Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/XzEdZykgG4xDj5Z8-ubN7eDCzpU.roa
File: XzEdZykgG4xDj5Z8-ubN7eDCzpU.roa (raw, json)
Hash identifier: t7nsCLt7qjGwNvZG5S9eXVgKXF4V25RvqmW5bo5PAXg=
Subject key identifier: 5F:31:1D:67:29:20:1B:8C:43:8F:96:7C:FA:E6:CD:ED:E0:C2:CE:95
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 019203E5
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/XzEdZykgG4xDj5Z8-ubN7eDCzpU.roa
Signing time: Sat 01 Jan 2022 05:52:57 +0000
ROA not before: Sat 01 Jan 2022 05:52:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212248
IP address blocks: 185.105.237.0/24 maxlen: 24
185.231.114.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26346469 (0x19203e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Jan 1 05:52:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f311d6729201b8c438f967cfae6cdede0c2ce95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:72:6f:4b:16:24:9a:43:23:bd:56:6f:ce:27:
5a:8a:28:14:18:44:46:c9:1f:6d:14:54:3c:05:5d:
da:03:82:79:20:f9:d3:2b:ce:d2:08:b9:f4:97:0e:
fb:45:e7:75:6e:6b:e6:55:0c:7c:82:d6:71:9d:1d:
e9:a2:8e:c3:f0:c7:94:ad:54:0f:ae:34:6b:88:e2:
09:8e:f9:f8:2a:9f:06:04:5d:30:9a:38:2c:1e:00:
8a:c2:42:5f:6f:27:7f:9c:8b:ec:71:7d:57:6a:39:
cb:9b:2d:d3:f1:1e:51:24:77:81:79:f5:1e:b4:86:
89:a3:ba:af:90:5d:21:96:2f:c7:a7:5c:71:3f:f3:
d2:a1:0a:71:39:c3:05:23:d0:9b:05:d8:b7:c6:1d:
0f:21:6c:82:15:74:bf:8b:4d:a4:b3:3c:c1:2d:e9:
51:8a:9f:40:76:aa:ae:2a:3b:1f:2f:6d:3e:8e:ba:
fc:ed:85:aa:0d:bb:dd:d9:b2:92:56:2f:6c:db:ba:
75:ad:fb:95:68:97:ad:32:77:00:e7:88:c7:52:a6:
88:07:9f:2b:c2:3f:6d:2e:d1:5e:1f:96:e2:bb:1e:
21:94:22:7e:54:30:51:70:cd:9c:71:4b:5f:69:97:
a1:39:5f:73:73:36:b1:70:23:1d:8b:19:c4:53:f1:
06:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:31:1D:67:29:20:1B:8C:43:8F:96:7C:FA:E6:CD:ED:E0:C2:CE:95
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/XzEdZykgG4xDj5Z8-ubN7eDCzpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.237.0/24
185.231.114.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:59:cc:5d:eb:1b:fd:e3:6d:ae:29:67:07:03:0f:31:f1:37:
d8:60:ef:a5:82:0f:c2:68:1d:28:fd:ae:d0:3b:e8:06:6d:61:
9e:15:00:d9:c2:ac:c8:dd:18:6b:20:86:f8:f8:f9:06:28:18:
c8:08:62:56:df:79:80:5d:12:29:68:bd:03:07:84:04:c0:83:
a0:a1:54:3c:7c:32:e0:a1:93:d6:4a:9d:b0:dc:66:7a:d1:29:
b1:f9:49:15:c5:20:4b:e3:6a:72:0b:0c:74:fb:9e:39:13:ff:
13:de:8c:c0:34:15:07:de:05:de:2e:a5:cf:1d:a7:25:0d:56:
cf:d7:8b:9c:19:2c:a6:f4:ca:4e:7d:b0:61:08:c7:f5:67:af:
72:a3:c1:d4:58:8d:fd:71:94:7c:19:f7:06:0d:93:bb:28:e7:
40:b3:d0:a9:eb:1c:4e:83:38:12:26:f4:d2:89:97:8c:46:cd:
a6:6d:fd:37:3f:c3:fc:38:2b:cc:2c:6e:65:6d:31:5f:17:05:
4d:ce:14:ef:fc:0d:23:99:dc:69:42:4a:5f:4c:5b:31:22:53:
0c:13:47:73:5c:54:db:48:fd:fb:d6:db:ae:dc:04:e6:c3:29:
69:57:a7:2f:68:c4:81:ee:98:f6:69:54:9f:6a:e8:b6:a6:f3:
c2:9a:96:58
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAZID5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODdiNTk0ZTVlNjcxM2E1YjgwYTU0ODFhNWNlNzFlNjUyZDg0NTczMB4XDTIyMDEw
MTA1NTI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYzMTFkNjcyOTIw
MWI4YzQzOGY5NjdjZmFlNmNkZWRlMGMyY2U5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpyb0sWJJpDI71Wb84nWoooFBhERskfbRRUPAVd2gOCeSD5
0yvO0gi59JcO+0XndW5r5lUMfILWcZ0d6aKOw/DHlK1UD640a4jiCY75+CqfBgRd
MJo4LB4AisJCX28nf5yL7HF9V2o5y5st0/EeUSR3gXn1HrSGiaO6r5BdIZYvx6dc
cT/z0qEKcTnDBSPQmwXYt8YdDyFsghV0v4tNpLM8wS3pUYqfQHaqrio7Hy9tPo66
/O2Fqg273dmyklYvbNu6da37lWiXrTJ3AOeIx1KmiAefK8I/bS7RXh+W4rseIZQi
flQwUXDNnHFLX2mXoTlfc3M2sXAjHYsZxFPxBssCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRfMR1nKSAbjEOPlnz65s3t4MLOlTAfBgNVHSMEGDAWgBTIe1lOXmcTpbgK
VIGlznHmUthFczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lIdFpUbDVuRTZXNENsU0JwYzV4NWxMWVJYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvODI0Zjc4LWRlZTItNDdiYy1hZjJmLTM4Y2I2ZTQxNmYzYS8x
L1h6RWRaeWtnRzR4RGo1WjgtdWJON2VEQ3pwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
ODI0Zjc4LWRlZTItNDdiYy1hZjJmLTM4Y2I2ZTQxNmYzYS8xL3lIdFpUbDVuRTZX
NENsU0JwYzV4NWxMWVJYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlp7QMEALnncjANBgkqhkiG9w0B
AQsFAAOCAQEAX1nMXesb/eNtrilnBwMPMfE32GDvpYIPwmgdKP2u0DvoBm1hnhUA
2cKsyN0YayCG+Pj5BigYyAhiVt95gF0SKWi9AweEBMCDoKFUPHwy4KGT1kqdsNxm
etEpsflJFcUgS+NqcgsMdPueORP/E96MwDQVB94F3i6lzx2nJQ1Wz9eLnBkspvTK
Tn2wYQjH9WevcqPB1FiN/XGUfBn3Bg2TuyjnQLPQqescToM4Eib00omXjEbNpm39
Nz/D/DgrzCxuZW0xXxcFTc4U7/wNI5ncaUJKX0xbMSJTDBNHc1xU20j9+9bbrtwE
5sMpaVenL2jEge6Y9mlUn2rotqbzwpqWWA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org