Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/EyXN_JDwwl9pzxndoqj8tfuM9SQ.roa
File: EyXN_JDwwl9pzxndoqj8tfuM9SQ.roa (raw, json)
Hash identifier: ofWT+RECUoJa7YP5cQQQLd4zWW10sjx5Q4p+IPecqX8=
Subject key identifier: 13:25:CD:FC:90:F0:C2:5F:69:CF:19:DD:A2:A8:FC:B5:FB:8C:F5:24
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 018FDD3F0BD82204CF4E5028D793E68699F0
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/EyXN_JDwwl9pzxndoqj8tfuM9SQ.roa
Signing time: Mon 03 Jun 2024 08:37:27 +0000
ROA not before: Mon 03 Jun 2024 08:37:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60606
IP address blocks: 95.173.204.0/22 maxlen: 22
95.173.212.0/24 maxlen: 24
95.173.216.0/21 maxlen: 21
185.2.42.0/24 maxlen: 24
185.111.108.0/22 maxlen: 24
2a06:5d80::/32 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:3f:0b:d8:22:04:cf:4e:50:28:d7:93:e6:86:99:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jun 3 08:37:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1325cdfc90f0c25f69cf19dda2a8fcb5fb8cf524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:72:d0:4d:d3:05:16:25:f0:d1:57:34:13:38:
3d:76:91:d8:77:61:ce:8b:7c:7f:23:32:62:fc:b6:
bc:06:e1:ab:58:9c:26:43:64:11:72:82:d3:91:31:
f3:05:be:80:29:af:9f:1d:fd:29:ae:9b:0e:6e:2f:
0a:87:74:88:69:6e:79:50:51:1a:af:d6:0a:84:2e:
18:e9:af:49:b7:86:6c:1c:9b:cc:f1:9c:43:7a:55:
4c:f4:fe:06:1a:aa:e0:eb:ce:64:c7:c3:e4:cc:95:
96:9d:f2:c2:c9:fb:76:a7:a9:35:4a:31:28:c2:8f:
60:08:26:6e:82:f1:44:a2:a0:53:58:d9:08:eb:bc:
6a:11:d6:7f:c4:53:3b:50:de:97:2b:3d:3c:88:08:
bd:a7:2d:84:dc:07:1a:fe:7d:ee:51:cd:7b:23:2f:
69:ca:88:53:9b:fb:d4:21:68:54:e4:c6:e6:d4:fc:
cb:36:ba:7a:e2:48:df:40:b2:d8:17:ef:0a:8a:cb:
fb:f4:59:a1:1d:52:a7:e6:ff:96:45:12:20:48:72:
5f:3e:2d:cd:65:f0:19:39:62:36:c4:12:4e:9b:ca:
b0:91:85:f7:82:51:80:f5:d4:9c:7b:96:c6:06:c9:
f5:6e:55:b6:8b:84:4d:52:1f:dc:ef:8a:a7:a1:e8:
30:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:25:CD:FC:90:F0:C2:5F:69:CF:19:DD:A2:A8:FC:B5:FB:8C:F5:24
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/EyXN_JDwwl9pzxndoqj8tfuM9SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.204.0/22
95.173.212.0/24
95.173.216.0/21
185.2.42.0/24
185.111.108.0/22
IPv6:
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
54:c4:25:99:96:b0:73:ec:18:29:0f:22:7e:26:65:d8:26:05:
6c:83:dc:44:bb:5a:6e:40:5d:b9:7f:d1:83:cf:f7:cd:71:0f:
9b:2f:7d:38:6e:47:01:39:e1:4b:94:a5:d6:c7:a9:c1:a8:f0:
0c:e0:5d:6d:6c:87:3d:50:69:42:34:d6:17:36:41:2a:1a:c3:
57:00:77:37:bd:c7:6f:44:cf:59:19:53:c9:e2:f5:bf:75:ba:
03:0d:6a:91:14:a7:df:e0:ec:e7:4d:77:47:e9:91:d2:54:91:
b8:8b:2d:21:42:e5:0c:75:fe:74:ee:f1:e9:37:d9:ad:4b:fc:
4b:ee:c2:b9:0a:9f:e1:6e:43:28:76:17:b0:fe:8a:6f:98:1d:
d9:a5:63:22:84:39:54:45:4a:1b:03:98:04:a9:39:ea:db:39:
d0:86:c2:ac:6a:9e:c6:73:bf:82:5c:83:0b:d3:56:8d:53:f6:
89:4b:0a:b9:6d:77:25:9c:e7:06:9b:47:8c:88:0c:77:0f:7d:
e5:34:28:62:a0:87:46:2a:e7:f5:0d:aa:a7:9b:24:2d:f1:ea:
66:53:0c:1e:bf:13:a7:a5:a9:19:28:24:d0:98:b8:50:ec:c7:
eb:69:ee:72:03:38:31:04:63:a8:b9:3f:95:ee:55:21:e1:c4:
26:bc:1b:ee
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY/dPwvYIgTPTlAo15PmhpnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjQwNjAzMDgzNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzI1Y2RmYzkwZjBjMjVmNjljZjE5ZGRhMmE4ZmNiNWZiOGNmNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHLQTdMFFiXw0Vc0Ezg9dpHYd2HO
i3x/IzJi/La8BuGrWJwmQ2QRcoLTkTHzBb6AKa+fHf0prpsObi8Kh3SIaW55UFEa
r9YKhC4Y6a9Jt4ZsHJvM8ZxDelVM9P4GGqrg685kx8PkzJWWnfLCyft2p6k1SjEo
wo9gCCZugvFEoqBTWNkI67xqEdZ/xFM7UN6XKz08iAi9py2E3Aca/n3uUc17Iy9p
yohTm/vUIWhU5Mbm1PzLNrp64kjfQLLYF+8Kisv79FmhHVKn5v+WRRIgSHJfPi3N
ZfAZOWI2xBJOm8qwkYX3glGA9dSce5bGBsn1blW2i4RNUh/c74qnoegwRwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBMlzfyQ8MJfac8Z3aKo/LX7jPUkMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvRXlYTl9KRHd3bDlwenhuZG9xajh0ZnVNOVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCX63MAwQA
X63UAwQDX63YAwQAuQIqAwQCuW9sMA0EAgACMAcDBQAqBl2AMA0GCSqGSIb3DQEB
CwUAA4IBAQBUxCWZlrBz7BgpDyJ+JmXYJgVsg9xEu1puQF25f9GDz/fNcQ+bL304
bkcBOeFLlKXWx6nBqPAM4F1tbIc9UGlCNNYXNkEqGsNXAHc3vcdvRM9ZGVPJ4vW/
dboDDWqRFKff4OznTXdH6ZHSVJG4iy0hQuUMdf507vHpN9mtS/xL7sK5Cp/hbkMo
dhew/opvmB3ZpWMihDlURUobA5gEqTnq2znQhsKsap7Gc7+CXIML01aNU/aJSwq5
bXclnOcGm0eMiAx3D33lNChioIdGKuf1DaqnmyQt8epmUwwevxOnpakZKCTQmLhQ
7Mfrae5yAzgxBGOouT+V7lUh4cQmvBvu
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:31 2024 by rpki-client on console-ams.rpki-client.org