Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/Ar0srRuYLClP1J9eScQJ418HJWQ.roa
File: Ar0srRuYLClP1J9eScQJ418HJWQ.roa (raw, json)
Hash identifier: ImLAlIKtwpLKbsY3XDXkJ4b0hITyWxoda5QC9MmFYoU=
Subject key identifier: 02:BD:2C:AD:1B:98:2C:29:4F:D4:9F:5E:49:C4:09:E3:5F:07:25:64
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018437D91687700F847D5273B739CBDFA3C1
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/Ar0srRuYLClP1J9eScQJ418HJWQ.roa
Signing time: Wed 02 Nov 2022 10:18:04 +0000
ROA not before: Wed 02 Nov 2022 10:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/23 maxlen: 24
85.222.160.0/24 maxlen: 24
85.222.160.0/22 maxlen: 24
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.204.0/24 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:d9:16:87:70:0f:84:7d:52:73:b7:39:cb:df:a3:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Nov 2 10:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02bd2cad1b982c294fd49f5e49c409e35f072564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:81:32:1a:44:46:22:d6:59:eb:df:e3:c2:43:
8c:57:43:09:fa:e9:db:bd:9e:6d:b2:66:ac:70:44:
70:48:fb:7b:91:5e:09:03:7b:72:d3:52:f5:5b:94:
1f:fc:9b:d9:c8:0e:44:3e:92:08:98:d7:67:a6:73:
38:bf:7a:a8:68:c3:af:af:94:8b:c6:23:78:c0:ea:
2d:d2:ff:b2:e4:56:e5:56:89:e9:74:bf:63:75:a7:
d4:31:60:a7:2e:d9:73:b9:26:48:8d:90:d4:9a:ec:
7c:68:e1:60:a6:20:37:2b:6d:ef:5c:f5:c3:55:e3:
d5:9d:c1:25:b2:80:e1:0d:05:44:58:80:40:a7:29:
3d:e6:8f:e0:f9:21:66:82:da:9a:8b:84:89:fe:55:
aa:5d:32:d7:bd:9c:c9:a3:61:74:8a:4d:62:38:64:
21:54:7a:94:7f:67:84:33:0a:a9:41:05:5c:e9:4d:
b6:8a:5b:2a:cd:b3:98:49:6a:16:a4:15:e5:8a:5c:
c9:0f:e0:74:3f:fa:64:9f:c2:61:8c:16:0e:a8:9c:
d4:77:8a:07:d4:1b:67:5c:2f:30:a7:35:9b:ea:fc:
5b:4c:bd:f4:3d:a8:04:18:04:8f:c0:2f:38:44:94:
14:d2:03:44:54:af:f4:90:01:23:a0:af:83:2c:1a:
1d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BD:2C:AD:1B:98:2C:29:4F:D4:9F:5E:49:C4:09:E3:5F:07:25:64
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/Ar0srRuYLClP1J9eScQJ418HJWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/22
91.148.64.0/18
178.20.204.0/23
178.20.207.0/24
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
3a:87:4c:77:8b:c6:54:59:25:54:27:1a:0a:2f:39:d4:2a:f4:
19:b1:03:04:3a:b6:6f:9b:56:fe:bc:72:d7:b9:05:43:ca:fe:
ea:22:71:38:77:36:31:66:d7:0d:35:40:fe:0b:fc:83:fe:da:
ea:13:ab:de:e8:8e:45:e6:5b:c3:04:80:53:51:c2:45:16:80:
91:41:26:e6:2d:69:48:41:c3:17:e7:e7:4e:b0:8c:1d:dc:b2:
cd:29:7a:40:39:0b:64:c7:cd:5c:12:74:4e:15:52:57:6e:8b:
40:bd:fd:ef:56:e4:f6:1f:26:47:14:20:40:0f:72:f9:03:2c:
f5:d8:4c:ad:51:b4:b5:34:d9:49:d1:36:28:ec:55:ae:09:d8:
c4:6e:64:b1:78:2f:4c:5d:42:67:21:a0:c2:af:0a:5b:b3:b9:
9f:ff:8f:db:2e:8a:b7:4d:08:64:be:3a:f8:88:45:93:58:5f:
b9:e4:88:3c:8f:ea:e7:c6:8a:c5:51:84:0f:fb:e6:95:90:46:
83:9d:ca:f6:13:be:ae:5f:95:f8:75:82:d1:4a:22:28:3c:18:
c1:cb:0e:f4:37:0a:f1:57:be:01:80:20:91:c6:7f:49:ef:d4:
66:4c:1c:f9:a5:19:e1:27:79:20:e2:ec:ab:d6:b6:1d:f9:7b:
60:72:67:99
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYQ32RaHcA+EfVJztznL36PBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjIxMTAyMTAxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJkMmNhZDFiOTgyYzI5NGZkNDlmNWU0OWM0MDllMzVmMDcyNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYEyGkRGItZZ69/jwkOMV0MJ+unb
vZ5tsmascERwSPt7kV4JA3ty01L1W5Qf/JvZyA5EPpIImNdnpnM4v3qoaMOvr5SL
xiN4wOot0v+y5FblVonpdL9jdafUMWCnLtlzuSZIjZDUmux8aOFgpiA3K23vXPXD
VePVncElsoDhDQVEWIBApyk95o/g+SFmgtqai4SJ/lWqXTLXvZzJo2F0ik1iOGQh
VHqUf2eEMwqpQQVc6U22ilsqzbOYSWoWpBXlilzJD+B0P/pkn8JhjBYOqJzUd4oH
1BtnXC8wpzWb6vxbTL30PagEGASPwC84RJQU0gNEVK/0kAEjoK+DLBodrwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFAK9LK0bmCwpT9SfXknECeNfByVkMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvQXIwc3JSdVlMQ2xQMUo5ZVNjUUo0MThISldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQFPmxgAwQF
PsGAAwQCVd6gAwQGW5RAAwQBshTMAwQAshTPAwQCuS/QAwQFwmqgAwQGw/xAAwQE
1fTgAwQE2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOC
AQEAOodMd4vGVFklVCcaCi851Cr0GbEDBDq2b5tW/rxy17kFQ8r+6iJxOHc2MWbX
DTVA/gv8g/7a6hOr3uiOReZbwwSAU1HCRRaAkUEm5i1pSEHDF+fnTrCMHdyyzSl6
QDkLZMfNXBJ0ThVSV26LQL3971bk9h8mRxQgQA9y+QMs9dhMrVG0tTTZSdE2KOxV
rgnYxG5ksXgvTF1CZyGgwq8KW7O5n/+P2y6Kt00IZL46+IhFk1hfueSIPI/q58aK
xVGED/vmlZBGg53K9hO+rl+V+HWC0UoiKDwYwcsO9DcK8Ve+AYAgkcZ/Se/UZkwc
+aUZ4Sd5IOLsq9a2Hfl7YHJnmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:30 2024 by rpki-client on console-fra.rpki-client.org