Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/XrzTKuW90oODC-MsGq5IZKm2Xf4.roa
File: XrzTKuW90oODC-MsGq5IZKm2Xf4.roa (raw, json)
Hash identifier: mId/V/HXUbZzLZ7YiAq1zgQ1h6JYF6FDlXiceu+GZaM=
Subject key identifier: 5E:BC:D3:2A:E5:BD:D2:83:83:0B:E3:2C:1A:AE:48:64:A9:B6:5D:FE
Certificate issuer: /CN=227e9581a69acf8119320e1379857a513bd238db
Certificate serial: 0185710BE09745B551EE718FBAD6FFAD05CB
Authority key identifier: 22:7E:95:81:A6:9A:CF:81:19:32:0E:13:79:85:7A:51:3B:D2:38:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/In6Vgaaaz4EZMg4TeYV6UTvSONs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/XrzTKuW90oODC-MsGq5IZKm2Xf4.roa
Signing time: Mon 02 Jan 2023 05:54:41 +0000
ROA not before: Mon 02 Jan 2023 05:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199324
IP address blocks: 185.187.40.0/22 maxlen: 24
185.21.24.0/22 maxlen: 24
2a00:54e0::/32 maxlen: 32
2a0b:9580::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:e0:97:45:b5:51:ee:71:8f:ba:d6:ff:ad:05:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=227e9581a69acf8119320e1379857a513bd238db
Validity
Not Before: Jan 2 05:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ebcd32ae5bdd283830be32c1aae4864a9b65dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:5f:58:df:e2:41:51:92:6b:ce:11:38:15:
ca:fd:a2:56:29:8f:11:03:a2:22:bc:8b:b5:ce:09:
21:6d:eb:e6:8d:f6:10:28:c2:b4:d5:b8:77:29:6b:
85:d2:ca:fa:ab:43:41:28:b1:82:99:56:5b:8a:c8:
eb:e8:5f:7d:ea:e4:0e:3e:76:12:c9:65:23:90:52:
5f:9f:85:d2:b8:33:ac:a4:83:aa:ae:fe:b8:a4:48:
f4:d2:51:ff:d2:50:6c:55:35:2c:71:a8:be:4c:7e:
60:a5:f9:98:37:52:c9:18:ce:0b:2f:82:23:1c:65:
f6:89:ce:6f:65:b7:49:2d:6f:db:87:b0:31:bc:df:
13:a1:75:d2:53:66:8b:4d:bf:f2:a8:6c:a4:1b:a0:
74:92:46:b9:8c:58:79:37:cb:35:bc:77:62:ed:dc:
3f:02:f7:38:2a:27:56:c3:57:f8:c4:6b:ce:97:6a:
e6:8c:b3:72:17:02:da:cf:e5:54:31:cb:38:40:13:
7a:5d:43:85:4a:1d:b9:05:96:12:b3:05:78:fd:e9:
28:a0:d7:90:b4:a6:08:aa:fb:d7:c5:4d:4f:46:d5:
0e:04:ca:88:6f:49:00:fb:93:da:84:ad:ab:a8:ee:
df:71:51:09:3d:a7:ba:fc:04:61:18:27:91:55:75:
2d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BC:D3:2A:E5:BD:D2:83:83:0B:E3:2C:1A:AE:48:64:A9:B6:5D:FE
X509v3 Authority Key Identifier:
keyid:22:7E:95:81:A6:9A:CF:81:19:32:0E:13:79:85:7A:51:3B:D2:38:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/In6Vgaaaz4EZMg4TeYV6UTvSONs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/XrzTKuW90oODC-MsGq5IZKm2Xf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/In6Vgaaaz4EZMg4TeYV6UTvSONs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.24.0/22
185.187.40.0/22
IPv6:
2a00:54e0::/32
