Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/rmMEBhf1RHt0LdVJzNqQomLA3HI.roa
File: rmMEBhf1RHt0LdVJzNqQomLA3HI.roa (raw, json)
Hash identifier: yPAnXqYgKhHH+q9m39fICVOArq3CX/mbcwno2INJXAg=
Subject key identifier: AE:63:04:06:17:F5:44:7B:74:2D:D5:49:CC:DA:90:A2:62:C0:DC:72
Certificate issuer: /CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Certificate serial: 01856B6EA114FF57384383691084FF92AA10
Authority key identifier: 1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/rmMEBhf1RHt0LdVJzNqQomLA3HI.roa
Signing time: Sun 01 Jan 2023 03:44:50 +0000
ROA not before: Sun 01 Jan 2023 03:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12350
IP address blocks: 83.228.128.0/17 maxlen: 17
213.162.0.0/19 maxlen: 19
194.38.64.0/19 maxlen: 19
185.133.28.0/22 maxlen: 22
212.232.128.0/17 maxlen: 17
194.148.96.0/19 maxlen: 19
194.148.0.0/18 maxlen: 18
195.15.0.0/17 maxlen: 17
212.28.128.0/19 maxlen: 19
194.38.160.0/19 maxlen: 19
212.147.79.0/24 maxlen: 24
212.40.0.0/19 maxlen: 19
212.147.0.0/17 maxlen: 17
213.5.152.0/21 maxlen: 21
212.254.0.0/16 maxlen: 16
212.109.64.0/19 maxlen: 19
2a03:a360::/32 maxlen: 32
2001:4c78::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:a1:14:ff:57:38:43:83:69:10:84:ff:92:aa:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Validity
Not Before: Jan 1 03:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae63040617f5447b742dd549ccda90a262c0dc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:88:62:9d:c4:00:fc:78:84:87:2a:e2:89:57:
23:db:19:5c:df:8f:e5:73:c7:89:b5:69:58:93:ff:
09:09:53:18:06:dc:88:33:41:3a:c0:81:ec:9d:7d:
24:51:4e:8b:5c:3c:34:ee:83:06:82:f0:b8:bf:85:
19:44:bb:bc:3a:39:92:54:79:57:25:6d:72:12:c8:
02:05:25:9f:b9:43:76:78:56:3f:fb:61:78:8b:d7:
1c:65:fb:b1:b8:93:fa:a6:3d:77:42:63:72:df:90:
b2:16:f6:6f:92:d0:3a:8d:ae:18:3d:9d:3f:b5:b5:
29:8e:f9:75:9c:27:1d:f8:c3:36:bd:36:08:e0:8f:
08:ee:08:0a:1d:2f:f4:c0:4d:a1:43:08:28:7f:35:
9a:3d:a8:d7:40:47:a7:63:ff:56:0c:29:37:4e:8b:
d5:48:1c:62:42:02:45:e3:a0:cc:cf:b1:dc:49:85:
41:6a:cc:f8:58:93:75:f9:31:95:50:5b:e5:5a:5f:
66:f5:39:df:b2:fe:3a:10:ea:df:86:0c:40:1e:df:
7b:55:59:28:33:c4:02:56:fb:44:cf:dd:9a:e1:34:
bf:17:18:12:fb:3f:0d:16:96:ff:42:f6:04:e7:b7:
43:7d:0e:11:2b:3e:8a:9b:a8:99:03:81:fa:ac:8c:
b6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:63:04:06:17:F5:44:7B:74:2D:D5:49:CC:DA:90:A2:62:C0:DC:72
X509v3 Authority Key Identifier:
keyid:1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/rmMEBhf1RHt0LdVJzNqQomLA3HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/H3OdITpDj2eLMiqPj4Ti2MeBSso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.128.0/17
185.133.28.0/22
194.38.64.0/19
194.38.160.0/19
194.148.0.0/18
