Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/jhcWXo7y1a8QNo2bPkmvUChYriU.roa
File: jhcWXo7y1a8QNo2bPkmvUChYriU.roa (raw, json)
Hash identifier: AA2Xc51VY3Ek9jqsbyo5EGxDCqy+aZ10mjgeQ0p1S5U=
Subject key identifier: 8E:17:16:5E:8E:F2:D5:AF:10:36:8D:9B:3E:49:AF:50:28:58:AE:25
Certificate issuer: /CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Certificate serial: 018CC794F2C9EFBBD51B78D1AB64CEC59FC3
Authority key identifier: 5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/jhcWXo7y1a8QNo2bPkmvUChYriU.roa
Signing time: Tue 02 Jan 2024 00:31:16 +0000
ROA not before: Tue 02 Jan 2024 00:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28876
IP address blocks: 81.89.160.0/20 maxlen: 20
37.61.128.0/20 maxlen: 20
5.100.0.0/24 maxlen: 24
5.100.0.0/19 maxlen: 19
5.100.0.0/18 maxlen: 18
217.24.56.0/21 maxlen: 21
5.100.32.0/19 maxlen: 19
5.100.32.0/20 maxlen: 20
185.53.216.0/22 maxlen: 22
176.52.192.0/21 maxlen: 21
176.52.192.0/22 maxlen: 22
217.24.48.0/20 maxlen: 20
217.24.48.0/21 maxlen: 21
2a00:9d80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f2:c9:ef:bb:d5:1b:78:d1:ab:64:ce:c5:9f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Validity
Not Before: Jan 2 00:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e17165e8ef2d5af10368d9b3e49af502858ae25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c1:3c:62:d7:15:d6:7f:c5:57:22:47:42:3d:
07:30:07:e1:40:1a:73:72:ef:6d:d6:19:cb:6f:6a:
8f:f3:f6:87:e6:50:c8:1f:2d:c3:ab:6b:76:c4:3d:
6e:a5:17:1b:a7:6a:d7:f5:c5:df:91:c4:96:bd:4a:
65:8f:e6:e8:95:ca:5d:eb:e9:0f:2b:56:3f:a2:a3:
2c:f0:55:f0:a0:6f:a9:eb:66:95:34:c7:48:fa:3f:
4c:49:91:5d:1d:96:f2:2b:eb:6e:2e:2c:4c:2f:9d:
c2:07:97:c2:cc:80:e9:fb:a1:a7:f2:b9:25:af:eb:
38:29:a1:64:80:fc:a8:8d:82:41:97:74:19:0d:a8:
f4:51:c2:3a:fc:f7:5a:3d:2a:48:39:22:e9:b0:a3:
19:06:07:ad:eb:b4:d0:04:5e:f9:44:88:59:0a:a7:
48:cc:96:eb:78:72:da:c1:00:ca:32:8e:d2:1f:ab:
5c:28:0d:e4:97:80:a9:44:ba:2c:93:a4:1a:d3:2c:
cf:49:d8:28:08:a3:57:37:26:ed:d2:69:8a:c0:64:
ed:68:ce:42:ce:07:14:8e:48:d0:d2:9e:bc:5c:89:
25:ed:ae:9b:93:da:b7:55:02:ef:2d:6a:f7:2d:68:
75:5f:55:c5:dc:7d:9c:6b:35:3d:05:81:76:1e:8d:
3c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:17:16:5E:8E:F2:D5:AF:10:36:8D:9B:3E:49:AF:50:28:58:AE:25
X509v3 Authority Key Identifier:
keyid:5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/jhcWXo7y1a8QNo2bPkmvUChYriU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.0.0/18
37.61.128.0/20
81.89.160.0/20
176.52.192.0/21
185.53.216.0/22
