Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/cyCSWg19swxh4VLQgFKoP1nHRGs.roa
File: cyCSWg19swxh4VLQgFKoP1nHRGs.roa (raw, json)
Hash identifier: YG3ssIPJV8cODVn+1f7ZGiI/m6S5okfHe7lchtLSCHU=
Subject key identifier: 73:20:92:5A:0D:7D:B3:0C:61:E1:52:D0:80:52:A8:3F:59:C7:44:6B
Certificate issuer: /CN=27ce1e9a6522616ab30b0f123e09d305a82304af
Certificate serial: 01852EC2D42FCB4798574C6E46B4F77197F0
Authority key identifier: 27:CE:1E:9A:65:22:61:6A:B3:0B:0F:12:3E:09:D3:05:A8:23:04:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J84emmUiYWqzCw8SPgnTBagjBK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/cyCSWg19swxh4VLQgFKoP1nHRGs.roa
Signing time: Tue 20 Dec 2022 08:59:58 +0000
ROA not before: Tue 20 Dec 2022 08:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15605
IP address blocks: 5.181.68.0/22 maxlen: 24
46.30.168.0/21 maxlen: 24
2.58.128.0/22 maxlen: 24
109.73.80.0/20 maxlen: 24
185.5.244.0/22 maxlen: 24
5.154.192.0/19 maxlen: 24
185.37.180.0/22 maxlen: 24
37.77.96.0/22 maxlen: 24
37.77.100.0/24 maxlen: 24
37.77.102.0/24 maxlen: 24
37.77.101.0/24 maxlen: 24
5.154.237.0/24 maxlen: 24
5.154.238.0/24 maxlen: 24
91.151.86.0/23 maxlen: 24
2a00:1cc8::/29 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:c2:d4:2f:cb:47:98:57:4c:6e:46:b4:f7:71:97:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27ce1e9a6522616ab30b0f123e09d305a82304af
Validity
Not Before: Dec 20 08:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7320925a0d7db30c61e152d08052a83f59c7446b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:7a:3f:13:b5:b1:d7:29:7c:2e:d2:f1:5c:
38:6e:3e:f7:a7:26:f3:87:51:da:e1:da:55:c5:17:
68:9e:7e:7f:56:82:ae:5a:e0:5f:9b:c2:1d:19:ce:
fd:3d:74:32:7a:a3:ea:f9:dd:9f:b2:f0:42:bb:8c:
e9:12:a6:a2:7a:b0:59:78:1a:b8:25:06:10:84:d4:
2f:ac:43:c9:49:4a:d4:98:cb:89:37:f3:81:7e:87:
d2:f8:b4:70:77:9a:3c:b0:71:cf:09:8c:8b:59:ca:
d2:ae:d8:c9:a3:40:c5:dd:90:57:7c:e5:38:34:49:
eb:f9:ea:6e:1f:13:70:90:1d:2f:52:7a:0d:8b:bf:
53:e6:6a:80:b7:8f:8d:61:93:fd:69:ab:df:5e:2a:
b2:a2:e6:d7:c6:8d:48:9a:05:55:46:21:df:19:1c:
7e:f4:50:92:9e:48:f4:3d:c5:d2:cf:65:2c:fb:0f:
ad:40:84:42:88:9b:c6:4a:97:8d:00:32:f7:51:ef:
09:2c:9a:ef:5b:8d:29:ae:e8:f7:be:6b:44:b8:a4:
d3:15:ce:2b:9b:2f:d1:31:c5:4d:27:eb:22:68:0e:
79:e2:77:c3:ef:18:70:5d:9e:a2:ec:11:68:01:74:
ad:7f:ae:fb:cf:8e:48:83:ff:09:80:b4:bb:98:fe:
88:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:20:92:5A:0D:7D:B3:0C:61:E1:52:D0:80:52:A8:3F:59:C7:44:6B
X509v3 Authority Key Identifier:
keyid:27:CE:1E:9A:65:22:61:6A:B3:0B:0F:12:3E:09:D3:05:A8:23:04:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J84emmUiYWqzCw8SPgnTBagjBK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/cyCSWg19swxh4VLQgFKoP1nHRGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/J84emmUiYWqzCw8SPgnTBagjBK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.128.0/22
