Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/XaavMbr5mlm-wkHLZ9Ce8T8cH-s.roa
File: XaavMbr5mlm-wkHLZ9Ce8T8cH-s.roa (raw, json)
Hash identifier: ftQd5fnKlMHfPixwOEs5Tg2vTxpjH79tUNn/jc6xq6U=
Subject key identifier: 5D:A6:AF:31:BA:F9:9A:59:BE:C2:41:CB:67:D0:9E:F1:3F:1C:1F:EB
Certificate issuer: /CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Certificate serial: 10DFB79C
Authority key identifier: C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/XaavMbr5mlm-wkHLZ9Ce8T8cH-s.roa
Signing time: Sat 01 Jan 2022 16:02:23 +0000
ROA not before: Sat 01 Jan 2022 16:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15659
IP address blocks: 213.187.160.0/19 maxlen: 19
89.10.0.0/16 maxlen: 16
80.202.0.0/16 maxlen: 16
217.13.0.0/19 maxlen: 19
213.187.190.0/24 maxlen: 24
213.145.160.0/19 maxlen: 19
89.11.0.0/17 maxlen: 17
84.48.0.0/15 maxlen: 15
84.49.101.0/24 maxlen: 24
80.203.128.0/17 maxlen: 17
2a04:980::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 283096988 (0x10dfb79c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Validity
Not Before: Jan 1 16:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5da6af31baf99a59bec241cb67d09ef13f1c1feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:3d:18:6c:a3:c3:a3:c2:94:54:a1:4e:84:
79:d7:98:34:3c:cf:28:fb:59:95:fd:8c:44:33:91:
ad:47:81:e3:c0:5b:09:f6:3b:05:29:3c:1e:10:e4:
39:1c:51:0d:40:b0:d7:86:d1:9b:d6:53:5b:50:65:
f2:4f:c6:95:01:42:e3:ae:07:71:0f:17:24:ac:ef:
1e:d9:40:1b:9a:b2:c4:37:b8:82:a6:a3:84:5c:4c:
aa:a3:4c:0a:c8:ca:12:74:c4:46:03:5b:92:74:bc:
ca:69:08:0e:3b:98:15:ee:63:c6:e3:0c:ac:5b:94:
2c:ef:df:c2:6e:1a:e0:44:94:62:58:63:90:5d:09:
7e:64:ff:3b:44:01:fa:ff:af:28:ab:3e:42:0f:dc:
35:cc:29:ed:07:a6:10:0e:64:b3:ae:e5:37:22:47:
34:7e:9f:9b:f7:30:a1:38:ae:29:02:5a:99:56:1d:
fe:89:bf:5b:cb:f9:89:77:cb:2b:4c:bb:6e:c6:14:
b5:21:34:b3:b5:8b:67:69:e4:96:15:fe:0e:2b:29:
aa:4a:bc:23:6c:69:fc:e2:8b:f1:00:3c:d7:1c:f7:
34:6e:10:57:7a:fc:01:19:8f:40:fa:bf:38:fe:59:
d3:d2:d2:44:ae:a3:08:46:fe:c3:75:56:2b:9f:bf:
66:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A6:AF:31:BA:F9:9A:59:BE:C2:41:CB:67:D0:9E:F1:3F:1C:1F:EB
X509v3 Authority Key Identifier:
keyid:C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/XaavMbr5mlm-wkHLZ9Ce8T8cH-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.202.0.0/16
80.203.128.0/17
84.48.0.0/15
89.10.0.0-89.11.127.255
213.145.160.0/19
213.187.160.0/19
217.13.0.0/19
IPv6:
2a04:980::/29
Signature Algorithm: sha256WithRSAEncryption
a9:d9:4f:7a:9d:6a:1f:19:64:d6:d0:20:af:12:87:9f:83:97:
