Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/IZzAxhsIFOXDJvuN0qXzofiMTAY.roa
File: IZzAxhsIFOXDJvuN0qXzofiMTAY.roa (raw, json)
Hash identifier: ziwueRLVQdHYzOxGRjA6A3ml7AXQzIvgP7zKgBuyCmY=
Subject key identifier: 21:9C:C0:C6:1B:08:14:E5:C3:26:FB:8D:D2:A5:F3:A1:F8:8C:4C:06
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D8C8C51
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/IZzAxhsIFOXDJvuN0qXzofiMTAY.roa
Signing time: Tue 07 Jun 2022 11:15:02 +0000
ROA not before: Tue 07 Jun 2022 11:15:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.128.0/22 maxlen: 24
194.64.89.0/24 maxlen: 24
194.163.192.0/19 maxlen: 24
194.163.96.0/20 maxlen: 24
195.179.100.0/22 maxlen: 22
195.179.108.0/22 maxlen: 22
212.224.16.0/22 maxlen: 22
212.224.24.0/22 maxlen: 22
62.138.64.0/22 maxlen: 22
62.138.72.0/22 maxlen: 22
195.180.224.0/20 maxlen: 24
194.163.64.0/22 maxlen: 22
195.180.192.0/20 maxlen: 24
194.64.152.0/22 maxlen: 22
194.195.32.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227314769 (0xd8c8c51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jun 7 11:15:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=219cc0c61b0814e5c326fb8dd2a5f3a1f88c4c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:29:c2:f3:8a:c0:c6:0b:cc:38:d9:32:8a:1f:
82:1a:f9:53:5d:01:f0:8c:e7:94:b9:02:3c:7d:a7:
5e:8f:ad:c4:2a:5d:8c:a7:ac:ba:d5:e3:c6:5f:2b:
f8:d9:e8:04:df:89:6f:82:c0:4b:aa:77:4e:a0:88:
4c:f8:47:ec:30:4d:79:d3:b9:6c:8c:45:0f:53:0b:
c1:8a:19:0e:15:dd:a8:1d:df:c7:95:0f:67:4d:6c:
49:63:3d:ce:6f:f3:ad:4d:b6:38:ee:a1:6f:7e:96:
7a:cd:83:4c:22:1e:76:ff:57:69:d1:a7:5c:7c:f7:
25:0a:31:60:9c:54:79:fa:be:1b:c5:7c:8f:a9:42:
48:ea:42:cf:6a:91:24:d6:9c:0f:8b:9f:b5:3a:28:
96:33:bd:62:22:bf:8d:6d:17:87:7d:0c:cf:da:c1:
85:06:37:22:13:11:57:65:c8:a0:b1:0f:1f:99:89:
dc:08:90:2d:4b:6f:84:c9:2b:a5:27:6b:10:91:15:
7b:02:92:52:48:65:f6:4c:57:96:5a:99:57:27:20:
3a:db:86:41:c2:fb:93:e3:a6:43:71:56:a4:e0:a7:
de:ac:bf:f2:62:39:b3:67:ee:62:c3:12:bd:dc:15:
01:9f:b4:d5:48:ef:ab:07:e3:00:88:40:e8:dd:72:
bb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9C:C0:C6:1B:08:14:E5:C3:26:FB:8D:D2:A5:F3:A1:F8:8C:4C:06
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/IZzAxhsIFOXDJvuN0qXzofiMTAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
62.138.72.0/22
194.64.89.0/24
194.64.152.0/22
194.163.64.0/22
194.163.96.0/20
194.163.192.0/19
194.195.32.0/19
