Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/SFaucJUlaqcqO4L02BhSYs3SuVY.roa
File: SFaucJUlaqcqO4L02BhSYs3SuVY.roa (raw, json)
Hash identifier: vqTQv64IBqHQFND9HQmuK7YQ6ew7T9wpnOj9+k0lnV8=
Subject key identifier: 48:56:AE:70:95:25:6A:A7:2A:3B:82:F4:D8:18:52:62:CD:D2:B9:56
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01825DC0B37F4848DD2D528B7008186F5C19
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/SFaucJUlaqcqO4L02BhSYs3SuVY.roa
Signing time: Tue 02 Aug 2022 08:51:26 +0000
ROA not before: Tue 02 Aug 2022 08:51:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.128.0/22 maxlen: 24
194.64.89.0/24 maxlen: 24
194.163.192.0/20 maxlen: 22
194.163.96.0/20 maxlen: 24
195.179.100.0/22 maxlen: 22
195.179.108.0/22 maxlen: 22
212.224.16.0/22 maxlen: 22
212.224.24.0/22 maxlen: 22
62.138.64.0/22 maxlen: 22
62.138.72.0/22 maxlen: 22
195.180.224.0/22 maxlen: 22
195.180.232.0/22 maxlen: 22
195.180.228.0/22 maxlen: 22
194.163.64.0/22 maxlen: 22
194.163.208.0/22 maxlen: 22
194.163.212.0/22 maxlen: 22
194.163.220.0/22 maxlen: 22
195.180.196.0/22 maxlen: 22
195.180.200.0/22 maxlen: 22
195.180.204.0/22 maxlen: 22
194.64.152.0/22 maxlen: 22
194.195.32.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5d:c0:b3:7f:48:48:dd:2d:52:8b:70:08:18:6f:5c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Aug 2 08:51:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4856ae7095256aa72a3b82f4d8185262cdd2b956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:69:ff:d6:dd:b3:da:aa:8b:96:b2:da:bc:42:
0e:0c:14:b0:2c:76:c2:fb:77:e8:44:3b:7e:6a:3d:
a6:0d:be:9a:5f:08:d0:16:f6:04:6e:82:06:cb:f5:
2c:92:46:3b:ca:e6:58:92:85:72:df:a0:1a:db:e0:
96:0a:f3:4a:7d:84:99:69:0c:fc:4b:89:5e:76:7e:
01:1f:97:ef:ab:0b:d9:ea:98:53:46:13:c1:20:6d:
0d:9d:26:64:ad:d0:cb:09:2a:04:70:93:d5:94:83:
b8:82:fc:48:74:4f:53:1a:11:86:68:6b:30:f2:02:
17:4a:0a:54:d6:86:e6:60:66:9c:12:0a:b5:30:a6:
27:73:b2:5a:8c:e0:08:c1:15:b0:5e:8e:6a:39:09:
ab:da:2d:61:b9:1c:d7:73:2f:7c:72:9f:e0:98:17:
fc:24:09:98:7b:f0:d3:df:27:8e:5b:57:1f:9d:b9:
fc:56:32:88:c2:1d:03:73:ee:c6:61:a8:af:6f:cf:
3b:94:86:5a:59:27:ac:08:20:a3:da:31:92:cc:86:
c4:fc:e0:03:5d:4b:3e:55:67:68:55:3b:78:d4:4f:
6b:ca:cf:01:31:51:73:ac:a8:62:f4:f9:ad:67:68:
d1:65:0d:b3:ae:3f:9d:e5:a8:bf:72:f0:64:0f:df:
3b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:56:AE:70:95:25:6A:A7:2A:3B:82:F4:D8:18:52:62:CD:D2:B9:56
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/SFaucJUlaqcqO4L02BhSYs3SuVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
62.138.72.0/22
194.64.89.0/24
