Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/Y2pME4yMdugPjPEVWUpN2bkNSKQ.roa
File: Y2pME4yMdugPjPEVWUpN2bkNSKQ.roa (raw, json)
Hash identifier: Ayvc2qyNrvkJLrtZpmaWI5k5f22qrEOtcJNxZHeZ4hk=
Subject key identifier: 63:6A:4C:13:8C:8C:76:E8:0F:8C:F1:15:59:4A:4D:D9:B9:0D:48:A4
Certificate issuer: /CN=ec3543aa00373e9e4d10e64c83d3779b378888c1
Certificate serial: 018465FA722725A40E84A28AC7B362F149FC
Authority key identifier: EC:35:43:AA:00:37:3E:9E:4D:10:E6:4C:83:D3:77:9B:37:88:88:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DVDqgA3Pp5NEOZMg9N3mzeIiME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/Y2pME4yMdugPjPEVWUpN2bkNSKQ.roa
Signing time: Fri 11 Nov 2022 09:17:02 +0000
ROA not before: Fri 11 Nov 2022 09:17:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15598
IP address blocks: 82.149.68.0/22 maxlen: 22
82.149.84.0/22 maxlen: 22
82.149.88.0/22 maxlen: 22
82.149.92.0/22 maxlen: 22
62.146.0.0/16 maxlen: 16
62.146.5.0/24 maxlen: 24
62.146.17.0/24 maxlen: 24
82.149.64.0/22 maxlen: 22
82.149.64.0/19 maxlen: 19
80.190.32.0/19 maxlen: 19
80.190.64.0/19 maxlen: 19
80.190.0.0/16 maxlen: 16
212.112.224.0/19 maxlen: 19
80.190.96.0/19 maxlen: 19
80.190.128.0/19 maxlen: 19
80.190.240.0/20 maxlen: 20
212.123.96.0/19 maxlen: 19
81.17.96.0/20 maxlen: 20
81.17.112.0/24 maxlen: 24
81.17.111.0/24 maxlen: 24
81.17.115.0/24 maxlen: 24
81.17.114.0/24 maxlen: 24
81.17.113.0/24 maxlen: 24
81.17.116.0/24 maxlen: 24
2a01:138::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:fa:72:27:25:a4:0e:84:a2:8a:c7:b3:62:f1:49:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3543aa00373e9e4d10e64c83d3779b378888c1
Validity
Not Before: Nov 11 09:17:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=636a4c138c8c76e80f8cf115594a4dd9b90d48a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:06:3e:8c:12:38:6d:d0:a4:7d:79:90:0e:02:
9d:c9:c6:e4:d2:23:96:da:1a:2a:36:aa:c0:ea:eb:
94:2c:f2:55:95:1c:e0:aa:b7:74:9f:da:ab:57:59:
7d:29:6a:e2:f0:3f:5f:8e:ea:7d:70:4a:17:d8:10:
9a:75:20:11:83:ba:ab:18:81:84:3d:43:2c:c7:07:
ee:5b:0a:75:64:dc:a4:e8:ac:57:d2:8e:e9:1f:b3:
88:a2:9e:84:b4:cd:3d:2f:00:c4:5a:5b:c8:03:d1:
51:30:64:31:a3:db:6a:ab:4a:dd:b7:f8:86:e1:ef:
ef:79:d3:49:6e:a9:4e:71:38:60:0f:0a:27:57:c9:
a4:a0:5b:fd:cb:50:ac:32:05:b5:0c:b2:fe:aa:82:
c4:be:64:2a:f5:7f:27:d2:ed:0d:17:b2:49:81:1f:
65:b1:27:74:8a:62:cd:8b:a0:3a:b9:29:e0:c2:4c:
5b:63:fb:ca:24:d8:4f:34:cf:54:b2:c9:06:7f:56:
e9:f6:44:6a:0f:26:ea:69:c2:94:d9:30:21:dc:a5:
53:8f:60:fe:a8:62:66:72:28:0a:86:7e:2e:65:d0:
20:09:c4:82:e6:96:24:37:f9:34:97:41:c9:5f:63:
ce:e8:45:96:a4:69:ba:80:34:69:34:19:e0:35:cd:
db:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6A:4C:13:8C:8C:76:E8:0F:8C:F1:15:59:4A:4D:D9:B9:0D:48:A4
X509v3 Authority Key Identifier:
