Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/a6HfBLiU4fl3o9X43eWjXMVCnSo.roa
File: a6HfBLiU4fl3o9X43eWjXMVCnSo.roa (raw, json)
Hash identifier: 9fWzAHwQwghPqUOOQeF3kKMWlpP+WWf4s5FC1xEpSIo=
Subject key identifier: 6B:A1:DF:04:B8:94:E1:F9:77:A3:D5:F8:DD:E5:A3:5C:C5:42:9D:2A
Certificate issuer: /CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Certificate serial: 3713AB97
Authority key identifier: 26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/a6HfBLiU4fl3o9X43eWjXMVCnSo.roa
Signing time: Sat 01 Jan 2022 13:59:03 +0000
ROA not before: Sat 01 Jan 2022 13:59:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34574
IP address blocks: 188.64.144.0/24 maxlen: 24
188.64.144.0/21 maxlen: 21
188.64.145.0/24 maxlen: 24
188.64.147.0/24 maxlen: 24
2a00:1120::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924035991 (0x3713ab97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Validity
Not Before: Jan 1 13:59:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ba1df04b894e1f977a3d5f8dde5a35cc5429d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:00:49:dd:76:17:09:5c:a0:30:4b:6b:7b:f8:
c5:73:d1:58:9d:62:92:2f:14:ad:97:1b:39:e6:a2:
4a:b8:31:6f:ca:fc:f3:60:7a:d7:c1:f1:2e:ab:ad:
21:31:b0:f1:d5:a0:57:29:9d:14:71:48:5e:24:51:
84:1c:61:3d:4c:f3:24:12:fb:6e:7e:88:fc:f6:9d:
13:2d:ea:d8:0d:a1:43:09:75:1a:8a:27:36:5f:a7:
61:11:03:b6:cf:11:a6:33:1a:60:b4:aa:f0:bf:84:
fc:d0:c4:f1:90:8c:1a:91:9f:09:c5:9d:17:33:91:
52:95:24:63:77:b3:57:a4:29:1d:28:7e:13:9b:44:
22:16:fb:30:2b:7a:e1:79:4d:c1:2a:45:63:e8:ef:
bf:4a:ba:66:91:6a:2e:46:d7:dd:3d:a5:ad:ab:fa:
03:85:31:dd:5c:ee:1f:a8:b7:fc:74:38:41:a5:75:
7a:3d:18:0c:30:45:8a:1c:3e:4a:49:a4:01:d9:d0:
15:9e:e0:ec:d1:b2:6a:d3:50:c2:21:a2:08:5f:21:
6f:eb:42:53:79:66:ab:35:e7:6a:7d:ec:e4:61:b5:
9f:74:d4:d9:39:2e:cd:d6:54:c7:55:ac:7f:8d:a4:
7b:9d:ae:0d:3c:6a:1d:b9:95:65:39:1a:27:eb:71:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A1:DF:04:B8:94:E1:F9:77:A3:D5:F8:DD:E5:A3:5C:C5:42:9D:2A
X509v3 Authority Key Identifier:
keyid:26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/a6HfBLiU4fl3o9X43eWjXMVCnSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.144.0/21
IPv6:
2a00:1120::/32
Signature Algorithm: sha256WithRSAEncryption
41:ea:0e:8a:38:83:78:f3:87:85:de:d4:13:1b:af:34:1b:e5:
0a:56:7c:5d:f6:b2:6a:69:5b:18:51:37:86:15:c4:ae:e4:d5:
