Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/xEgcDrIMVNyhk57Hnxcnky4tqbI.roa
File: xEgcDrIMVNyhk57Hnxcnky4tqbI.roa (raw, json)
Hash identifier: qD7rat46BiuwygF9punW7fl8gXIDuLS2ajTBKdWgxwQ=
Subject key identifier: C4:48:1C:0E:B2:0C:54:DC:A1:93:9E:C7:9F:17:27:93:2E:2D:A9:B2
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 074A1A8C
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/xEgcDrIMVNyhk57Hnxcnky4tqbI.roa
Signing time: Thu 03 Feb 2022 09:46:54 +0000
ROA not before: Thu 03 Feb 2022 09:46:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203061
IP address blocks: 5.181.88.0/22 maxlen: 32
176.124.48.0/22 maxlen: 32
95.214.188.0/22 maxlen: 32
92.119.152.0/22 maxlen: 32
185.12.184.0/22 maxlen: 32
170.245.40.0/22 maxlen: 32
85.208.40.0/22 maxlen: 32
171.22.228.0/22 maxlen: 32
95.214.20.0/22 maxlen: 32
168.205.72.0/22 maxlen: 32
78.142.252.0/22 maxlen: 32
5.252.120.0/22 maxlen: 32
194.32.116.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122296972 (0x74a1a8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Feb 3 09:46:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4481c0eb20c54dca1939ec79f1727932e2da9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a6:d9:3d:ba:ca:0f:91:ee:e9:d6:96:5d:8f:
2e:a3:fe:bd:69:9d:0c:49:69:18:fa:fa:9f:f3:b5:
77:56:f2:88:72:b8:e5:12:c2:77:6e:e5:f7:04:76:
4a:8d:47:7c:90:73:0f:e3:44:64:e9:9b:fa:2d:f0:
2d:c1:4c:ca:cf:7e:5d:39:a4:c1:8e:c7:89:23:2a:
8f:ab:dc:6e:e2:37:e8:7d:bc:80:ae:f6:60:94:4e:
13:a1:0e:3d:50:f9:b7:55:fc:33:ad:f4:3d:12:47:
74:bf:d5:ee:6e:02:ff:34:76:c7:c1:0a:05:d9:2b:
b9:4f:4a:51:81:2c:9b:99:1b:50:b5:b5:fb:06:00:
a8:b6:3c:e0:9c:8c:82:93:4b:cf:04:fd:ef:8a:c5:
77:be:d1:8f:95:8b:dd:fe:90:52:30:3a:a2:ab:75:
26:06:4d:73:ce:66:91:b4:22:7c:80:b3:1c:40:db:
70:9a:b3:17:e4:10:39:61:3c:e6:cb:ee:d2:8f:c9:
5e:42:ad:2f:b6:e6:5e:a9:eb:8e:7c:76:db:53:f6:
99:76:78:c8:e7:b6:73:96:d9:e1:d3:82:60:e2:5f:
c8:51:76:97:cd:34:bc:c3:d5:eb:5e:c9:00:0d:2a:
a6:3a:3a:e4:04:db:01:a8:28:d9:f4:ec:47:0e:ee:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:48:1C:0E:B2:0C:54:DC:A1:93:9E:C7:9F:17:27:93:2E:2D:A9:B2
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/xEgcDrIMVNyhk57Hnxcnky4tqbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.88.0/22
5.252.120.0/22
78.142.252.0/22
85.208.40.0/22
92.119.152.0/22
95.214.20.0/22
95.214.188.0/22
168.205.72.0/22
170.245.40.0/22
171.22.228.0/22
176.124.48.0/22
185.12.184.0/22
194.32.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:bc:9c:06:65:5f:5b:34:67:a8:08:16:2a:e3:cb:1e:e0:dd:
