Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/XdDO0Y6yAe51dZezVUmZX5slCh8.roa
File: XdDO0Y6yAe51dZezVUmZX5slCh8.roa (raw, json)
Hash identifier: rUjwMXORi+0JuFsk6Cp900p2UrOJVo4jgOYG5nu/XIE=
Subject key identifier: 5D:D0:CE:D1:8E:B2:01:EE:75:75:97:B3:55:49:99:5F:9B:25:0A:1F
Certificate issuer: /CN=49596cecc21dd02677a727ef37f0689546ea5097
Certificate serial: 192B08D1
Authority key identifier: 49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/XdDO0Y6yAe51dZezVUmZX5slCh8.roa
Signing time: Sat 01 Jan 2022 06:02:53 +0000
ROA not before: Sat 01 Jan 2022 06:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57112
IP address blocks: 185.72.160.0/22 maxlen: 22
185.82.192.0/22 maxlen: 22
185.103.236.0/22 maxlen: 22
185.133.108.0/22 maxlen: 22
5.104.112.0/20 maxlen: 20
185.87.156.0/22 maxlen: 22
185.70.236.0/22 maxlen: 22
185.87.104.0/22 maxlen: 22
185.87.116.0/22 maxlen: 22
185.33.152.0/22 maxlen: 22
81.30.64.0/20 maxlen: 20
185.113.172.0/22 maxlen: 22
185.23.140.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 422250705 (0x192b08d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49596cecc21dd02677a727ef37f0689546ea5097
Validity
Not Before: Jan 1 06:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dd0ced18eb201ee757597b35549995f9b250a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9b:ec:c2:20:3f:cf:0d:ff:c1:98:cb:96:ff:
50:be:13:f5:0a:02:b9:32:0e:1d:55:46:f2:75:ac:
ad:a2:d8:99:5f:d4:83:64:c9:21:dc:65:f9:a3:8e:
cf:0e:d8:48:cb:b1:50:ad:1a:fd:e9:1b:8e:95:1b:
58:2e:e7:5c:f2:5f:4d:56:fe:77:b2:ba:15:80:fa:
f4:61:60:8c:8c:2b:f6:d0:69:18:99:8e:c3:47:cb:
0c:e1:89:d1:6c:82:7d:bc:6f:a7:b0:54:91:23:3e:
3c:c1:a9:20:45:43:34:ea:05:58:33:08:14:02:48:
f0:92:53:db:d0:0b:87:9e:b8:47:b0:bc:03:73:29:
5b:bd:f1:eb:b0:e0:d6:a2:f8:cb:c2:e7:66:d1:0b:
22:35:41:e2:a0:20:2d:8f:66:c3:f9:5b:e6:22:15:
1e:56:59:2a:c0:03:44:8a:60:94:d1:85:9e:ea:80:
bb:58:b5:d0:d1:f2:14:e0:1f:ff:8f:ce:90:be:e2:
d4:e9:9f:4b:c4:a5:0a:67:22:33:1e:b4:62:89:e4:
58:3c:01:51:93:29:b2:d1:00:2a:77:9d:fb:5a:5b:
d9:e3:97:75:11:75:f9:ca:48:35:b5:ac:e6:62:a6:
5d:58:fb:f4:39:2a:c0:cb:f7:d1:d4:c1:fb:bd:54:
de:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D0:CE:D1:8E:B2:01:EE:75:75:97:B3:55:49:99:5F:9B:25:0A:1F
X509v3 Authority Key Identifier:
keyid:49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/XdDO0Y6yAe51dZezVUmZX5slCh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.112.0/20
81.30.64.0/20
185.23.140.0/22
185.33.152.0/22
185.70.236.0/22
185.72.160.0/22
185.82.192.0/22
185.87.104.0/22
185.87.116.0/22
185.87.156.0/22
185.103.236.0/22
185.113.172.0/22
185.133.108.0/22
Signature Algorithm: sha256WithRSAEncryption
