Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/1jQCrd0HofzZgstE6HITHgGuFzo.roa
File: 1jQCrd0HofzZgstE6HITHgGuFzo.roa (raw, json)
Hash identifier: GYGGvmBDibMkcFS4k7RIRVPuRW0GiRoivXYAPjwfOvo=
Subject key identifier: D6:34:02:AD:DD:07:A1:FC:D9:82:CB:44:E8:72:13:1E:01:AE:17:3A
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019277AF5450DDB9FF06108F11031C5EC9AD
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/1jQCrd0HofzZgstE6HITHgGuFzo.roa
Signing time: Thu 10 Oct 2024 18:27:11 +0000
ROA not before: Thu 10 Oct 2024 18:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.125.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.12.0/23 maxlen: 23
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.90.0/24 maxlen: 24
95.164.120.0/24 maxlen: 24
95.164.121.0/24 maxlen: 24
95.164.122.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.160.0/22 maxlen: 24
95.164.164.0/22 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:77:af:54:50:dd:b9:ff:06:10:8f:11:03:1c:5e:c9:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 10 18:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d63402addd07a1fcd982cb44e872131e01ae173a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0a:d6:2d:7d:eb:da:4c:f1:73:59:db:bd:ae:
0f:a6:a9:4f:55:bc:6e:ab:6d:c4:a8:e3:0f:76:01:
f9:7d:55:4e:b4:b4:97:d2:7b:77:78:01:b7:6e:40:
15:d1:8f:82:09:4b:04:9d:38:13:fe:94:04:77:18:
bc:d7:cb:ad:a4:ae:1e:be:c1:61:91:19:e7:42:37:
e5:4c:6e:f3:b6:fc:ac:59:dc:75:83:75:a0:38:b9:
ab:17:0d:1f:22:d9:3b:bc:50:f1:3f:d3:92:6f:ba:
21:e5:32:e9:47:95:dc:a0:e7:66:cd:e9:ab:bf:af:
50:c3:1f:7b:b2:fc:9e:99:9f:d0:57:f2:12:cd:27:
1b:fc:98:7d:ec:ea:91:e6:d1:93:1c:54:ea:6b:ac:
cd:aa:3e:84:5d:ad:ac:9d:f4:52:c8:f3:23:2b:3b:
f0:9f:3c:12:12:eb:62:80:ce:ec:37:c3:e1:82:6f:
27:51:11:c0:2e:c6:90:ce:71:67:5b:76:a7:94:73:
ab:fb:0b:db:dd:f8:25:2e:01:95:97:74:16:0b:e0:
e0:be:ec:2b:6d:71:a7:5c:52:9b:8d:9d:aa:c4:53:
50:6f:f8:4f:c3:49:f7:59:89:b2:bd:a2:c1:89:fa:
50:f1:90:dd:21:df:74:eb:d6:37:0d:d5:11:c3:ca:
1f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:34:02:AD:DD:07:A1:FC:D9:82:CB:44:E8:72:13:1E:01:AE:17:3A
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/1jQCrd0HofzZgstE6HITHgGuFzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.124.0/23
94.131.127.0/24
95.164.12.0/23
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.90.0/24
95.164.120.0/22
95.164.160.0/21
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:e6:f8:0b:6f:7d:67:94:a1:a2:0d:b1:a8:55:e0:14:4a:ba:
b3:71:d0:d2:43:63:62:29:9f:52:0b:60:bd:91:83:b3:f0:aa:
fb:a6:f4:17:de:b1:d8:f1:fa:b6:c1:47:84:13:26:82:87:14:
c9:de:68:71:fd:ed:bf:33:c5:8d:43:82:bb:f7:a6:08:98:2b:
9a:28:ca:84:f3:dd:b2:d5:bd:a1:cb:fa:1e:4b:7f:2f:9c:77:
8f:58:97:a9:a7:b1:bd:8a:54:04:d1:dc:09:5f:33:98:42:f6:
3d:d4:7d:40:40:fc:e0:ce:74:ee:66:75:5e:c0:ef:ed:dc:c7:
c9:71:2b:36:b1:07:5c:68:21:ad:b4:55:85:09:45:99:48:86:
4e:33:8c:49:be:b4:aa:5e:16:12:09:1d:18:33:d9:63:96:21:
e8:2a:1c:70:94:92:ac:c6:cc:88:af:74:e0:93:f3:5b:2c:83:
a2:9a:fc:77:8d:09:55:ec:07:62:4d:75:dc:df:ae:cb:cf:de:
db:65:c0:b0:90:9a:77:36:67:1a:45:f5:32:94:38:12:e4:2a:
13:8e:67:e9:2d:b3:28:05:69:df:6b:69:8a:54:cc:40:68:3c:
d1:23:32:31:33:7e:35:1e:b6:3d:e3:54:00:df:d6:d8:5e:38:
1b:45:51:74
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZJ3r1RQ3bn/BhCPEQMcXsmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMDEwMTgyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM0MDJhZGRkMDdhMWZjZDk4MmNiNDRlODcyMTMxZTAxYWUxNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QrWLX3r2kzxc1nbva4PpqlPVbxu
q23EqOMPdgH5fVVOtLSX0nt3eAG3bkAV0Y+CCUsEnTgT/pQEdxi818utpK4evsFh
kRnnQjflTG7ztvysWdx1g3WgOLmrFw0fItk7vFDxP9OSb7oh5TLpR5XcoOdmzemr
v69Qwx97svyemZ/QV/ISzScb/Jh97OqR5tGTHFTqa6zNqj6EXa2snfRSyPMjKzvw
nzwSEutigM7sN8Phgm8nURHALsaQznFnW3anlHOr+wvb3fglLgGVl3QWC+Dgvuwr
bXGnXFKbjZ2qxFNQb/hPw0n3WYmyvaLBifpQ8ZDdId9069Y3DdURw8ofrQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFNY0Aq3dB6H82YLLROhyEx4Brhc6MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvMWpRQ3JkMEhvZnpaZ3N0RTZISVRIZ0d1RnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBpQQCAAEwgZ4DBAU+
zYADBAFegwADBABegwQDBAFegwYDBAFeg3wDBABeg38DBAFfpAwDBABfpA8DBABf
pBQDBAJfpCgwDAMEAF+kMQMEAF+kMjAMAwQCX6Q0AwQCX6Q4MAwDBANfpEgDBABf
pEwDBAJfpFADBABfpFoDBAJfpHgDBANfpKAwDAMEAV+kqgMEBF+koAMEAV+k+AME
AF+k+wMEA8PW0DANBAIAAjAHAwUAKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAneb4
C299Z5Shog2xqFXgFEq6s3HQ0kNjYimfUgtgvZGDs/Cq+6b0F96x2PH6tsFHhBMm
gocUyd5ocf3tvzPFjUOCu/emCJgrmijKhPPdstW9ocv6Hkt/L5x3j1iXqaexvYpU
BNHcCV8zmEL2PdR9QED84M507mZ1XsDv7dzHyXErNrEHXGghrbRVhQlFmUiGTjOM
Sb60ql4WEgkdGDPZY5Yh6CoccJSSrMbMiK904JPzWyyDopr8d40JVewHYk113N+u
y8/e22XAsJCadzZnGkX1MpQ4EuQqE45n6S2zKAVp32tpilTMQGg80SMyMTN+NR62
PeNUAN/W2F44G0VRdA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:22 2025 by rpki-client