Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/lZw7_oEZ28kpTgrM_3C-0tSnAhk.roa
File: lZw7_oEZ28kpTgrM_3C-0tSnAhk.roa (raw, json)
Hash identifier: pG07AUCU8KiBmXokupTa06AomLGbdSve9LEefKdEXoY=
Subject key identifier: 95:9C:3B:FE:81:19:DB:C9:29:4E:0A:CC:FF:70:BE:D2:D4:A7:02:19
Certificate issuer: /CN=83286fa6da7d252e7828f84923f55919142b007f
Certificate serial: 16A46E9E
Authority key identifier: 83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/lZw7_oEZ28kpTgrM_3C-0tSnAhk.roa
Signing time: Sat 01 Jan 2022 09:59:50 +0000
ROA not before: Sat 01 Jan 2022 09:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199714
IP address blocks: 185.65.240.0/24 maxlen: 24
185.65.240.0/22 maxlen: 22
185.65.242.0/24 maxlen: 24
2a05:400::/36 maxlen: 36
2a05:400::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 379874974 (0x16a46e9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83286fa6da7d252e7828f84923f55919142b007f
Validity
Not Before: Jan 1 09:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=959c3bfe8119dbc9294e0accff70bed2d4a70219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:78:4c:58:27:31:b7:00:64:84:80:d5:fd:96:
ad:d4:00:b0:27:99:44:96:67:cc:86:72:89:63:a0:
8d:83:5f:ae:29:ee:a7:3f:17:93:fc:e8:3e:45:e2:
eb:96:9f:22:04:69:33:28:62:c0:5f:e0:05:f5:6d:
13:3b:8e:2c:74:56:5f:14:b3:c2:2f:0c:be:45:ae:
c4:0a:44:3d:6d:24:ae:60:8c:ed:6f:f3:a7:e9:a8:
d2:cb:9f:31:a4:0d:0d:e5:a1:7f:34:2f:21:94:f2:
f1:c9:4e:9b:b7:68:89:f8:0b:c6:8a:49:a0:99:2a:
a2:e4:8f:3e:03:86:15:17:e9:ce:a8:63:4d:d5:a1:
ac:6c:3e:c8:4f:8e:b2:4d:81:dd:17:17:fd:6e:7c:
9e:fe:00:00:6e:0e:65:25:63:b5:70:2b:b9:03:f7:
65:e4:99:1a:21:ff:f4:08:1c:33:70:b7:72:2c:ae:
28:b6:30:4a:a0:ba:20:13:da:92:d3:c9:fd:f1:02:
37:ff:87:0d:88:37:89:5c:ba:83:16:c1:1c:d8:62:
72:71:a3:c1:51:2c:26:a5:14:9d:59:b0:31:29:a5:
65:49:bb:00:7d:1e:23:3e:03:9a:74:36:56:09:00:
ef:79:42:96:b6:37:b6:07:00:ea:04:82:ec:3b:1e:
f1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9C:3B:FE:81:19:DB:C9:29:4E:0A:CC:FF:70:BE:D2:D4:A7:02:19
X509v3 Authority Key Identifier:
keyid:83:28:6F:A6:DA:7D:25:2E:78:28:F8:49:23:F5:59:19:14:2B:00:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyhvptp9JS54KPhJI_VZGRQrAH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/lZw7_oEZ28kpTgrM_3C-0tSnAhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec583d-1aba-4798-8817-d6c9c6e86923/1/gyhvptp9JS54KPhJI_VZGRQrAH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.240.0/22
IPv6:
2a05:400::/29
Signature Algorithm: sha256WithRSAEncryption