f9:c6:64:fb:7d:3e:ce:8a:13:cf:3f:3f:e0:52:d3:83:50:4c:
e6:57:d7:86:9d:93:22:41:f5:20:b2:3c:81:a1:a1:68:01:46:
50:3f:0b:0b:fc:44:27:e9:d4:a7:6a:e4:77:82:7a:63:c3:bf:
ec:c6:6d:71:17:0e:f7:53:a8:7e:e5:ee:b7:03:40:ca:f0:42:
8b:c5:28:6e:6c:ac:39:20:ae:23:ab:27:14:27:9b:c0:a6:a9:
99:34:bd:e6:75:47:e4:55:bf:47:9c:2c:08:13:a8:d3:aa:d3:
b2:a6:d6:fa:d0:dc:8b:82:2a:bc:0c:61:7d:30:20:ff:bd:09:
9a:a2:c4:ad:e4:7e:f8:b9:3c:16:83:ce:85:06:ed:38:e7:fa:
14:d5:ef:30:fa:da:b5:2d:f5:5e:fd:c1:ed:02:1b:b7:8a:a1:
ca:0a:85:27:8d:71:68:46:27:e6:a1:2e:5e:a9:5a:45:1f:c1:
61:b3:24:45:61:36:a3:c3:2e:52:aa:0d:d3:e4:f9:cf:46:97:
75:a8:5f:66:b1:a0:c5:05:86:98:f8:e8:a0:53:54:6f:b7:e5:
a9:16:42:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENxOrlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjlmNGY3MTQzYjQwNjc4MDVjYmE5YTQwZjYzOTczMmVlN2Q0MmU1MB4XDTIyMDEw
MTEzNTkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJhMWRmMDRiODk0
ZTFmOTc3YTNkNWY4ZGRlNWEzNWNjNTQyOWQyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4ASd12FwlcoDBLa3v4xXPRWJ1iki8UrZcbOeaiSrgxb8r8
82B618HxLqutITGw8dWgVymdFHFIXiRRhBxhPUzzJBL7bn6I/PadEy3q2A2hQwl1
GoonNl+nYREDts8RpjMaYLSq8L+E/NDE8ZCMGpGfCcWdFzORUpUkY3ezV6QpHSh+
E5tEIhb7MCt64XlNwSpFY+jvv0q6ZpFqLkbX3T2lrav6A4Ux3VzuH6i3/HQ4QaV1
ej0YDDBFihw+SkmkAdnQFZ7g7NGyatNQwiGiCF8hb+tCU3lmqzXnan3s5GG1n3TU
2TkuzdZUx1Wsf42ke52uDTxqHbmVZTkaJ+txueECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRrod8EuJTh+Xej1fjd5aNcxUKdKjAfBgNVHSMEGDAWgBQmn09xQ7QGeAXL
qaQPY5cy7n1C5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pwOVBjVU8wQm5nRnk2bWtEMk9YTXU1OVF1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvYzkwODYwLTgxMzgtNDMzYy1iMjRmLTkyYzc4MGNhMzI2MC8x
L2E2SGZCTGlVNGZsM285WDQzZVdqWE1WQ25Tby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
YzkwODYwLTgxMzgtNDMzYy1iMjRmLTkyYzc4MGNhMzI2MC8xL0pwOVBjVU8wQm5n
Rnk2bWtEMk9YTXU1OVF1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA7xAkDANBAIAAjAHAwUAKgARIDAN
BgkqhkiG9w0BAQsFAAOCAQEAQeoOijiDePOHhd7UExuvNBvlClZ8XfayamlbGFE3
hhXEruTV+cZk+30+zooTzz8/4FLTg1BM5lfXhp2TIkH1ILI8gaGhaAFGUD8LC/xE
J+nUp2rkd4J6Y8O/7MZtcRcO91OofuXutwNAyvBCi8UobmysOSCuI6snFCebwKap
mTS95nVH5FW/R5wsCBOo06rTsqbW+tDci4IqvAxhfTAg/70JmqLEreR++Lk8FoPO
hQbtOOf6FNXvMPratS31Xv3B7QIbt4qhygqFJ41xaEYn5qEuXqlaRR/BYbMkRWE2
o8MuUqoN0+T5z0aXdahfZrGgxQWGmPjooFNUb7flqRZCfw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:21 2025 by rpki-client