2a0b:9580::/32
Signature Algorithm: sha256WithRSAEncryption
29:65:66:a4:8d:2f:ba:fb:52:e1:6a:ca:0e:ce:3e:9f:b8:9f:
a7:3b:dd:ea:9b:a3:46:d4:6a:2d:82:b2:70:16:49:f8:ca:73:
2c:a9:6c:49:af:a3:3b:86:d9:fa:e8:f0:88:44:68:ce:44:1e:
35:f8:7d:29:86:56:5f:4f:fc:00:be:80:d9:0d:bc:d0:56:88:
3d:f3:5d:e5:6a:fc:82:c7:bc:03:fb:fe:08:c1:28:10:48:65:
da:1b:11:69:77:a8:73:11:f4:44:ea:67:95:ef:c2:b7:66:c1:
d3:fa:2d:ec:a5:54:d8:4a:4e:28:0c:a0:a9:9c:d6:7f:38:1f:
92:16:eb:de:a5:20:b1:fd:72:e5:f2:bd:4f:15:d4:cf:aa:f5:
61:47:99:2f:cc:59:97:64:52:70:89:13:95:c2:16:32:dd:db:
90:82:07:2a:c3:91:e1:e5:17:d1:36:37:13:d9:25:8b:a2:4a:
40:ce:2c:cc:ff:11:7b:d8:49:b9:ee:5b:9c:95:c6:57:b3:9d:
23:88:ea:c1:12:88:d9:41:c8:0e:59:22:52:7c:f8:7b:44:9c:
47:7e:6d:54:e4:6d:cb:96:50:f8:8d:dd:70:33:08:4d:69:25:
48:8a:7b:9a:ad:ba:5a:7a:b9:44:d6:22:18:3d:83:1d:0e:6d:
64:5a:55:29
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVxC+CXRbVR7nGPutb/rQXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyN2U5NTgxYTY5YWNmODExOTMyMGUxMzc5ODU3YTUxM2Jk
MjM4ZGIwHhcNMjMwMTAyMDU1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWJjZDMyYWU1YmRkMjgzODMwYmUzMmMxYWFlNDg2NGE5YjY1ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFpfWN/iQVGSa84ROBXK/aJWKY8R
A6IivIu1zgkhbevmjfYQKMK01bh3KWuF0sr6q0NBKLGCmVZbisjr6F996uQOPnYS
yWUjkFJfn4XSuDOspIOqrv64pEj00lH/0lBsVTUscai+TH5gpfmYN1LJGM4LL4Ij
HGX2ic5vZbdJLW/bh7AxvN8ToXXSU2aLTb/yqGykG6B0kka5jFh5N8s1vHdi7dw/
Avc4KidWw1f4xGvOl2rmjLNyFwLaz+VUMcs4QBN6XUOFSh25BZYSswV4/ekooNeQ
tKYIqvvXxU1PRtUOBMqIb0kA+5PahK2rqO7fcVEJPae6/ARhGCeRVXUtLQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFF680yrlvdKDgwvjLBquSGSptl3+MB8GA1UdIwQY
MBaAFCJ+lYGmms+BGTIOE3mFelE70jjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW42VmdhYWF6NEVaTWc0VGVZVjZVVHZTT05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yYjgzYTEtNzQ4ZC00ZjU1LThiM2It
ZDlkZjQ1ZGJiYWRmLzEvWHJ6VEt1Vzkwb09EQy1Nc0dxNUlaS20yWGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yYjgzYTEtNzQ4ZC00ZjU1LThiM2ItZDlkZjQ1ZGJiYWRm
LzEvSW42VmdhYWF6NEVaTWc0VGVZVjZVVHZTT05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRUYAwQC
ubsoMBQEAgACMA4DBQAqAFTgAwUAKguVgDANBgkqhkiG9w0BAQsFAAOCAQEAKWVm
pI0vuvtS4WrKDs4+n7ifpzvd6pujRtRqLYKycBZJ+MpzLKlsSa+jO4bZ+ujwiERo
zkQeNfh9KYZWX0/8AL6A2Q280FaIPfNd5Wr8gse8A/v+CMEoEEhl2hsRaXeocxH0
ROpnle/Ct2bB0/ot7KVU2EpOKAygqZzWfzgfkhbr3qUgsf1y5fK9TxXUz6r1YUeZ
L8xZl2RScIkTlcIWMt3bkIIHKsOR4eUX0TY3E9kli6JKQM4szP8Re9hJue5bnJXG
V7OdI4jqwRKI2UHIDlkiUnz4e0ScR35tVORty5ZQ+I3dcDMITWklSIp7mq26Wnq5
RNYiGD2DHQ5tZFpVKQ==
Generated at Mon Sep 11 15:10:19 2023 by rpki-client on console-ams.rpki-client.org