Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/zVEAA-FgfeaRDiT0IBMD4Of5Eus.roa
File: zVEAA-FgfeaRDiT0IBMD4Of5Eus.roa (raw, json)
Hash identifier: a1hkIvZE4tgmAVy3Kdt2qLVDX6d7pBbIgqOFU7OqDFo=
Subject key identifier: CD:51:00:03:E1:60:7D:E6:91:0E:24:F4:20:13:03:E0:E7:F9:12:EB
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 0F601400
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/zVEAA-FgfeaRDiT0IBMD4Of5Eus.roa
Signing time: Fri 28 Jan 2022 14:02:59 +0000
ROA not before: Fri 28 Jan 2022 14:02:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 213.156.0.0/20 maxlen: 24
91.211.160.0/22 maxlen: 24
195.238.86.0/23 maxlen: 24
45.151.116.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
212.57.48.0/20 maxlen: 24
45.95.252.0/22 maxlen: 24
2.56.216.0/22 maxlen: 24
93.188.64.0/22 maxlen: 24
213.173.56.0/22 maxlen: 22
77.73.224.0/21 maxlen: 24
185.249.136.0/22 maxlen: 24
45.10.124.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
194.61.84.0/23 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
171.22.176.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
85.184.8.0/21 maxlen: 24
185.234.152.0/23 maxlen: 24
185.239.168.0/22 maxlen: 24
185.234.154.0/24 maxlen: 24
37.148.184.0/21 maxlen: 24
185.253.48.0/22 maxlen: 24
2a02:690::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 257954816 (0xf601400)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Jan 28 14:02:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd510003e1607de6910e24f4201303e0e7f912eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3b:f5:33:6c:6d:93:b0:4a:52:27:c0:19:12:
94:f8:53:8c:c2:7c:70:a7:ce:f5:f8:69:6c:1a:64:
c3:49:0d:5f:5c:70:0c:f5:90:4f:34:8a:e2:0e:9c:
7f:d5:86:f8:f4:1c:2f:c9:4b:81:ab:d0:8a:f4:6c:
d4:68:8f:a4:c6:04:ec:d8:10:fd:84:35:2d:cb:dd:
90:6b:16:5d:aa:13:a2:9b:a7:99:62:88:df:fa:25:
b4:a3:38:c9:de:76:1f:27:a9:28:ba:d7:02:91:d0:
62:6b:57:3e:ba:be:52:1e:87:bd:3d:53:61:2f:17:
6d:56:65:f4:e9:01:40:ad:ae:5e:d8:39:aa:78:27:
25:b9:75:95:0d:f8:6d:f0:32:b3:66:b0:cb:cf:c4:
46:51:0c:b3:f1:58:ff:ff:ad:7b:74:62:ff:41:2c:
82:88:13:3c:21:a0:6d:04:e7:a3:2c:bf:60:9e:f1:
b1:f1:69:9b:e2:a8:96:f8:4b:8c:b2:f5:91:b5:9e:
63:39:57:f9:07:b3:0d:77:ce:4d:6e:75:9a:1d:0f:
92:1f:e7:80:4e:c4:85:a7:6e:80:c0:8d:4c:38:2d:
73:cf:97:18:70:46:44:f0:db:d2:c3:b6:d0:9e:ff:
5a:a8:4c:e2:6f:f6:fb:40:53:67:53:4c:87:a8:db:
aa:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:51:00:03:E1:60:7D:E6:91:0E:24:F4:20:13:03:E0:E7:F9:12:EB
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/zVEAA-FgfeaRDiT0IBMD4Of5Eus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.124.0/22
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.211.160.0/22
93.188.64.0/22
171.22.176.0/22
185.234.152.0-185.234.154.255
185.239.168.0/22
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
194.61.84.0-194.61.86.255
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
