Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/bzx7Yee-WaXdbFCGbteccpsR5fI.roa
File: bzx7Yee-WaXdbFCGbteccpsR5fI.roa (raw, json)
Hash identifier: GiH8+h70p2VYCycFFlTryFtYF2ytiPWWY2VoSyze+Zk=
Subject key identifier: 6F:3C:7B:61:E7:BE:59:A5:DD:6C:50:86:6E:D7:9C:72:9B:11:E5:F2
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0183ACE6D9146350D6AAE1AA84DE028EEE92
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/bzx7Yee-WaXdbFCGbteccpsR5fI.roa
Signing time: Thu 06 Oct 2022 10:45:53 +0000
ROA not before: Thu 06 Oct 2022 10:45:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5503
IP address blocks: 212.173.64.0/18 maxlen: 24
212.173.0.0/19 maxlen: 24
212.173.128.0/17 maxlen: 24
185.192.228.0/22 maxlen: 24
212.173.32.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:e6:d9:14:63:50:d6:aa:e1:aa:84:de:02:8e:ee:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Oct 6 10:45:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f3c7b61e7be59a5dd6c50866ed79c729b11e5f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:85:41:e6:9a:d5:3d:9c:3b:59:0c:b4:53:cd:
38:48:37:99:88:a6:3c:3d:a4:6b:e3:4a:be:69:53:
20:4a:af:92:46:e1:49:53:dc:77:96:44:35:86:55:
f9:cc:2b:d3:39:94:05:a8:4e:bf:96:a1:7c:bc:94:
1e:df:70:a9:a2:05:11:1e:b3:33:c8:91:8e:0c:3f:
95:dc:d4:f6:78:be:6f:00:04:28:ca:98:d7:3b:3b:
b9:9c:f0:5a:8f:86:c6:2e:ee:78:a9:15:03:a4:6b:
41:43:d3:e2:01:5c:a7:8d:71:46:31:67:71:0e:89:
50:00:de:66:55:92:6d:db:70:e9:41:1d:d0:53:ed:
01:7c:7c:5f:99:52:ab:43:ca:3d:a1:1b:92:84:fd:
34:ea:84:e5:7c:b8:5c:23:b3:e8:03:10:a3:f1:76:
93:61:79:18:fa:11:fb:91:10:7b:04:0e:b9:7a:db:
b9:8d:56:44:b8:1b:b0:e6:ec:39:56:bf:c9:0e:61:
1d:0f:ae:48:b2:e1:98:50:92:7e:b3:a6:95:8c:a0:
55:b8:a1:88:b7:13:8b:ee:7e:03:01:d6:1d:e2:4b:
38:8b:67:89:68:ff:55:03:be:85:ea:21:5b:36:35:
8c:dc:1b:2b:04:f9:57:06:45:75:2d:64:9b:d6:1f:
c9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3C:7B:61:E7:BE:59:A5:DD:6C:50:86:6E:D7:9C:72:9B:11:E5:F2
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/bzx7Yee-WaXdbFCGbteccpsR5fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.228.0/22
212.173.0.0/16
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:ba:07:0b:7a:18:a0:52:15:8a:24:d6:e3:87:11:37:93:d2:
d1:5d:59:1b:18:f6:62:68:3c:a4:53:f3:ae:f8:13:53:8b:2f:
7a:9e:23:47:53:1a:06:6c:dd:d0:db:ac:a2:2c:2f:56:eb:28:
56:35:2d:9d:e1:be:47:e5:a8:9e:b1:a4:10:6f:dc:e1:09:a7:
e3:17:90:8f:08:12:38:3f:f6:b1:ee:27:34:35:90:9f:85:25:
04:16:01:7c:62:c0:86:21:eb:d4:a5:16:ae:36:59:a9:ad:ae:
b8:98:36:5a:4d:45:09:56:40:b0:3f:fb:78:6b:94:67:0f:bb:
a0:5b:73:77:03:6c:34:8b:ca:e3:6d:93:5f:26:9a:fb:c7:0b:
2c:3d:38:85:87:2a:29:4f:75:87:9b:1f:3e:e1:0b:22:91:ae:
79:50:ba:80:f5:dc:04:e1:94:27:46:ec:b0:aa:7f:65:79:b0:
9d:21:a0:fc:dd:11:d3:95:62:04:69:41:58:82:93:af:cb:a3:
85:3e:4b:a5:85:63:18:6d:af:e0:e1:01:93:af:84:bb:bd:8f:
8b:20:13:b3:82:b4:7b:4a:7a:c2:a8:8b:c9:5c:07:ba:ca:06:
07:d7:ed:80:38:d1:0c:2e:b8:20:04:e4:cd:dc:cc:7e:ef:e9:
d5:e7:d4:d0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYOs5tkUY1DWquGqhN4Cju6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjIxMDA2MTA0NTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNjN2I2MWU3YmU1OWE1ZGQ2YzUwODY2ZWQ3OWM3MjliMTFlNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoVB5prVPZw7WQy0U804SDeZiKY8
PaRr40q+aVMgSq+SRuFJU9x3lkQ1hlX5zCvTOZQFqE6/lqF8vJQe33CpogURHrMz
yJGODD+V3NT2eL5vAAQoypjXOzu5nPBaj4bGLu54qRUDpGtBQ9PiAVynjXFGMWdx
DolQAN5mVZJt23DpQR3QU+0BfHxfmVKrQ8o9oRuShP006oTlfLhcI7PoAxCj8XaT
YXkY+hH7kRB7BA65etu5jVZEuBuw5uw5Vr/JDmEdD65IsuGYUJJ+s6aVjKBVuKGI
txOL7n4DAdYd4ks4i2eJaP9VA76F6iFbNjWM3BsrBPlXBkV1LWSb1h/J4wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG88e2Hnvlml3WxQhm7XnHKbEeXyMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvYnp4N1llZS1XYVhkYkZDR2J0ZWNjcHNSNWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwQCucDkAwMA
1K0wDQQCAAIwBwMFACoCD7AwDQYJKoZIhvcNAQELBQADggEBAJy6Bwt6GKBSFYok
1uOHETeT0tFdWRsY9mJoPKRT8674E1OLL3qeI0dTGgZs3dDbrKIsL1brKFY1LZ3h
vkflqJ6xpBBv3OEJp+MXkI8IEjg/9rHuJzQ1kJ+FJQQWAXxiwIYh69SlFq42Wamt
rriYNlpNRQlWQLA/+3hrlGcPu6Bbc3cDbDSLyuNtk18mmvvHCyw9OIWHKilPdYeb
Hz7hCyKRrnlQuoD13AThlCdG7LCqf2V5sJ0hoPzdEdOVYgRpQViCk6/Lo4U+S6WF
Yxhtr+DhAZOvhLu9j4sgE7OCtHtKesKoi8lcB7rKBgfX7YA40QwuuCAE5M3czH7v
6dXn1NA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:30 2024 by rpki-client on console-ams.rpki-client.org