Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/vQBi_cQGB1pWhKjMG5yr9aNdgNk.roa
File: vQBi_cQGB1pWhKjMG5yr9aNdgNk.roa (raw, json)
Hash identifier: aKqxl9ORcghFX4AtLdRC1fV1udWggwsnDIQINwGXLI4=
Subject key identifier: BD:00:62:FD:C4:06:07:5A:56:84:A8:CC:1B:9C:AB:F5:A3:5D:80:D9
Certificate issuer: /CN=61b195d13050ff3c468a149778710b53582251d9
Certificate serial: 018329AE2C14A95B8D9C4D16E9CC7BBC3C8C
Authority key identifier: 61:B1:95:D1:30:50:FF:3C:46:8A:14:97:78:71:0B:53:58:22:51:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbGV0TBQ_zxGihSXeHELU1giUdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/vQBi_cQGB1pWhKjMG5yr9aNdgNk.roa
Signing time: Sat 10 Sep 2022 23:13:43 +0000
ROA not before: Sat 10 Sep 2022 23:13:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15925
IP address blocks: 185.108.8.0/22 maxlen: 22
46.21.0.0/20 maxlen: 20
87.253.240.0/20 maxlen: 20
213.135.192.0/19 maxlen: 19
213.135.192.0/21 maxlen: 21
2a01:7f8::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:29:ae:2c:14:a9:5b:8d:9c:4d:16:e9:cc:7b:bc:3c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b195d13050ff3c468a149778710b53582251d9
Validity
Not Before: Sep 10 23:13:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd0062fdc406075a5684a8cc1b9cabf5a35d80d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8b:15:df:f5:1a:70:4b:15:5f:51:6d:6b:2e:
0d:18:11:7f:59:a7:33:d1:d0:ff:c3:fe:8f:e8:00:
fd:08:b2:3f:23:ec:b1:25:65:49:be:17:33:f8:b0:
86:63:14:51:41:55:ba:ad:45:f9:7e:32:4a:e4:67:
aa:58:15:7b:75:0b:21:92:b6:2c:0d:11:bf:c5:68:
81:e4:e9:09:92:c6:26:b1:f9:86:f3:25:c8:a2:08:
d3:06:0b:95:10:d3:ee:8c:21:60:3a:e7:65:a3:8b:
f3:ba:bd:17:62:85:8c:68:80:3d:e9:74:9e:cc:9e:
b9:09:57:3a:8c:cd:a9:e1:06:ed:be:bb:d7:cc:e0:
36:06:46:a2:4e:5a:c8:60:c9:04:45:b2:7d:70:a8:
98:65:f9:68:97:9f:9a:2d:11:4e:d1:7c:45:26:a8:
29:fd:06:f7:3a:29:d3:a1:3b:e3:3e:34:cb:cc:6b:
64:29:b0:49:4b:76:5e:1f:39:fa:95:9b:e8:39:8d:
f7:6a:31:9e:1c:67:80:6d:c0:09:07:7d:ed:78:3e:
3b:37:82:1d:d6:85:b1:06:ad:e7:9e:8f:4e:56:25:
f2:fa:44:2c:ef:f4:d0:df:7a:38:a8:91:30:49:42:
0a:b6:0e:8f:94:15:cb:a4:75:cb:cf:03:58:6b:34:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:00:62:FD:C4:06:07:5A:56:84:A8:CC:1B:9C:AB:F5:A3:5D:80:D9
X509v3 Authority Key Identifier:
keyid:61:B1:95:D1:30:50:FF:3C:46:8A:14:97:78:71:0B:53:58:22:51:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbGV0TBQ_zxGihSXeHELU1giUdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/vQBi_cQGB1pWhKjMG5yr9aNdgNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/YbGV0TBQ_zxGihSXeHELU1giUdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.0.0/20
87.253.240.0/20
185.108.8.0/22
