Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/q1rJlCVi0KA97GRVLHcF2zBVink.roa
File: q1rJlCVi0KA97GRVLHcF2zBVink.roa (raw, json)
Hash identifier: +d3HvF1P2hJ+/bNfIj+PQ3I41UCkG8Gha2vlM/bkKlc=
Subject key identifier: AB:5A:C9:94:25:62:D0:A0:3D:EC:64:55:2C:77:05:DB:30:55:8A:79
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0182ABFDE556D024EDE28257082A4C6FF587
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/q1rJlCVi0KA97GRVLHcF2zBVink.roa
Signing time: Wed 17 Aug 2022 13:28:39 +0000
ROA not before: Wed 17 Aug 2022 13:28:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21700
IP address blocks: 151.106.80.0/20 maxlen: 24
194.195.48.0/20 maxlen: 20
194.233.240.0/20 maxlen: 24
195.180.168.0/22 maxlen: 22
195.180.172.0/22 maxlen: 22
194.163.224.0/20 maxlen: 24
194.195.16.0/20 maxlen: 24
62.138.68.0/22 maxlen: 22
62.138.76.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ab:fd:e5:56:d0:24:ed:e2:82:57:08:2a:4c:6f:f5:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Aug 17 13:28:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab5ac9942562d0a03dec64552c7705db30558a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:e4:be:63:99:14:0e:23:95:da:a8:77:2c:
6a:57:36:a0:a0:16:44:fc:f6:37:b7:2a:ee:3f:18:
05:c9:e5:b6:33:a9:05:86:3f:f5:5d:62:9f:23:31:
45:39:f7:26:64:54:a5:ef:87:48:65:02:bb:54:d2:
c3:b3:47:96:5c:cc:ca:df:80:19:23:3a:c7:6a:b2:
62:c2:13:f8:37:06:78:1f:e8:61:66:e2:b5:39:b8:
7d:d5:d8:18:52:52:a3:f7:e5:c6:79:74:8e:b5:20:
6f:2f:4b:d4:51:d8:81:6e:39:e1:4e:bc:f4:c8:db:
ba:1b:67:c9:99:04:76:7e:50:cf:52:88:0e:87:3d:
64:89:6e:42:ef:a7:ed:60:3f:d7:67:46:fc:aa:23:
6e:89:0e:44:37:4b:7b:a2:07:1b:c1:6c:f6:47:19:
98:e2:2f:e1:36:55:a5:dc:b0:85:7a:8a:af:b7:c8:
7b:de:e6:36:db:4e:9e:61:38:85:f6:0e:0d:c9:52:
65:5d:fe:2c:86:10:36:30:c5:a6:de:ea:e4:f6:9d:
68:43:37:01:c2:82:8e:72:78:4c:a4:9c:03:e2:70:
8f:fb:bc:11:50:72:35:3b:f6:db:b1:27:48:86:1f:
87:7b:bf:f4:ab:b9:bc:4c:4d:72:71:12:9b:8f:5b:
95:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5A:C9:94:25:62:D0:A0:3D:EC:64:55:2C:77:05:DB:30:55:8A:79
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/q1rJlCVi0KA97GRVLHcF2zBVink.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.68.0/22
62.138.76.0/22
151.106.80.0/20
194.163.224.0/20
194.195.16.0/20
194.195.48.0/20
194.233.240.0/20
195.180.168.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:be:63:75:56:7c:c2:2e:57:12:ee:e6:9a:7e:59:69:51:c5:
23:1c:bd:72:fc:61:65:34:cb:2f:66:54:8b:eb:1a:6a:a2:ae:
6d:ab:9f:87:78:bf:74:7c:0b:39:84:cb:f6:b6:1b:e9:ce:c0:
e1:5d:15:41:24:93:80:02:ff:29:13:2c:12:03:d0:de:5e:07:
6d:b8:bf:46:99:bd:b4:16:65:f8:52:0e:cf:9d:28:4e:2a:f2:
dd:1d:73:58:7b:5a:8f:a3:8e:55:4b:45:f7:8c:3a:12:a4:9f:
6d:15:d9:71:02:f6:ab:8a:75:60:81:98:2d:c2:61:5a:b2:9d:
3c:5e:7e:49:c0:24:8c:de:00:41:bf:b1:2a:14:6d:03:90:ec:
5e:11:7c:4a:59:e0:06:f6:7a:cd:8d:9e:c7:71:b2:14:90:38:
c0:60:87:2d:e2:e1:13:19:78:a4:f6:a7:52:ba:3b:97:86:b9:
7e:bd:df:a1:c2:41:68:9b:10:9c:96:2e:97:fc:c1:d9:4e:00:
da:05:34:b5:14:3e:16:aa:c2:6f:09:4b:44:b6:7f:dd:59:9d:
22:e6:e6:41:1b:bc:58:e9:9f:86:a0:39:2b:24:25:f6:29:31:
35:0c:9a:42:24:0b:b3:4b:0c:cc:09:be:e1:2c:de:d9:7f:cf:
15:02:6a:b5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYKr/eVW0CTt4oJXCCpMb/WHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjIwODE3MTMyODM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVhYzk5NDI1NjJkMGEwM2RlYzY0NTUyYzc3MDVkYjMwNTU4YTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7LkvmOZFA4jldqodyxqVzagoBZE
/PY3tyruPxgFyeW2M6kFhj/1XWKfIzFFOfcmZFSl74dIZQK7VNLDs0eWXMzK34AZ
IzrHarJiwhP4NwZ4H+hhZuK1Obh91dgYUlKj9+XGeXSOtSBvL0vUUdiBbjnhTrz0
yNu6G2fJmQR2flDPUogOhz1kiW5C76ftYD/XZ0b8qiNuiQ5EN0t7ogcbwWz2RxmY
4i/hNlWl3LCFeoqvt8h73uY2206eYTiF9g4NyVJlXf4shhA2MMWm3urk9p1oQzcB
woKOcnhMpJwD4nCP+7wRUHI1O/bbsSdIhh+He7/0q7m8TE1ycRKbj1uVPQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKtayZQlYtCgPexkVSx3BdswVYp5MB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvcTFySmxDVmkwS0E5N0dSVkxIY0YyekJWaW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCPopEAwQC
PopMAwQEl2pQAwQEwqPgAwQEwsMQAwQEwsMwAwQEwunwAwQDw7SoMA0GCSqGSIb3
DQEBCwUAA4IBAQA+vmN1VnzCLlcS7uaafllpUcUjHL1y/GFlNMsvZlSL6xpqoq5t
q5+HeL90fAs5hMv2thvpzsDhXRVBJJOAAv8pEywSA9DeXgdtuL9Gmb20FmX4Ug7P
nShOKvLdHXNYe1qPo45VS0X3jDoSpJ9tFdlxAvarinVggZgtwmFasp08Xn5JwCSM
3gBBv7EqFG0DkOxeEXxKWeAG9nrNjZ7HcbIUkDjAYIct4uETGXik9qdSujuXhrl+
vd+hwkFomxCcli6X/MHZTgDaBTS1FD4WqsJvCUtEtn/dWZ0i5uZBG7xY6Z+GoDkr
JCX2KTE1DJpCJAuzSwzMCb7hLN7Zf88VAmq1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org