42:87:50:00:33:ee:a4:dc:60:4f:5f:90:32:cc:15:96:ef:bc:
ba:ff:c3:d7:3e:4c:92:d6:09:78:34:a8:7f:68:7d:83:2a:ea:
a3:3b:03:a5:5a:69:cf:1a:70:bf:58:a3:98:03:7a:e8:ea:eb:
20:91:48:3e:18:56:f1:27:ce:2d:35:4e:44:93:a0:1f:e1:fc:
ad:09:1f:ec:2c:07:86:db:ef:97:c7:a0:87:61:61:68:27:27:
25:d9:56:02:77:ce:77:d3:39:c5:e6:b5:c4:22:e3:1b:83:15:
78:9e:c8:d7:67:ac:4e:43:27:e4:07:5b:31:47:04:d7:07:04:
53:16:3c:17:1f:f2:8a:28:3d:be:94:da:20:95:af:92:75:b8:
bb:a7:a1:cd:6e:93:55:6f:9e:f9:f6:ba:48:42:84:a9:ef:87:
02:8f:23:a0:1c:65:e8:e4:bd:33:af:9a:d0:9c:84:47:50:93:
e1:6c:02:92:ac:16:52:d8:7d:70:43:5a:5a:68:99:75:65:05:
3c:b4:16:96:60:b1:a3:37:01:d6:7e:4d:44:11:48:0f:cb:2d:
dd:ef:50:95:7a:7a:a2:25:28:e0:38:e2:a3:ca:a0:b4:64:4d:
03:c9:79:6f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEEN+3nDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjU4M2Y1OGM3MTEwYWQ0Y2M2MDlmNGZmYjdjYWIyZjgwYzgzNTgxMB4XDTIyMDEw
MTE2MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRhNmFmMzFiYWY5
OWE1OWJlYzI0MWNiNjdkMDllZjEzZjFjMWZlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKICPRhso8OjwpRUoU6EedeYNDzPKPtZlf2MRDORrUeB48Bb
CfY7BSk8HhDkORxRDUCw14bRm9ZTW1Bl8k/GlQFC464HcQ8XJKzvHtlAG5qyxDe4
gqajhFxMqqNMCsjKEnTERgNbknS8ymkIDjuYFe5jxuMMrFuULO/fwm4a4ESUYlhj
kF0JfmT/O0QB+v+vKKs+Qg/cNcwp7QemEA5ks67lNyJHNH6fm/cwoTiuKQJamVYd
/om/W8v5iXfLK0y7bsYUtSE0s7WLZ2nklhX+Dispqkq8I2xp/OKL8QA81xz3NG4Q
V3r8ARmPQPq/OP5Z09LSRK6jCEb+w3VWK5+/Zi8CAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBRdpq8xuvmaWb7CQctn0J7xPxwf6zAfBgNVHSMEGDAWgBTGWD9YxxEK1Mxg
n0/7fKsvgMg1gTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hsZ19XTWNSQ3RUTVlKOVAtM3lyTDRESU5ZRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvOGQwY2FlLWVjMTMtNDVmYi05YWZjLTNkNTkzZWJlNTIyMC8x
L1hhYXZNYnI1bWxtLXdrSExaOUNlOFQ4Y0gtcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
OGQwY2FlLWVjMTMtNDVmYi05YWZjLTNkNTkzZWJlNTIyMC8xL3hsZ19XTWNSQ3RU
TVlKOVAtM3lyTDRESU5ZRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwNQQCAAEwLwMDAFDKAwQHUMuAAwMBVDAwCwMDAVkK
AwQHWQsAAwQF1ZGgAwQF1bugAwQF2Q0AMA0EAgACMAcDBQMqBAmAMA0GCSqGSIb3
DQEBCwUAA4IBAQCp2U96nWofGWTW0CCvEoefg5dCh1AAM+6k3GBPX5AyzBWW77y6
/8PXPkyS1gl4NKh/aH2DKuqjOwOlWmnPGnC/WKOYA3ro6usgkUg+GFbxJ84tNU5E
k6Af4fytCR/sLAeG2++Xx6CHYWFoJycl2VYCd8530znF5rXEIuMbgxV4nsjXZ6xO
QyfkB1sxRwTXBwRTFjwXH/KKKD2+lNogla+Sdbi7p6HNbpNVb5759rpIQoSp74cC
jyOgHGXo5L0zr5rQnIRHUJPhbAKSrBZS2H1wQ1paaJl1ZQU8tBaWYLGjNwHWfk1E
EUgPyy3d71CVenqiJSjgOOKjyqC0ZE0DyXlv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:19 2025 by rpki-client