Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/DgtAMyO8bld1G31sWPW7skrULb4.roa
File: DgtAMyO8bld1G31sWPW7skrULb4.roa (raw, json)
Hash identifier: HMqyYUKWWE+iGhLiZryNWYnXk035iTUs4UuTSygOlXI=
Subject key identifier: 0E:0B:40:33:23:BC:6E:57:75:1B:7D:6C:58:F5:BB:B2:4A:D4:2D:BE
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018210368A3348BBB3B3E170C12868613C16
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/DgtAMyO8bld1G31sWPW7skrULb4.roa
Signing time: Mon 18 Jul 2022 07:29:45 +0000
ROA not before: Mon 18 Jul 2022 07:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/23 maxlen: 24
85.222.160.0/24 maxlen: 24
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.205.0/24 maxlen: 24
178.20.200.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:10:36:8a:33:48:bb:b3:b3:e1:70:c1:28:68:61:3c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jul 18 07:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e0b403323bc6e57751b7d6c58f5bbb24ad42dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6a:93:dd:a5:73:16:27:9b:3c:38:f4:61:5a:
3f:3f:a2:dc:32:52:4c:8e:4f:aa:62:8d:5f:ba:e4:
04:90:fd:75:6b:3e:fc:1f:71:5b:43:72:69:ba:2b:
b9:6e:b2:3e:1f:6e:e0:e5:b2:e1:3c:dd:40:08:6c:
b2:80:d7:31:7c:33:47:1a:77:bd:c1:0e:2a:cc:30:
4b:b6:47:8e:3a:98:6a:5e:39:fe:2a:fc:b5:32:e1:
c8:74:1a:fd:ed:94:1b:75:ff:84:3b:53:96:93:d7:
57:93:6f:92:8b:dd:ad:93:07:48:da:ec:48:4e:36:
8f:12:ec:5a:b8:ea:35:10:c1:c1:01:43:bb:9a:63:
0b:88:fc:51:0d:e5:0f:5d:1e:d4:cf:b5:41:93:df:
a0:c3:1e:72:27:30:75:6b:02:02:cc:40:34:a6:c2:
85:10:2f:6f:9c:b2:f4:65:40:6a:65:8b:1a:64:eb:
45:4c:cb:cf:4d:01:07:78:6e:ea:90:d1:93:d0:ce:
eb:bd:db:c6:3f:af:2b:0c:a7:f6:73:7d:e9:17:b5:
84:42:94:69:ad:80:ad:21:c5:40:63:e7:f4:b8:95:
38:1e:ca:51:b3:97:03:e5:1b:e7:31:8f:28:ef:0a:
1a:bc:47:aa:5d:42:df:e2:6c:82:5b:70:d5:dd:fd:
b5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0B:40:33:23:BC:6E:57:75:1B:7D:6C:58:F5:BB:B2:4A:D4:2D:BE
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/DgtAMyO8bld1G31sWPW7skrULb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/24
91.148.64.0/18
178.20.200.0/24
178.20.205.0-178.20.207.255
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
98:cf:b3:9a:42:3f:d3:dc:4e:72:43:97:77:de:e8:06:74:3f:
3e:2f:6c:12:14:80:4f:c7:fa:4e:b0:d3:8f:89:48:c3:56:4a:
80:ea:d0:42:26:46:70:22:42:15:6b:93:e1:6b:00:69:86:69:
32:bf:f3:72:71:76:57:0b:8f:c9:7e:22:8e:75:87:63:c3:aa:
d8:8c:b9:5f:02:15:fd:13:92:17:19:91:4e:77:0e:8e:50:f3:
c5:f5:37:11:6d:70:59:b9:a2:3e:f8:61:2b:0d:f3:1b:46:33:
4e:6a:93:01:dd:23:3d:b1:2c:e6:47:78:44:08:89:45:a9:15:
07:e9:62:78:31:59:4c:b2:78:73:c8:7a:29:6a:2d:bf:de:a1:
5e:f5:79:f2:aa:20:79:56:08:cb:59:62:18:08:a2:0a:aa:2c:
6e:3b:e4:d7:57:19:11:5f:ca:b5:9d:ae:92:c5:d8:ee:ab:cc:
5c:68:00:39:88:76:34:a4:31:99:37:5a:39:c0:e6:73:5e:f0:
cd:ee:a4:e7:64:74:0a:ab:ed:75:7f:47:a6:97:bf:a3:d2:78:
91:48:b4:cb:39:73:dc:d1:a3:8a:fa:b6:68:aa:be:93:55:56:
5c:f8:b4:a9:23:a2:52:a3:3e:ad:68:bd:d5:df:79:3d:32:d7:
0e:8d:86:56
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYIQNoozSLuzs+FwwShoYTwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjIwNzE4MDcyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTBiNDAzMzIzYmM2ZTU3NzUxYjdkNmM1OGY1YmJiMjRhZDQyZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2qT3aVzFiebPDj0YVo/P6LcMlJM
jk+qYo1fuuQEkP11az78H3FbQ3Jpuiu5brI+H27g5bLhPN1ACGyygNcxfDNHGne9
wQ4qzDBLtkeOOphqXjn+Kvy1MuHIdBr97ZQbdf+EO1OWk9dXk2+Si92tkwdI2uxI
TjaPEuxauOo1EMHBAUO7mmMLiPxRDeUPXR7Uz7VBk9+gwx5yJzB1awICzEA0psKF
EC9vnLL0ZUBqZYsaZOtFTMvPTQEHeG7qkNGT0M7rvdvGP68rDKf2c33pF7WEQpRp
rYCtIcVAY+f0uJU4HspRs5cD5RvnMY8o7woavEeqXULf4myCW3DV3f21xwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFA4LQDMjvG5XdRt9bFj1u7JK1C2+MB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvRGd0QU15TzhibGQxRzMxc1dQVzdza3JVTGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQFPmxgAwQF
PsGAAwQAVd6gAwQGW5RAAwQAshTIMAwDBACyFM0DBASyFMADBAK5L9ADBAXCaqAD
BAbD/EADBATV9OADBATZGkAwFAQCAAIwDgMFACABCMgDBQAqAg5AMA0GCSqGSIb3
DQEBCwUAA4IBAQCYz7OaQj/T3E5yQ5d33ugGdD8+L2wSFIBPx/pOsNOPiUjDVkqA
6tBCJkZwIkIVa5PhawBphmkyv/NycXZXC4/JfiKOdYdjw6rYjLlfAhX9E5IXGZFO
dw6OUPPF9TcRbXBZuaI++GErDfMbRjNOapMB3SM9sSzmR3hECIlFqRUH6WJ4MVlM
snhzyHopai2/3qFe9XnyqiB5VgjLWWIYCKIKqixuO+TXVxkRX8q1na6Sxdjuq8xc
aAA5iHY0pDGZN1o5wOZzXvDN7qTnZHQKq+11f0eml7+j0niRSLTLOXPc0aOK+rZo
qr6TVVZc+LSpI6JSoz6taL3V33k9MtcOjYZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:19 2024 by rpki-client on console-ams.rpki-client.org