Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/1RT-8Vf40FlAQlOXmfglRJavkIg.roa
File: 1RT-8Vf40FlAQlOXmfglRJavkIg.roa (raw, json)
Hash identifier: 3AeoaHYYKOfueSFvX+FKpDzaAhso1cvjAheOecNQFQU=
Subject key identifier: D5:14:FE:F1:57:F8:D0:59:40:42:53:97:99:F8:25:44:96:AF:90:88
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D2625A1
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/1RT-8Vf40FlAQlOXmfglRJavkIg.roa
Signing time: Wed 04 May 2022 12:38:44 +0000
ROA not before: Wed 04 May 2022 12:38:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.128.0/22 maxlen: 24
194.163.192.0/19 maxlen: 24
194.64.92.0/22 maxlen: 22
195.252.160.0/22 maxlen: 24
194.163.96.0/20 maxlen: 24
217.172.168.0/23 maxlen: 24
212.224.16.0/22 maxlen: 22
212.224.24.0/22 maxlen: 22
62.138.64.0/22 maxlen: 22
62.138.72.0/22 maxlen: 22
195.180.224.0/20 maxlen: 24
194.163.64.0/22 maxlen: 22
194.163.80.0/22 maxlen: 22
195.180.192.0/20 maxlen: 24
194.64.152.0/22 maxlen: 22
194.195.32.0/19 maxlen: 24
194.233.224.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220603809 (0xd2625a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 4 12:38:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d514fef157f8d0594042539799f8254496af9088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5e:5a:4c:f4:c6:3e:ba:90:6d:6d:35:ff:6c:
d2:83:b0:3a:12:d6:3b:dd:fb:88:1e:20:90:d9:15:
45:6e:5a:42:e8:e3:38:83:d3:a8:8a:81:75:ea:5f:
f9:d0:fd:6f:ac:74:bd:50:74:c9:ca:ba:25:31:7f:
64:01:3e:1a:8c:63:6f:7d:7b:49:22:0e:70:c5:63:
16:4b:03:f6:7f:a5:12:1b:54:c3:9d:a1:8d:9a:cf:
6f:54:c2:46:23:a1:bc:03:9e:28:0b:8d:50:08:06:
bc:41:33:48:8a:6a:ad:b9:e2:96:3f:97:3e:43:28:
04:79:ba:aa:44:8c:03:07:46:62:99:db:fd:d7:87:
1f:7d:17:5e:46:bf:ba:54:d3:25:02:fe:e8:c9:12:
6c:d2:08:b6:59:4c:45:8e:3b:91:f8:be:47:00:92:
e8:7a:85:e9:e8:93:66:b2:86:f3:5f:69:48:76:fe:
e7:c4:3d:f0:58:27:56:19:3c:d5:d9:6c:5e:b5:4f:
ed:d7:ed:68:ee:a5:01:c2:d7:e2:a1:f4:ce:c2:92:
70:89:03:ef:c3:5b:f2:7e:f4:a2:4b:1a:03:b3:15:
4c:48:9e:71:f4:ac:2b:5d:98:98:9d:ee:64:8f:45:
92:59:15:5c:65:48:8a:98:90:d3:da:58:7e:93:cc:
90:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:14:FE:F1:57:F8:D0:59:40:42:53:97:99:F8:25:44:96:AF:90:88
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/1RT-8Vf40FlAQlOXmfglRJavkIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
62.138.72.0/22
194.64.92.0/22
194.64.152.0/22
194.163.64.0/22
194.163.80.0/22
194.163.96.0/20
194.163.192.0/19
194.195.32.0/19
