Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/tDe-FH8B8P8Ga9L4RtBGnaC-8ao.roa
File: tDe-FH8B8P8Ga9L4RtBGnaC-8ao.roa (raw, json)
Hash identifier: B6pkgTJr6qag68fW40WYgR37Pp1hBJ1l3Y/bjqjhixg=
Subject key identifier: B4:37:BE:14:7F:01:F0:FF:06:6B:D2:F8:46:D0:46:9D:A0:BE:F1:AA
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 3903B494
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/tDe-FH8B8P8Ga9L4RtBGnaC-8ao.roa
Signing time: Mon 13 Jun 2022 10:14:56 +0000
ROA not before: Mon 13 Jun 2022 10:14:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/23 maxlen: 24
85.222.160.0/24 maxlen: 24
85.222.160.0/21 maxlen: 21
85.222.166.0/23 maxlen: 23
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.205.0/24 maxlen: 24
178.20.200.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 956544148 (0x3903b494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jun 13 10:14:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b437be147f01f0ff066bd2f846d0469da0bef1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b9:22:cc:1e:6e:27:da:a5:b4:7a:39:87:a8:
a7:53:8c:0a:ed:e3:6e:dd:bb:5f:32:80:cf:c8:6a:
a2:84:ce:cb:31:a4:18:24:51:35:0f:08:3a:cd:b9:
5f:54:c0:0a:3e:eb:49:79:4e:88:97:64:0d:8a:95:
3d:d1:c4:f9:c5:d9:cf:11:0a:d2:6d:9a:fd:15:99:
98:ef:dc:e8:f6:93:5a:36:45:18:9e:25:2d:ee:40:
63:8e:a6:11:5c:a7:39:56:c2:3a:42:93:b9:f0:26:
cc:16:1b:ab:ec:5b:ed:48:bd:19:7b:c1:00:07:34:
32:eb:d9:60:3a:ce:09:99:f7:15:14:f6:0e:63:34:
d2:5c:78:ed:98:f2:5e:ef:25:7f:11:d9:88:61:0d:
76:40:59:5d:e5:02:a3:1e:2e:8e:ed:79:00:71:e8:
ce:27:6d:a7:f6:67:e8:b7:67:31:30:a0:b2:ed:0b:
22:5a:04:a3:c6:c8:dd:9d:4d:bc:1e:b7:17:ba:a1:
94:82:39:ad:ca:33:42:1c:62:f1:22:f2:f0:79:88:
d3:bc:d3:c4:2d:5e:5a:dc:3f:4b:bc:f0:df:d9:2c:
9d:39:39:29:54:f1:a4:30:98:24:55:30:5d:ee:1f:
80:35:cf:c8:86:16:12:d3:8f:02:7f:a5:f6:a8:cc:
bb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:37:BE:14:7F:01:F0:FF:06:6B:D2:F8:46:D0:46:9D:A0:BE:F1:AA
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/tDe-FH8B8P8Ga9L4RtBGnaC-8ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/21
91.148.64.0/18
178.20.200.0/24
178.20.205.0-178.20.207.255
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
62:74:6a:b0:d2:17:29:0e:92:de:87:fb:ce:12:ea:3b:4c:33:
0b:b2:2d:b3:22:c2:be:18:7f:a6:d6:25:d5:af:30:7c:07:fa:
89:2e:7b:75:51:5e:23:be:9d:28:28:25:0b:17:62:10:9b:9a:
3e:a2:47:3c:0f:65:48:a3:90:7e:6e:72:eb:59:e8:cc:00:c4:
dd:cc:62:e9:21:c4:b7:df:cb:26:86:e5:c5:f3:70:f8:28:53:
0c:b5:d2:72:3c:f9:80:75:61:f3:f7:be:67:24:3e:30:3e:43:
59:9a:53:49:2f:f0:82:e7:4d:1d:a5:82:d4:0f:64:13:c9:7a:
60:aa:38:dd:74:84:d9:7a:97:cd:f9:d4:d4:09:db:c4:be:ba:
c4:96:b4:67:5a:2d:da:73:76:25:c9:b8:02:ff:72:f3:ab:1f:
51:d8:08:f8:8f:1d:8d:38:12:91:bb:ff:a7:b6:b5:13:b0:72:
63:38:de:1e:30:2f:c8:35:6d:d9:45:8c:22:e1:88:43:df:66:
b0:53:0f:ff:3e:42:9e:24:cf:66:40:37:03:b3:34:eb:98:64:
2e:c8:3e:b1:48:32:36:64:ef:11:21:33:88:fa:85:79:94:23:
ca:d1:5e:dd:c8:e9:0a:4d:43:3d:33:5b:f1:45:54:c3:f5:72:
7f:10:eb:58
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEOQO0lDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Mjc4YTc2OGM5MTBiYWRjZDVjNGFlZjdjMTcyYTlmMDYxNTQ3ZThjMB4XDTIyMDYx
MzEwMTQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQzN2JlMTQ3ZjAx
ZjBmZjA2NmJkMmY4NDZkMDQ2OWRhMGJlZjFhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPG5IswebifapbR6OYeop1OMCu3jbt27XzKAz8hqooTOyzGk
GCRRNQ8IOs25X1TACj7rSXlOiJdkDYqVPdHE+cXZzxEK0m2a/RWZmO/c6PaTWjZF
GJ4lLe5AY46mEVynOVbCOkKTufAmzBYbq+xb7Ui9GXvBAAc0MuvZYDrOCZn3FRT2
DmM00lx47ZjyXu8lfxHZiGENdkBZXeUCox4uju15AHHozidtp/Zn6LdnMTCgsu0L
IloEo8bI3Z1NvB63F7qhlII5rcozQhxi8SLy8HmI07zTxC1eWtw/S7zw39ksnTk5
KVTxpDCYJFUwXe4fgDXPyIYWEtOPAn+l9qjMu08CAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBS0N74UfwHw/wZr0vhG0EadoL7xqjAfBgNVHSMEGDAWgBRieKdoyRC63NXE
rvfBcqnwYVR+jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1luaW5hTWtRdXR6VnhLNzN3WEtwOEdGVWZvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8x
L3REZS1GSDhCOFA4R2E5TDRSdEJHbmFDLThhby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8xL1luaW5hTWtRdXR6
VnhLNzN3WEtwOEdGVWZvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwUAQCAAEwSgMEBT5sYAMEBT7BgAMEA1XeoAMEBluU
QAMEALIUyDAMAwQAshTNAwQEshTAAwQCuS/QAwQFwmqgAwQGw/xAAwQE1fTgAwQE
2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOCAQEAYnRq
sNIXKQ6S3of7zhLqO0wzC7ItsyLCvhh/ptYl1a8wfAf6iS57dVFeI76dKCglCxdi
EJuaPqJHPA9lSKOQfm5y61nozADE3cxi6SHEt9/LJoblxfNw+ChTDLXScjz5gHVh
8/e+ZyQ+MD5DWZpTSS/wgudNHaWC1A9kE8l6YKo43XSE2XqXzfnU1AnbxL66xJa0
Z1ot2nN2Jcm4Av9y86sfUdgI+I8djTgSkbv/p7a1E7ByYzjeHjAvyDVt2UWMIuGI
Q99msFMP/z5CniTPZkA3A7M065hkLsg+sUgyNmTvESEziPqFeZQjytFe3cjpCk1D
PTNb8UVUw/VyfxDrWA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:24 2023 by rpki-client on console-ams.rpki-client.org