Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/6QsVlxaUiZ3aw7_OXTz5ur-3kXM.roa
File: 6QsVlxaUiZ3aw7_OXTz5ur-3kXM.roa (raw, json)
Hash identifier: GnrxKoAkMuW4Fper9oUnTOca1ll+gOXvANAl1Ri26RY=
Subject key identifier: E9:0B:15:97:16:94:89:9D:DA:C3:BF:CE:5D:3C:F9:BA:BF:B7:91:73
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 0185A7F4ED74D020F0BB443C84555EBF6799
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/6QsVlxaUiZ3aw7_OXTz5ur-3kXM.roa
Signing time: Thu 12 Jan 2023 21:48:44 +0000
ROA not before: Thu 12 Jan 2023 21:48:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/23 maxlen: 24
85.222.160.0/24 maxlen: 24
85.222.160.0/22 maxlen: 24
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
62.108.107.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.204.0/24 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a7:f4:ed:74:d0:20:f0:bb:44:3c:84:55:5e:bf:67:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jan 12 21:48:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e90b15971694899ddac3bfce5d3cf9babfb79173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:24:e5:db:cc:3a:9c:8c:51:48:a0:d0:03:
08:58:19:e8:2e:72:f3:ef:da:a1:00:e6:97:b0:f9:
9a:bd:ec:f0:ca:5e:b9:23:e5:65:c6:1d:5f:83:bd:
89:eb:64:f1:db:c4:c7:a0:7f:a2:5e:d3:08:b5:95:
8a:7d:88:fb:77:5a:e4:66:29:32:64:4a:e6:2f:c1:
32:7f:95:b6:17:d4:2f:1a:04:2f:c8:de:51:54:89:
23:aa:05:9a:86:e7:e6:a7:d5:bc:a9:dc:2d:f7:41:
ab:fc:a0:3c:93:6a:64:72:a0:5e:bd:b1:dd:82:76:
b4:3f:93:38:9f:16:2b:cd:0e:d5:fe:de:27:7b:17:
ee:bb:9e:65:8b:61:27:77:63:04:e1:e7:ef:de:42:
32:e9:46:31:4c:c1:22:15:4f:dc:63:82:32:04:98:
bb:02:25:2f:a9:38:e5:34:07:a1:4b:29:ab:0c:ae:
37:98:f5:9c:e4:f2:8c:0a:cb:76:3f:35:4d:25:30:
5a:55:10:8b:7c:8b:34:60:56:00:64:7a:0d:e9:c0:
3d:44:91:7a:f2:63:6e:5e:76:b8:41:f7:e3:09:ab:
37:ee:36:9d:73:21:85:a0:5c:a3:57:69:4c:30:76:
a5:70:18:bd:e7:02:b5:4f:e8:04:6c:b6:8b:64:ad:
3b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:0B:15:97:16:94:89:9D:DA:C3:BF:CE:5D:3C:F9:BA:BF:B7:91:73
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/6QsVlxaUiZ3aw7_OXTz5ur-3kXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/22
91.148.64.0/18
178.20.204.0/22
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
3d:2d:72:b7:9d:c3:aa:68:5a:ea:b2:a6:fa:1c:13:0c:02:e6:
d1:81:58:33:50:60:0d:8a:d5:99:05:14:50:d9:a3:79:0a:5c:
d2:d4:1f:1c:b4:c8:c7:e4:bf:2c:fa:4e:f5:a8:25:ac:4b:ca:
d3:d9:a1:57:81:54:b5:08:c8:db:fe:f9:13:07:99:9b:cf:37:
58:11:9d:84:40:b2:59:ab:ec:a4:e4:8a:2c:51:a3:ee:6f:c7:
74:3a:8f:f3:59:01:af:0b:17:a3:17:d0:31:45:c6:8b:5f:e6:
f7:ec:b8:49:f1:9a:91:b1:4a:92:d5:ff:db:3e:e1:e6:2b:99:
7a:f4:b0:c0:71:aa:0e:1a:ca:7c:a9:9d:df:0d:c2:b8:b0:4e:
81:d6:2b:1d:a5:e5:eb:e7:25:a5:6b:23:0d:89:b3:9f:eb:a5:
ca:1a:08:74:75:b3:71:7e:de:9e:d2:4f:82:b8:b4:c3:50:26:
5e:b9:9c:dd:1e:fe:99:a7:39:c0:d3:31:e2:74:d9:e8:8a:d4:
78:6f:42:2b:91:e9:f6:0d:5d:a1:7f:18:50:6b:a1:36:69:bb:
91:6b:38:19:8d:9f:dd:33:c0:c3:5c:84:d2:01:a7:f8:40:ee:
ca:58:e3:a3:89:a9:8e:31:6f:73:7e:63:d4:5e:b2:a8:6b:69:
5e:c8:6f:ed
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYWn9O100CDwu0Q8hFVev2eZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjMwMTEyMjE0ODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTBiMTU5NzE2OTQ4OTlkZGFjM2JmY2U1ZDNjZjliYWJmYjc5MTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqkk5dvMOpyMUUig0AMIWBnoLnLz
79qhAOaXsPmavezwyl65I+Vlxh1fg72J62Tx28THoH+iXtMItZWKfYj7d1rkZiky
ZErmL8Eyf5W2F9QvGgQvyN5RVIkjqgWahufmp9W8qdwt90Gr/KA8k2pkcqBevbHd
gna0P5M4nxYrzQ7V/t4nexfuu55li2End2ME4efv3kIy6UYxTMEiFU/cY4IyBJi7
AiUvqTjlNAehSymrDK43mPWc5PKMCst2PzVNJTBaVRCLfIs0YFYAZHoN6cA9RJF6
8mNuXna4QffjCas37jadcyGFoFyjV2lMMHalcBi95wK1T+gEbLaLZK074wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFOkLFZcWlImd2sO/zl08+bq/t5FzMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvNlFzVmx4YVVpWjNhdzdfT1hUejV1ci0za1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQFPmxgAwQF
PsGAAwQCVd6gAwQGW5RAAwQCshTMAwQCuS/QAwQFwmqgAwQGw/xAAwQE1fTgAwQE
2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOCAQEAPS1y
t53Dqmha6rKm+hwTDALm0YFYM1BgDYrVmQUUUNmjeQpc0tQfHLTIx+S/LPpO9agl
rEvK09mhV4FUtQjI2/75EweZm883WBGdhECyWavspOSKLFGj7m/HdDqP81kBrwsX
oxfQMUXGi1/m9+y4SfGakbFKktX/2z7h5iuZevSwwHGqDhrKfKmd3w3CuLBOgdYr
HaXl6+clpWsjDYmzn+ulyhoIdHWzcX7entJPgri0w1AmXrmc3R7+mac5wNMx4nTZ
6IrUeG9CK5Hp9g1doX8YUGuhNmm7kWs4GY2f3TPAw1yE0gGn+EDuyljjo4mpjjFv
c35j1F6yqGtpXshv7Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:10 2025 by rpki-client