IPv6:
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
a9:66:83:41:1b:7e:04:1b:da:18:57:99:9f:60:95:35:2c:33:
b0:3e:a2:f7:40:7c:e7:2f:f6:de:af:90:23:9f:7e:bd:cf:b3:
21:23:82:a5:27:e5:88:3d:28:76:da:9b:17:d5:5e:d4:46:e1:
67:a5:f2:d0:73:96:dc:b1:a1:86:60:5a:57:84:a0:d2:34:d1:
87:0d:03:a9:79:c0:c6:aa:0c:b1:40:8c:73:0f:9a:ed:1f:0b:
c1:40:c0:ee:f7:04:fd:07:bf:fc:ad:fb:87:3f:f2:84:8d:d2:
df:ce:48:b3:a7:9a:1c:6d:25:cb:cb:ec:35:29:81:8a:40:b4:
81:63:40:8a:6b:c6:a2:66:e9:e7:91:5e:fd:9d:52:2d:0a:b0:
dc:d1:96:7f:91:e9:fc:fc:61:3c:27:06:17:05:bd:94:91:36:
70:3a:16:fe:e9:1c:fa:3d:67:48:02:1c:5f:61:55:d9:46:60:
6e:67:58:fb:07:b1:40:4b:2d:34:6d:f6:ef:33:92:e7:db:c7:
79:9e:95:ac:b2:ab:f5:dd:be:b2:59:c5:2d:69:6a:2f:90:17:
fc:60:22:ac:8c:e0:3e:54:42:ad:2c:49:ee:e0:38:dd:78:c5:
2c:eb:0f:72:e5:ee:fb:30:df:74:cb:2a:56:d3:ed:82:6a:c5:
85:93:6f:97
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIED2AUADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmExMjIwN2FmNGQxODZjNDRkYTI1MzNjMGI4ZjFmZDFmNTVkOGRiMB4XDTIyMDEy
ODE0MDI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q1MTAwMDNlMTYw
N2RlNjkxMGUyNGY0MjAxMzAzZTBlN2Y5MTJlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKk79TNsbZOwSlInwBkSlPhTjMJ8cKfO9fhpbBpkw0kNX1xw
DPWQTzSK4g6cf9WG+PQcL8lLgavQivRs1GiPpMYE7NgQ/YQ1LcvdkGsWXaoTopun
mWKI3/oltKM4yd52HyepKLrXApHQYmtXPrq+Uh6HvT1TYS8XbVZl9OkBQK2uXtg5
qngnJbl1lQ34bfAys2awy8/ERlEMs/FY//+te3Ri/0EsgogTPCGgbQTnoyy/YJ7x
sfFpm+KolvhLjLL1kbWeYzlX+QezDXfOTW51mh0Pkh/ngE7EhadugMCNTDgtc8+X
GHBGRPDb0sO20J7/WqhM4m/2+0BTZ1NMh6jbqm0CAwEAAaOCArcwggKzMB0GA1Ud
DgQWBBTNUQAD4WB95pEOJPQgEwPg5/kS6zAfBgNVHSMEGDAWgBTboSIHr00YbETa
JTPAuPH9H1XY2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI2RWlCNjlOR0d4RTJpVXp3TGp4X1I5VjJOcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvYzgwMTBlLTMyODktNGEzNi1hMmI4LTEyYjJiYzU4MDUzYS8x
L3pWRUFBLUZnZmVhUkRpVDBJQk1ENE9mNUV1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
YzgwMTBlLTMyODktNGEzNi1hMmI4LTEyYjJiYzU4MDUzYS8xLzI2RWlCNjlOR0d4
RTJpVXp3TGp4X1I5VjJOcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zAYIKwYBBQUHAQcBAf8EgbwwgbkwgacEAgABMIGgAwQCAjjYAwQCBbeEAwQDJZS4
AwQCLQp8AwQCLV/8AwQCLYycAwQCLZd0AwQDTUngAwQDVbgIAwQCW9OgAwQCXbxA
AwQCqxawMAwDBAO56pgDBAC56poDBAK576gDBAK5+YgDBAK5+5gDBAK5/TAwDAME
AsI9VAMEAMI9VgMEAcO4VgMEAcO4WgMEAcPuVgMEBNQ5MAMEBNWcAAMEAtWtODAN
BAIAAjAHAwUDKgIGkDANBgkqhkiG9w0BAQsFAAOCAQEAqWaDQRt+BBvaGFeZn2CV
NSwzsD6i90B85y/23q+QI59+vc+zISOCpSfliD0odtqbF9Ve1EbhZ6Xy0HOW3LGh
hmBaV4Sg0jTRhw0DqXnAxqoMsUCMcw+a7R8LwUDA7vcE/Qe//K37hz/yhI3S385I
s6eaHG0ly8vsNSmBikC0gWNAimvGombp55Fe/Z1SLQqw3NGWf5Hp/PxhPCcGFwW9
lJE2cDoW/ukc+j1nSAIcX2FV2UZgbmdY+wexQEstNG327zOS59vHeZ6VrLKr9d2+
slnFLWlqL5AX/GAirIzgPlRCrSxJ7uA43XjFLOsPcuXu+zDfdMsqVtPtgmrFhZNv
lw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:50 2023 by rpki-client on console-fra.rpki-client.org