Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xuWlWPMzG3LFyVXSbCtXwJj8myU.roa
File: xuWlWPMzG3LFyVXSbCtXwJj8myU.roa (raw, json)
Hash identifier: W9Gckwfg3O7uWIt1uJRPdPKjgQXgFyi9+omo/ULQVJ4=
Subject key identifier: C6:E5:A5:58:F3:33:1B:72:C5:C9:55:D2:6C:2B:57:C0:98:FC:9B:25
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01820F6C95791C7167F81F1C2718BB803E3D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xuWlWPMzG3LFyVXSbCtXwJj8myU.roa
Signing time: Mon 18 Jul 2022 03:49:10 +0000
ROA not before: Mon 18 Jul 2022 03:49:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204084
IP address blocks: 185.102.137.0/24 maxlen: 24
2a0b:e9c0::/29 maxlen: 29
2a0f:3380::/29 maxlen: 29
2a03:f7c0::/29 maxlen: 29
2a0c:f640::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:5580::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0c:5d00::/29 maxlen: 29
2a0f:a500::/29 maxlen: 29
2a0f:7100::/29 maxlen: 29
2a07:4a00::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
2a0b:a300::/29 maxlen: 29
2a0f:a700::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:7300::/29 maxlen: 29
2a0b:d900::/29 maxlen: 29
2a0c:5c0::/29 maxlen: 29
2a0f:4580::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:4680::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0d:2cc0::/29 maxlen: 29
2a06:ddc0::/29 maxlen: 29
2a0c:65c0::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:0f:6c:95:79:1c:71:67:f8:1f:1c:27:18:bb:80:3e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 18 03:49:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6e5a558f3331b72c5c955d26c2b57c098fc9b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ce:ec:e1:70:d0:3e:94:b6:05:c4:eb:79:50:
b6:d7:9d:b4:3f:ed:4c:c8:72:86:25:7a:b5:d3:2f:
11:70:9a:8a:ab:94:b7:16:87:c9:b9:19:c8:81:ae:
0c:c0:12:eb:d4:c7:9c:2e:8e:06:fe:39:50:25:65:
83:74:5c:23:4b:90:7f:cd:d8:50:77:af:ef:73:73:
0d:1f:7a:09:cb:22:7b:00:34:ae:22:8a:49:51:a9:
65:ce:1b:18:e7:1a:45:c3:c3:46:f8:10:17:5d:85:
f3:f4:29:3d:76:ca:c5:47:3f:8a:71:47:03:a5:d0:
ed:d7:97:ee:6b:cd:e8:80:e5:63:a9:a9:af:f2:e8:
49:94:fa:86:28:7d:6b:9e:9e:53:1c:d3:0e:05:c0:
bd:c6:f4:ea:b6:ce:fb:e1:6f:aa:7b:ab:86:e3:7e:
cf:e4:19:83:90:15:ee:e2:73:92:64:57:2e:27:75:
4f:29:70:97:96:54:21:42:3a:60:f1:3e:ee:89:0e:
e9:f0:89:cb:ff:f0:b6:c0:45:a9:b1:08:e3:6f:65:
13:a5:2f:69:94:0c:14:34:a6:f6:7a:76:6c:f3:6b:
1f:43:79:fa:1e:73:d0:1a:57:d5:af:ff:fd:93:d2:
a1:ad:3b:dc:c8:d3:70:c9:33:e6:f9:26:9a:f2:1d:
e4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E5:A5:58:F3:33:1B:72:C5:C9:55:D2:6C:2B:57:C0:98:FC:9B:25
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xuWlWPMzG3LFyVXSbCtXwJj8myU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.137.0/24
IPv6:
2a03:f7c0::/29
2a06:ddc0::/29
2a07:4a00::/29
2a0b:8040::/29
