Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/XLL81drsHuhedpETcFejDHqFrjY.roa
File: XLL81drsHuhedpETcFejDHqFrjY.roa (raw, json)
Hash identifier: RN9dsGn0T+xIrZV+DOgByt4WJsP09GiVyEtz1WV6HR4=
Subject key identifier: 5C:B2:FC:D5:DA:EC:1E:E8:5E:76:91:13:70:57:A3:0C:7A:85:AE:36
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 0185B0ABD1C920CEF8D3112F72CF52C40277
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/XLL81drsHuhedpETcFejDHqFrjY.roa
Signing time: Sat 14 Jan 2023 14:25:28 +0000
ROA not before: Sat 14 Jan 2023 14:25:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44854
IP address blocks: 185.219.6.0/24 maxlen: 24
103.243.124.0/22 maxlen: 24
93.114.180.0/23 maxlen: 24
2a10:e300:35::/48 maxlen: 48
2a10:e300::/32 maxlen: 48
2a10:e300:26::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b0:ab:d1:c9:20:ce:f8:d3:11:2f:72:cf:52:c4:02:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Jan 14 14:25:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cb2fcd5daec1ee85e7691137057a30c7a85ae36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:c0:da:67:f3:ff:34:27:8f:88:01:f4:3a:
ad:9b:96:af:69:67:c2:91:3b:da:dd:b1:4d:f5:c9:
e2:d8:85:b4:94:98:26:99:c4:a1:b3:7a:6b:48:b8:
fa:3e:bf:5b:c8:ba:9a:6a:54:de:e0:01:4c:9a:a6:
e3:74:37:6a:da:d1:0b:36:f8:ae:61:84:3d:97:9b:
38:a1:44:ac:bf:21:d8:7a:62:b7:fc:58:51:24:30:
93:2d:b5:97:59:6d:10:4c:8e:8c:f3:5b:bc:1e:03:
ec:35:53:77:cd:b6:97:41:65:fa:7d:b4:32:4d:40:
4e:4b:3d:78:8a:6d:11:12:7f:9b:7d:2f:d6:26:a0:
75:19:4e:4a:43:e0:f1:1f:5f:7f:55:d6:46:9c:19:
ce:79:62:2d:22:04:12:d3:04:f4:8d:b8:de:0b:5c:
3e:62:01:b6:79:a1:9b:ba:17:4a:b1:08:0b:96:f2:
b9:f2:35:b3:b3:16:05:f8:49:9b:7c:b5:4a:04:ad:
08:4c:71:79:04:0f:a5:1c:6e:d6:5c:c0:57:35:6e:
21:68:24:48:ed:d5:46:64:1f:06:7a:c2:4c:13:61:
c6:65:92:51:38:4b:62:06:5e:e5:0d:16:37:b4:56:
03:b8:f6:17:e8:1f:1b:0e:29:2c:19:b3:c5:64:ed:
94:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B2:FC:D5:DA:EC:1E:E8:5E:76:91:13:70:57:A3:0C:7A:85:AE:36
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/XLL81drsHuhedpETcFejDHqFrjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.180.0/23
103.243.124.0/22
185.219.6.0/24
IPv6:
2a10:e300::/32
Signature Algorithm: sha256WithRSAEncryption
b4:e0:b7:b8:17:99:f4:6c:b4:06:e0:37:14:5d:ae:03:1c:25:
7f:69:94:cb:6e:32:59:39:f9:98:c9:39:c4:9d:44:f8:a2:00:
56:b3:31:df:5b:0d:98:07:71:0c:41:9e:d2:d0:c2:ff:ae:1b:
2a:f8:5c:4a:ef:31:4c:c2:4b:c0:03:73:cd:05:f2:1a:8b:35:
47:33:d1:91:51:96:26:4b:f6:38:28:c5:62:6d:94:7b:96:34:
42:b4:a7:29:d1:12:80:5a:e7:24:a0:4c:8e:45:88:36:e0:8d:
27:88:c1:a6:3b:cf:e3:60:18:e6:e7:f6:21:ab:ad:c8:3a:6a:
be:fb:8e:6f:3c:dd:b2:3c:3a:0e:f7:0a:96:45:03:e5:87:60:
5a:ae:b6:4f:53:55:f4:1f:9b:36:e0:d3:52:cf:b1:c8:97:ec:
13:82:1c:e4:d0:f6:f3:37:1d:01:6d:d3:6d:8d:80:b5:b7:8e:
c8:76:f0:a1:97:ba:c4:46:9f:10:d1:9d:b3:15:de:4b:b6:c4:
93:94:bf:3c:df:31:cd:32:a3:47:ce:9d:52:6d:de:98:50:1e:
30:2a:82:97:38:bf:db:b4:4b:f8:b0:0a:0d:f2:9b:83:49:22:
30:6e:11:e9:ee:e2:d6:79:71:1e:1c:9e:16:b9:73:1b:ee:4c:
db:e1:8c:69
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYWwq9HJIM740xEvcs9SxAJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjMwMTE0MTQyNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2IyZmNkNWRhZWMxZWU4NWU3NjkxMTM3MDU3YTMwYzdhODVhZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUHA2mfz/zQnj4gB9Dqtm5avaWfC
kTva3bFN9cni2IW0lJgmmcShs3prSLj6Pr9byLqaalTe4AFMmqbjdDdq2tELNviu
YYQ9l5s4oUSsvyHYemK3/FhRJDCTLbWXWW0QTI6M81u8HgPsNVN3zbaXQWX6fbQy
TUBOSz14im0REn+bfS/WJqB1GU5KQ+DxH19/VdZGnBnOeWItIgQS0wT0jbjeC1w+
YgG2eaGbuhdKsQgLlvK58jWzsxYF+EmbfLVKBK0ITHF5BA+lHG7WXMBXNW4haCRI
7dVGZB8GesJME2HGZZJROEtiBl7lDRY3tFYDuPYX6B8bDiksGbPFZO2UKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFyy/NXa7B7oXnaRE3BXowx6ha42MB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvWExMODFkcnNIdWhlZHBFVGNGZWpESHFGcmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBXXK0AwQC
Z/N8AwQAudsGMA0EAgACMAcDBQAqEOMAMA0GCSqGSIb3DQEBCwUAA4IBAQC04Le4
F5n0bLQG4DcUXa4DHCV/aZTLbjJZOfmYyTnEnUT4ogBWszHfWw2YB3EMQZ7S0ML/
rhsq+FxK7zFMwkvAA3PNBfIaizVHM9GRUZYmS/Y4KMVibZR7ljRCtKcp0RKAWuck
oEyORYg24I0niMGmO8/jYBjm5/Yhq63IOmq++45vPN2yPDoO9wqWRQPlh2BarrZP
U1X0H5s24NNSz7HIl+wTghzk0PbzNx0BbdNtjYC1t47IdvChl7rERp8Q0Z2zFd5L
tsSTlL883zHNMqNHzp1Sbd6YUB4wKoKXOL/btEv4sAoN8puDSSIwbhHp7uLWeXEe
HJ4WuXMb7kzb4Yxp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org