Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/h1-z70OFCeV-2ykvGW0nX8CuFbc.roa
File: h1-z70OFCeV-2ykvGW0nX8CuFbc.roa (raw, json)
Hash identifier: +Xy4uC9MbTe/kZhw3PUauBLF771oTru1sPgqVCDP/vk=
Subject key identifier: 87:5F:B3:EF:43:85:09:E5:7E:DB:29:2F:19:6D:27:5F:C0:AE:15:B7
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D6C85BF
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/h1-z70OFCeV-2ykvGW0nX8CuFbc.roa
Signing time: Thu 26 May 2022 20:00:13 +0000
ROA not before: Thu 26 May 2022 20:00:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.128.0/22 maxlen: 24
194.64.89.0/24 maxlen: 24
194.163.192.0/19 maxlen: 24
194.64.92.0/22 maxlen: 22
194.163.96.0/20 maxlen: 24
217.172.168.0/23 maxlen: 24
195.179.100.0/22 maxlen: 22
195.179.108.0/22 maxlen: 22
212.224.16.0/22 maxlen: 22
212.224.24.0/22 maxlen: 22
62.138.64.0/22 maxlen: 22
62.138.72.0/22 maxlen: 22
195.180.224.0/20 maxlen: 24
194.163.64.0/22 maxlen: 22
195.180.192.0/20 maxlen: 24
194.64.152.0/22 maxlen: 22
194.195.32.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 225215935 (0xd6c85bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 26 20:00:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=875fb3ef438509e57edb292f196d275fc0ae15b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f0:06:0d:4c:3e:3e:a6:5e:33:81:6a:b6:fc:
a5:ad:8d:69:22:fe:2b:6f:b8:a0:ae:08:0d:3e:35:
20:a6:ef:a9:eb:75:fa:7b:cf:48:d6:8c:f3:34:0f:
7e:df:60:f2:7c:d7:fb:7e:a0:e6:e8:d2:6b:50:e8:
d5:c3:f0:e9:04:e6:83:97:b4:45:7b:ab:7c:1a:ad:
10:67:a7:8e:bb:91:d7:33:0f:75:fe:3d:91:6a:ed:
6e:e2:26:2c:57:21:f9:16:13:75:83:2f:fe:54:a6:
cb:53:a8:66:3a:ef:8a:85:b0:5f:ae:16:9d:fa:a2:
e8:b4:67:90:3e:18:a6:49:a8:e1:fd:3a:c4:19:ae:
ae:3e:43:d0:9e:ac:51:1f:db:5e:b4:d7:f1:f3:db:
51:64:45:58:80:9a:79:04:f3:88:74:84:54:31:01:
f8:1d:c3:6c:b4:a3:86:23:76:b5:bf:e8:85:97:c1:
21:84:05:e8:2f:ec:e4:c9:78:56:de:82:2d:79:10:
df:3b:ce:c4:58:6f:70:60:b2:09:24:a8:3e:ec:35:
4c:c9:55:2f:74:af:fb:24:65:cc:12:a6:7d:ed:cf:
19:da:4d:37:da:f8:f3:72:01:59:05:38:ba:a8:10:
b5:4e:23:2e:d8:0a:2b:04:19:b4:52:57:45:e5:99:
28:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5F:B3:EF:43:85:09:E5:7E:DB:29:2F:19:6D:27:5F:C0:AE:15:B7
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/h1-z70OFCeV-2ykvGW0nX8CuFbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
62.138.72.0/22
194.64.89.0/24
194.64.92.0/22
194.64.152.0/22
194.163.64.0/22
194.163.96.0/20
194.163.192.0/19
194.195.32.0/19
