Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Xd-h-AilwkUBsm18wY93sjVpgWc.roa
File: Xd-h-AilwkUBsm18wY93sjVpgWc.roa (raw, json)
Hash identifier: GHi491q9idTZ1UPjdAp4RkO41Us6quvFxY4A0zoWRds=
Subject key identifier: 5D:DF:A1:F8:08:A5:C2:45:01:B2:6D:7C:C1:8F:77:B2:35:69:81:67
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CD587FED459054C7CFDDC80C426DD9A0C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Xd-h-AilwkUBsm18wY93sjVpgWc.roa
Signing time: Thu 04 Jan 2024 17:31:48 +0000
ROA not before: Thu 04 Jan 2024 17:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206654
IP address blocks: 185.212.11.0/24 maxlen: 24
195.211.48.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
45.88.124.0/22 maxlen: 22
37.77.144.0/24 maxlen: 24
2a0f:fa00::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:87:fe:d4:59:05:4c:7c:fd:dc:80:c4:26:dd:9a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 4 17:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ddfa1f808a5c24501b26d7cc18f77b235698167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6f:58:3c:41:c9:c8:78:53:5f:74:f1:18:9c:
59:1f:ac:9b:19:d1:e3:92:55:45:7c:e6:14:12:98:
36:d9:0c:37:c9:7e:60:a7:50:b4:e7:a3:64:3f:c9:
0c:4d:a3:74:d9:9f:4c:9e:0c:73:5f:f2:2d:15:86:
a3:ab:e1:40:9d:04:1a:35:6d:c3:b4:3a:8b:34:dc:
29:af:93:65:56:a8:c1:82:8e:08:f6:b7:64:4a:42:
1b:7e:f1:e7:6c:c2:76:6e:b6:76:38:c9:01:fa:ec:
d2:3e:76:b1:1a:7b:ff:c7:b5:37:d6:f0:c9:31:02:
ee:ab:b4:ce:f7:02:fb:40:15:f6:03:fb:98:ba:7f:
22:21:d2:f4:32:db:76:dc:99:36:85:0e:8a:65:f4:
00:7e:d8:67:b4:8d:27:a3:bb:12:70:b5:57:83:2c:
4f:52:9b:71:ae:0b:44:5c:b4:65:b4:7f:34:e4:81:
b1:98:98:01:ac:df:2d:ce:40:24:f3:9b:78:e6:1e:
c9:5e:96:6e:5d:cb:31:d5:90:97:34:74:5a:62:f3:
c1:f1:b5:9f:7d:e9:42:d3:84:15:c6:d6:cf:b0:2b:
8a:ef:de:a3:69:c5:39:a9:1a:1c:b5:f6:8c:a1:88:
d0:22:75:b5:bb:94:0f:3c:77:89:40:ae:b4:62:ad:
34:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DF:A1:F8:08:A5:C2:45:01:B2:6D:7C:C1:8F:77:B2:35:69:81:67
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Xd-h-AilwkUBsm18wY93sjVpgWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.144.0/24
45.88.124.0/22
185.212.11.0/24
194.213.10.0/24
195.211.48.0/24
IPv6:
2a0f:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
23:c0:3c:ed:04:82:0a:51:76:14:45:a6:5f:20:da:33:bf:21:
7b:16:f2:f2:0d:fa:f6:2e:7b:98:ce:7f:bb:87:07:76:32:0b:
71:9d:86:25:a8:f1:1b:41:b0:a1:0b:41:73:4b:ce:e0:28:26:
6f:75:b8:dc:cb:93:4b:83:2b:98:8e:73:03:c9:94:fc:b1:79:
8a:3e:c7:86:82:67:9d:1d:82:e4:23:66:5f:ef:3c:b5:ce:b8:
89:95:e2:c7:b5:42:52:0c:93:44:4e:2b:fc:53:49:f7:a3:e2:
a2:23:d9:f2:2e:13:b0:e6:93:95:70:e7:99:46:ba:11:d8:78:
0b:7e:8d:57:c8:03:8f:70:22:d2:88:6f:1e:b6:7a:91:2c:ac:
75:28:59:d6:70:cb:ce:96:7d:2b:f2:52:b0:d7:d8:ec:6f:00:
01:e9:5f:08:6d:98:d5:2a:9d:e0:e6:55:6e:20:7b:1f:35:14:
23:ac:b8:4e:93:f3:20:c4:7e:ab:b9:e9:fc:61:e6:80:d9:f2:
45:3a:6a:33:ba:94:da:d8:21:b8:5e:9a:20:c3:fe:81:1b:78:
c4:38:ca:5c:e1:e4:f9:8e:5c:d0:94:87:5a:8b:bc:c8:f2:40:
51:54:c3:d3:a0:44:4d:65:0c:ff:bc:59:47:97:9d:1f:8b:ca:
33:de:91:bc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzVh/7UWQVMfP3cgMQm3ZoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTA0MTczMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRmYTFmODA4YTVjMjQ1MDFiMjZkN2NjMThmNzdiMjM1Njk4MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm9YPEHJyHhTX3TxGJxZH6ybGdHj
klVFfOYUEpg22Qw3yX5gp1C056NkP8kMTaN02Z9MngxzX/ItFYajq+FAnQQaNW3D
tDqLNNwpr5NlVqjBgo4I9rdkSkIbfvHnbMJ2brZ2OMkB+uzSPnaxGnv/x7U31vDJ
MQLuq7TO9wL7QBX2A/uYun8iIdL0Mtt23Jk2hQ6KZfQAfthntI0no7sScLVXgyxP
UptxrgtEXLRltH805IGxmJgBrN8tzkAk85t45h7JXpZuXcsx1ZCXNHRaYvPB8bWf
felC04QVxtbPsCuK796jacU5qRoctfaMoYjQInW1u5QPPHeJQK60Yq00LQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF3fofgIpcJFAbJtfMGPd7I1aYFnMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWGQtaC1BaWx3a1VCc20xOHdZOTNzalZwZ1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJU2QAwQC
LVh8AwQAudQLAwQAwtUKAwQAw9MwMA0EAgACMAcDBQMqD/oAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjwDztBIIKUXYURaZfINozvyF7FvLyDfr2LnuYzn+7hwd2MgtxnYYl
qPEbQbChC0FzS87gKCZvdbjcy5NLgyuYjnMDyZT8sXmKPseGgmedHYLkI2Zf7zy1
zriJleLHtUJSDJNETiv8U0n3o+KiI9nyLhOw5pOVcOeZRroR2HgLfo1XyAOPcCLS
iG8etnqRLKx1KFnWcMvOln0r8lKw19jsbwAB6V8IbZjVKp3g5lVuIHsfNRQjrLhO
k/MgxH6ruen8YeaA2fJFOmozupTa2CG4Xpogw/6BG3jEOMpc4eT5jlzQlIdai7zI
8kBRVMPToERNZQz/vFlHl50fi8oz3pG8
-----END CERTIFICATE-----
Generated at Mon Jul 8 16:01:27 2024 by rpki-client on console-ams.rpki-client.org