Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/JRy1Gu2DaWPxDW6w0-cVbPC-Vpk.roa
File: JRy1Gu2DaWPxDW6w0-cVbPC-Vpk.roa (raw, json)
Hash identifier: zYSeYPGo/T1ZhTJDt85SzdtZuQV/07810+gW8zy47i8=
Subject key identifier: 25:1C:B5:1A:ED:83:69:63:F1:0D:6E:B0:D3:E7:15:6C:F0:BE:56:99
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0CE8D948
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/JRy1Gu2DaWPxDW6w0-cVbPC-Vpk.roa
Signing time: Mon 18 Apr 2022 10:39:33 +0000
ROA not before: Mon 18 Apr 2022 10:39:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.128.0/22 maxlen: 24
194.163.192.0/19 maxlen: 24
194.64.92.0/22 maxlen: 22
195.252.160.0/22 maxlen: 24
194.163.96.0/19 maxlen: 24
212.224.16.0/22 maxlen: 22
212.224.24.0/22 maxlen: 22
62.138.64.0/22 maxlen: 22
62.138.72.0/22 maxlen: 22
195.180.224.0/20 maxlen: 24
194.233.28.0/23 maxlen: 23
194.163.64.0/22 maxlen: 22
194.163.80.0/22 maxlen: 22
195.180.192.0/20 maxlen: 24
194.64.152.0/22 maxlen: 22
194.195.32.0/19 maxlen: 24
194.233.224.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 216586568 (0xce8d948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Apr 18 10:39:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=251cb51aed836963f10d6eb0d3e7156cf0be5699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a8:9d:a4:6f:07:6d:7b:98:84:20:94:dd:86:
b1:5e:38:0d:bf:a1:f9:f2:bd:72:cb:46:ac:8e:9f:
09:89:aa:3f:fc:e9:a8:d3:29:98:3f:67:a4:fe:56:
f8:bd:29:39:12:40:b4:0d:f4:bd:5d:e6:e1:dd:e4:
bd:e3:7b:81:9b:5f:1e:33:b9:d9:48:5f:16:2d:fa:
26:68:8c:af:92:25:7c:6e:12:40:be:06:ec:b6:96:
43:62:d6:81:9d:9e:91:ef:fc:7f:4a:4f:fd:44:15:
17:9e:02:d6:9c:a8:a8:19:26:3b:48:ec:e8:89:3b:
5b:c4:f5:ea:14:08:98:2c:a6:17:e7:fb:94:2d:b7:
91:8e:78:b2:fd:6a:08:ae:f5:e7:19:87:ef:6f:2f:
0f:fe:ed:71:8f:36:d7:a1:50:bd:3e:7b:c7:5a:6e:
41:68:6d:85:e2:97:a8:8f:bb:f1:51:eb:88:26:3e:
29:db:a4:31:91:85:85:2d:a9:e1:97:a1:2d:fc:b2:
88:eb:e0:8d:99:51:ba:5d:5a:cb:0f:bd:cd:60:82:
23:00:c6:52:27:aa:f5:70:7f:18:1f:4f:bf:88:ed:
05:c9:43:b5:d3:43:e4:04:d3:b6:43:f4:e5:dd:be:
8b:b8:1d:b7:b4:3e:46:d6:d4:05:39:21:82:a6:09:
c0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:1C:B5:1A:ED:83:69:63:F1:0D:6E:B0:D3:E7:15:6C:F0:BE:56:99
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/JRy1Gu2DaWPxDW6w0-cVbPC-Vpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
62.138.72.0/22
194.64.92.0/22
194.64.152.0/22
194.163.64.0/22
194.163.80.0/22
194.163.96.0/19
