Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/eejcGJx89cqSnX-0Tdswl11-fTE.roa
File: eejcGJx89cqSnX-0Tdswl11-fTE.roa (raw, json)
Hash identifier: 9YhGUbzm9fCCe36VR28EXXPYeVNqeo0sYHJAPi6GAC0=
Subject key identifier: 79:E8:DC:18:9C:7C:F5:CA:92:9D:7F:B4:4D:DB:30:97:5D:7E:7D:31
Certificate issuer: /CN=b20663583a8189cbeaac88d438767997b1125549
Certificate serial: 0590EBAD
Authority key identifier: B2:06:63:58:3A:81:89:CB:EA:AC:88:D4:38:76:79:97:B1:12:55:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/eejcGJx89cqSnX-0Tdswl11-fTE.roa
Signing time: Sat 01 Jan 2022 14:55:26 +0000
ROA not before: Sat 01 Jan 2022 14:55:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29438
IP address blocks: 185.112.212.0/22 maxlen: 22
213.225.192.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93383597 (0x590ebad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b20663583a8189cbeaac88d438767997b1125549
Validity
Not Before: Jan 1 14:55:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79e8dc189c7cf5ca929d7fb44ddb30975d7e7d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:38:3f:1f:88:64:7f:9e:ef:35:12:6f:15:ce:
fc:f2:af:06:3d:1c:d2:70:cc:05:17:8d:98:7a:8f:
7e:87:86:98:53:27:37:bd:42:23:f6:50:3a:28:6e:
8e:0b:14:8b:91:71:da:a5:f0:86:79:8a:e0:ca:79:
5f:13:99:55:a1:1c:14:89:fc:e6:6e:53:9c:58:ac:
f0:22:b8:c9:67:88:9e:47:ea:cf:e3:aa:0a:ee:fd:
9b:8a:92:d1:46:5f:f7:ec:46:5b:cd:39:7a:95:da:
fa:20:50:5e:b6:ed:45:3f:68:2c:b0:96:95:b6:d9:
91:bd:1c:69:5b:9e:a6:ce:67:87:a2:f4:6d:3c:2f:
20:b0:0b:9d:17:ad:25:ae:b9:50:19:09:2c:62:1d:
4b:4e:b5:de:7f:dc:af:8e:50:67:85:17:34:58:1d:
3e:e0:72:cd:f4:94:ec:32:45:d6:62:71:aa:f7:3b:
6d:a0:23:05:57:04:a4:91:4c:2b:15:27:bb:5d:30:
ac:a2:58:a4:79:c3:be:82:d7:fa:39:c0:2b:da:ce:
40:af:f5:a0:f3:4f:ca:b7:37:de:d3:64:61:fd:34:
0c:4c:ca:1b:95:45:df:4d:1a:bb:78:01:2e:98:0a:
a7:5d:4f:0d:64:31:d6:35:b0:70:57:99:71:0c:68:
28:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E8:DC:18:9C:7C:F5:CA:92:9D:7F:B4:4D:DB:30:97:5D:7E:7D:31
X509v3 Authority Key Identifier:
keyid:B2:06:63:58:3A:81:89:CB:EA:AC:88:D4:38:76:79:97:B1:12:55:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgZjWDqBicvqrIjUOHZ5l7ESVUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/eejcGJx89cqSnX-0Tdswl11-fTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef6f1a-6dfc-494e-b85d-d18773e7bc47/1/sgZjWDqBicvqrIjUOHZ5l7ESVUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.212.0/22
213.225.192.0/19
Signature Algorithm: sha256WithRSAEncryption