195.179.100.0/22
195.179.108.0/22
195.180.128.0/22
195.180.192.0/20
195.180.224.0/20
212.224.16.0/22
212.224.24.0/22
217.172.168.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:fe:6d:4d:6c:89:03:24:af:9e:7a:ff:00:46:f9:45:bd:98:
f6:7f:b2:1e:66:68:fd:4c:48:40:93:f9:01:eb:2b:09:6d:cb:
c4:9e:a2:c4:9c:1d:5a:56:54:0c:73:d0:1f:20:36:f2:bd:f2:
b9:c7:74:06:63:50:0a:9a:65:fe:4d:79:56:40:73:ab:0c:d6:
d6:fb:e9:da:10:d3:d7:3c:97:e9:87:2d:40:1b:af:84:fe:ba:
e2:0a:b8:6e:95:6e:dd:0d:e0:bd:13:dd:01:f3:61:49:6f:91:
9b:0e:2b:14:19:c6:61:03:94:d5:44:87:09:0c:3e:b7:cc:65:
cf:05:dd:0f:8b:52:2c:f3:83:74:d5:09:0d:bb:1a:52:16:33:
17:6a:9b:81:8f:ba:83:30:02:5b:f4:1b:53:78:fb:8b:5d:01:
e0:6b:ac:85:8a:48:6e:ae:6a:33:54:b0:7f:91:18:3e:b1:d6:
ae:e9:14:97:34:3c:70:9b:77:90:9e:24:3b:cf:46:48:01:9f:
9d:f2:e4:dd:de:67:fb:ec:38:0e:98:e0:8e:15:45:6f:5e:4e:
96:57:46:cb:e8:59:9d:89:44:f3:61:45:a3:a6:fc:90:ee:0f:
40:51:34:53:12:18:ab:de:72:e9:56:e1:88:75:2f:a4:13:2c:
24:af:dc:86
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEDWyFvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDUy
NjIwMDAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc1ZmIzZWY0Mzg1
MDllNTdlZGIyOTJmMTk2ZDI3NWZjMGFlMTViNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHwBg1MPj6mXjOBarb8pa2NaSL+K2+4oK4IDT41IKbvqet1
+nvPSNaM8zQPft9g8nzX+36g5ujSa1Do1cPw6QTmg5e0RXurfBqtEGenjruR1zMP
df49kWrtbuImLFch+RYTdYMv/lSmy1OoZjrvioWwX64Wnfqi6LRnkD4Ypkmo4f06
xBmurj5D0J6sUR/bXrTX8fPbUWRFWICaeQTziHSEVDEB+B3DbLSjhiN2tb/ohZfB
IYQF6C/s5Ml4Vt6CLXkQ3zvOxFhvcGCyCSSoPuw1TMlVL3Sv+yRlzBKmfe3PGdpN
N9r483IBWQU4uqgQtU4jLtgKKwQZtFJXReWZKHsCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBSHX7PvQ4UJ5X7bKS8ZbSdfwK4VtzAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L2gxLXo3ME9GQ2VWLTJ5a3ZHVzBuWDhDdUZiYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAj6KQAMEAj6KSAMEAMJAWQMEAsJA
XAMEAsJAmAMEAsKjQAMEBMKjYAMEBcKjwAMEBcLDIAMEAsOzZAMEAsOzbAMEAsO0
gAMEBMO0wAMEBMO04AMEAtTgEAMEAtTgGAMEAdmsqDANBgkqhkiG9w0BAQsFAAOC
AQEAav5tTWyJAySvnnr/AEb5Rb2Y9n+yHmZo/UxIQJP5AesrCW3LxJ6ixJwdWlZU
DHPQHyA28r3yucd0BmNQCppl/k15VkBzqwzW1vvp2hDT1zyX6YctQBuvhP664gq4
bpVu3Q3gvRPdAfNhSW+Rmw4rFBnGYQOU1USHCQw+t8xlzwXdD4tSLPODdNUJDbsa
UhYzF2qbgY+6gzACW/QbU3j7i10B4GushYpIbq5qM1Swf5EYPrHWrukUlzQ8cJt3
kJ4kO89GSAGfnfLk3d5n++w4DpjgjhVFb15OlldGy+hZnYlE82FFo6b8kO4PQFE0
UxIYq95y6VbhiHUvpBMsJK/chg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:29 2023 by rpki-client on console-ams.rpki-client.org