195.179.100.0/22
195.179.108.0/22
195.180.128.0/22
195.180.192.0/20
195.180.224.0/20
212.224.16.0/22
212.224.24.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:e8:26:d9:e4:4d:f5:86:11:ab:4c:a1:c9:b5:95:aa:59:2f:
66:76:e4:1f:aa:d9:99:54:43:6d:e2:64:e0:5e:48:7b:3b:38:
bd:ac:b8:42:bc:71:19:df:30:6f:88:f2:fa:14:c6:40:93:d9:
4d:8b:60:30:74:b7:f7:e3:6d:2d:89:d9:7e:a4:c6:00:16:d9:
5b:27:38:a8:c0:e9:f4:3a:5b:71:55:6f:00:82:f9:4d:1b:40:
ed:af:c7:b3:70:c2:33:d7:57:6f:9e:ca:61:71:9d:5e:23:6d:
29:28:81:97:60:38:96:36:92:cd:4c:80:d6:21:e0:d8:0d:d2:
12:97:3c:f7:f4:1c:b9:c6:23:bc:2b:5d:32:35:97:63:9d:34:
c5:af:b5:7d:37:d8:c1:8d:45:4f:9a:80:31:bd:2f:74:53:ba:
6d:3c:3f:0a:19:6c:94:45:9a:5c:62:45:82:e5:7d:ac:2f:32:
6d:7a:59:ee:90:83:ed:03:2a:44:38:c2:54:7e:b7:cd:b5:88:
11:fd:b3:78:84:2e:c1:51:0f:4c:c7:e7:af:7d:f7:96:fb:de:
da:02:5f:4a:6c:c8:b6:c6:f4:a4:95:1e:e4:61:db:aa:21:61:
1e:73:39:1a:fa:5d:e0:f8:15:bf:14:98:05:77:00:03:1b:0b:
41:48:0b:b8
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEDYyMUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDYw
NzExMTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE5Y2MwYzYxYjA4
MTRlNWMzMjZmYjhkZDJhNWYzYTFmODhjNGMwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4pwvOKwMYLzDjZMoofghr5U10B8IznlLkCPH2nXo+txCpd
jKesutXjxl8r+NnoBN+Jb4LAS6p3TqCITPhH7DBNedO5bIxFD1MLwYoZDhXdqB3f
x5UPZ01sSWM9zm/zrU22OO6hb36Wes2DTCIedv9XadGnXHz3JQoxYJxUefq+G8V8
j6lCSOpCz2qRJNacD4uftTooljO9YiK/jW0Xh30Mz9rBhQY3IhMRV2XIoLEPH5mJ
3AiQLUtvhMkrpSdrEJEVewKSUkhl9kxXllqZVycgOtuGQcL7k+OmQ3FWpOCn3qy/
8mI5s2fuYsMSvdwVAZ+01UjvqwfjAIhA6N1yu/0CAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBQhnMDGGwgU5cMm+43SpfOh+IxMBjAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L0laekF4aHNJRk9YREp2dU4wcVh6b2ZpTVRBWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAj6KQAMEAj6KSAMEAMJAWQMEAsJA
mAMEAsKjQAMEBMKjYAMEBcKjwAMEBcLDIAMEAsOzZAMEAsOzbAMEAsO0gAMEBMO0
wAMEBMO04AMEAtTgEAMEAtTgGDANBgkqhkiG9w0BAQsFAAOCAQEAqOgm2eRN9YYR
q0yhybWVqlkvZnbkH6rZmVRDbeJk4F5Iezs4vay4QrxxGd8wb4jy+hTGQJPZTYtg
MHS39+NtLYnZfqTGABbZWyc4qMDp9DpbcVVvAIL5TRtA7a/Hs3DCM9dXb57KYXGd
XiNtKSiBl2A4ljaSzUyA1iHg2A3SEpc89/QcucYjvCtdMjWXY500xa+1fTfYwY1F
T5qAMb0vdFO6bTw/ChlslEWaXGJFguV9rC8ybXpZ7pCD7QMqRDjCVH63zbWIEf2z
eIQuwVEPTMfnr333lvve2gJfSmzItsb0pJUe5GHbqiFhHnM5Gvpd4PgVvxSYBXcA
AxsLQUgLuA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:48 2025 by rpki-client