Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/8EH0J4ORToXFIIg_ovNhBJGQSNU.roa
File: 8EH0J4ORToXFIIg_ovNhBJGQSNU.roa (raw, json)
Hash identifier: sPUIxLRU75h0TMFK4Qh0Fj/k8sidjhaIFIjd7O6V560=
Subject key identifier: F0:41:F4:27:83:91:4E:85:C5:20:88:3F:A2:F3:61:04:91:90:48:D5
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018679491303701E7631CF2BC983313746F3
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/8EH0J4ORToXFIIg_ovNhBJGQSNU.roa
Signing time: Wed 22 Feb 2023 13:21:17 +0000
ROA not before: Wed 22 Feb 2023 13:21:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.112.0/22 maxlen: 22
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/23 maxlen: 24
85.222.160.0/22 maxlen: 24
85.222.160.0/24 maxlen: 24
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
62.108.107.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.204.0/24 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:49:13:03:70:1e:76:31:cf:2b:c9:83:31:37:46:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Feb 22 13:21:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f041f42783914e85c520883fa2f36104919048d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5c:b9:39:8a:67:b3:55:81:7a:c8:1d:1f:85:
f7:16:56:12:2b:87:ae:81:29:ef:0f:07:06:f9:63:
2f:3e:57:16:e2:02:47:1b:6b:f1:c3:a7:4d:6c:4b:
2b:6d:b2:81:c7:7d:6c:f5:d3:6e:79:59:25:0a:c2:
77:39:7b:0b:41:87:9e:cc:cd:b2:dd:e9:f4:33:22:
cc:1e:6a:74:8b:56:03:f8:7b:a8:75:24:cb:db:d2:
04:12:d7:38:7b:95:ce:59:69:ff:eb:7a:56:45:39:
0b:d4:a7:48:75:83:0f:58:21:33:61:ff:4f:35:26:
2d:b3:56:b5:ed:9e:eb:32:04:1b:c4:03:42:c3:88:
17:c6:ee:50:88:a4:05:56:5e:03:71:41:4c:f9:bc:
38:41:af:6b:61:6b:28:b0:76:43:67:97:f3:4f:23:
1e:d8:e4:00:33:21:7a:98:b4:e5:6d:1e:f9:5b:4c:
5e:13:50:0f:51:50:ad:4f:04:c8:ab:62:f8:25:86:
ff:c9:79:ca:14:e4:f0:48:21:c9:a0:58:06:0b:1c:
ca:6b:23:93:09:fc:bb:5d:ed:f9:8b:f5:92:0e:e2:
ca:57:88:40:d7:4d:9e:97:83:f7:78:1f:61:ee:a6:
5d:51:26:c4:39:3e:e6:6f:b9:5a:e8:86:6f:e8:66:
a5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:41:F4:27:83:91:4E:85:C5:20:88:3F:A2:F3:61:04:91:90:48:D5
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/8EH0J4ORToXFIIg_ovNhBJGQSNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/22
91.148.64.0/18
178.20.204.0/22
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
1d:8c:85:9c:6d:64:81:70:67:eb:45:47:a3:9b:3e:fd:cf:60:
f0:26:45:20:99:31:ee:af:e4:13:36:b1:76:bf:42:8a:a5:d3:
34:a9:b2:da:fc:44:92:2c:80:21:3a:bf:94:ab:2c:d3:ce:ec:
20:08:af:cd:c4:3b:94:30:39:ff:5c:20:2b:9f:9c:4b:89:5d:
a8:c3:03:ac:7d:17:52:f0:c4:9b:22:cd:18:79:1d:45:12:f9:
da:bd:3f:fb:5a:81:2b:3f:79:bf:91:fd:c6:7c:a5:c7:9f:b7:
a1:ee:98:63:2d:80:43:dd:43:8f:61:10:7d:bd:73:66:58:3c:
a9:53:0d:c1:a8:07:b7:d1:6d:55:f9:b3:ef:d9:87:cf:e3:bf:
69:4f:9b:9c:90:cf:45:69:0e:dc:f9:34:f9:d6:eb:37:1a:6d:
3d:59:89:69:08:4f:56:7b:61:a5:c6:16:55:c3:7d:19:cc:0b:
85:32:9f:ea:37:95:f7:bb:89:41:4b:20:3e:d8:70:d7:ed:36:
1e:70:e7:05:f1:18:58:38:b6:87:9c:39:7c:48:72:93:9a:5f:
ab:69:50:1b:5a:b5:39:1d:79:44:6f:96:1d:8f:97:0c:8c:cb:
75:a0:17:f8:03:54:7e:65:ae:a9:3e:ac:1e:cb:b6:ed:0e:61:
45:8d:5a:f8
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYZ5SRMDcB52Mc8ryYMxN0bzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjMwMjIyMTMyMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQxZjQyNzgzOTE0ZTg1YzUyMDg4M2ZhMmYzNjEwNDkxOTA0OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71y5OYpns1WBesgdH4X3FlYSK4eu
gSnvDwcG+WMvPlcW4gJHG2vxw6dNbEsrbbKBx31s9dNueVklCsJ3OXsLQYeezM2y
3en0MyLMHmp0i1YD+HuodSTL29IEEtc4e5XOWWn/63pWRTkL1KdIdYMPWCEzYf9P
NSYts1a17Z7rMgQbxANCw4gXxu5QiKQFVl4DcUFM+bw4Qa9rYWsosHZDZ5fzTyMe
2OQAMyF6mLTlbR75W0xeE1APUVCtTwTIq2L4JYb/yXnKFOTwSCHJoFgGCxzKayOT
Cfy7Xe35i/WSDuLKV4hA102el4P3eB9h7qZdUSbEOT7mb7la6IZv6GalTwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFPBB9CeDkU6FxSCIP6LzYQSRkEjVMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvOEVIMEo0T1JUb1hGSUlnX292TmhCSkdRU05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQFPmxgAwQF
PsGAAwQCVd6gAwQGW5RAAwQCshTMAwQCuS/QAwQFwmqgAwQGw/xAAwQE1fTgAwQE
2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOCAQEAHYyF
nG1kgXBn60VHo5s+/c9g8CZFIJkx7q/kEzaxdr9CiqXTNKmy2vxEkiyAITq/lKss
087sIAivzcQ7lDA5/1wgK5+cS4ldqMMDrH0XUvDEmyLNGHkdRRL52r0/+1qBKz95
v5H9xnylx5+3oe6YYy2AQ91Dj2EQfb1zZlg8qVMNwagHt9FtVfmz79mHz+O/aU+b
nJDPRWkO3Pk0+dbrNxptPVmJaQhPVnthpcYWVcN9GcwLhTKf6jeV97uJQUsgPthw
1+02HnDnBfEYWDi2h5w5fEhyk5pfq2lQG1q1OR15RG+WHY+XDIzLdaAX+ANUfmWu
qT6sHsu27Q5hRY1a+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:19 2024 by rpki-client on console-ams.rpki-client.org