194.163.192.0/19
194.195.32.0/19
194.233.28.0/23
194.233.224.0/20
195.180.128.0/22
195.180.192.0/20
195.180.224.0/20
195.252.160.0/22
212.224.16.0/22
212.224.24.0/22
Signature Algorithm: sha256WithRSAEncryption
27:e9:53:9b:cf:c1:f3:ab:ae:7f:d0:b2:73:ab:2a:9c:dd:9e:
ca:d5:2e:fd:f6:93:0a:bb:fa:24:dd:3b:43:6a:75:ee:dd:5e:
b1:d1:88:f4:58:87:73:11:92:e0:0d:cb:8d:d3:b3:28:49:df:
4d:f1:07:b6:97:6d:35:2f:97:43:b5:b0:72:7c:63:d5:f1:b7:
a4:d9:b5:0f:b5:2f:e9:d9:6d:2e:8e:31:1f:86:e3:8f:2e:c1:
f3:1c:19:e1:bd:2f:4e:c0:4b:2b:b8:59:09:9c:e4:95:4a:07:
56:63:f1:ee:61:1c:b6:74:0a:4e:a3:81:12:8c:65:3d:c4:3d:
32:2c:18:e4:5d:4b:85:b3:44:d4:af:99:cd:f1:a4:c7:9a:d3:
d3:8b:bb:ce:e1:9f:b8:84:ee:00:aa:1f:d2:e1:cf:e1:49:08:
a3:a0:ca:a5:6e:87:ca:05:99:12:2a:25:9b:15:40:ae:5f:1f:
43:63:10:a3:ff:6a:7a:9d:f7:36:30:51:73:11:5c:63:2f:f1:
b5:62:db:fd:b2:0e:4c:d5:84:16:bf:dc:4f:9d:7c:9f:ee:ce:
86:63:6e:61:6e:58:98:8e:d8:bf:05:29:87:cd:70:93:2a:e6:
8c:6e:5b:d0:54:97:d0:10:bf:11:23:10:58:3d:84:f5:a4:15:
f0:08:7e:75
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEDOjZSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDQx
ODEwMzkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUxY2I1MWFlZDgz
Njk2M2YxMGQ2ZWIwZDNlNzE1NmNmMGJlNTY5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWonaRvB217mIQglN2GsV44Db+h+fK9cstGrI6fCYmqP/zp
qNMpmD9npP5W+L0pORJAtA30vV3m4d3kveN7gZtfHjO52UhfFi36JmiMr5IlfG4S
QL4G7LaWQ2LWgZ2eke/8f0pP/UQVF54C1pyoqBkmO0js6Ik7W8T16hQImCymF+f7
lC23kY54sv1qCK715xmH728vD/7tcY8216FQvT57x1puQWhtheKXqI+78VHriCY+
KdukMZGFhS2p4ZehLfyyiOvgjZlRul1ayw+9zWCCIwDGUieq9XB/GB9Pv4jtBclD
tdND5ATTtkP05d2+i7gdt7Q+RtbUBTkhgqYJwM0CAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBQlHLUa7YNpY/ENbrDT5xVs8L5WmTAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L0pSeTFHdTJEYVdQeERXNncwLWNWYlBDLVZway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAj6KQAMEAj6KSAMEAsJAXAMEAsJA
mAMEAsKjQAMEAsKjUAMEBcKjYAMEBcKjwAMEBcLDIAMEAcLpHAMEBMLp4AMEAsO0
gAMEBMO0wAMEBMO04AMEAsP8oAMEAtTgEAMEAtTgGDANBgkqhkiG9w0BAQsFAAOC
AQEAJ+lTm8/B86uuf9Cyc6sqnN2eytUu/faTCrv6JN07Q2p17t1esdGI9FiHcxGS
4A3LjdOzKEnfTfEHtpdtNS+XQ7Wwcnxj1fG3pNm1D7Uv6dltLo4xH4bjjy7B8xwZ
4b0vTsBLK7hZCZzklUoHVmPx7mEctnQKTqOBEoxlPcQ9MiwY5F1LhbNE1K+ZzfGk
x5rT04u7zuGfuITuAKof0uHP4UkIo6DKpW6HygWZEiolmxVArl8fQ2MQo/9qep33
NjBRcxFcYy/xtWLb/bIOTNWEFr/cT518n+7OhmNuYW5YmI7YvwUph81wkyrmjG5b
0FSX0BC/ESMQWD2E9aQV8Ah+dQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org