194.148.96.0/19
195.15.0.0/17
212.28.128.0/19
212.40.0.0/19
212.109.64.0/19
212.147.0.0/17
212.232.128.0/17
212.254.0.0/16
213.5.152.0/21
213.162.0.0/19
IPv6:
2001:4c78::/32
2a03:a360::/32
Signature Algorithm: sha256WithRSAEncryption
a6:1b:98:73:b4:93:8b:8d:55:ae:6e:7c:12:b7:41:47:c9:5d:
01:99:f0:74:6d:68:70:4e:98:50:ae:c3:df:32:09:4d:35:50:
9a:bf:a1:34:db:33:b4:1c:29:9e:f8:a8:58:b0:71:90:29:de:
18:e4:87:23:85:89:52:6f:52:ef:18:32:a8:45:1e:0c:79:fe:
07:c4:94:d6:c9:fc:67:55:c9:ce:ab:c8:cc:1e:15:c3:0f:c3:
75:9f:16:bc:76:d6:65:95:8d:d7:af:06:4e:f6:3f:e7:76:22:
16:d6:37:1a:41:e4:c2:eb:2c:a6:a2:a6:d2:9c:db:d5:02:82:
8a:be:db:0f:ef:0e:3d:a7:d0:eb:cb:27:93:ad:6b:39:52:f3:
cf:31:ed:b7:7d:02:0f:c1:60:80:93:38:74:d1:17:3a:98:cc:
00:32:5e:63:63:a4:ae:fa:a8:d1:91:7b:cb:e6:99:d8:48:a2:
87:bf:19:29:65:92:7d:c6:c4:16:50:68:cc:db:00:9b:3c:0f:
5a:34:a7:7a:ef:da:7a:ae:72:2e:9b:5a:3c:16:25:01:66:c2:
61:09:24:d3:93:af:d0:48:60:fc:12:fe:a1:2d:18:8e:bb:04:
35:82:c0:76:4f:2e:78:bb:62:39:c7:bf:60:f7:ec:44:7e:53:
62:21:82:b7
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYVrbqEU/1c4Q4NpEIT/kqoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzM5ZDIxM2E0MzhmNjc4YjMyMmE4ZjhmODRlMmQ4Yzc4
MTRhY2EwHhcNMjMwMTAxMDM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTYzMDQwNjE3ZjU0NDdiNzQyZGQ1NDljY2RhOTBhMjYyYzBkYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4hincQA/HiEhyriiVcj2xlc34/l
c8eJtWlYk/8JCVMYBtyIM0E6wIHsnX0kUU6LXDw07oMGgvC4v4UZRLu8OjmSVHlX
JW1yEsgCBSWfuUN2eFY/+2F4i9ccZfuxuJP6pj13QmNy35CyFvZvktA6ja4YPZ0/
tbUpjvl1nCcd+MM2vTYI4I8I7ggKHS/0wE2hQwgofzWaPajXQEenY/9WDCk3TovV
SBxiQgJF46DMz7HcSYVBasz4WJN1+TGVUFvlWl9m9Tnfsv46EOrfhgxAHt97VVko
M8QCVvtEz92a4TS/FxgS+z8NFpb/QvYE57dDfQ4RKz6Km6iZA4H6rIy2cQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFK5jBAYX9UR7dC3VSczakKJiwNxyMB8GA1UdIwQY
MBaAFB9znSE6Q49nizIqj4+E4tjHgUrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEt
MzkyZTA1YTg0Mjc3LzEvcm1NRUJoZjFSSHQwTGRWSnpOcVFvbUxBM0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEtMzkyZTA1YTg0Mjc3
LzEvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwXwQCAAEwWQMEB1PkgAME
ArmFHAMEBcImQAMEBcImoAMEBsKUAAMEBcKUYAMEB8MPAAMEBdQcgAMEBdQoAAME
BdRtQAMEB9STAAMEB9TogAMDANT+AwQD1QWYAwQF1aIAMBQEAgACMA4DBQAgAUx4
AwUAKgOjYDANBgkqhkiG9w0BAQsFAAOCAQEAphuYc7STi41Vrm58ErdBR8ldAZnw
dG1ocE6YUK7D3zIJTTVQmr+hNNsztBwpnvioWLBxkCneGOSHI4WJUm9S7xgyqEUe
DHn+B8SU1sn8Z1XJzqvIzB4Vww/DdZ8WvHbWZZWN168GTvY/53YiFtY3GkHkwuss
pqKm0pzb1QKCir7bD+8OPafQ68snk61rOVLzzzHtt30CD8FggJM4dNEXOpjMADJe
Y2Okrvqo0ZF7y+aZ2Eiih78ZKWWSfcbEFlBozNsAmzwPWjSneu/aeq5yLptaPBYl
AWbCYQkk05Ov0Ehg/BL+oS0YjrsENYLAdk8ueLtiOce/YPfsRH5TYiGCtw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:33 2025 by rpki-client