Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/xcgMHstRaeD7SqOurqnX0Df5ork.roa
File: xcgMHstRaeD7SqOurqnX0Df5ork.roa (raw, json)
Hash identifier: O9bnPq1VzBOaxz9So6smexXltqY3DwohVYNif3Q+CAs=
Subject key identifier: C5:C8:0C:1E:CB:51:69:E0:FB:4A:A3:AE:AE:A9:D7:D0:37:F9:A2:B9
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 01856D53C6D0048D6901181120A338A3F484
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/xcgMHstRaeD7SqOurqnX0Df5ork.roa
Signing time: Sun 01 Jan 2023 12:34:44 +0000
ROA not before: Sun 01 Jan 2023 12:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41960
IP address blocks: 213.156.0.0/20 maxlen: 24
91.211.160.0/22 maxlen: 24
212.19.192.0/19 maxlen: 19
195.238.86.0/23 maxlen: 24
212.26.192.0/19 maxlen: 19
45.151.116.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
212.57.48.0/20 maxlen: 24
217.8.96.0/20 maxlen: 20
45.95.252.0/22 maxlen: 24
2.56.216.0/22 maxlen: 24
93.188.64.0/22 maxlen: 24
213.173.56.0/22 maxlen: 22
77.73.224.0/21 maxlen: 24
185.249.136.0/22 maxlen: 24
45.10.124.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
194.61.84.0/23 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
171.22.176.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
85.184.8.0/21 maxlen: 24
185.234.152.0/23 maxlen: 24
185.239.168.0/23 maxlen: 24
185.234.154.0/24 maxlen: 24
185.239.170.0/24 maxlen: 24
37.148.184.0/21 maxlen: 24
91.216.34.0/24 maxlen: 24
185.253.48.0/22 maxlen: 24
2a02:690::/29 maxlen: 32
2001:6e0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:c6:d0:04:8d:69:01:18:11:20:a3:38:a3:f4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Jan 1 12:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5c80c1ecb5169e0fb4aa3aeaea9d7d037f9a2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4b:d6:2f:e9:0e:9a:20:65:1a:f8:99:1e:cf:
a3:d8:04:47:09:12:d4:f3:6d:f7:7b:94:14:1d:51:
f2:27:44:7f:64:b1:67:09:63:4f:ca:10:20:e7:a8:
52:ab:2d:45:85:21:c7:eb:fa:39:1b:00:88:5c:4a:
a8:28:7a:c7:07:a8:31:c3:76:5a:6c:e8:61:78:77:
64:55:a9:ef:ab:23:14:5b:eb:c3:3b:1c:77:af:63:
5a:2b:8e:1a:35:91:1b:dc:35:1f:87:30:25:3d:7d:
f3:af:c7:dd:b6:e3:8e:e2:fc:1a:5a:27:13:09:eb:
7c:85:c0:bd:b7:86:b8:0c:03:10:63:30:da:a6:ab:
b9:39:59:4b:41:86:db:73:f7:89:1a:d4:52:aa:4a:
77:75:8c:f5:59:19:a3:1d:51:bb:74:4e:78:5f:6a:
9e:c2:2d:4e:2d:e4:86:79:be:9b:db:11:b8:bd:76:
80:fa:c4:8b:40:28:cf:59:06:47:35:2f:e8:65:de:
6c:d6:55:0a:cf:4b:7a:a1:90:3f:64:aa:e1:8e:06:
06:6e:ca:cf:1a:19:cc:0c:70:b2:4b:04:60:79:69:
cf:bd:aa:ff:fd:67:39:95:ba:a0:d6:c9:d2:77:b3:
68:6e:27:1c:e0:8a:72:80:1c:e4:9c:16:69:0d:d4:
78:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C8:0C:1E:CB:51:69:E0:FB:4A:A3:AE:AE:A9:D7:D0:37:F9:A2:B9
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/xcgMHstRaeD7SqOurqnX0Df5ork.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.124.0/22
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.211.160.0/22
91.216.34.0/24
93.188.64.0/22
171.22.176.0/22
185.234.152.0-185.234.154.255
