ePCXsr1
ojcK2Az2JC5OIYqj+m1U73ssdOZltE+6HwXIJcPZzYD4/4u9+pjwpt7sWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOaqaeZjF13/2D0dWz4L3KsIIIf+MB8GA1UdIwQY
MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt
MzBmNjA4YWRlNDhkLzEvNXFwcDVtTVhYZl9ZUFIxYlBndmNxd2dnaF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk
LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBT+8AwQA
uTZnMA0GCSqGSIb3DQEBCwUAA4IBAQAVXWXQ7WPojbcFgTQIdHjgE22+WKl85YW7
EPt0/ddtYNFoGRPYRTs+zZbhEyVJ8w7agcB4etXbK/aM4rZDbmk8ldZI+I81+e7K
eJVtyeM9mxfxH0GHBhpHUMzHABQaA9C7BUrkrXS8hXRB66N6g9vy7CJM8gIgrSXm
1DjcyGdv3aeB4i1adXF7WQGzsifhvBWBvj+kEIo9ESk0VlQ4/EIMI1ZgExgPS3T1
fsVBrqpJou9k1zmsG7SVShRxBhK2xBsXKUln6L5JFqRue0AWFhB4Bv/9627L2ACo
1L02nnvqoBd4bUUeQd+4jJeo3sfRXey5MHwEnYN6/i42tVhjEcFf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:04 2025 by rpki-client