Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/XzqXJ78CB8UQjggIWkJ6YMcaCCo.roa
File: XzqXJ78CB8UQjggIWkJ6YMcaCCo.roa (raw, json)
Hash identifier: AFCS/i3DAmfAYO/lrkiC7G1ehYVvaZ1JTzU2Fboc50U=
Subject key identifier: 5F:3A:97:27:BF:02:07:C5:10:8E:08:08:5A:42:7A:60:C7:1A:08:2A
Certificate issuer: /CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Certificate serial: 1202AD28
Authority key identifier: C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/XzqXJ78CB8UQjggIWkJ6YMcaCCo.roa
Signing time: Wed 11 May 2022 07:37:57 +0000
ROA not before: Wed 11 May 2022 07:37:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15659
IP address blocks: 213.187.160.0/19 maxlen: 19
89.10.0.0/16 maxlen: 16
80.202.0.0/16 maxlen: 16
213.187.190.0/24 maxlen: 24
217.13.0.0/19 maxlen: 19
213.145.160.0/19 maxlen: 19
84.48.0.0/17 maxlen: 17
84.48.0.0/15 maxlen: 17
89.11.0.0/17 maxlen: 17
84.49.101.0/24 maxlen: 24
84.49.0.0/16 maxlen: 16
2a04:980::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302165288 (0x1202ad28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Validity
Not Before: May 11 07:37:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f3a9727bf0207c5108e08085a427a60c71a082a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8d:1b:83:a8:fc:e2:c1:dd:3d:4d:39:fc:88:
38:55:bf:bf:f5:5e:c5:bb:03:d8:68:96:c8:c5:dd:
6d:21:4f:cb:fa:74:a5:5f:3d:02:98:72:32:a7:a2:
79:ae:1a:75:1c:a0:3d:8b:93:9c:70:24:db:76:62:
4b:12:eb:db:2b:66:04:55:2f:0c:f1:ef:9e:17:f6:
85:91:6f:0f:d0:c2:9a:7d:1b:16:0e:35:38:d7:93:
b6:64:f6:86:ab:d0:13:fd:00:13:f4:54:12:01:c4:
02:51:b0:12:d1:55:a6:77:12:d2:9b:b2:0b:b9:ce:
7c:a1:d7:85:8f:e8:ff:7c:58:ca:4d:36:11:57:31:
ed:4a:5d:de:c4:fe:f2:75:78:33:65:92:25:62:78:
b6:50:ee:72:03:f6:3a:da:b6:3c:2d:6f:ba:bd:62:
4d:f3:18:fe:b5:b5:39:8f:81:a4:2c:83:6a:76:65:
53:32:0b:3f:70:50:23:98:22:b4:bb:e2:ee:83:aa:
ad:9a:84:0d:62:d6:30:2b:59:1a:84:79:1b:ca:89:
6d:e9:4e:8f:03:3b:a4:f3:56:54:d1:c0:6b:11:a6:
04:aa:45:b6:eb:f6:cc:19:c4:c4:5a:fd:f6:1b:28:
81:df:5e:bf:5e:48:f3:fe:44:c6:d2:7b:eb:ed:83:
bf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3A:97:27:BF:02:07:C5:10:8E:08:08:5A:42:7A:60:C7:1A:08:2A
X509v3 Authority Key Identifier:
keyid:C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/XzqXJ78CB8UQjggIWkJ6YMcaCCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.202.0.0/16
84.48.0.0/15
89.10.0.0-89.11.127.255
213.145.160.0/19
213.187.160.0/19
217.13.0.0/19
IPv6:
2a04:980::/29
Signature Algorithm: sha256WithRSAEncryption
54:6b:c4:5e:56:ca:5d:2d:e6:2f:eb:cd:5e:9f:4c:43:bd:76:
ac:22:7b:b8:0f:d5:b4:36:6e:58:83:59:31:a3:0f:12:d6:d6:
e0:4b:3a:8a:65:e7:08:89:09:3b:a4:42:68:67:bc:c0:d6:9f:
27:6b:8f:d2:ff:b1:5a:08:12:96:86:a6:86:5b:9c:34:ea:0a:
45:49:0b:3e:4b:24:56:8b:8d:b6:42:d9:0e:62:60:52:7e:ea:
e0:bd:ca:76:b3:be:9e:44:d7:4f:93:c2:8a:69:81:06:b0:ef:
2a:83:e9:8e:8a:fc:14:e5:60:4c:b7:5f:f4:8a:11:3f:ab:dc:
db:ed:0d:48:81:d0:95:77:dc:57:6c:d4:91:46:a4:bb:91:56:
fd:d6:9e:07:2a:b6:a7:ac:d0:95:93:94:ad:d5:39:29:1d:df:
4e:93:f0:3f:ee:e2:d7:ce:5b:6e:2a:cb:e5:e1:c3:d6:3a:47:
90:23:96:18:94:96:4f:0c:8e:66:7b:63:3e:76:fb:cc:e1:c4:
2d:88:74:9f:c8:df:af:1c:2a:90:8f:0b:27:50:8c:55:99:06:
97:5c:3a:4c:ac:38:42:b1:a3:3c:67:1b:25:13:ec:85:19:14:
24:54:76:fa:42:a9:07:70:c5:13:16:93:48:3f:29:0c:ad:ad:
5c:9b:bf:ba
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEEgKtKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjU4M2Y1OGM3MTEwYWQ0Y2M2MDlmNGZmYjdjYWIyZjgwYzgzNTgxMB4XDTIyMDUx
MTA3Mzc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYzYTk3MjdiZjAy
MDdjNTEwOGUwODA4NWE0MjdhNjBjNzFhMDgyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyNG4Oo/OLB3T1NOfyIOFW/v/VexbsD2GiWyMXdbSFPy/p0
pV89AphyMqeiea4adRygPYuTnHAk23ZiSxLr2ytmBFUvDPHvnhf2hZFvD9DCmn0b
Fg41ONeTtmT2hqvQE/0AE/RUEgHEAlGwEtFVpncS0puyC7nOfKHXhY/o/3xYyk02
EVcx7Upd3sT+8nV4M2WSJWJ4tlDucgP2Otq2PC1vur1iTfMY/rW1OY+BpCyDanZl
UzILP3BQI5gitLvi7oOqrZqEDWLWMCtZGoR5G8qJbelOjwM7pPNWVNHAaxGmBKpF
tuv2zBnExFr99hsogd9ev15I8/5ExtJ76+2Dv4ECAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRfOpcnvwIHxRCOCAhaQnpgxxoIKjAfBgNVHSMEGDAWgBTGWD9YxxEK1Mxg
n0/7fKsvgMg1gTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hsZ19XTWNSQ3RUTVlKOVAtM3lyTDRESU5ZRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvOGQwY2FlLWVjMTMtNDVmYi05YWZjLTNkNTkzZWJlNTIyMC8x
L1h6cVhKNzhDQjhVUWpnZ0lXa0o2WU1jYUNDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
OGQwY2FlLWVjMTMtNDVmYi05YWZjLTNkNTkzZWJlNTIyMC8xL3hsZ19XTWNSQ3RU
TVlKOVAtM3lyTDRESU5ZRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMDAFDKAwMBVDAwCwMDAVkKAwQHWQsA
AwQF1ZGgAwQF1bugAwQF2Q0AMA0EAgACMAcDBQMqBAmAMA0GCSqGSIb3DQEBCwUA
A4IBAQBUa8ReVspdLeYv681en0xDvXasInu4D9W0Nm5Yg1kxow8S1tbgSzqKZecI
iQk7pEJoZ7zA1p8na4/S/7FaCBKWhqaGW5w06gpFSQs+SyRWi422QtkOYmBSfurg
vcp2s76eRNdPk8KKaYEGsO8qg+mOivwU5WBMt1/0ihE/q9zb7Q1IgdCVd9xXbNSR
RqS7kVb91p4HKranrNCVk5St1TkpHd9Ok/A/7uLXzltuKsvl4cPWOkeQI5YYlJZP
DI5me2M+dvvM4cQtiHSfyN+vHCqQjwsnUIxVmQaXXDpMrDhCsaM8ZxslE+yFGRQk
VHb6QqkHcMUTFpNIPykMra1cm7+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:08 2024 by rpki-client on console-ams.rpki-client.org