2a0b:9800::/29
2a0b:a300::/29
2a0b:d900::/29
2a0b:e9c0::/29
2a0c:5c0::/29
2a0c:5d00::/29
2a0c:65c0::/29
2a0c:6980::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0c:f640::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:5580::/29
2a0f:7100::/29
2a0f:7300::/29
2a0f:a500::/29
2a0f:a700::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
4b:09:84:8d:46:ed:6c:a4:49:b2:d2:47:12:b5:3f:e2:ef:39:
d4:00:68:42:c6:7a:79:95:19:54:0e:5a:89:64:2c:fc:50:11:
bc:e1:c5:87:2f:c0:a7:d7:08:31:57:22:85:7e:d9:44:16:6a:
2b:38:3e:28:be:a1:fb:62:11:25:d8:1a:22:f3:d7:34:b4:0a:
d7:13:57:61:ba:5c:b5:e1:67:39:55:c2:84:e6:f0:29:ba:27:
f3:e0:42:2d:b1:aa:75:ad:15:92:87:35:0f:01:c9:6d:54:6e:
75:2d:b4:b3:fb:be:d0:32:b2:5c:e3:9e:fe:a8:8a:a2:38:47:
d2:3e:79:7b:de:7b:bc:f7:2f:b3:65:60:a8:d6:d9:c7:44:67:
1d:59:e0:14:c1:2f:87:36:62:31:cb:56:a3:10:64:69:a6:d7:
e7:c9:cd:63:44:ab:bc:e9:5b:94:20:2c:93:3b:fc:8d:7a:51:
f3:9e:78:df:85:50:16:f3:58:4b:31:c4:bd:2d:ae:7f:75:7c:
54:c2:4a:6e:8d:2c:ed:c4:b9:f0:6b:8a:25:50:dc:22:4c:9a:
75:5a:75:ca:7b:92:59:d4:5a:ae:8f:27:f1:65:9c:c5:73:65:
68:26:29:f1:63:5c:d7:72:8d:36:bc:b0:58:7b:7c:24:ea:50:
ab:ad:cc:ca
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYIPbJV5HHFn+B8cJxi7gD49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwNzE4MDM0OTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmU1YTU1OGYzMzMxYjcyYzVjOTU1ZDI2YzJiNTdjMDk4ZmM5YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM7s4XDQPpS2BcTreVC21520P+1M
yHKGJXq10y8RcJqKq5S3FofJuRnIga4MwBLr1MecLo4G/jlQJWWDdFwjS5B/zdhQ
d6/vc3MNH3oJyyJ7ADSuIopJUallzhsY5xpFw8NG+BAXXYXz9Ck9dsrFRz+KcUcD
pdDt15fua83ogOVjqamv8uhJlPqGKH1rnp5THNMOBcC9xvTqts774W+qe6uG437P
5BmDkBXu4nOSZFcuJ3VPKXCXllQhQjpg8T7uiQ7p8InL//C2wEWpsQjjb2UTpS9p
lAwUNKb2enZs82sfQ3n6HnPQGlfVr//9k9KhrTvcyNNwyTPm+Saa8h3kIwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFMblpVjzMxtyxclV0mwrV8CY/JslMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveHVXbFdQTXpHM0xGeVZYU2JDdFh3Smo4bXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zAMBAIAATAGAwQAuWaJ
MIHSBAIAAjCBywMFAyoD98ADBQMqBt3AAwUDKgdKAAMFAyoLgEADBQMqC5gAAwUD
KgujAAMFAyoL2QADBQMqC+nAAwUDKgwFwAMFAyoMXQADBQMqDGXAAwUDKgxpgAMF
AyoMdEADBQMqDHTAAwUDKgx1QAMFAyoM9kADBQMqDSzAAwUDKg2IwAMFAyoPEYAD
BQMqDyOAAwUDKg8zgAMFAyoPRYADBQMqD0aAAwUDKg9VgAMFAyoPcQADBQMqD3MA
AwUDKg+lAAMFAyoPpwADBQMqD8eAMA0GCSqGSIb3DQEBCwUAA4IBAQBLCYSNRu1s
pEmy0kcStT/i7znUAGhCxnp5lRlUDlqJZCz8UBG84cWHL8Cn1wgxVyKFftlEFmor
OD4ovqH7YhEl2Boi89c0tArXE1dhuly14Wc5VcKE5vApuifz4EItsap1rRWShzUP
AcltVG51LbSz+77QMrJc457+qIqiOEfSPnl73nu89y+zZWCo1tnHRGcdWeAUwS+H
NmIxy1ajEGRpptfnyc1jRKu86VuUICyTO/yNelHznnjfhVAW81hLMcS9La5/dXxU
wkpujSztxLnwa4olUNwiTJp1WnXKe5JZ1FqujyfxZZzFc2VoJinxY1zXco02vLBY
e3wk6lCrrczK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org