Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/XVXNHG8zEN2bWePC_eyFF_ez76g.roa
File: XVXNHG8zEN2bWePC_eyFF_ez76g.roa (raw, json)
Hash identifier: H3rz7ceJ//hnN3dcmrw4DZW/CpbRO9K1imhRjQUnJmE=
Subject key identifier: 5D:55:CD:1C:6F:33:10:DD:9B:59:E3:C2:FD:EC:85:17:F7:B3:EF:A8
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 4883FF36
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/XVXNHG8zEN2bWePC_eyFF_ez76g.roa
Signing time: Sat 01 Jan 2022 03:00:44 +0000
ROA not before: Sat 01 Jan 2022 03:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209813
IP address blocks: 185.238.152.0/24 maxlen: 24
46.161.31.0/24 maxlen: 24
185.238.153.0/24 maxlen: 24
185.238.155.0/24 maxlen: 24
185.238.154.0/24 maxlen: 24
5.189.218.0/24 maxlen: 24
5.189.217.0/24 maxlen: 24
5.189.219.0/24 maxlen: 24
31.184.203.0/24 maxlen: 24
31.184.202.0/24 maxlen: 24
31.184.201.0/24 maxlen: 24
31.184.200.0/24 maxlen: 24
5.188.50.0/23 maxlen: 24
5.8.67.0/24 maxlen: 24
5.189.252.0/24 maxlen: 24
5.8.44.0/24 maxlen: 24
5.8.45.0/24 maxlen: 24
5.8.46.0/24 maxlen: 24
5.8.47.0/24 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.101.46.0/24 maxlen: 24
5.101.45.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.188.194.0/24 maxlen: 24
5.188.195.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
91.243.42.0/24 maxlen: 24
91.243.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1216610102 (0x4883ff36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d55cd1c6f3310dd9b59e3c2fdec8517f7b3efa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:68:79:92:5a:8b:84:fe:17:84:2c:c7:dc:aa:
a7:96:97:cd:20:49:62:8e:08:68:27:6c:ad:f0:60:
19:e0:1e:a3:34:96:0c:50:97:5e:07:ad:bf:41:07:
bf:5e:71:28:1d:6b:b9:fc:87:42:73:36:f8:89:9f:
4c:bd:36:41:55:8b:ce:54:c9:66:16:af:66:e5:61:
0b:d0:dd:1a:10:5c:6a:bd:49:cf:f9:a6:e8:7f:44:
d4:30:15:6b:8f:4f:03:76:74:c1:85:0e:89:32:6c:
ad:47:e0:66:eb:79:8c:47:48:09:49:15:21:99:08:
de:cf:7b:d8:f6:90:98:4e:b7:18:e8:9e:ae:ae:cf:
0d:57:54:36:a0:c0:76:20:89:c0:4f:ad:d6:68:b9:
84:47:84:a7:cc:b1:3b:9f:80:eb:77:f8:ec:7b:d3:
2a:50:c8:95:48:90:0d:ad:bf:83:31:0f:9b:69:4c:
63:d1:89:2b:96:45:16:d2:af:30:9d:d3:e0:43:5d:
47:8f:af:eb:b2:4c:9e:dc:9f:ec:b3:bf:6c:db:7a:
8d:c7:ae:f1:51:6d:57:23:c2:5e:88:ad:1f:6d:38:
8b:35:37:f8:f7:3e:e8:20:ab:59:e7:ae:29:6f:a9:
c3:7a:d0:da:1a:3b:07:87:28:9a:5a:34:5b:b5:78:
44:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:55:CD:1C:6F:33:10:DD:9B:59:E3:C2:FD:EC:85:17:F7:B3:EF:A8