185.239.168.0-185.239.170.255
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
194.61.84.0-194.61.86.255
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.19.192.0/19
212.26.192.0/19
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
217.8.96.0/20
IPv6:
2001:6e0::/32
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
b9:ea:4b:21:83:e9:cd:a4:bd:da:56:b1:b3:9b:b8:5e:96:2f:
e8:99:3b:c7:66:f7:80:7a:e5:de:db:ce:10:fd:93:5d:b3:77:
2b:04:35:ba:70:cb:2e:fc:3b:f1:4f:41:4d:ad:6b:05:dd:2b:
74:27:96:10:ca:22:d5:bf:de:f4:b8:37:8d:1f:21:87:ec:b7:
ba:2a:6e:c7:45:76:b9:05:20:fb:b5:a8:b1:b1:de:bc:fe:25:
db:24:da:e4:22:c5:e0:13:ef:59:a1:fb:81:a9:7e:ca:67:0e:
3c:1d:5d:83:aa:08:54:7c:f0:0e:2b:2b:6b:05:03:22:83:44:
94:36:a9:cb:28:f0:f0:6e:a4:89:33:b6:9a:0c:d5:8f:47:97:
06:83:32:45:e2:60:bf:ad:7b:27:71:51:5e:ea:db:48:e3:df:
b3:ae:2c:1c:27:e6:a3:16:e4:b4:a7:72:a2:7e:b7:31:81:a6:
b9:a1:db:3f:17:c7:b6:3b:ac:0d:78:6e:8e:7e:2c:b4:8a:78:
9e:77:09:05:5d:79:8d:88:aa:08:a0:23:e3:fe:dc:24:16:74:
18:11:8d:08:f1:21:f6:a5:03:2f:7e:3d:39:2e:cd:1c:08:ee:
d6:36:2a:4f:03:46:20:a7:50:ec:0d:96:3e:46:d5:ac:90:4d:
df:24:44:80
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYVtU8bQBI1pARgRIKM4o/SEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYTEyMjA3YWY0ZDE4NmM0NGRhMjUzM2MwYjhmMWZkMWY1
NWQ4ZGIwHhcNMjMwMTAxMTIzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM4MGMxZWNiNTE2OWUwZmI0YWEzYWVhZWE5ZDdkMDM3ZjlhMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUvWL+kOmiBlGviZHs+j2ARHCRLU
8233e5QUHVHyJ0R/ZLFnCWNPyhAg56hSqy1FhSHH6/o5GwCIXEqoKHrHB6gxw3Za
bOhheHdkVanvqyMUW+vDOxx3r2NaK44aNZEb3DUfhzAlPX3zr8fdtuOO4vwaWicT
Cet8hcC9t4a4DAMQYzDapqu5OVlLQYbbc/eJGtRSqkp3dYz1WRmjHVG7dE54X2qe
wi1OLeSGeb6b2xG4vXaA+sSLQCjPWQZHNS/oZd5s1lUKz0t6oZA/ZKrhjgYGbsrP
GhnMDHCySwRgeWnPvar//Wc5lbqg1snSd7Nobicc4IpygBzknBZpDdR4KwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFMXIDB7LUWng+0qjrq6p19A3+aK5MB8GA1UdIwQY
MBaAFNuhIgevTRhsRNolM8C48f0fVdjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgt
MTJiMmJjNTgwNTNhLzEveGNnTUhzdFJhZUQ3U3FPdXJxblgwRGY1b3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgtMTJiMmJjNTgwNTNh
LzEvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCBxwQCAAEwgcADBAIC
ONgDBAIFt4QDBAMllLgDBAItCnwDBAItX/wDBAItjJwDBAItl3QDBANNSeADBANV
uAgDBAJb06ADBABb2CIDBAJdvEADBAKrFrAwDAMEA7nqmAMEALnqmjAMAwQDue+o
AwQAue+qAwQCufmIAwQCufuYAwQCuf0wMAwDBALCPVQDBADCPVYDBAHDuFYDBAHD
uFoDBAHD7lYDBAXUE8ADBAXUGsADBATUOTADBATVnAADBALVrTgDBATZCGAwFAQC
AAIwDgMFACABBuADBQMqAgaQMA0GCSqGSIb3DQEBCwUAA4IBAQC56kshg+nNpL3a
VrGzm7heli/omTvHZveAeuXe284Q/ZNds3crBDW6cMsu/DvxT0FNrWsF3St0J5YQ
yiLVv970uDeNHyGH7Le6Km7HRXa5BSD7taixsd68/iXbJNrkIsXgE+9ZofuBqX7K
Zw48HV2DqghUfPAOKytrBQMig0SUNqnLKPDwbqSJM7aaDNWPR5cGgzJF4mC/rXsn
cVFe6ttI49+zriwcJ+ajFuS0p3Kifrcxgaa5ods/F8e2O6wNeG6Ofiy0iniedwkF
XXmNiKoIoCPj/twkFnQYEY0I8SH2pQMvfj05Ls0cCO7WNipPA0Ygp1DsDZY+RtWs
kE3fJESA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:11 2024 by rpki-client on console-fra.rpki-client.org