Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BWT5VPAiEtZKHAiqKPLQkN3u2vc.roa
File: BWT5VPAiEtZKHAiqKPLQkN3u2vc.roa (raw, json)
Hash identifier: Ef2PNcvDVAfJCV9W2oan59EaAuFCVYHAopFMUe5V8CE=
Subject key identifier: 05:64:F9:54:F0:22:12:D6:4A:1C:08:AA:28:F2:D0:90:DD:EE:DA:F7
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0185967700322F809F8C3011E799D10DB8BE
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BWT5VPAiEtZKHAiqKPLQkN3u2vc.roa
Signing time: Mon 09 Jan 2023 12:17:39 +0000
ROA not before: Mon 09 Jan 2023 12:17:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 194.5.92.0/24 maxlen: 24
194.5.93.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
45.66.116.0/24 maxlen: 24
109.236.58.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
91.107.116.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
92.118.114.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:77:00:32:2f:80:9f:8c:30:11:e7:99:d1:0d:b8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 9 12:17:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0564f954f02212d64a1c08aa28f2d090ddeedaf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:06:e0:e3:12:82:a9:d2:b9:d5:de:bb:99:b0:
69:d9:f7:52:bd:92:64:03:a7:38:ff:2d:64:7c:5d:
40:e2:14:73:68:36:a6:af:e4:d3:23:d5:ba:c1:8e:
27:73:7d:b5:51:11:5a:d0:17:d2:d2:8d:50:a5:f9:
38:b9:6a:8f:72:bd:f9:43:b0:c9:3d:19:7d:9a:21:
60:2f:da:5d:37:70:b0:07:61:5c:ea:4c:59:32:47:
c2:69:98:58:8e:07:27:b3:5a:75:de:2d:4c:3c:a6:
2d:dc:2f:9a:b1:27:b9:0f:37:82:af:cc:6b:95:13:
f3:8e:f1:15:e1:14:2c:80:47:9e:7a:8d:0a:22:67:
86:f2:76:5b:69:f8:b5:73:d2:1d:f1:cd:f9:c4:4d:
5c:77:48:8a:21:3c:2e:0d:f4:c0:d8:98:e8:b0:77:
15:d2:61:bc:ac:88:2a:47:45:52:4c:8a:90:d2:9b:
23:7f:e0:c2:d4:f1:f1:a9:a8:76:54:55:f3:92:4d:
71:a8:04:88:40:73:1c:6a:3d:df:e1:78:db:82:e8:
02:dc:15:c3:19:e1:d1:ec:54:64:02:91:e2:7a:09:
7c:94:d9:2f:7f:0f:f3:bd:74:55:12:fd:a2:b8:54:
2e:84:6f:b0:bb:53:90:9d:d1:23:7a:ee:eb:4f:cc:
6c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:64:F9:54:F0:22:12:D6:4A:1C:08:AA:28:F2:D0:90:DD:EE:DA:F7
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BWT5VPAiEtZKHAiqKPLQkN3u2vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
45.66.116.0/24
85.92.109.0/24
91.107.116.0/24
91.200.84.0/24
92.118.114.0/23
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
194.5.92.0/23
194.31.173.0-194.31.174.255
195.80.51.0/24
Signature Algorithm: sha256WithRSAEncryption
60:8c:3d:b5:0a:ae:71:51:e2:e5:c5:2e:99:e6:89:1b:e0:fa:
c4:52:e7:9c:f5:b0:71:4f:47:5b:2e:ad:e6:ed:13:3c:4f:a1:
3f:bf:dc:cb:2b:0d:c2:51:ea:4f:b1:f5:e7:be:25:0e:36:b4:
29:87:6c:49:45:af:82:fd:bc:2c:ce:56:e2:93:da:d0:1c:07:
8d:2c:4b:1b:c4:82:1e:f5:ec:3c:ca:a1:08:37:2f:af:de:33:
96:13:28:63:c2:86:1e:44:d2:78:44:6f:ec:90:db:8d:2d:62:
24:f0:f5:2f:f2:70:f9:dc:23:bf:f2:d7:f2:51:d7:09:56:b9:
dd:b1:70:c8:36:a3:ca:9b:b2:7d:81:95:61:0a:2f:58:28:f6:
ad:db:80:be:3f:4e:71:06:91:f0:35:ff:92:9a:ca:89:a0:39:
ec:e0:fe:0f:b5:92:9b:0a:c7:60:fd:6d:25:9c:6b:d3:82:c3:
a9:c7:00:06:b2:91:52:fa:de:7f:bc:7a:3a:0b:9c:0f:c4:3c:
7b:f6:70:26:ce:e1:c6:fb:94:32:78:df:5a:02:97:1c:8b:72:
f2:ac:2f:31:62:b8:da:2b:a4:6b:88:bb:d5:75:fd:43:f9:31:
a5:42:69:4b:ff:ed:5f:e6:a3:12:50:07:37:83:49:6b:12:de:
78:d5:3e:d3
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYWWdwAyL4CfjDAR55nRDbi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTA5MTIxNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTY0Zjk1NGYwMjIxMmQ2NGExYzA4YWEyOGYyZDA5MGRkZWVkYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogbg4xKCqdK51d67mbBp2fdSvZJk
A6c4/y1kfF1A4hRzaDamr+TTI9W6wY4nc321URFa0BfS0o1Qpfk4uWqPcr35Q7DJ
PRl9miFgL9pdN3CwB2Fc6kxZMkfCaZhYjgcns1p13i1MPKYt3C+asSe5DzeCr8xr
lRPzjvEV4RQsgEeeeo0KImeG8nZbafi1c9Id8c35xE1cd0iKITwuDfTA2JjosHcV
0mG8rIgqR0VSTIqQ0psjf+DC1PHxqah2VFXzkk1xqASIQHMcaj3f4XjbgugC3BXD
GeHR7FRkApHiegl8lNkvfw/zvXRVEv2iuFQuhG+wu1OQndEjeu7rT8xsXQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAVk+VTwIhLWShwIqijy0JDd7tr3MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvQldUNVZQQWlFdFpLSEFpcUtQTFFrTjN1MnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABSwsAwQA
LUJ0AwQAVVxtAwQAW2t0AwQAW8hUAwQBXHZyMAwDBANt7DgDBABt7DowDAMEAI1i
6QMEAI1i6gMEAcIFXDAMAwQAwh+tAwQAwh+uAwQAw1AzMA0GCSqGSIb3DQEBCwUA
A4IBAQBgjD21Cq5xUeLlxS6Z5okb4PrEUuec9bBxT0dbLq3m7RM8T6E/v9zLKw3C
UepPsfXnviUONrQph2xJRa+C/bwszlbik9rQHAeNLEsbxIIe9ew8yqEINy+v3jOW
EyhjwoYeRNJ4RG/skNuNLWIk8PUv8nD53CO/8tfyUdcJVrndsXDINqPKm7J9gZVh
Ci9YKPat24C+P05xBpHwNf+SmsqJoDns4P4PtZKbCsdg/W0lnGvTgsOpxwAGspFS
+t5/vHo6C5wPxDx79nAmzuHG+5QyeN9aApcci3LyrC8xYrjaK6RriLvVdf1D+TGl
QmlL/+1f5qMSUAc3g0lrEt541T7T
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:20 2023 by rpki-client on console.sobornost.net