Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/dxBgpE8it2UqccLs9nm2lhftXGI.roa
File: dxBgpE8it2UqccLs9nm2lhftXGI.roa (raw, json)
Hash identifier: H3e7uZdLn0fH8CZVNwA9C6kca1cz7s64bTNVZi9RvEk=
Subject key identifier: 77:10:60:A4:4F:22:B7:65:2A:71:C2:EC:F6:79:B6:96:17:ED:5C:62
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 034A662C
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/dxBgpE8it2UqccLs9nm2lhftXGI.roa
Signing time: Wed 23 Feb 2022 09:12:13 +0000
ROA not before: Wed 23 Feb 2022 09:12:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204348
IP address blocks: 185.252.112.0/24 maxlen: 24
185.252.115.0/24 maxlen: 24
185.252.113.0/24 maxlen: 24
185.252.114.0/24 maxlen: 24
5.183.88.0/24 maxlen: 24
5.183.89.0/24 maxlen: 24
5.183.91.0/24 maxlen: 24
5.183.90.0/24 maxlen: 24
185.249.255.0/24 maxlen: 24
2a0e:e7c3::/32 maxlen: 32
2a04:b800::/32 maxlen: 32
2a04:b802::/32 maxlen: 32
2a0e:e7c1::/32 maxlen: 32
2a04:b806::/32 maxlen: 32
2a0e:e7c4::/32 maxlen: 32
2a04:b804::/32 maxlen: 32
2a0e:e7c7::/32 maxlen: 32
2a04:b803::/32 maxlen: 32
2a0e:e7c0::/32 maxlen: 32
2a04:b805::/32 maxlen: 32
2a10:a6c0::/29 maxlen: 29
2a0e:e7c6::/32 maxlen: 32
2a0e:e7c5::/32 maxlen: 32
2a0e:e7c2::/32 maxlen: 32
2a04:b807::/32 maxlen: 32
2a04:b801::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55207468 (0x34a662c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Feb 23 09:12:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=771060a44f22b7652a71c2ecf679b69617ed5c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:48:57:cb:76:aa:32:69:fa:de:6b:40:4e:89:
b3:c3:5a:56:6e:8f:1b:b6:fa:82:64:77:35:a1:89:
6e:95:a2:4e:0d:ee:6a:44:20:7a:01:80:e3:79:d3:
59:58:99:8e:0f:4f:a8:09:80:86:26:26:9a:ac:cf:
08:93:40:2f:70:df:2f:ef:ff:a0:52:cf:37:5c:18:
29:0c:b7:56:78:34:52:69:a2:69:08:4f:d7:40:fb:
bf:8b:ea:63:c5:2d:81:72:ac:2f:59:9b:70:96:88:
07:65:65:a2:f4:b5:04:78:51:4f:29:bf:8a:c5:31:
d3:61:63:30:e8:e2:a5:b5:cf:e2:34:78:02:2f:6b:
46:e1:ea:e6:78:9c:e5:d2:68:10:3f:6f:e9:1a:ea:
bf:1d:80:83:30:74:57:cf:1a:48:17:26:59:ec:3e:
a2:a4:2a:ea:bb:52:1a:ec:50:31:fa:f4:bb:78:83:
fb:aa:1b:43:86:98:37:9a:81:37:79:50:ee:e6:eb:
5d:88:69:6e:04:b2:96:75:a8:b3:df:03:90:7f:cb:
d4:e4:d8:37:a7:c1:5a:9b:49:9e:81:bc:a2:b1:a4:
49:c9:71:e2:67:45:06:88:46:ff:ed:fc:26:c2:08:
5f:00:c6:50:31:ff:43:7d:22:1b:00:d5:6d:02:fd:
d6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:10:60:A4:4F:22:B7:65:2A:71:C2:EC:F6:79:B6:96:17:ED:5C:62
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/dxBgpE8it2UqccLs9nm2lhftXGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.88.0/22