04:88:c8:7c:f2:9b:1b:64:fe:83:95:33:68:c4:e0:93:29:30:
08:41:e0:c8:b6:71:17:fe:35:f0:c4:b7:75:cd:53:29:75:f2:
3f:ad:f0:98:c3:03:23:e8:89:a4:6e:2c:f9:26:dc:f9:c3:7d:
ad:0f:f7:6f:4e:26:06:43:bd:77:16:07:b6:8c:7b:67:d6:f8:
61:48:bd:43:06:6b:ed:f5:8b:c5:95:5e:e8:e3:1d:83:63:40:
38:14:df:86:47:9a:dc:8e:88:29:13:ad:8d:ff:d5:5b:a6:9c:
36:34:ab:c8:06:ba:62:35:5e:c2:23:61:d3:c8:66:24:95:84:
e2:42:2f:25:d2:0f:cb:24:70:8c:82:57:0a:e1:7b:f3:a7:8c:
7a:ae:2a:88:88:d7:eb:8f:b0:bd:19:4a:31:e8:f2:14:64:41:
f9:ec:ee:3e:19:4e:53:f4:81:a5:4b:32:80:4f:76:6b:4e:df:
64:dd:6f:34:1b:58:1b:8d:db:2a:02:f9:61:ba:42:d3:3b:9f:
96:f5:60:a3:03:d2:2d:78:ec:ab:a2:40:f7:fd:d0:be:68:f9:
75:e0:d2:52:33:14:ba:e0:11:ba:e5:6a:31:9a:85:9d:12:29:
8d:bf:eb:2d:29:2f:be:04:e6:d1:35:89:80:a6:d3:8b:35:5e:
e9:17:08:15
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEGSsI0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTU5NmNlY2MyMWRkMDI2NzdhNzI3ZWYzN2YwNjg5NTQ2ZWE1MDk3MB4XDTIyMDEw
MTA2MDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRkMGNlZDE4ZWIy
MDFlZTc1NzU5N2IzNTU0OTk5NWY5YjI1MGExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKb7MIgP88N/8GYy5b/UL4T9QoCuTIOHVVG8nWsraLYmV/U
g2TJIdxl+aOOzw7YSMuxUK0a/ekbjpUbWC7nXPJfTVb+d7K6FYD69GFgjIwr9tBp
GJmOw0fLDOGJ0WyCfbxvp7BUkSM+PMGpIEVDNOoFWDMIFAJI8JJT29ALh564R7C8
A3MpW73x67Dg1qL4y8LnZtELIjVB4qAgLY9mw/lb5iIVHlZZKsADRIpglNGFnuqA
u1i10NHyFOAf/4/OkL7i1OmfS8SlCmciMx60YonkWDwBUZMpstEAKned+1pb2eOX
dRF1+cpINbWs5mKmXVj79DkqwMv30dTB+71U3o8CAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBRd0M7RjrIB7nV1l7NVSZlfmyUKHzAfBgNVHSMEGDAWgBRJWWzswh3QJnen
J+838GiVRupQlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NWbHM3TUlkMENaM3B5ZnZOX0JvbFVicVVKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZTdiZDAxLTQzMmYtNGJmOS04MGM1LTg5N2QwMDk3N2ZmMi8x
L1hkRE8wWTZ5QWU1MWRaZXpWVW1aWDVzbENoOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZTdiZDAxLTQzMmYtNGJmOS04MGM1LTg5N2QwMDk3N2ZmMi8xL1NWbHM3TUlkMENa
M3B5ZnZOX0JvbFVicVVKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEBAVocAMEBFEeQAMEArkXjAMEArkh
mAMEArlG7AMEArlIoAMEArlSwAMEArlXaAMEArlXdAMEArlXnAMEArln7AMEArlx
rAMEArmFbDANBgkqhkiG9w0BAQsFAAOCAQEABIjIfPKbG2T+g5UzaMTgkykwCEHg
yLZxF/418MS3dc1TKXXyP63wmMMDI+iJpG4s+Sbc+cN9rQ/3b04mBkO9dxYHtox7
Z9b4YUi9QwZr7fWLxZVe6OMdg2NAOBTfhkea3I6IKROtjf/VW6acNjSryAa6YjVe
wiNh08hmJJWE4kIvJdIPyyRwjIJXCuF786eMeq4qiIjX64+wvRlKMejyFGRB+ezu
PhlOU/SBpUsygE92a07fZN1vNBtYG43bKgL5YbpC0zuflvVgowPSLXjsq6JA9/3Q
vmj5deDSUjMUuuARuuVqMZqFnRIpjb/rLSkvvgTm0TWJgKbTizVe6RcIFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:22 2024 by rpki-client on console-ams.rpki-client.org