213.135.192.0/19
IPv6:
2a01:7f8::/29
Signature Algorithm: sha256WithRSAEncryption
2d:c9:2a:96:e4:b7:f6:d1:7f:63:8f:12:0e:24:cc:52:8c:23:
5c:79:f9:42:34:57:42:28:cd:01:ac:05:07:dd:b3:2b:fb:b3:
9d:f7:cc:9b:cd:9b:a0:60:ab:32:67:6b:04:df:66:75:c7:2a:
ad:97:ba:64:6c:21:ef:81:e5:1d:ac:bc:9a:30:60:38:a3:37:
41:24:3e:3d:94:62:80:b7:a1:b5:0d:89:62:23:6f:04:15:aa:
bd:17:9e:4c:58:98:1b:18:8b:b5:f8:1d:75:0f:18:09:ad:b2:
ac:ff:03:86:9c:8c:fb:49:71:bd:11:92:30:32:ef:62:1f:fd:
c9:94:cd:40:09:66:ba:15:db:5e:51:80:57:3a:ce:72:c9:5b:
d4:3c:13:f5:4c:13:8a:a0:8f:57:3b:62:9f:b4:56:3a:82:d5:
c8:25:b2:24:6c:5a:b1:70:59:90:ea:8a:a8:20:39:04:c7:1c:
25:fc:82:81:c1:cd:a0:92:21:e9:3f:48:ce:9d:9d:b5:4b:33:
2a:56:a3:d9:c6:f5:9b:66:14:8f:0c:e3:d5:93:a3:43:01:2c:
5c:5a:32:da:3f:e8:f6:54:27:8e:76:4b:63:79:20:d9:6c:16:
0a:d2:76:64:bc:aa:28:7a:72:f0:83:a2:a9:e3:6d:75:7f:c7:
a6:58:2f:7e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYMpriwUqVuNnE0W6cx7vDyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjE5NWQxMzA1MGZmM2M0NjhhMTQ5Nzc4NzEwYjUzNTgy
MjUxZDkwHhcNMjIwOTEwMjMxMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDAwNjJmZGM0MDYwNzVhNTY4NGE4Y2MxYjljYWJmNWEzNWQ4MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4sV3/UacEsVX1Ftay4NGBF/Wacz
0dD/w/6P6AD9CLI/I+yxJWVJvhcz+LCGYxRRQVW6rUX5fjJK5GeqWBV7dQshkrYs
DRG/xWiB5OkJksYmsfmG8yXIogjTBguVENPujCFgOudlo4vzur0XYoWMaIA96XSe
zJ65CVc6jM2p4QbtvrvXzOA2BkaiTlrIYMkERbJ9cKiYZflol5+aLRFO0XxFJqgp
/Qb3OinToTvjPjTLzGtkKbBJS3ZeHzn6lZvoOY33ajGeHGeAbcAJB33teD47N4Id
1oWxBq3nno9OViXy+kQs7/TQ33o4qJEwSUIKtg6PlBXLpHXLzwNYazShSQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFL0AYv3EBgdaVoSozBucq/WjXYDZMB8GA1UdIwQY
MBaAFGGxldEwUP88RooUl3hxC1NYIlHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJHVjBUQlFfenhHaWhTWGVIRUxVMWdpVWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8yZjNjMTktNTZkNS00OTI0LThiY2It
YmFjNDcyYWI3YjZhLzEvdlFCaV9jUUdCMXBXaEtqTUc1eXI5YU5kZ05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8yZjNjMTktNTZkNS00OTI0LThiY2ItYmFjNDcyYWI3YjZh
LzEvWWJHVjBUQlFfenhHaWhTWGVIRUxVMWdpVWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELhUAAwQE
V/3wAwQCuWwIAwQF1YfAMA0EAgACMAcDBQMqAQf4MA0GCSqGSIb3DQEBCwUAA4IB
AQAtySqW5Lf20X9jjxIOJMxSjCNceflCNFdCKM0BrAUH3bMr+7Od98ybzZugYKsy
Z2sE32Z1xyqtl7pkbCHvgeUdrLyaMGA4ozdBJD49lGKAt6G1DYliI28EFaq9F55M
WJgbGIu1+B11DxgJrbKs/wOGnIz7SXG9EZIwMu9iH/3JlM1ACWa6FdteUYBXOs5y
yVvUPBP1TBOKoI9XO2KftFY6gtXIJbIkbFqxcFmQ6oqoIDkExxwl/IKBwc2gkiHp
P0jOnZ21SzMqVqPZxvWbZhSPDOPVk6NDASxcWjLaP+j2VCeOdktjeSDZbBYK0nZk
vKooenLwg6Kp4211f8emWC9+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:04 2024 by rpki-client on console-ams.rpki-client.org