8b:63:91:de:3f:4b:a8:42:bc:75:28:aa:94:b7:92:52:09:16:
96:ce:00:49:68:57:1a:01:d9:e0:77:92:82:f0:c7:7e:1c:b4:
90:91:59:39:35:89:a8:e1:23:be:06:e2:e7:a1:8b:08:67:be:
b3:9e:5f:53:f8:43:a6:42:d4:d0:c1:60:52:a2:e0:57:1f:7a:
3c:49:c4:81:80:48:ab:9c:4f:34:72:50:eb:5c:74:b9:1d:f3:
87:1f:65:ac:9a:71:1a:ae:fa:a4:86:20:be:b6:83:8b:29:e2:
a8:19:8c:17:d7:9a:11:91:be:6c:06:7e:ed:a7:5c:0f:37:43:
f4:09:77:8f:5d:ae:ec:0d:3d:bb:8c:31:1b:c1:ce:ba:5a:cf:
43:83:21:06:42:14:f3:8f:f7:d9:b1:a5:5f:8a:29:60:6b:83:
8a:60:d0:53:41:03:8a:7d:9b:98:a1:53:ed:d9:24:b6:77:56:
7a:5f:b8:ae:09:02:16:38:d4:b7:45:e7:13:d2:67:b6:b8:eb:
51:4e:c0:a0:4a:67:80:71:fa:05:83:d4:29:f1:af:e9:dc:51:
4e:47:51:49:99:92:17:da:78:b2:b5:a3:2a:e2:cc:73:eb:7d:
a9:9c:94:59:df:87:ec:cf:b8:9a:58:4f:a7:ca:87:70:38:9a:
b1:4e:fd:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFqRunjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzI4NmZhNmRhN2QyNTJlNzgyOGY4NDkyM2Y1NTkxOTE0MmIwMDdmMB4XDTIyMDEw
MTA5NTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU5YzNiZmU4MTE5
ZGJjOTI5NGUwYWNjZmY3MGJlZDJkNGE3MDIxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMh4TFgnMbcAZISA1f2WrdQAsCeZRJZnzIZyiWOgjYNfrinu
pz8Xk/zoPkXi65afIgRpMyhiwF/gBfVtEzuOLHRWXxSzwi8MvkWuxApEPW0krmCM
7W/zp+mo0sufMaQNDeWhfzQvIZTy8clOm7doifgLxopJoJkqouSPPgOGFRfpzqhj
TdWhrGw+yE+Osk2B3RcX/W58nv4AAG4OZSVjtXAruQP3ZeSZGiH/9AgcM3C3ciyu
KLYwSqC6IBPaktPJ/fECN/+HDYg3iVy6gxbBHNhicnGjwVEsJqUUnVmwMSmlZUm7
AH0eIz4DmnQ2VgkA73lClrY3tgcA6gSC7Dse8TcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSVnDv+gRnbySlOCsz/cL7S1KcCGTAfBgNVHSMEGDAWgBSDKG+m2n0lLngo
+Ekj9VkZFCsAfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d5aHZwdHA5SlM1NEtQaEpJX1ZaR1JRckFIOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZWM1ODNkLTFhYmEtNDc5OC04ODE3LWQ2YzljNmU4NjkyMy8x
L2xadzdfb0VaMjhrcFRnck1fM0MtMHRTbkFoay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZWM1ODNkLTFhYmEtNDc5OC04ODE3LWQ2YzljNmU4NjkyMy8xL2d5aHZwdHA5SlM1
NEtQaEpJX1ZaR1JRckFIOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlB8DANBAIAAjAHAwUDKgUEADAN
BgkqhkiG9w0BAQsFAAOCAQEAi2OR3j9LqEK8dSiqlLeSUgkWls4ASWhXGgHZ4HeS
gvDHfhy0kJFZOTWJqOEjvgbi56GLCGe+s55fU/hDpkLU0MFgUqLgVx96PEnEgYBI
q5xPNHJQ61x0uR3zhx9lrJpxGq76pIYgvraDiyniqBmMF9eaEZG+bAZ+7adcDzdD
9Al3j12u7A09u4wxG8HOulrPQ4MhBkIU84/32bGlX4opYGuDimDQU0EDin2bmKFT
7dkktndWel+4rgkCFjjUt0XnE9JntrjrUU7AoEpngHH6BYPUKfGv6dxRTkdRSZmS
F9p4srWjKuLMc+t9qZyUWd+H7M+4mlhPp8qHcDiasU793g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:56 2024 by rpki-client on console-fra.rpki-client.org