Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/XTbt-vPTrRg5gIZ9b3cMEaEYLWg.roa
File: XTbt-vPTrRg5gIZ9b3cMEaEYLWg.roa (raw, json)
Hash identifier: Sse7FRTE5BEXzn7xbyWRf0F3IZa81ax27A4jiASrZ2Q=
Subject key identifier: 5D:36:ED:FA:F3:D3:AD:18:39:80:86:7D:6F:77:0C:11:A1:18:2D:68
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 09AFA208
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/XTbt-vPTrRg5gIZ9b3cMEaEYLWg.roa
Signing time: Thu 10 Feb 2022 13:57:06 +0000
ROA not before: Thu 10 Feb 2022 13:57:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12871
IP address blocks: 213.148.224.0/19 maxlen: 19
195.64.64.0/20 maxlen: 20
84.39.0.0/19 maxlen: 19
213.197.0.0/18 maxlen: 18
128.127.32.0/20 maxlen: 20
37.188.64.0/20 maxlen: 20
46.227.232.0/21 maxlen: 21
109.72.32.0/20 maxlen: 20
94.229.48.0/20 maxlen: 20
141.105.0.0/20 maxlen: 20
2001:838::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162505224 (0x9afa208)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Feb 10 13:57:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d36edfaf3d3ad183980867d6f770c11a1182d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9d:51:c8:7c:03:c8:4c:4c:e7:5b:2b:5a:67:
b8:00:e9:c9:b8:a2:67:26:6e:e6:b5:c2:7c:2e:d3:
cf:c6:2c:91:67:75:00:bb:01:f4:5a:db:46:ad:17:
9a:54:03:5f:61:62:da:75:f1:25:7c:4b:75:4b:ab:
36:f5:d7:20:0c:84:0a:10:47:53:0a:bf:10:9e:0a:
f9:ea:da:3d:c7:88:44:d3:ee:4c:28:4e:8c:86:26:
9f:82:38:26:94:99:6e:ad:65:d0:23:c3:f4:0e:d8:
21:fe:6b:f4:52:28:7a:ec:d6:6b:da:48:94:3e:97:
d5:a1:b3:ba:9e:e8:3d:89:e9:40:dc:72:c7:65:39:
7d:8c:e9:e0:c0:93:cb:1e:94:44:d0:3f:b9:ad:ed:
02:97:65:22:7b:cd:9e:e1:e3:10:70:ba:42:9a:1b:
11:cd:98:02:96:05:9f:73:4c:33:a9:83:c0:a9:80:
72:e7:cd:ad:30:fb:1e:ca:ac:37:2b:76:4b:2b:99:
26:ac:29:f8:1c:11:3c:24:eb:bc:52:bf:1a:ee:6c:
f5:12:a0:2c:d9:2a:ea:df:6b:bf:67:a3:82:36:d3:
1e:26:59:4e:42:84:c5:0a:a8:30:a5:d4:15:33:36:
d9:13:ed:58:92:01:81:ce:2b:13:bc:35:b7:cf:b0:
23:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:36:ED:FA:F3:D3:AD:18:39:80:86:7D:6F:77:0C:11:A1:18:2D:68
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/XTbt-vPTrRg5gIZ9b3cMEaEYLWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.188.64.0/20
46.227.232.0/21
84.39.0.0/19
94.229.48.0/20
109.72.32.0/20
128.127.32.0/20
141.105.0.0/20
195.64.64.0/20
213.148.224.0/19
213.197.0.0/18
IPv6:
2001:838::/29
Signature Algorithm: sha256WithRSAEncryption