5.154.192.0/19
5.154.237.0-5.154.238.255
5.181.68.0/22
37.77.96.0-37.77.102.255
46.30.168.0/21
91.151.86.0/23
109.73.80.0/20
185.5.244.0/22
185.37.180.0/22
IPv6:
2a00:1cc8::/29
Signature Algorithm: sha256WithRSAEncryption
9d:33:4a:0d:4d:66:ef:0f:85:93:36:83:99:ab:85:ab:c8:d6:
08:ca:7d:34:38:7a:37:63:59:24:0f:b0:47:56:0a:75:21:c3:
76:fb:25:48:1e:37:51:22:cd:2e:bd:63:85:48:01:37:63:a6:
f4:b8:9f:2b:dc:71:d5:af:01:46:57:a8:d1:9d:dd:aa:cc:7e:
23:39:c5:2e:3a:5c:14:e7:4e:85:3a:03:8b:f8:c1:73:a6:1a:
7b:87:48:6c:27:3b:a9:ae:c7:42:56:11:d4:6a:c8:4f:ea:cb:
f4:6b:b6:b1:d5:e8:6b:04:30:3e:2b:d2:7c:ea:34:b9:9d:29:
cc:ab:b8:30:79:f5:22:ba:b8:e4:3b:aa:f3:2b:6c:5e:30:96:
a7:bf:61:a1:bd:3d:66:45:b1:7b:43:2f:96:cc:84:e5:4a:ea:
b4:21:79:a0:09:69:aa:f3:ac:2c:d2:85:eb:52:c2:89:17:73:
10:2c:59:58:0d:aa:00:5e:de:4b:d0:7d:41:d3:c6:9e:df:6f:
f7:cc:d9:50:8f:73:10:48:c2:7c:27:73:1c:50:fd:ed:2e:0e:
40:0c:3e:38:52:3f:77:c8:31:70:c0:f2:ed:b7:79:87:04:72:
0a:b5:64:75:5d:0a:a3:15:fe:7f:6e:9e:46:f5:ff:45:c3:20:
85:95:8d:94
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYUuwtQvy0eYV0xuRrT3cZfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3Y2UxZTlhNjUyMjYxNmFiMzBiMGYxMjNlMDlkMzA1YTgy
MzA0YWYwHhcNMjIxMjIwMDg1OTU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzIwOTI1YTBkN2RiMzBjNjFlMTUyZDA4MDUyYTgzZjU5Yzc0NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgJ6PxO1sdcpfC7S8Vw4bj73pybz
h1Ha4dpVxRdonn5/VoKuWuBfm8IdGc79PXQyeqPq+d2fsvBCu4zpEqaierBZeBq4
JQYQhNQvrEPJSUrUmMuJN/OBfofS+LRwd5o8sHHPCYyLWcrSrtjJo0DF3ZBXfOU4
NEnr+epuHxNwkB0vUnoNi79T5mqAt4+NYZP9aavfXiqyoubXxo1ImgVVRiHfGRx+
9FCSnkj0PcXSz2Us+w+tQIRCiJvGSpeNADL3Ue8JLJrvW40pruj3vmtEuKTTFc4r
my/RMcVNJ+siaA554nfD7xhwXZ6i7BFoAXStf677z45Ig/8JgLS7mP6InQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFHMgkloNfbMMYeFS0IBSqD9Zx0RrMB8GA1UdIwQY
MBaAFCfOHpplImFqswsPEj4J0wWoIwSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjg0ZW1tVWlZV3F6Q3c4U1BnblRCYWdqQks4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85ZTIyYTItOTM2NS00OTU2LThlNjYt
Y2U0ZjI1YWNlMjUyLzEvY3lDU1dnMTlzd3hoNFZMUWdGS29QMW5IUkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85ZTIyYTItOTM2NS00OTU2LThlNjYtY2U0ZjI1YWNlMjUy
LzEvSjg0ZW1tVWlZV3F6Q3c4U1BnblRCYWdqQks4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQCAjqAAwQF
BZrAMAwDBAAFmu0DBAAFmu4DBAIFtUQwDAMEBSVNYAMEACVNZgMEAy4eqAMEAVuX
VgMEBG1JUAMEArkF9AMEArkltDANBAIAAjAHAwUDKgAcyDANBgkqhkiG9w0BAQsF
AAOCAQEAnTNKDU1m7w+FkzaDmauFq8jWCMp9NDh6N2NZJA+wR1YKdSHDdvslSB43
USLNLr1jhUgBN2Om9LifK9xx1a8BRleo0Z3dqsx+IznFLjpcFOdOhToDi/jBc6Ya
e4dIbCc7qa7HQlYR1GrIT+rL9Gu2sdXoawQwPivSfOo0uZ0pzKu4MHn1Irq45Duq
8ytsXjCWp79hob09ZkWxe0MvlsyE5UrqtCF5oAlpqvOsLNKF61LCiRdzECxZWA2q
AF7eS9B9QdPGnt9v98zZUI9zEEjCfCdzHFD97S4OQAw+OFI/d8gxcMDy7bd5hwRy
CrVkdV0KoxX+f26eRvX/RcMghZWNlA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:48 2025 by rpki-client