Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/TGZ_vPsoPI8fPmwcW7PL3mAFSSw.roa
File: TGZ_vPsoPI8fPmwcW7PL3mAFSSw.roa (raw, json)
Hash identifier: 9V7HOgmzKvvJzVyVUJ9Nh3+PYg46Vk1JanDz/PV9pRk=
Subject key identifier: 4C:66:7F:BC:FB:28:3C:8F:1F:3E:6C:1C:5B:B3:CB:DE:60:05:49:2C
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 01856D5CECC760D254F0C68F7D9086D91A2E
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/TGZ_vPsoPI8fPmwcW7PL3mAFSSw.roa
Signing time: Sun 01 Jan 2023 12:44:44 +0000
ROA not before: Sun 01 Jan 2023 12:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/23 maxlen: 24
85.222.160.0/22 maxlen: 24
85.222.160.0/24 maxlen: 24
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.204.0/24 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:ec:c7:60:d2:54:f0:c6:8f:7d:90:86:d9:1a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jan 1 12:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c667fbcfb283c8f1f3e6c1c5bb3cbde6005492c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b0:53:2f:30:51:30:2c:f6:7e:68:f4:bb:74:
e4:48:99:4b:fa:fa:5f:00:de:f9:74:21:41:c1:bc:
61:29:7c:36:d2:69:fe:11:68:46:01:af:f6:a9:dc:
75:99:11:f3:d2:20:b2:6c:6c:83:b0:d9:4e:dc:7c:
df:15:88:72:4c:fe:43:d3:04:81:e1:4e:ec:b4:4b:
32:0c:27:9f:eb:c3:79:21:05:7c:06:37:3a:3c:f3:
56:c8:20:85:f9:91:e9:04:03:fc:1b:81:31:0c:31:
72:a9:23:c1:9f:ac:26:33:9e:4f:64:df:a7:9c:49:
9c:99:b6:a7:21:2a:75:ec:23:4f:c3:a2:e1:dd:55:
8f:4d:b6:6e:43:5b:41:d8:94:24:fd:39:b0:28:ac:
1a:e2:94:41:eb:c2:a8:eb:73:7d:11:bb:1a:c5:7d:
1b:82:de:e1:aa:27:1f:84:9b:35:bd:c0:15:2d:f3:
98:58:01:5f:17:75:8c:58:c7:dc:2f:3a:dc:e5:d7:
98:64:4d:fe:e4:7c:b6:ee:a7:e0:21:b6:59:1c:19:
9b:ed:95:b8:f8:36:82:d8:59:51:95:0a:94:5f:85:
d5:df:ab:04:65:fc:8f:a3:ac:d6:15:2b:2e:27:1c:
61:36:c2:3c:c8:cc:f3:0d:fc:67:07:f4:c8:d2:b2:
ec:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:66:7F:BC:FB:28:3C:8F:1F:3E:6C:1C:5B:B3:CB:DE:60:05:49:2C
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/TGZ_vPsoPI8fPmwcW7PL3mAFSSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/22
91.148.64.0/18
178.20.204.0/22
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
65:7d:73:59:06:a6:c7:3d:3e:32:3f:cd:0d:bb:6d:25:fa:95:
bb:8a:28:e0:d2:f5:99:68:7d:90:40:59:0b:bc:91:3b:9c:4f:
bb:5e:f9:0c:df:c7:fe:4c:80:d8:7d:89:c5:2b:d0:d5:e1:9f:
75:72:5c:ff:ab:d5:cf:ac:de:14:8a:79:ff:d0:a5:ca:71:d4:
06:93:04:b5:f1:a2:1f:93:da:a8:1e:ab:48:88:35:61:2c:84:
be:ec:dd:42:12:82:8a:48:a0:15:7b:db:cc:d1:47:ae:54:1c:
a2:21:fa:f6:12:dc:d0:95:47:9b:cb:24:93:04:8a:4c:7c:77:
96:da:f8:96:0b:b7:b6:49:88:85:c3:6f:61:80:1f:2f:3e:8a:
08:5e:a2:77:20:ca:bc:f3:0a:e5:ec:78:e3:7a:a5:ef:a7:d2:
97:05:8a:19:ee:9b:bc:a3:ac:f6:53:b7:51:ca:f6:3f:67:70:
9a:b4:f6:1b:dc:df:15:88:b0:2f:72:79:7c:ab:61:cc:37:9a:
18:25:6d:02:19:78:68:22:88:e2:69:42:b4:8f:52:dd:a9:2b:
6f:f8:67:d2:51:5a:8e:cd:5e:fc:f4:c1:31:25:46:82:50:26:
d3:d9:be:47:87:f8:d5:10:77:f1:b1:04:bb:39:f0:0f:b2:c0:
0c:a9:42:cd
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYVtXOzHYNJU8MaPfZCG2RouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjMwMTAxMTI0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzY2N2ZiY2ZiMjgzYzhmMWYzZTZjMWM1YmIzY2JkZTYwMDU0OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLBTLzBRMCz2fmj0u3TkSJlL+vpf
AN75dCFBwbxhKXw20mn+EWhGAa/2qdx1mRHz0iCybGyDsNlO3HzfFYhyTP5D0wSB
4U7stEsyDCef68N5IQV8Bjc6PPNWyCCF+ZHpBAP8G4ExDDFyqSPBn6wmM55PZN+n
nEmcmbanISp17CNPw6Lh3VWPTbZuQ1tB2JQk/TmwKKwa4pRB68Ko63N9EbsaxX0b
gt7hqicfhJs1vcAVLfOYWAFfF3WMWMfcLzrc5deYZE3+5Hy27qfgIbZZHBmb7ZW4
+DaC2FlRlQqUX4XV36sEZfyPo6zWFSsuJxxhNsI8yMzzDfxnB/TI0rLsUwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFExmf7z7KDyPHz5sHFuzy95gBUksMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvVEdaX3ZQc29QSThmUG13Y1c3UEwzbUFGU1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQFPmxgAwQF
PsGAAwQCVd6gAwQGW5RAAwQCshTMAwQCuS/QAwQFwmqgAwQGw/xAAwQE1fTgAwQE
2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOCAQEAZX1z
WQamxz0+Mj/NDbttJfqVu4oo4NL1mWh9kEBZC7yRO5xPu175DN/H/kyA2H2JxSvQ
1eGfdXJc/6vVz6zeFIp5/9ClynHUBpMEtfGiH5PaqB6rSIg1YSyEvuzdQhKCikig
FXvbzNFHrlQcoiH69hLc0JVHm8skkwSKTHx3ltr4lgu3tkmIhcNvYYAfLz6KCF6i
dyDKvPMK5ex443ql76fSlwWKGe6bvKOs9lO3Ucr2P2dwmrT2G9zfFYiwL3J5fKth
zDeaGCVtAhl4aCKI4mlCtI9S3akrb/hn0lFajs1e/PTBMSVGglAm09m+R4f41RB3
8bEEuznwD7LADKlCzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:30 2024 by rpki-client on console-fra.rpki-client.org