Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/17K4s--5265qpDP6Mnv2LGoloM8.roa
File: 17K4s--5265qpDP6Mnv2LGoloM8.roa (raw, json)
Hash identifier: 3q/9IEh1ZokqhDghxDyylgyMeM6CcMhRixMeRWai+bI=
Subject key identifier: D7:B2:B8:B3:EF:B9:DB:AE:6A:A4:33:FA:32:7B:F6:2C:6A:25:A0:CF
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 379DD89A
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/17K4s--5265qpDP6Mnv2LGoloM8.roa
Signing time: Mon 03 Jan 2022 15:23:25 +0000
ROA not before: Mon 03 Jan 2022 15:23:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/24 maxlen: 24
91.148.127.0/24 maxlen: 24
85.222.160.0/21 maxlen: 21
85.222.166.0/23 maxlen: 23
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.211.0/24 maxlen: 24
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.205.0/24 maxlen: 24
178.20.200.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 933091482 (0x379dd89a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jan 3 15:23:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7b2b8b3efb9dbae6aa433fa327bf62c6a25a0cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9b:37:2f:96:ba:20:b5:e0:ba:0f:b5:ef:86:
24:34:4d:4b:05:e1:3d:52:02:8b:23:ca:6d:5c:35:
6c:8b:7a:a1:78:4c:8a:87:95:da:c8:2d:a6:a1:c2:
d4:f5:71:81:e0:47:9e:4a:6e:32:d5:3e:86:8a:d1:
1f:6a:ef:fa:20:69:cd:02:ba:30:07:08:36:88:48:
c6:d3:4c:85:e7:d7:62:be:d6:7c:56:d5:26:d6:79:
f7:72:8a:17:4a:a7:4a:3c:2d:19:f4:da:52:90:2d:
d7:99:7a:b0:c2:37:c7:7a:86:65:ee:64:76:c1:2b:
fa:1d:c2:4b:1d:b5:c2:aa:5c:02:0b:8b:e4:b5:1c:
3a:51:5a:2e:bb:15:57:20:f8:b2:32:75:73:38:07:
19:6f:f5:75:4e:a0:e0:60:17:05:9e:12:49:dc:f3:
c8:8f:e3:af:39:e9:ac:84:22:16:b0:88:ba:99:7e:
24:0d:43:e9:43:03:66:7e:40:c0:8e:c9:4b:6b:32:
da:ed:8e:dc:0c:47:e0:34:c7:e0:9a:85:1e:ee:c6:
02:41:2a:57:e9:63:c0:ec:39:d4:d2:72:b8:3f:0f:
88:ed:90:3f:c3:16:ba:e6:11:32:fa:a0:8b:0a:97:
59:09:38:7e:34:42:aa:01:8f:fe:8e:ee:48:f7:fd:
6f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B2:B8:B3:EF:B9:DB:AE:6A:A4:33:FA:32:7B:F6:2C:6A:25:A0:CF
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/17K4s--5265qpDP6Mnv2LGoloM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/21
91.148.64.0/18
178.20.200.0/24
178.20.205.0-178.20.207.255
185.47.208.0/24
185.47.210.0/23
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
09:11:7b:d3:bf:8c:d5:6c:5e:ab:55:78:5d:67:37:bc:ba:31:
0e:c9:c2:99:eb:46:77:c4:ce:4a:b4:43:2f:51:37:eb:47:60:
16:7a:ba:c5:dc:bd:ff:10:40:a9:8d:39:6d:b5:4e:0d:08:98:
1a:ce:8e:97:c9:ba:37:26:63:d7:c4:fb:a4:e6:c9:ee:74:ac:
ca:08:6e:63:7b:12:20:3d:ef:19:d5:9a:f0:ed:ed:ae:61:25:
60:d0:ac:da:2e:a1:61:a4:dd:43:c8:2a:86:19:a7:9d:17:cd:
2f:4b:b5:7c:84:9d:a0:12:0a:ad:5b:bb:8d:2f:c3:7e:3b:a3:
22:c8:34:af:a4:dd:ac:f1:09:4f:42:9f:7d:e6:ea:6f:07:d0:
3f:ca:ed:df:1b:fe:01:d1:0f:87:70:2b:3c:77:3a:3f:dd:e5:
ac:16:95:ca:17:38:1d:18:2a:58:c8:b8:e9:13:f1:d7:b1:cd:
46:65:64:27:ac:01:bb:db:83:91:d4:76:44:54:7c:32:2f:4e:
83:16:0f:80:43:6d:16:1a:75:63:59:6f:f2:94:95:29:f0:cc:
20:0e:c7:0f:1a:07:dd:24:d0:63:55:3e:a3:64:45:92:9e:2e:
2c:6d:65:23:ab:f3:b6:41:04:60:35:64:c0:cc:e3:5b:51:9e:
6b:22:49:4d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEN53YmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Mjc4YTc2OGM5MTBiYWRjZDVjNGFlZjdjMTcyYTlmMDYxNTQ3ZThjMB4XDTIyMDEw
MzE1MjMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdiMmI4YjNlZmI5
ZGJhZTZhYTQzM2ZhMzI3YmY2MmM2YTI1YTBjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANabNy+WuiC14LoPte+GJDRNSwXhPVICiyPKbVw1bIt6oXhM
ioeV2sgtpqHC1PVxgeBHnkpuMtU+horRH2rv+iBpzQK6MAcINohIxtNMhefXYr7W
fFbVJtZ593KKF0qnSjwtGfTaUpAt15l6sMI3x3qGZe5kdsEr+h3CSx21wqpcAguL
5LUcOlFaLrsVVyD4sjJ1czgHGW/1dU6g4GAXBZ4SSdzzyI/jrznprIQiFrCIupl+
JA1D6UMDZn5AwI7JS2sy2u2O3AxH4DTH4JqFHu7GAkEqV+ljwOw51NJyuD8PiO2Q
P8MWuuYRMvqgiwqXWQk4fjRCqgGP/o7uSPf9bxMCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBTXsriz77nbrmqkM/oye/YsaiWgzzAfBgNVHSMEGDAWgBRieKdoyRC63NXE
rvfBcqnwYVR+jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1luaW5hTWtRdXR6VnhLNzN3WEtwOEdGVWZvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8x
LzE3SzRzLS01MjY1cXBEUDZNbnYyTEdvbG9NOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8xL1luaW5hTWtRdXR6
VnhLNzN3WEtwOEdGVWZvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wVgQCAAEwUAMEBT5sYAMEBT7BgAMEA1XeoAMEBluU
QAMEALIUyDAMAwQAshTNAwQEshTAAwQAuS/QAwQBuS/SAwQFwmqgAwQGw/xAAwQE
1fTgAwQE2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOC
AQEACRF707+M1Wxeq1V4XWc3vLoxDsnCmetGd8TOSrRDL1E360dgFnq6xdy9/xBA
qY05bbVODQiYGs6Ol8m6NyZj18T7pObJ7nSsyghuY3sSID3vGdWa8O3trmElYNCs
2i6hYaTdQ8gqhhmnnRfNL0u1fISdoBIKrVu7jS/DfjujIsg0r6TdrPEJT0Kffebq
bwfQP8rt3xv+AdEPh3ArPHc6P93lrBaVyhc4HRgqWMi46RPx17HNRmVkJ6wBu9uD
kdR2RFR8Mi9OgxYPgENtFhp1Y1lv8pSVKfDMIA7HDxoH3STQY1U+o2RFkp4uLG1l
I6vztkEEYDVkwMzjW1GeayJJTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:30 2024 by rpki-client on console-fra.rpki-client.org