Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/iRpYExlH8OEjV2G3r21PF40kfLQ.roa
File: iRpYExlH8OEjV2G3r21PF40kfLQ.roa (raw, json)
Hash identifier: 0QfRI+vEWggl1Iy7l3NUeI8ffe+Yt+yx3z5Spua3C+Y=
Subject key identifier: 89:1A:58:13:19:47:F0:E1:23:57:61:B7:AF:6D:4F:17:8D:24:7C:B4
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018824E796FE054E06810749D3F68552A383
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/iRpYExlH8OEjV2G3r21PF40kfLQ.roa
Signing time: Tue 16 May 2023 14:12:17 +0000
ROA not before: Tue 16 May 2023 14:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
217.26.71.0/24 maxlen: 24
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.107.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.68.0/24 maxlen: 24
195.252.64.0/18 maxlen: 18
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/19 maxlen: 19
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.112.0/22 maxlen: 22
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/23 maxlen: 24
85.222.160.0/22 maxlen: 24
85.222.160.0/24 maxlen: 24
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
62.108.107.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.204.0/24 maxlen: 24
178.20.205.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:e7:96:fe:05:4e:06:81:07:49:d3:f6:85:52:a3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: May 16 14:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=891a58131947f0e1235761b7af6d4f178d247cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:57:4f:b3:7a:90:94:0c:2c:c8:1d:90:c5:0b:
98:ff:f7:82:0b:6b:99:3b:a7:a1:9e:92:a3:d9:a8:
69:a7:a4:ee:0c:71:b7:17:77:11:c6:14:1f:70:4b:
b7:11:5a:4a:52:e3:59:c5:c9:7a:c9:30:87:de:90:
da:4b:65:39:2e:5e:09:1c:14:40:cc:d4:0f:0d:f9:
5c:72:6b:74:24:72:7a:c8:b6:a5:5a:27:56:c8:bd:
fc:cc:b0:3b:6e:8a:08:e1:b3:6b:fe:2f:6c:ec:e9:
06:9a:2b:19:3f:8e:d0:31:e0:00:14:af:11:e6:47:
cb:96:2f:df:eb:cd:89:84:05:8b:e7:ed:40:e8:13:
84:3e:4a:d6:cb:89:ae:e4:ca:30:b7:f1:68:41:7c:
f8:22:f9:45:76:59:4f:a4:f8:b5:3d:93:55:03:9b:
ef:0d:c8:68:bf:a3:75:cc:5f:bb:ac:fa:a2:e2:96:
e2:ad:cd:bc:2a:60:0e:30:fd:b6:b5:16:84:85:4c:
a9:a8:a4:76:3b:c2:ab:2a:14:58:e9:70:a1:b0:ee:
0e:92:72:8e:9b:82:17:d5:bc:fb:9c:61:26:5e:28:
6d:b5:42:1d:18:3e:e9:55:c8:2c:37:de:29:6b:da:
b7:20:91:af:91:4a:15:2b:b8:ed:f4:e3:31:3a:0b:
d3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1A:58:13:19:47:F0:E1:23:57:61:B7:AF:6D:4F:17:8D:24:7C:B4
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/iRpYExlH8OEjV2G3r21PF40kfLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/22
91.148.64.0/18
178.20.204.0/23
178.20.207.0/24
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
97:c2:9d:93:fc:f2:d5:a8:94:80:60:6d:7c:ed:4f:86:35:f1:
37:95:cf:35:0b:2c:43:1d:9d:cc:5b:40:ec:ca:7b:4d:63:ba:
c5:d9:f4:22:a7:51:83:49:cf:d6:2d:5d:04:c7:9f:a7:8b:32:
dd:d4:23:0a:b7:de:c6:d1:f7:dc:39:61:9c:7e:5d:2b:d0:5a:
ae:1c:04:56:9f:ca:2b:c2:ba:d9:5c:e1:ff:75:4b:f5:c2:af:
a9:15:fa:6b:83:ce:d0:8e:9f:3c:ec:28:ba:fe:90:c9:85:ff:
27:a5:39:6a:4c:d9:3e:e1:a8:c1:20:f2:62:ef:cb:1f:8c:b0:
79:82:55:09:7b:3e:e5:ad:a4:83:28:cb:3e:85:75:44:9e:56:
86:54:67:ae:95:a5:e6:e4:8a:3b:85:c9:4a:80:5f:50:69:2b:
51:b5:19:4d:8e:7c:ca:22:04:98:37:0e:79:8f:3f:c4:c7:3b:
fe:91:42:6c:38:c1:41:b3:7e:d4:b7:fd:e1:4e:80:c9:b1:c6:
2d:d4:0c:92:f3:0b:ad:d1:71:b7:3e:ac:10:7f:cc:51:d1:4e:
24:23:50:5a:f2:1b:01:bc:3e:0d:f8:15:2f:ee:fd:2c:c3:36:
99:10:9c:ee:fd:b5:9c:f6:ba:2e:9e:1c:8f:88:f1:d7:bc:4e:
06:ed:ac:28
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYgk55b+BU4GgQdJ0/aFUqODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjMwNTE2MTQxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTFhNTgxMzE5NDdmMGUxMjM1NzYxYjdhZjZkNGYxNzhkMjQ3Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVdPs3qQlAwsyB2QxQuY//eCC2uZ
O6ehnpKj2ahpp6TuDHG3F3cRxhQfcEu3EVpKUuNZxcl6yTCH3pDaS2U5Ll4JHBRA
zNQPDflccmt0JHJ6yLalWidWyL38zLA7booI4bNr/i9s7OkGmisZP47QMeAAFK8R
5kfLli/f682JhAWL5+1A6BOEPkrWy4mu5Mowt/FoQXz4IvlFdllPpPi1PZNVA5vv
Dchov6N1zF+7rPqi4pbirc28KmAOMP22tRaEhUypqKR2O8KrKhRY6XChsO4OknKO
m4IX1bz7nGEmXihttUIdGD7pVcgsN94pa9q3IJGvkUoVK7jt9OMxOgvT9QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFIkaWBMZR/DhI1dht69tTxeNJHy0MB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvaVJwWUV4bEg4T0VqVjJHM3IyMVBGNDBrZkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQFPmxgAwQF
PsGAAwQCVd6gAwQGW5RAAwQBshTMAwQAshTPAwQCuS/QAwQFwmqgAwQGw/xAAwQE
1fTgAwQE2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOC
AQEAl8Kdk/zy1aiUgGBtfO1PhjXxN5XPNQssQx2dzFtA7Mp7TWO6xdn0IqdRg0nP
1i1dBMefp4sy3dQjCrfextH33DlhnH5dK9BarhwEVp/KK8K62Vzh/3VL9cKvqRX6
a4PO0I6fPOwouv6QyYX/J6U5akzZPuGowSDyYu/LH4yweYJVCXs+5a2kgyjLPoV1
RJ5WhlRnrpWl5uSKO4XJSoBfUGkrUbUZTY58yiIEmDcOeY8/xMc7/pFCbDjBQbN+
1Lf94U6AybHGLdQMkvMLrdFxtz6sEH/MUdFOJCNQWvIbAbw+DfgVL+79LMM2mRCc
7v21nPa6Lp4cj4jx17xOBu2sKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:30 2024 by rpki-client on console-fra.rpki-client.org