7f:2e:10:d7:16:96:46:88:89:40:7f:6a:d2:08:5e:aa:24:bb:
ad:c4:f1:74:d4:3d:56:c6:5e:d6:12:31:8d:2e:ad:71:d6:01:
57:1b:78:73:36:af:03:32:20:61:3a:84:26:a9:0a:2e:19:59:
88:9b:da:83:b9:98:63:79:d9:d9:06:68:68:73:83:c2:8b:de:
35:c5:82:b0:9e:c4:e3:6e:d2:51:cf:eb:4c:11:41:48:6c:7e:
d8:94:df:c1:3d:cc:96:6d:6d:da:c6:d5:1e:5e:21:cf:7b:b0:
0f:63:69:a9:5b:aa:45:4d:a0:92:87:9e:46:b3:df:8d:7e:a8:
fb:b7:c9:ff:a5:61:c3:87:a4:9d:a8:56:8a:39:fa:33:f1:d6:
ef:ea:99:59:ee:48:32:f0:06:cd:d7:5e:a3:45:62:98:cb:5f:
a3:bd:33:6a:10:c2:78:2e:49:40:70:fe:d8:6d:cc:15:25:de:
1b:3a:8d:7c:3e:18:a4:7e:4c:ec:a3:42:3c:68:5f:30:28:92:
2f:98:14:59:84:aa:10:c6:66:11:d8:f2:72:d5:d0:cc:7d:b6:
10:07:cf:ab:b4:26:47:e7:32:20:8d:cc:9f:f7:fb:d4:40:f7:
74:1c:f3:cf:f3:7e:64:3a:09:81:9b:99:56:5c:fa:7a:fd:f9:
7a:33:d9:a3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIECa+iCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWVlZDQwOTEzODNkOWVkNDA1NmQ5ZjRlZmY3ZDI2MjJkZGNlMjA1MB4XDTIyMDIx
MDEzNTcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQzNmVkZmFmM2Qz
YWQxODM5ODA4NjdkNmY3NzBjMTFhMTE4MmQ2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANudUch8A8hMTOdbK1pnuADpybiiZyZu5rXCfC7Tz8YskWd1
ALsB9FrbRq0XmlQDX2Fi2nXxJXxLdUurNvXXIAyEChBHUwq/EJ4K+eraPceIRNPu
TChOjIYmn4I4JpSZbq1l0CPD9A7YIf5r9FIoeuzWa9pIlD6X1aGzup7oPYnpQNxy
x2U5fYzp4MCTyx6URNA/ua3tApdlInvNnuHjEHC6QpobEc2YApYFn3NMM6mDwKmA
cufNrTD7HsqsNyt2SyuZJqwp+BwRPCTrvFK/Gu5s9RKgLNkq6t9rv2ejgjbTHiZZ
TkKExQqoMKXUFTM22RPtWJIBgc4rE7w1t8+wI10CAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBRdNu3689OtGDmAhn1vdwwRoRgtaDAfBgNVHSMEGDAWgBSB7tQJE4PZ7UBW
2fTv99JiLdziBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8x
L1hUYnQtdlBUclJnNWdJWjliM2NNRWFFWUxXZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
NGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8xL2dlN1VDUk9EMmUx
QVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEBCW8QAMEAy7j6AMEBVQnAAMEBF7l
MAMEBG1IIAMEBIB/IAMEBI1pAAMEBMNAQAMEBdWU4AMEBtXFADANBAIAAjAHAwUD
IAEIODANBgkqhkiG9w0BAQsFAAOCAQEAfy4Q1xaWRoiJQH9q0gheqiS7rcTxdNQ9
VsZe1hIxjS6tcdYBVxt4czavAzIgYTqEJqkKLhlZiJvag7mYY3nZ2QZoaHODwove
NcWCsJ7E427SUc/rTBFBSGx+2JTfwT3Mlm1t2sbVHl4hz3uwD2NpqVuqRU2gkoee
RrPfjX6o+7fJ/6Vhw4eknahWijn6M/HW7+qZWe5IMvAGzddeo0VimMtfo70zahDC
eC5JQHD+2G3MFSXeGzqNfD4YpH5M7KNCPGhfMCiSL5gUWYSqEMZmEdjyctXQzH22
EAfPq7QmR+cyII3Mn/f71ED3dBzzz/N+ZDoJgZuZVlz6ev35ejPZow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org