217.24.48.0/20
IPv6:
2a00:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
82:d9:ac:65:4f:ba:63:e2:45:f8:42:7c:7d:c4:d5:f3:0e:3a:
e0:90:71:c6:97:70:a1:01:e6:36:7c:46:c9:38:4f:a2:f2:5f:
7c:f2:1a:0c:bb:28:6f:e0:3b:44:87:aa:c6:ae:35:05:97:09:
b3:d2:0a:23:ed:e4:ab:4b:37:14:63:55:2d:8c:e6:7d:5f:71:
7e:5d:6a:9e:3a:a7:7d:55:4b:38:16:54:b8:95:3b:b5:a0:ac:
5a:36:f3:db:12:85:35:b9:21:5e:5c:72:65:2b:a8:06:a0:6d:
81:59:96:84:e7:ba:3f:39:0c:35:e7:57:51:38:c7:42:71:eb:
53:5d:e7:f5:9d:d7:c3:94:98:7f:79:4f:40:23:b4:de:31:fb:
cf:3c:36:6c:5c:dd:34:d6:9b:16:a5:7c:a3:d9:fb:fc:70:d3:
e1:a6:1e:64:d0:8d:bf:06:79:ee:5e:89:13:8a:09:16:b8:8b:
98:13:28:fa:46:f4:a5:27:46:e8:67:98:e9:58:b8:8f:82:b8:
f1:fa:4e:6d:94:0e:9e:05:d3:d5:25:4d:eb:c7:28:46:ce:50:
98:c7:8f:db:b6:88:76:20:26:e4:44:11:ed:b1:ec:fe:90:21:
6c:5e:99:8b:f1:bc:00:a2:d5:26:92:cc:f4:5a:b0:98:17:f8:
d3:5c:e5:9f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHlPLJ77vVG3jRq2TOxZ/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGNiNmRhMzU4YThkMmQyNzBjMzA1ZjhiNjFmM2M5OTBk
NTc2NmUwHhcNMjQwMTAyMDAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE3MTY1ZThlZjJkNWFmMTAzNjhkOWIzZTQ5YWY1MDI4NThhZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksE8YtcV1n/FVyJHQj0HMAfhQBpz
cu9t1hnLb2qP8/aH5lDIHy3Dq2t2xD1upRcbp2rX9cXfkcSWvUplj+bolcpd6+kP
K1Y/oqMs8FXwoG+p62aVNMdI+j9MSZFdHZbyK+tuLixML53CB5fCzIDp+6Gn8rkl
r+s4KaFkgPyojYJBl3QZDaj0UcI6/PdaPSpIOSLpsKMZBget67TQBF75RIhZCqdI
zJbreHLawQDKMo7SH6tcKA3kl4CpRLosk6Qa0yzPSdgoCKNXNybt0mmKwGTtaM5C
zgcUjkjQ0p68XIkl7a6bk9q3VQLvLWr3LWh1X1XF3H2cazU9BYF2Ho085QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFI4XFl6O8tWvEDaNmz5Jr1AoWK4lMB8GA1UdIwQY
MBaAFF6Mtto1io0tJwwwX4th88mQ1XZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjkt
Zjc0YTVmMmJjYjQ3LzEvamhjV1hvN3kxYThRTm8yYlBrbXZVQ2hZcmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjktZjc0YTVmMmJjYjQ3
LzEvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGBWQAAwQE
JT2AAwQEUVmgAwQDsDTAAwQCuTXYAwQE2RgwMA0EAgACMAcDBQAqAJ2AMA0GCSqG
SIb3DQEBCwUAA4IBAQCC2axlT7pj4kX4Qnx9xNXzDjrgkHHGl3ChAeY2fEbJOE+i
8l988hoMuyhv4DtEh6rGrjUFlwmz0goj7eSrSzcUY1UtjOZ9X3F+XWqeOqd9VUs4
FlS4lTu1oKxaNvPbEoU1uSFeXHJlK6gGoG2BWZaE57o/OQw151dROMdCcetTXef1
ndfDlJh/eU9AI7TeMfvPPDZsXN001psWpXyj2fv8cNPhph5k0I2/BnnuXokTigkW
uIuYEyj6RvSlJ0boZ5jpWLiPgrjx+k5tlA6eBdPVJU3rxyhGzlCYx4/btoh2ICbk
RBHtsez+kCFsXpmL8bwAotUmksz0WrCYF/jTXOWf
-----END CERTIFICATE-----
Generated at Thu Sep 26 16:48:10 2024 by rpki-client on console-ams.rpki-client.org