Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/_CbeWXQmuwTqQKuUM40UDXuAXwY.roa
File: _CbeWXQmuwTqQKuUM40UDXuAXwY.roa (raw, json)
Hash identifier: AkDslzzthsGx17fl3lX4b3IACBXc8tT44JJr8NaIfP4=
Subject key identifier: FC:26:DE:59:74:26:BB:04:EA:40:AB:94:33:8D:14:0D:7B:80:5F:06
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 018571D790F9BB262AB984E1A1C8A7CB2D5F
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/_CbeWXQmuwTqQKuUM40UDXuAXwY.roa
Signing time: Mon 02 Jan 2023 09:37:10 +0000
ROA not before: Mon 02 Jan 2023 09:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31083
IP address blocks: 185.52.50.0/24 maxlen: 24
185.52.51.0/24 maxlen: 24
185.249.102.0/24 maxlen: 24
185.249.103.0/24 maxlen: 24
185.249.100.0/24 maxlen: 24
185.249.101.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:90:f9:bb:26:2a:b9:84:e1:a1:c8:a7:cb:2d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 2 09:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc26de597426bb04ea40ab94338d140d7b805f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:50:96:36:d6:c3:fc:41:e1:a5:bc:04:41:d7:
a1:c5:7d:f6:25:65:76:54:9a:26:91:d7:0a:61:75:
c4:e0:b5:c7:ef:c5:fc:3b:9f:39:b3:e2:13:92:03:
84:ae:05:e4:ee:20:54:e9:f4:95:72:35:80:c6:34:
4d:66:d6:17:b1:c1:84:9a:cd:70:7b:5a:5c:6c:a3:
3b:19:68:a6:b6:2d:e2:50:ef:1d:f8:61:91:86:aa:
62:df:b1:2a:c4:69:c4:68:c1:63:ff:45:8a:a5:9a:
96:d8:2c:83:c3:b2:52:f7:4f:b5:68:d4:8c:5d:f9:
75:7b:71:7c:a3:bb:96:da:bd:39:13:24:0e:94:7b:
bd:99:86:7f:59:cc:9f:40:94:02:99:66:96:45:4d:
60:81:d7:85:f1:1b:fd:22:bd:15:a4:47:9a:64:dc:
e3:69:19:00:26:01:45:6f:86:c9:63:c9:3c:07:f0:
fa:c2:61:ff:c7:b1:eb:e8:0d:da:2e:17:2a:82:3d:
d8:15:09:43:58:38:5e:87:77:5f:62:d5:87:88:a3:
d0:29:d7:40:9c:f2:b4:d8:d6:81:b3:09:5e:ca:b5:
b9:2a:41:53:c7:99:e1:ee:a0:70:fe:24:0f:03:ef:
56:58:71:6a:0e:c2:43:54:6e:4f:43:08:1c:88:92:
c3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:26:DE:59:74:26:BB:04:EA:40:AB:94:33:8D:14:0D:7B:80:5F:06
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/_CbeWXQmuwTqQKuUM40UDXuAXwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.50.0/23
185.249.100.0/22
Signature Algorithm: sha256WithRSAEncryption
42:73:35:7f:a3:97:14:19:9f:fc:a4:43:fe:1f:e6:11:1d:d4:
f2:ea:bc:f6:d9:bb:b4:d4:a2:c4:65:ca:2f:fe:9e:fb:c9:f1:
51:f8:f5:1c:36:3e:13:e3:15:9f:96:4c:85:78:1b:cf:f3:8e:
44:01:69:73:ed:f5:50:3c:05:4f:8f:01:1a:57:66:70:7d:63:
ee:82:17:21:7a:5f:d4:7e:ff:56:a0:90:2d:98:93:0f:33:b7:
cd:08:27:48:8d:32:5c:ed:69:3d:63:ab:97:a8:0d:6d:4b:50:
36:3a:86:10:03:26:6e:b8:c5:db:10:ac:49:8b:0a:5c:59:9b:
25:c2:31:9a:46:3a:40:b1:d4:e4:4d:2b:4e:00:be:2f:aa:0b:
4e:2b:c8:f9:c1:50:23:be:7d:c8:f9:7f:cf:33:42:9f:2a:b1:
27:c8:0a:91:06:08:54:20:66:52:15:42:c2:14:45:1f:c3:07:
5c:91:58:24:c4:88:1f:26:77:3b:1d:1a:6a:b5:28:5a:aa:a9:
e2:2b:48:6d:8b:5b:7b:77:2e:56:03:94:87:d4:0d:d7:8c:90:
36:3f:7d:58:c7:3f:67:68:fd:35:b3:0d:8a:42:e8:04:a5:27:
71:4f:08:e4:90:2a:90:b7:09:72:ee:69:69:44:73:cd:1a:1f:
47:57:62:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx15D5uyYquYThocinyy1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI2ZGU1OTc0MjZiYjA0ZWE0MGFiOTQzMzhkMTQwZDdiODA1ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlCWNtbD/EHhpbwEQdehxX32JWV2
VJomkdcKYXXE4LXH78X8O585s+ITkgOErgXk7iBU6fSVcjWAxjRNZtYXscGEms1w
e1pcbKM7GWimti3iUO8d+GGRhqpi37EqxGnEaMFj/0WKpZqW2CyDw7JS90+1aNSM
Xfl1e3F8o7uW2r05EyQOlHu9mYZ/WcyfQJQCmWaWRU1ggdeF8Rv9Ir0VpEeaZNzj
aRkAJgFFb4bJY8k8B/D6wmH/x7Hr6A3aLhcqgj3YFQlDWDheh3dfYtWHiKPQKddA
nPK02NaBswleyrW5KkFTx5nh7qBw/iQPA+9WWHFqDsJDVG5PQwgciJLDEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwm3ll0JrsE6kCrlDONFA17gF8GMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvX0NiZVdYUW11d1RxUUt1VU00MFVEWHVBWHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuTQyAwQC
uflkMA0GCSqGSIb3DQEBCwUAA4IBAQBCczV/o5cUGZ/8pEP+H+YRHdTy6rz22bu0
1KLEZcov/p77yfFR+PUcNj4T4xWflkyFeBvP845EAWlz7fVQPAVPjwEaV2ZwfWPu
ghchel/Ufv9WoJAtmJMPM7fNCCdIjTJc7Wk9Y6uXqA1tS1A2OoYQAyZuuMXbEKxJ
iwpcWZslwjGaRjpAsdTkTStOAL4vqgtOK8j5wVAjvn3I+X/PM0KfKrEnyAqRBghU
IGZSFULCFEUfwwdckVgkxIgfJnc7HRpqtShaqqniK0hti1t7dy5WA5SH1A3XjJA2
P31Yxz9naP01sw2KQugEpSdxTwjkkCqQtwly7mlpRHPNGh9HV2Jd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org