Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/P0gMGJ8WfwCOG8j9jgx1ieH1lTs.roa
File: P0gMGJ8WfwCOG8j9jgx1ieH1lTs.roa (raw, json)
Hash identifier: B7m1QxMHeGfP3BH6vVjofqHFUfIQ+0absdNhZtkrU9w=
Subject key identifier: 3F:48:0C:18:9F:16:7F:00:8E:1B:C8:FD:8E:0C:75:89:E1:F5:95:3B
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018B6B3FCBB53B554B85297233C8D19B0933
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/P0gMGJ8WfwCOG8j9jgx1ieH1lTs.roa
Signing time: Thu 26 Oct 2023 09:10:24 +0000
ROA not before: Thu 26 Oct 2023 09:10:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6700
IP address blocks: 85.222.160.0/22 maxlen: 24
91.148.64.0/18 maxlen: 24
217.26.64.0/20 maxlen: 24
62.193.128.0/19 maxlen: 24
213.244.224.0/20 maxlen: 24
185.47.208.0/22 maxlen: 24
195.252.64.0/18 maxlen: 24
194.106.160.0/19 maxlen: 24
62.108.96.0/19 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:3f:cb:b5:3b:55:4b:85:29:72:33:c8:d1:9b:09:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Oct 26 09:10:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f480c189f167f008e1bc8fd8e0c7589e1f5953b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4b:41:6f:14:10:db:a3:4e:a8:bd:02:51:04:
78:79:9e:0f:0a:66:9d:2e:a0:ca:1e:5f:dd:d9:66:
42:37:7b:da:61:3c:b8:20:da:ef:88:78:79:ff:9d:
a5:73:ca:57:20:3a:b6:9a:cb:66:1f:c8:ed:a2:e6:
d4:56:ab:09:36:31:2d:52:d8:65:c5:53:2a:82:d0:
e9:97:ca:d6:c5:ab:51:5b:ac:2f:d7:4b:90:69:f1:
1b:27:de:91:ed:b5:23:e6:69:8f:25:82:94:21:db:
d0:2d:17:4d:be:20:20:78:c9:4d:a9:6f:d0:10:0e:
5f:31:09:aa:45:db:b6:06:29:8e:9f:df:2d:56:17:
d4:3e:28:5e:f2:29:2b:bb:2b:90:42:e5:37:1d:2a:
1f:b8:f3:56:d7:5e:bd:21:82:96:23:19:b0:f5:ca:
b0:f0:8b:5b:c0:91:22:2d:6a:9f:d3:58:5b:5c:b8:
0b:ed:89:9d:7c:49:71:37:6f:95:0f:a7:14:85:ef:
39:4d:38:81:1c:18:da:6b:98:9e:79:c2:14:bb:0e:
49:4c:c9:64:b6:3a:48:94:5a:54:20:41:44:6b:43:
a9:b0:30:34:3c:7b:ec:a9:20:a3:fc:57:f4:8e:81:
11:d7:02:e8:dd:82:84:30:d6:d8:4a:55:85:58:44:
23:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:48:0C:18:9F:16:7F:00:8E:1B:C8:FD:8E:0C:75:89:E1:F5:95:3B
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/P0gMGJ8WfwCOG8j9jgx1ieH1lTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/22
91.148.64.0/18
178.20.205.0/24
178.20.207.0/24
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
16:91:8e:b3:27:37:cf:17:ef:50:b2:f4:d1:8a:bf:70:79:07:
f8:d6:8e:02:9e:a9:34:23:b1:26:c0:0e:89:e8:80:f2:28:7f:
9d:30:b5:e7:1f:be:06:51:c4:9f:ef:92:ea:13:8e:fe:5e:5e:
76:7c:6d:98:d6:73:6f:e1:b7:15:03:7d:a0:b5:63:78:84:f6:
d6:ae:8a:72:4f:dd:b4:ff:99:6c:65:4b:6d:05:7a:3f:1f:39:
9a:3b:53:b0:e0:17:4b:5c:a3:1b:fb:bd:1f:5c:18:c1:b3:67:
8d:5b:4c:30:e5:48:5b:a8:54:ee:e7:ff:87:d9:cd:09:85:b0:
a9:d7:bb:45:c9:27:9c:01:d9:5a:d7:bf:7a:a5:2c:78:85:ce:
20:59:ae:4b:47:03:b9:8d:e3:c3:7f:91:0f:6b:f6:ff:5b:81:
4c:59:e6:37:b9:32:1b:3a:9a:ee:7d:ec:16:0d:2c:c1:e0:dc:
4a:87:b2:38:7c:08:1c:72:a6:c6:4b:9c:02:45:93:c5:54:82:
d4:ac:2f:92:34:ea:21:de:66:f0:f8:56:7f:d5:50:f8:e4:6c:
7b:35:ef:3e:ef:15:2e:b9:02:a4:73:80:3a:6f:ad:9d:b9:f3:
0c:1c:53:c3:ad:0b:1f:59:5c:2b:9e:16:dc:15:a0:a8:a3:d5:
96:9e:b8:b6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYtrP8u1O1VLhSlyM8jRmwkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjMxMDI2MDkxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQ4MGMxODlmMTY3ZjAwOGUxYmM4ZmQ4ZTBjNzU4OWUxZjU5NTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00tBbxQQ26NOqL0CUQR4eZ4PCmad
LqDKHl/d2WZCN3vaYTy4INrviHh5/52lc8pXIDq2mstmH8jtoubUVqsJNjEtUthl
xVMqgtDpl8rWxatRW6wv10uQafEbJ96R7bUj5mmPJYKUIdvQLRdNviAgeMlNqW/Q
EA5fMQmqRdu2BimOn98tVhfUPihe8ikruyuQQuU3HSofuPNW1169IYKWIxmw9cqw
8ItbwJEiLWqf01hbXLgL7YmdfElxN2+VD6cUhe85TTiBHBjaa5ieecIUuw5JTMlk
tjpIlFpUIEFEa0OpsDA0PHvsqSCj/Ff0joER1wLo3YKEMNbYSlWFWEQjIwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFD9IDBifFn8AjhvI/Y4MdYnh9ZU7MB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvUDBnTUdKOFdmd0NPRzhqOWpneDFpZUgxbFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQFPmxgAwQF
PsGAAwQCVd6gAwQGW5RAAwQAshTNAwQAshTPAwQCuS/QAwQFwmqgAwQGw/xAAwQE
1fTgAwQE2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOC
AQEAFpGOsyc3zxfvULL00Yq/cHkH+NaOAp6pNCOxJsAOieiA8ih/nTC15x++BlHE
n++S6hOO/l5ednxtmNZzb+G3FQN9oLVjeIT21q6Kck/dtP+ZbGVLbQV6Px85mjtT
sOAXS1yjG/u9H1wYwbNnjVtMMOVIW6hU7uf/h9nNCYWwqde7RcknnAHZWte/eqUs
eIXOIFmuS0cDuY3jw3+RD2v2/1uBTFnmN7kyGzqa7n3sFg0sweDcSoeyOHwIHHKm
xkucAkWTxVSC1KwvkjTqId5m8PhWf9VQ+ORsezXvPu8VLrkCpHOAOm+tnbnzDBxT
w60LH1lcK54W3BWgqKPVlp64tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:19 2024 by rpki-client on console-ams.rpki-client.org