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/XVXNHG8zEN2bWePC_eyFF_ez76g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/22
5.8.67.0/24
5.101.45.0-5.101.47.255
5.188.50.0/23
5.188.176.0-5.188.178.255
5.188.194.0/23
5.188.200.0/24
5.188.203.0/24
5.189.217.0-5.189.219.255
5.189.252.0/24
31.184.200.0/22
46.161.31.0/24
91.243.41.0-91.243.42.255
185.238.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:a1:9a:b6:a5:04:1c:5e:b7:a3:b6:88:d4:3c:43:f0:49:41:
24:f9:e3:dd:76:35:2d:51:6f:15:0c:7f:37:64:14:e6:08:a3:
4b:71:4a:36:4b:aa:33:ab:77:6b:a4:cb:67:99:0e:04:56:56:
42:2e:f6:ff:bc:51:9a:89:47:db:70:be:e5:c2:9f:a1:92:89:
a3:dd:5b:68:47:d2:cd:6f:a1:6f:21:7d:99:97:cc:20:0b:e0:
e2:ca:f5:0c:bd:8a:18:3b:95:b1:82:6d:07:67:84:34:af:c2:
07:c4:28:f8:82:4b:0b:3c:e2:eb:39:67:de:81:36:a1:ab:e8:
09:94:b4:3d:4c:cf:a4:c1:cf:bc:08:ec:60:0f:14:21:20:97:
12:5c:00:cb:82:4b:47:ba:0a:e9:13:66:27:79:98:02:58:40:
54:08:08:9b:6d:b7:5f:64:fa:65:36:fa:0f:8d:d1:58:82:e9:
fc:a6:12:f6:de:0c:dd:e7:5f:53:39:eb:dd:3d:3e:51:73:25:
59:d6:08:ae:65:ba:06:f7:3f:6a:7d:b1:93:2a:d4:2c:ac:d6:
99:af:98:9e:7f:8c:a9:9e:4f:35:87:3b:0a:9f:54:68:01:a6:
4e:54:f5:2f:c7:32:a1:59:98:2c:78:c0:a0:f1:e2:f6:9f:af:
c2:a9:5d:e6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIESIP/NjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ1NWNkMWM2ZjMz
MTBkZDliNTllM2MyZmRlYzg1MTdmN2IzZWZhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZoeZJai4T+F4Qsx9yqp5aXzSBJYo4IaCdsrfBgGeAeozSW
DFCXXgetv0EHv15xKB1rufyHQnM2+ImfTL02QVWLzlTJZhavZuVhC9DdGhBcar1J
z/mm6H9E1DAVa49PA3Z0wYUOiTJsrUfgZut5jEdICUkVIZkI3s972PaQmE63GOie
rq7PDVdUNqDAdiCJwE+t1mi5hEeEp8yxO5+A63f47HvTKlDIlUiQDa2/gzEPm2lM
Y9GJK5ZFFtKvMJ3T4ENdR4+v67JMntyf7LO/bNt6jceu8VFtVyPCXoitH204izU3
+Pc+6CCrWeeuKW+pw3rQ2ho7B4comlo0W7V4RCECAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBRdVc0cbzMQ3ZtZ48L97IUX97PvqDAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L1hWWE5IRzh6RU4yYldlUENfZXlGRl9lejc2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBAIFCCwDBAAFCEMwDAMEAAVlLQME
BAVlIAMEAQW8MjAMAwQEBbywAwQABbyyAwQBBbzCAwQABbzIAwQABbzLMAwDBAAF
vdkDBAIFvdgDBAAFvfwDBAIfuMgDBAAuoR8wDAMEAFvzKQMEAFvzKgMEArnumDAN
BgkqhkiG9w0BAQsFAAOCAQEAPqGatqUEHF63o7aI1DxD8ElBJPnj3XY1LVFvFQx/
N2QU5gijS3FKNkuqM6t3a6TLZ5kOBFZWQi72/7xRmolH23C+5cKfoZKJo91baEfS
zW+hbyF9mZfMIAvg4sr1DL2KGDuVsYJtB2eENK/CB8Qo+IJLCzzi6zln3oE2oavo
CZS0PUzPpMHPvAjsYA8UISCXElwAy4JLR7oK6RNmJ3mYAlhAVAgIm223X2T6ZTb6
D43RWILp/KYS9t4M3edfUznr3T0+UXMlWdYIrmW6Bvc/an2xkyrULKzWma+Ynn+M
qZ5PNYc7Cp9UaAGmTlT1L8cyoVmYLHjAoPHi9p+vwqld5g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org