194.233.224.0/20
195.180.128.0/22
195.180.192.0/20
195.180.224.0/20
195.252.160.0/22
212.224.16.0/22
212.224.24.0/22
217.172.168.0/23
Signature Algorithm: sha256WithRSAEncryption
35:0c:f3:b8:1a:ad:02:cb:3a:f1:dc:77:af:17:6c:b6:99:47:
3a:ea:28:e4:47:2a:18:69:8f:83:1b:6f:11:19:ee:91:6c:2e:
14:de:99:20:fe:eb:50:a6:da:7c:63:45:be:9a:cf:b6:d3:fb:
ad:c5:68:47:e5:f0:eb:72:1e:85:9d:1f:c3:e9:fb:af:d7:58:
e1:aa:7c:17:88:a0:3e:57:f9:fa:d4:d7:90:2a:34:ee:34:ab:
ae:25:b0:f2:ee:18:da:18:4c:4e:b0:c4:0e:3e:ae:d0:62:7c:
9f:3d:7f:ed:8b:d7:84:b8:01:47:07:be:42:c2:b1:37:33:d6:
de:c2:d3:d5:9f:0c:39:d4:70:c8:62:83:8f:3a:84:bc:47:95:
25:39:aa:b2:a6:b1:4e:cb:f5:b0:f4:82:65:b0:b6:cb:d0:bd:
39:65:ac:be:59:c8:43:6f:b6:39:40:e1:d3:93:81:87:b3:8e:
0d:6f:04:da:e5:bd:cd:5f:94:ed:da:4d:ca:05:9a:6b:8c:62:
e4:3d:fc:4c:18:97:be:81:2d:0e:13:d5:14:83:ce:4f:8d:5d:
45:14:0e:b2:7d:64:8c:1d:d9:6b:c8:31:42:db:b0:ae:1e:d0:
50:ff:b2:3e:6b:b4:40:75:0c:fc:4b:a1:6b:7a:79:03:d2:8b:
cb:f5:1b:72
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEDSYloTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDUw
NDEyMzg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUxNGZlZjE1N2Y4
ZDA1OTQwNDI1Mzk3OTlmODI1NDQ5NmFmOTA4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANleWkz0xj66kG1tNf9s0oOwOhLWO937iB4gkNkVRW5aQujj
OIPTqIqBdepf+dD9b6x0vVB0ycq6JTF/ZAE+Goxjb317SSIOcMVjFksD9n+lEhtU
w52hjZrPb1TCRiOhvAOeKAuNUAgGvEEzSIpqrbnilj+XPkMoBHm6qkSMAwdGYpnb
/deHH30XXka/ulTTJQL+6MkSbNIItllMRY47kfi+RwCS6HqF6eiTZrKG819pSHb+
58Q98FgnVhk81dlsXrVP7dftaO6lAcLX4qH0zsKScIkD78Nb8n70oksaA7MVTEie
cfSsK12YmJ3uZI9FklkVXGVIipiQ09pYfpPMkNsCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBTVFP7xV/jQWUBCU5eZ+CVElq+QiDAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
LzFSVC04VmY0MEZsQVFsT1htZmdsUkphdmtJZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAj6KQAMEAj6KSAMEAsJAXAMEAsJA
mAMEAsKjQAMEAsKjUAMEBMKjYAMEBcKjwAMEBcLDIAMEBMLp4AMEAsO0gAMEBMO0
wAMEBMO04AMEAsP8oAMEAtTgEAMEAtTgGAMEAdmsqDANBgkqhkiG9w0BAQsFAAOC
AQEANQzzuBqtAss68dx3rxdstplHOuoo5EcqGGmPgxtvERnukWwuFN6ZIP7rUKba
fGNFvprPttP7rcVoR+Xw63IehZ0fw+n7r9dY4ap8F4igPlf5+tTXkCo07jSrriWw
8u4Y2hhMTrDEDj6u0GJ8nz1/7YvXhLgBRwe+QsKxNzPW3sLT1Z8MOdRwyGKDjzqE
vEeVJTmqsqaxTsv1sPSCZbC2y9C9OWWsvlnIQ2+2OUDh05OBh7OODW8E2uW9zV+U
7dpNygWaa4xi5D38TBiXvoEtDhPVFIPOT41dRRQOsn1kjB3Za8gxQtuwrh7QUP+y
Pmu0QHUM/Euha3p5A9KLy/Ubcg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:29 2023 by rpki-client on console-ams.rpki-client.org