keyid:EC:35:43:AA:00:37:3E:9E:4D:10:E6:4C:83:D3:77:9B:37:88:88:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DVDqgA3Pp5NEOZMg9N3mzeIiME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/Y2pME4yMdugPjPEVWUpN2bkNSKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/7DVDqgA3Pp5NEOZMg9N3mzeIiME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.0.0/16
80.190.0.0/16
81.17.96.0-81.17.116.255
82.149.64.0/19
212.112.224.0/19
212.123.96.0/19
IPv6:
2a01:138::/32
Signature Algorithm: sha256WithRSAEncryption
45:f1:15:6b:15:68:23:b3:e2:c6:da:f9:09:41:c4:ed:aa:ef:
61:a4:31:e4:07:c9:67:f4:4c:2e:97:e4:14:13:17:f3:e0:e5:
09:6d:8c:94:20:21:93:e0:17:58:cd:6b:0c:fa:0c:b2:77:89:
84:56:f1:ba:f0:80:95:ec:84:56:be:77:29:a7:46:9c:26:13:
df:d5:7b:26:86:8a:6f:81:d0:e8:4e:76:f3:ad:b3:88:34:9f:
25:98:87:c7:4d:7f:ee:7a:21:17:0a:2b:99:ab:7b:fb:10:a5:
1b:7a:8b:b6:93:45:a3:ff:84:8c:93:30:ff:84:86:e2:b4:4c:
be:8e:bf:65:aa:ed:b0:9a:27:e0:dc:bc:f2:b5:62:81:05:bc:
65:30:83:cb:84:98:00:4a:da:41:25:44:22:af:c4:f5:b6:e6:
1a:e2:c5:d2:7a:d9:db:77:99:e4:03:cb:bc:b2:6e:2e:12:ac:
f7:ca:d4:ea:85:51:4f:fc:3e:09:90:9f:b9:4b:e1:4d:b0:62:
a8:23:71:04:98:d0:6e:f2:70:cd:fd:15:0c:ca:3b:b6:33:ee:
4a:bc:3a:2c:d0:6d:7e:95:3e:d9:5d:80:80:3b:bb:28:dc:f9:
45:31:ab:bd:6f:8e:04:6f:1b:87:65:41:4a:86:49:8f:1e:a9:
76:01:e7:68
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYRl+nInJaQOhKKKx7Ni8Un8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMzU0M2FhMDAzNzNlOWU0ZDEwZTY0YzgzZDM3NzliMzc4
ODg4YzEwHhcNMjIxMTExMDkxNzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzZhNGMxMzhjOGM3NmU4MGY4Y2YxMTU1OTRhNGRkOWI5MGQ0OGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQY+jBI4bdCkfXmQDgKdycbk0iOW
2hoqNqrA6uuULPJVlRzgqrd0n9qrV1l9KWri8D9fjup9cEoX2BCadSARg7qrGIGE
PUMsxwfuWwp1ZNyk6KxX0o7pH7OIop6EtM09LwDEWlvIA9FRMGQxo9tqq0rdt/iG
4e/vedNJbqlOcThgDwonV8mkoFv9y1CsMgW1DLL+qoLEvmQq9X8n0u0NF7JJgR9l
sSd0imLNi6A6uSngwkxbY/vKJNhPNM9UsskGf1bp9kRqDybqacKU2TAh3KVTj2D+
qGJmcigKhn4uZdAgCcSC5pYkN/k0l0HJX2PO6EWWpGm6gDRpNBngNc3b6QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGNqTBOMjHboD4zxFVlKTdm5DUikMB8GA1UdIwQY
MBaAFOw1Q6oANz6eTRDmTIPTd5s3iIjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RWRHFnQTNQcDVORU9aTWc5TjNtemVJaU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xOWU3MTUtZmZhYS00YzQzLWI3OWEt
NTZmNmVjYzFjMTIxLzEvWTJwTUU0eU1kdWdQalBFVldVcE4yYmtOU0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xOWU3MTUtZmZhYS00YzQzLWI3OWEtNTZmNmVjYzFjMTIx
LzEvN0RWRHFnQTNQcDVORU9aTWc5TjNtemVJaU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwMAPpIDAwBQ
vjAMAwQFURFgAwQAURF0AwQFUpVAAwQF1HDgAwQF1HtgMA0EAgACMAcDBQAqAQE4
MA0GCSqGSIb3DQEBCwUAA4IBAQBF8RVrFWgjs+LG2vkJQcTtqu9hpDHkB8ln9Ewu
l+QUExfz4OUJbYyUICGT4BdYzWsM+gyyd4mEVvG68ICV7IRWvncpp0acJhPf1Xsm
hopvgdDoTnbzrbOINJ8lmIfHTX/ueiEXCiuZq3v7EKUbeou2k0Wj/4SMkzD/hIbi
tEy+jr9lqu2wmifg3LzytWKBBbxlMIPLhJgAStpBJUQir8T1tuYa4sXSetnbd5nk
A8u8sm4uEqz3ytTqhVFP/D4JkJ+5S+FNsGKoI3EEmNBu8nDN/RUMyju2M+5KvDos
0G1+lT7ZXYCAO7so3PlFMau9b44EbxuHZUFKhkmPHql2Aedo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:46 2024 by rpki-client on console-fra.rpki-client.org