185.249.255.0/24
185.252.112.0/22
IPv6:
2a04:b800::/29
2a0e:e7c0::/29
2a10:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:98:3d:8b:96:31:c3:c7:fc:26:d9:fa:d7:a5:1b:1f:76:c5:
0c:9f:3a:60:f9:b8:8d:77:a1:12:bb:b3:55:43:53:81:da:06:
a0:ff:ff:b6:03:80:32:4f:68:31:3e:2d:1c:1a:cc:ac:df:b2:
f3:a8:58:3c:79:d3:4a:35:db:9c:0b:26:c6:49:a8:6b:27:2e:
99:cc:ec:1d:d5:41:55:43:4a:51:d6:67:5e:79:e5:be:79:44:
3e:1d:03:3c:a0:67:7b:fd:37:5b:23:c4:62:45:78:81:68:f7:
22:49:42:95:bc:d7:05:6b:c5:dc:af:be:75:f4:ab:e4:d1:44:
45:7d:9c:6e:55:8d:3c:7a:14:cd:f1:fe:88:f5:fa:f4:08:56:
52:de:db:3a:c5:5a:56:a7:cd:af:fc:d9:4b:b0:69:f2:6e:cd:
ec:a5:6b:af:57:fc:b9:84:7d:a1:d4:3e:10:f0:93:dd:a4:79:
9c:25:63:fb:19:8f:ca:2b:01:47:75:27:8c:01:e7:97:fc:d5:
23:cc:90:6d:52:f9:18:de:7b:84:b1:f3:5a:06:73:46:ec:11:
48:15:16:76:e9:ef:94:a7:ff:de:d4:ff:43:86:48:65:d2:2b:
08:69:73:47:39:19:15:1f:6a:ee:79:de:73:d6:6e:04:02:e8:
a0:46:f0:4b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEA0pmLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGIyMmVlYTRhNGEzYjgxNjU0YTIyN2VkYTk0ZTBlNzU5MzdiMDE1MB4XDTIyMDIy
MzA5MTIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzcxMDYwYTQ0ZjIy
Yjc2NTJhNzFjMmVjZjY3OWI2OTYxN2VkNWM2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFIV8t2qjJp+t5rQE6Js8NaVm6PG7b6gmR3NaGJbpWiTg3u
akQgegGA43nTWViZjg9PqAmAhiYmmqzPCJNAL3DfL+//oFLPN1wYKQy3Vng0Ummi
aQhP10D7v4vqY8UtgXKsL1mbcJaIB2VlovS1BHhRTym/isUx02FjMOjipbXP4jR4
Ai9rRuHq5nic5dJoED9v6Rrqvx2AgzB0V88aSBcmWew+oqQq6rtSGuxQMfr0u3iD
+6obQ4aYN5qBN3lQ7ubrXYhpbgSylnWos98DkH/L1OTYN6fBWptJnoG8orGkSclx
4mdFBohG/+38JsIIXwDGUDH/Q30iGwDVbQL91psCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBR3EGCkTyK3ZSpxwuz2ebaWF+1cYjAfBgNVHSMEGDAWgBRosi7qSko7gWVK
In7alODnWTewFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMSXU2a3BLTzRGbFNpSi0ycFRnNTFrM3NCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8x
L2R4QmdwRThpdDJVcWNjTHM5bm0ybGhmdFhHSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8xL2FMSXU2a3BLTzRG
bFNpSi0ycFRnNTFrM3NCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwGAQCAAEwEgMEAgW3WAMEALn5/wMEArn8cDAbBAIA
AjAVAwUDKgS4AAMFAyoO58ADBQMqEKbAMA0GCSqGSIb3DQEBCwUAA4IBAQBHmD2L
ljHDx/wm2frXpRsfdsUMnzpg+biNd6ESu7NVQ1OB2gag//+2A4AyT2gxPi0cGsys
37LzqFg8edNKNducCybGSahrJy6ZzOwd1UFVQ0pR1mdeeeW+eUQ+HQM8oGd7/Tdb
I8RiRXiBaPciSUKVvNcFa8Xcr7519Kvk0URFfZxuVY08ehTN8f6I9fr0CFZS3ts6
xVpWp82v/NlLsGnybs3spWuvV/y5hH2h1D4Q8JPdpHmcJWP7GY/KKwFHdSeMAeeX
/NUjzJBtUvkY3nuEsfNaBnNG7BFIFRZ26e+Up//e1P9Dhkhl0isIaXNHORkVH2ru
ed5z1m4EAuigRvBL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:06 2025 by rpki-client