Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/e1h2YL_wh76xVPE0y0Au9BdqzRk.roa
File: e1h2YL_wh76xVPE0y0Au9BdqzRk.roa (raw, json)
Hash identifier: 6ZnB71i4kGW2JaW/Hezs9xguLva1DpvAmpGPXGdngDU=
Subject key identifier: 7B:58:76:60:BF:F0:87:BE:B1:54:F1:34:CB:40:2E:F4:17:6A:CD:19
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 38254281
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/e1h2YL_wh76xVPE0y0Au9BdqzRk.roa
Signing time: Thu 03 Mar 2022 10:05:19 +0000
ROA not before: Thu 03 Mar 2022 10:05:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/24 maxlen: 24
91.148.127.0/24 maxlen: 24
85.222.160.0/21 maxlen: 21
85.222.166.0/23 maxlen: 23
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.211.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.205.0/24 maxlen: 24
178.20.200.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941965953 (0x38254281)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Mar 3 10:05:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b587660bff087beb154f134cb402ef4176acd19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:34:8b:3b:af:e9:4b:ba:35:18:f6:59:97:fd:
2d:70:4b:5e:d3:25:20:df:44:b0:ce:4e:41:7d:b7:
5c:46:a0:34:9c:b9:2f:b9:4c:8c:f4:26:1c:37:a8:
43:60:2d:5a:4c:64:a9:f3:23:06:99:04:74:a7:16:
44:84:a9:2e:87:2b:c8:e9:ac:92:c4:85:b5:f9:35:
a2:3b:31:b5:62:6b:31:65:d4:bb:eb:d6:a3:4c:f0:
13:fe:54:e9:e9:cf:e5:97:22:c3:6e:c8:72:87:37:
8e:c3:fe:4f:87:c3:6c:86:5e:18:a1:9c:6d:64:79:
2d:01:ed:c6:3c:ab:7e:50:13:7c:a7:aa:a3:86:b5:
32:a2:bb:7e:b0:de:37:be:32:95:59:8c:19:66:a7:
81:1f:0f:34:f7:d4:13:48:4a:57:77:38:97:a3:2a:
ac:36:79:06:fc:60:90:0d:17:9b:d8:cd:98:cf:0c:
0f:89:09:b6:52:1e:fd:a4:02:74:e8:e9:50:43:cd:
c4:1d:5f:e8:53:a6:00:4c:5f:50:93:d5:7a:3c:57:
58:59:a2:a8:05:85:c4:31:cc:2e:2d:60:09:db:18:
a5:33:d0:81:14:c6:91:93:40:1c:a3:8a:d2:af:7a:
21:a2:8a:f0:39:d5:90:0b:ca:60:bf:5d:14:c7:ca:
54:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:58:76:60:BF:F0:87:BE:B1:54:F1:34:CB:40:2E:F4:17:6A:CD:19
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/e1h2YL_wh76xVPE0y0Au9BdqzRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/21
91.148.64.0/18
178.20.200.0/24
178.20.205.0-178.20.207.255
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
1c:41:9f:9e:af:e6:12:9c:77:63:74:d4:78:6d:c4:1f:75:71:
40:5a:76:5c:8b:94:63:1c:65:97:a4:54:1d:49:ab:66:a2:24:
03:5a:01:89:60:5f:3c:26:55:19:df:f0:b6:6f:56:32:df:ac:
64:c2:6e:99:dc:99:2c:fa:c9:22:29:bf:f6:48:33:28:af:75:
d0:72:04:02:42:4d:dd:a6:1d:b3:28:09:b0:a2:87:27:3b:0d:
97:e3:c1:06:64:2f:da:3c:af:94:0d:84:bf:75:a1:2e:93:9d:
e0:b1:7a:c5:37:17:b9:2c:2e:8d:90:51:ce:ad:48:f2:a1:a1:
40:b4:09:c1:f9:c9:4e:4d:1a:3e:ea:4c:bd:27:62:ee:fd:50:
4f:47:8b:3f:f1:c1:8f:e0:ad:2d:d3:25:28:ac:04:3f:da:55:
ba:85:5f:d0:04:02:13:41:4c:1e:f7:48:93:2e:d9:c3:28:4a:
b5:c1:31:ac:e6:90:a2:63:ea:91:1b:ed:1c:0b:e0:8c:a2:7a:
8e:71:47:20:0c:b2:6e:62:c1:8c:52:0f:71:c8:41:fc:64:ef:
d2:99:c4:d7:a2:9e:f4:6b:bc:4a:f0:d2:f8:08:16:1a:32:0a:
4e:60:df:1f:f5:da:bc:35:b4:b1:38:a1:af:b8:60:a6:10:78:
dd:f0:42:01
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEOCVCgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Mjc4YTc2OGM5MTBiYWRjZDVjNGFlZjdjMTcyYTlmMDYxNTQ3ZThjMB4XDTIyMDMw
MzEwMDUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2I1ODc2NjBiZmYw
ODdiZWIxNTRmMTM0Y2I0MDJlZjQxNzZhY2QxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK80izuv6Uu6NRj2WZf9LXBLXtMlIN9EsM5OQX23XEagNJy5
L7lMjPQmHDeoQ2AtWkxkqfMjBpkEdKcWRISpLocryOmsksSFtfk1ojsxtWJrMWXU
u+vWo0zwE/5U6enP5Zciw27Icoc3jsP+T4fDbIZeGKGcbWR5LQHtxjyrflATfKeq
o4a1MqK7frDeN74ylVmMGWangR8PNPfUE0hKV3c4l6MqrDZ5BvxgkA0Xm9jNmM8M
D4kJtlIe/aQCdOjpUEPNxB1f6FOmAExfUJPVejxXWFmiqAWFxDHMLi1gCdsYpTPQ
gRTGkZNAHKOK0q96IaKK8DnVkAvKYL9dFMfKVCkCAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBR7WHZgv/CHvrFU8TTLQC70F2rNGTAfBgNVHSMEGDAWgBRieKdoyRC63NXE
rvfBcqnwYVR+jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1luaW5hTWtRdXR6VnhLNzN3WEtwOEdGVWZvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8x
L2UxaDJZTF93aDc2eFZQRTB5MEF1OUJkcXpSay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8xL1luaW5hTWtRdXR6
VnhLNzN3WEtwOEdGVWZvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwUAQCAAEwSgMEBT5sYAMEBT7BgAMEA1XeoAMEBluU
QAMEALIUyDAMAwQAshTNAwQEshTAAwQCuS/QAwQFwmqgAwQGw/xAAwQE1fTgAwQE
2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOCAQEAHEGf
nq/mEpx3Y3TUeG3EH3VxQFp2XIuUYxxll6RUHUmrZqIkA1oBiWBfPCZVGd/wtm9W
Mt+sZMJumdyZLPrJIim/9kgzKK910HIEAkJN3aYdsygJsKKHJzsNl+PBBmQv2jyv
lA2Ev3WhLpOd4LF6xTcXuSwujZBRzq1I8qGhQLQJwfnJTk0aPupMvSdi7v1QT0eL
P/HBj+CtLdMlKKwEP9pVuoVf0AQCE0FMHvdIky7ZwyhKtcExrOaQomPqkRvtHAvg
jKJ6jnFHIAyybmLBjFIPcchB/GTv0pnE16Ke9Gu8SvDS+AgWGjIKTmDfH/XavDW0
sTihr7hgphB43fBCAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:30 2024 by rpki-client on console-fra.rpki-client.org