Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/W6pPj2VBGMk_T6N7AqchWnO8Il4.roa
File: W6pPj2VBGMk_T6N7AqchWnO8Il4.roa (raw, json)
Hash identifier: X7Xsp8IZtNSzYZUOFdFMeXHi/yw8yJqGLbiOfC0wLQM=
Subject key identifier: 5B:AA:4F:8F:65:41:18:C9:3F:4F:A3:7B:02:A7:21:5A:73:BC:22:5E
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 387A00C5
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/W6pPj2VBGMk_T6N7AqchWnO8Il4.roa
Signing time: Wed 13 Apr 2022 13:50:26 +0000
ROA not before: Wed 13 Apr 2022 13:50:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
85.222.160.0/24 maxlen: 24
85.222.160.0/21 maxlen: 21
85.222.166.0/23 maxlen: 23
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.205.0/24 maxlen: 24
178.20.200.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947519685 (0x387a00c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Apr 13 13:50:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5baa4f8f654118c93f4fa37b02a7215a73bc225e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:cb:fd:56:68:b9:22:fe:b4:8a:c5:af:9c:
21:e1:24:d3:74:1e:b4:fa:a7:52:39:a9:a2:f5:93:
e0:65:b2:f1:e2:53:ba:84:5b:a1:e2:6e:b4:35:1f:
46:1c:92:59:f4:26:27:d1:c5:37:09:0e:40:d2:ad:
33:83:f7:87:34:9f:92:ab:bb:d7:7e:4a:01:10:08:
97:a3:34:07:84:de:a1:cb:47:64:86:8b:07:7d:35:
59:1f:73:7e:ee:51:17:a0:c9:93:80:6d:06:e8:75:
56:18:e4:15:0b:01:7e:14:56:9c:5b:19:da:1d:88:
f8:22:a6:d7:82:64:a9:d8:1f:52:42:a6:f2:46:50:
72:a7:ed:58:f3:6e:35:29:a9:df:0e:80:24:2b:ef:
47:82:d6:c9:95:7a:42:3d:fd:ef:2f:bd:d1:17:06:
8d:1c:37:d9:3d:87:ec:23:ca:58:7a:8a:3b:0b:7d:
8a:fd:66:cf:45:54:c2:99:e0:96:e9:f9:27:92:3c:
02:6f:eb:7a:02:26:69:62:8a:4d:dd:44:bb:ca:84:
7d:c9:9c:6b:db:41:00:82:5a:41:d0:3d:90:eb:37:
0e:33:9a:53:7f:45:a0:0d:31:7e:7a:f1:ab:de:5d:
3e:8b:55:6d:43:2b:2e:20:b7:79:29:30:4f:4c:3d:
a4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AA:4F:8F:65:41:18:C9:3F:4F:A3:7B:02:A7:21:5A:73:BC:22:5E
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/W6pPj2VBGMk_T6N7AqchWnO8Il4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/21
91.148.64.0/18
178.20.200.0/24
178.20.205.0-178.20.207.255
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
6a:46:e8:ac:64:65:ec:d2:d1:f1:51:92:6b:8f:cc:1a:9b:50:
d8:3b:27:9e:d0:36:02:1c:bd:b9:98:1f:8f:04:52:86:11:92:
94:a8:67:1c:62:d2:03:28:d5:34:b6:06:b7:10:e5:19:08:1f:
2a:7b:e2:b6:e4:ce:b1:22:ee:2b:0e:d8:24:03:a9:ce:7a:a5:
90:32:91:0b:b5:0e:83:b3:48:b4:60:4a:69:cc:c2:87:97:19:
8d:dd:77:7d:22:1c:52:7c:df:06:29:6e:21:dd:05:c3:b8:3e:
d7:2e:81:d4:f0:d8:97:98:be:14:39:75:3a:e1:c5:e6:29:e9:
7f:f2:d4:73:1f:ff:fa:23:4d:ca:d6:ee:2d:e3:2b:c8:37:e9:
21:3a:d8:db:08:96:a5:fa:16:3e:28:e5:52:2b:cf:9f:20:9f:
1c:1b:3d:7b:72:b6:a3:ec:b8:56:49:98:6d:ef:62:1a:89:62:
8c:f8:82:69:8a:f3:df:47:44:6d:4d:70:ba:34:f8:70:47:1b:
5e:2b:f0:1f:93:b6:a1:4f:e9:7e:b8:ee:0d:a2:d2:d0:82:2b:
2e:6c:23:d1:81:c5:d5:2a:6a:df:bb:d8:c2:bc:d1:4e:be:a1:
56:bf:c2:05:44:32:88:fd:b2:61:ab:13:eb:81:3a:01:15:ca:
08:f7:ef:3d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEOHoAxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Mjc4YTc2OGM5MTBiYWRjZDVjNGFlZjdjMTcyYTlmMDYxNTQ3ZThjMB4XDTIyMDQx
MzEzNTAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWJhYTRmOGY2NTQx
MThjOTNmNGZhMzdiMDJhNzIxNWE3M2JjMjI1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiNy/1WaLki/rSKxa+cIeEk03QetPqnUjmpovWT4GWy8eJT
uoRboeJutDUfRhySWfQmJ9HFNwkOQNKtM4P3hzSfkqu7135KARAIl6M0B4TeoctH
ZIaLB301WR9zfu5RF6DJk4BtBuh1VhjkFQsBfhRWnFsZ2h2I+CKm14JkqdgfUkKm
8kZQcqftWPNuNSmp3w6AJCvvR4LWyZV6Qj397y+90RcGjRw32T2H7CPKWHqKOwt9
iv1mz0VUwpnglun5J5I8Am/regImaWKKTd1Eu8qEfcmca9tBAIJaQdA9kOs3DjOa
U39FoA0xfnrxq95dPotVbUMrLiC3eSkwT0w9pGECAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBRbqk+PZUEYyT9Po3sCpyFac7wiXjAfBgNVHSMEGDAWgBRieKdoyRC63NXE
rvfBcqnwYVR+jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1luaW5hTWtRdXR6VnhLNzN3WEtwOEdGVWZvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8x
L1c2cFBqMlZCR01rX1Q2TjdBcWNoV25POElsNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8xL1luaW5hTWtRdXR6
VnhLNzN3WEtwOEdGVWZvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwUAQCAAEwSgMEBT5sYAMEBT7BgAMEA1XeoAMEBluU
QAMEALIUyDAMAwQAshTNAwQEshTAAwQCuS/QAwQFwmqgAwQGw/xAAwQE1fTgAwQE
2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOCAQEAakbo
rGRl7NLR8VGSa4/MGptQ2DsnntA2Ahy9uZgfjwRShhGSlKhnHGLSAyjVNLYGtxDl
GQgfKnvituTOsSLuKw7YJAOpznqlkDKRC7UOg7NItGBKaczCh5cZjd13fSIcUnzf
BiluId0Fw7g+1y6B1PDYl5i+FDl1OuHF5inpf/LUcx//+iNNytbuLeMryDfpITrY
2wiWpfoWPijlUivPnyCfHBs9e3K2o+y4VkmYbe9iGolijPiCaYrz30dEbU1wujT4
cEcbXivwH5O2oU/pfrjuDaLS0IIrLmwj0YHF1Spq37vYwrzRTr6hVr/CBUQyiP2y
YasT64E6ARXKCPfvPQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:32 2023 by rpki-client on console-fra.rpki-client.org