72:1f:96:42:0c:37:21:e4:6a:5b:e9:28:c0:89:60:8d:51:7d:
80:98:30:a6:59:7f:72:04:52:af:8a:af:f7:aa:67:0a:04:96:
b2:3b:2d:24:56:59:f9:a5:67:97:7c:87:a7:e0:35:10:7e:28:
a1:50:f6:42:43:72:59:4e:00:53:57:1f:9e:81:f1:9a:12:96:
89:7f:6d:85:26:6c:53:3d:f6:63:f1:8f:f6:22:4b:83:ed:ae:
7a:f0:8a:7a:ac:b8:02:a0:6a:cb:1d:fd:e1:d7:43:d9:dc:38:
27:f7:3d:ee:5d:84:7d:76:16:1b:1a:fc:04:d6:a1:32:30:c4:
7e:02:6e:33:f3:7c:cb:ad:d9:77:39:bc:5f:32:71:ac:f9:cc:
bd:01:03:ff:fc:c6:ec:f9:2c:86:c3:1c:6a:14:ce:1d:db:63:
a2:3c:48:2b:60:a8:3a:37:a3:66:df:b8:8d:9f:09:23:2b:6d:
5a:77:e4:45:a0:e9:ef:2c:75:ac:96:e8:d3:80:b0:11:66:63:
86:3d:6f:84:d0:cf:c2:6c:9e:f7:c2:c2:03:e9:12:19:f4:cf:
38:69:05:9d:ec:e2:58:41:43:4e:a5:03:b1:cd:72:6c:40:2f:
ec:51:fa:f4:39:2c:0f:29:4b:8e:8e:5f:0c:e8:fb:41:6d:f6:
8d:d3:42:a6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBZDrrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjA2NjM1ODNhODE4OWNiZWFhYzg4ZDQzODc2Nzk5N2IxMTI1NTQ5MB4XDTIyMDEw
MTE0NTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzllOGRjMTg5Yzdj
ZjVjYTkyOWQ3ZmI0NGRkYjMwOTc1ZDdlN2QzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPY4Px+IZH+e7zUSbxXO/PKvBj0c0nDMBReNmHqPfoeGmFMn
N71CI/ZQOihujgsUi5Fx2qXwhnmK4Mp5XxOZVaEcFIn85m5TnFis8CK4yWeInkfq
z+OqCu79m4qS0UZf9+xGW805epXa+iBQXrbtRT9oLLCWlbbZkb0caVueps5nh6L0
bTwvILALnRetJa65UBkJLGIdS0613n/cr45QZ4UXNFgdPuByzfSU7DJF1mJxqvc7
baAjBVcEpJFMKxUnu10wrKJYpHnDvoLX+jnAK9rOQK/1oPNPyrc33tNkYf00DEzK
G5VF300au3gBLpgKp11PDWQx1jWwcFeZcQxoKJUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR56NwYnHz1ypKdf7RN2zCXXX59MTAfBgNVHSMEGDAWgBSyBmNYOoGJy+qs
iNQ4dnmXsRJVSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NnWmpXRHFCaWN2cXJJalVPSFo1bDdFU1ZVay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvZWY2ZjFhLTZkZmMtNDk0ZS1iODVkLWQxODc3M2U3YmM0Ny8x
L2VlamNHSng4OWNxU25YLTBUZHN3bDExLWZURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
ZWY2ZjFhLTZkZmMtNDk0ZS1iODVkLWQxODc3M2U3YmM0Ny8xL3NnWmpXRHFCaWN2
cXJJalVPSFo1bDdFU1ZVay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlw1AMEBdXhwDANBgkqhkiG9w0B
AQsFAAOCAQEAch+WQgw3IeRqW+kowIlgjVF9gJgwpll/cgRSr4qv96pnCgSWsjst
JFZZ+aVnl3yHp+A1EH4ooVD2QkNyWU4AU1cfnoHxmhKWiX9thSZsUz32Y/GP9iJL
g+2uevCKeqy4AqBqyx394ddD2dw4J/c97l2EfXYWGxr8BNahMjDEfgJuM/N8y63Z
dzm8XzJxrPnMvQED//zG7PkshsMcahTOHdtjojxIK2CoOjejZt+4jZ8JIyttWnfk
RaDp7yx1rJbo04CwEWZjhj1vhNDPwmye98LCA+kSGfTPOGkFneziWEFDTqUDsc1y
bEAv7FH69DksDylLjo5fDOj7QW32jdNCpg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:55 2025 by rpki-client