Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/7QAE5VuwPUEjmERGGUj6TQZRX5s.roa
File: 7QAE5VuwPUEjmERGGUj6TQZRX5s.roa (raw, json)
Hash identifier: CPwNEjD9iz4vROdGCmnb6H5/qYNVCyzCo44pCvQzPFc=
Subject key identifier: ED:00:04:E5:5B:B0:3D:41:23:98:44:46:19:48:FA:4D:06:51:5F:9B
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 3805A5BE
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/7QAE5VuwPUEjmERGGUj6TQZRX5s.roa
Signing time: Sat 01 Jan 2022 11:02:22 +0000
ROA not before: Sat 01 Jan 2022 11:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.96.168.0/23 maxlen: 24
87.251.0.0/20 maxlen: 24
87.251.16.0/22 maxlen: 24
87.251.24.0/22 maxlen: 24
87.251.20.0/22 maxlen: 24
87.251.28.0/22 maxlen: 24
185.203.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939894206 (0x3805a5be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 1 11:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed0004e55bb03d41239844461948fa4d06515f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a7:8b:3e:ce:66:d8:5e:58:6f:9d:8a:00:9c:
2d:cc:33:11:25:7d:ed:75:5a:4a:67:b7:c7:e5:d7:
e8:b8:f4:ce:17:4f:21:ec:17:34:eb:4c:81:e8:57:
5f:f1:0f:25:36:af:0f:7c:2b:64:0c:38:97:c9:fb:
54:4f:e7:c0:77:76:8a:1c:d2:20:b4:bf:ac:f5:ce:
d1:91:50:25:14:f1:e9:22:0a:0e:eb:a6:37:63:1a:
3a:47:74:c4:cb:3e:8c:80:43:28:79:eb:b2:20:a6:
3e:8b:0d:17:d3:bc:74:48:ac:ca:a0:e4:54:fe:b3:
01:2a:c3:44:2c:88:6e:80:ef:12:85:f0:58:88:11:
0c:1f:a8:f9:5b:05:b6:d7:b4:63:4c:9c:d5:a3:7b:
f5:1f:50:cf:c0:1a:59:e1:a1:80:ce:47:cb:9c:a4:
93:fc:c3:69:a1:7e:df:a7:cb:7f:ba:77:e2:a5:b5:
8b:3d:5b:38:f0:ad:c7:27:8c:83:92:72:37:66:83:
c2:e4:b9:97:44:03:61:c9:e5:40:1d:be:89:77:d1:
fb:d9:4e:af:e0:dd:f3:52:87:73:74:8b:7e:b8:50:
b1:75:63:55:5a:e9:26:23:d3:d5:7d:f6:64:ce:93:
dc:e4:0f:85:65:ed:79:06:e7:49:fc:0c:7a:47:43:
0d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:00:04:E5:5B:B0:3D:41:23:98:44:46:19:48:FA:4D:06:51:5F:9B
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/7QAE5VuwPUEjmERGGUj6TQZRX5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.0.0/19
185.96.168.0/23
185.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d2:03:ff:b3:2c:99:9d:f4:27:91:0f:38:91:78:0b:b2:5a:
c3:3c:4f:db:d7:b0:19:70:fd:ad:07:a0:a7:df:5e:9b:3c:09:
5a:2a:22:15:87:97:59:be:23:1d:fa:25:d4:7f:b8:d9:68:48:
e5:01:c9:03:17:23:69:b9:bf:58:67:6c:c4:ab:23:e3:90:60:
b5:ab:cb:2a:1b:28:f3:0a:39:60:03:f7:48:9b:23:e1:3a:c4:
d3:9c:5f:b2:33:dc:94:8f:35:42:c1:f9:f9:24:27:a7:aa:33:
79:7e:73:40:e9:84:20:7b:94:17:35:47:e0:43:ce:70:e8:ed:
57:1b:7e:bb:6b:57:43:55:13:0e:31:b4:02:c7:9c:25:ca:0a:
01:c8:75:45:ee:d4:37:26:3e:1c:f9:8c:8c:20:bb:e9:7f:6e:
95:43:f4:38:10:06:c9:ac:b7:78:75:21:3b:03:d4:69:e3:e0:
2e:8c:36:bd:43:52:b2:d3:08:17:75:a0:0d:74:3f:68:47:66:
04:15:21:90:27:2c:7b:e9:54:1a:4f:ce:08:1e:b1:f0:e5:25:
fa:32:84:3a:89:9f:58:f7:6a:e6:0c:8d:8b:18:96:0d:ed:bd:
79:72:0d:3a:4c:93:10:96:33:1e:bb:ff:d5:bb:65:fb:3b:f0:
ff:ec:74:4f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEOAWlvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTAxODE1YzZmOThmM2EyYjYxODRhZmViZjE4ZWEzNDFiZTg4MmVhMB4XDTIyMDEw
MTExMDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQwMDA0ZTU1YmIw
M2Q0MTIzOTg0NDQ2MTk0OGZhNGQwNjUxNWY5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyniz7OZtheWG+digCcLcwzESV97XVaSme3x+XX6Lj0zhdP
IewXNOtMgehXX/EPJTavD3wrZAw4l8n7VE/nwHd2ihzSILS/rPXO0ZFQJRTx6SIK
DuumN2MaOkd0xMs+jIBDKHnrsiCmPosNF9O8dEisyqDkVP6zASrDRCyIboDvEoXw
WIgRDB+o+VsFtte0Y0yc1aN79R9Qz8AaWeGhgM5Hy5ykk/zDaaF+36fLf7p34qW1
iz1bOPCtxyeMg5JyN2aDwuS5l0QDYcnlQB2+iXfR+9lOr+Dd81KHc3SLfrhQsXVj
VVrpJiPT1X32ZM6T3OQPhWXteQbnSfwMekdDDYECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTtAATlW7A9QSOYREYZSPpNBlFfmzAfBgNVHSMEGDAWgBTlAYFcb5jzorYY
Sv6/GOo0G+iC6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRR0JYRy1ZODZLMkdFci12eGpxTkJ2b2d1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8x
LzdRQUU1VnV3UFVFam1FUkdHVWo2VFFaUlg1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8xLzVRR0JYRy1ZODZL
MkdFci12eGpxTkJ2b2d1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBVf7AAMEAblgqAMEALnLIzANBgkq
hkiG9w0BAQsFAAOCAQEATtID/7MsmZ30J5EPOJF4C7JawzxP29ewGXD9rQegp99e
mzwJWioiFYeXWb4jHfol1H+42WhI5QHJAxcjabm/WGdsxKsj45BgtavLKhso8wo5
YAP3SJsj4TrE05xfsjPclI81QsH5+SQnp6ozeX5zQOmEIHuUFzVH4EPOcOjtVxt+
u2tXQ1UTDjG0AsecJcoKAch1Re7UNyY+HPmMjCC76X9ulUP0OBAGyay3eHUhOwPU
aePgLow2vUNSstMIF3WgDXQ/aEdmBBUhkCcse+lUGk/OCB6x8OUl+jKEOomfWPdq
5gyNixiWDe29eXINOkyTEJYzHrv/1btl+zvw/+x0Tw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:44 2023 by rpki-client on console.sobornost.net