20:22:a8:2a:f5:eb:6a:9e:bc:94:bf:ce:f6:aa:6b:37:bb:df:
e9:9a:c1:95:08:5c:4a:36:86:5d:81:03:db:4b:d3:6e:5b:12:
48:f9:37:a1:9b:b1:c2:79:5e:a7:79:61:88:84:a2:f4:b6:a0:
a2:ac:19:eb:a6:81:1c:9c:c3:ab:83:47:13:fe:b7:23:40:3b:
a5:ee:37:88:03:60:e8:e4:9f:25:da:21:94:95:8d:6b:2f:19:
6e:39:6f:89:1a:4c:94:5b:fb:82:fe:6f:43:67:28:1d:f0:31:
d3:4f:19:b3:8c:62:8d:d9:1c:5a:0d:ce:bf:63:49:09:b3:43:
4e:7b:f4:49:67:b3:24:31:bf:3c:5e:3a:c8:40:57:c4:01:9b:
d3:66:f0:f1:00:1c:35:eb:2f:a4:2f:1a:0b:e3:f4:b9:29:00:
22:e6:f8:22:ea:15:06:8a:f1:46:7c:04:f8:7d:55:80:1b:39:
11:ff:e1:05:8e:88:33:2d:89:a3:17:a3:48:1d:43:f4:d7:5c:
b8:8d:28:de:86:71:d3:50:cf:e1:66:d6:f0:6d:f2:a4:c8:69:
a3:d8:a4:f3:33:a5:5e:d3:b8:86:9f:77:87:23:d4:d6:62:25:
5f:e5:87:7a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEB0oajDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzAzYTJjYWYyOTgwMTlmYmQ2Njg2MjE1MTZjOGM2ZTFkMTBlODNjMB4XDTIyMDIw
MzA5NDY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ0ODFjMGViMjBj
NTRkY2ExOTM5ZWM3OWYxNzI3OTMyZTJkYTliMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGm2T26yg+R7unWll2PLqP+vWmdDElpGPr6n/O1d1byiHK4
5RLCd27l9wR2So1HfJBzD+NEZOmb+i3wLcFMys9+XTmkwY7HiSMqj6vcbuI36H28
gK72YJROE6EOPVD5t1X8M630PRJHdL/V7m4C/zR2x8EKBdkruU9KUYEsm5kbULW1
+wYAqLY84JyMgpNLzwT974rFd77Rj5WL3f6QUjA6oqt1JgZNc85mkbQifICzHEDb
cJqzF+QQOWE85svu0o/JXkKtL7bmXqnrjnx221P2mXZ4yOe2c5bZ4dOCYOJfyFF2
l800vMPV617JAA0qpjo65ATbAago2fTsRw7uz20CAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBTESBwOsgxU3KGTnsefFyeTLi2psjAfBgNVHSMEGDAWgBRsA6LK8pgBn71m
hiFRbIxuHRDoPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JBT2l5dktZQVotOVpvWWhVV3lNYmgwUTZEdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvMTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8x
L3hFZ2NEcklNVk55aGs1N0hueGNua3k0dHFiSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
MTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8xL2JBT2l5dktZQVot
OVpvWWhVV3lNYmgwUTZEdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAgW1WAMEAgX8eAMEAk6O/AMEAlXQ
KAMEAlx3mAMEAl/WFAMEAl/WvAMEAqjNSAMEAqr1KAMEAqsW5AMEArB8MAMEArkM
uAMEAsIgdDANBgkqhkiG9w0BAQsFAAOCAQEAXbycBmVfWzRnqAgWKuPLHuDdICKo
KvXrap68lL/O9qprN7vf6ZrBlQhcSjaGXYED20vTblsSSPk3oZuxwnlep3lhiISi
9LagoqwZ66aBHJzDq4NHE/63I0A7pe43iANg6OSfJdohlJWNay8ZbjlviRpMlFv7
gv5vQ2coHfAx008Zs4xijdkcWg3Ov2NJCbNDTnv0SWezJDG/PF46yEBXxAGb02bw
8QAcNesvpC8aC+P0uSkAIub4IuoVBorxRnwE+H1VgBs5Ef/hBY6IMy2JoxejSB1D
9NdcuI0o3oZx01DP4WbW8G3ypMhpo9ik8zOlXtO4hp93hyPU1mIlX+WHeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org