194.64.152.0/22
194.163.64.0/22
194.163.96.0/20
194.163.192.0-194.163.215.255
194.163.220.0/22
194.195.32.0/19
195.179.100.0/22
195.179.108.0/22
195.180.128.0/22
195.180.196.0-195.180.207.255
195.180.224.0-195.180.235.255
212.224.16.0/22
212.224.24.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:fe:cb:21:9f:e3:63:54:79:40:df:d6:fb:be:32:6b:cc:4b:
01:2a:78:31:56:f2:33:bf:2b:85:3a:8f:98:94:90:06:1a:da:
31:65:62:ad:e4:25:f3:8c:2a:81:cc:ed:38:4b:8d:a1:f7:64:
1c:ca:f9:bd:6a:4f:42:ef:e5:30:9d:84:34:ff:c8:43:5b:ac:
f5:e2:f5:95:b2:1e:4f:09:d6:88:71:0b:9a:00:ff:7e:b1:72:
3f:51:a2:04:22:72:59:8a:7e:af:91:3c:03:3b:6b:d0:37:d3:
3c:91:e2:e9:8c:9f:84:5c:55:d2:ed:05:81:a7:ef:5c:93:6f:
2a:9a:c5:d6:b8:bf:5c:46:b5:2c:e4:1b:c1:a5:dc:6b:c3:be:
85:98:17:60:4d:1b:46:ed:3c:34:b2:b0:91:f0:f4:3e:d6:fb:
89:36:a5:66:c6:35:b8:20:3a:e7:89:93:a3:7e:98:02:43:c1:
0f:6b:27:61:ba:13:c0:1b:dc:22:91:9a:73:6d:1c:2d:ea:f2:
f5:f5:ff:09:a4:1c:bb:a3:0d:ae:eb:83:13:f0:ef:21:3c:72:
5b:61:00:ab:22:62:66:64:40:db:2c:61:9f:99:16:53:62:97:
8f:04:b3:f2:fe:77:7d:75:59:d7:d4:15:8b:c3:62:98:a3:55:
e2:88:74:2c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYJdwLN/SEjdLVKLcAgYb1wZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjIwODAyMDg1MTI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODU2YWU3MDk1MjU2YWE3MmEzYjgyZjRkODE4NTI2MmNkZDJiOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Wn/1t2z2qqLlrLavEIODBSwLHbC
+3foRDt+aj2mDb6aXwjQFvYEboIGy/UskkY7yuZYkoVy36Aa2+CWCvNKfYSZaQz8
S4ledn4BH5fvqwvZ6phTRhPBIG0NnSZkrdDLCSoEcJPVlIO4gvxIdE9TGhGGaGsw
8gIXSgpU1obmYGacEgq1MKYnc7JajOAIwRWwXo5qOQmr2i1huRzXcy98cp/gmBf8
JAmYe/DT3yeOW1cfnbn8VjKIwh0Dc+7GYaivb887lIZaWSesCCCj2jGSzIbE/OAD
XUs+VWdoVTt41E9rys8BMVFzrKhi9PmtZ2jRZQ2zrj+d5ai/cvBkD987fQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFEhWrnCVJWqnKjuC9NgYUmLN0rlWMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvU0ZhdWNKVWxhcWNxTzRMMDJCaFNZczNTdVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCPopA
AwQCPopIAwQAwkBZAwQCwkCYAwQCwqNAAwQEwqNgMAwDBAbCo8ADBAPCo9ADBALC
o9wDBAXCwyADBALDs2QDBALDs2wDBALDtIAwDAMEAsO0xAMEBMO0wDAMAwQFw7Tg
AwQCw7ToAwQC1OAQAwQC1OAYMA0GCSqGSIb3DQEBCwUAA4IBAQBe/sshn+NjVHlA
39b7vjJrzEsBKngxVvIzvyuFOo+YlJAGGtoxZWKt5CXzjCqBzO04S42h92Qcyvm9
ak9C7+UwnYQ0/8hDW6z14vWVsh5PCdaIcQuaAP9+sXI/UaIEInJZin6vkTwDO2vQ
N9M8keLpjJ+EXFXS7QWBp+9ck28qmsXWuL9cRrUs5BvBpdxrw76FmBdgTRtG7Tw0
srCR8PQ+1vuJNqVmxjW4IDrniZOjfpgCQ8EPaydhuhPAG9wikZpzbRwt6vL19f8J
pBy7ow2u64MT8O8hPHJbYQCrImJmZEDbLGGfmRZTYpePBLPy/nd9dVnX1BWLw2KY
o1XiiHQs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org