Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HtV2dxKUrCI5xUF3jxJ1qWcVSug.roa
File: HtV2dxKUrCI5xUF3jxJ1qWcVSug.roa (raw, json)
Hash identifier: 3bp4cU19s8sRyysEzsMAAspB2GUSz8jF0fsZZgRLNl0=
Subject key identifier: 1E:D5:76:77:12:94:AC:22:39:C5:41:77:8F:12:75:A9:67:15:4A:E8
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 018527932D790C5C071B3F0DF933D17E5FEE
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HtV2dxKUrCI5xUF3jxJ1qWcVSug.roa
Signing time: Sun 18 Dec 2022 23:30:34 +0000
ROA not before: Sun 18 Dec 2022 23:30:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5503
IP address blocks: 213.18.192.0/18 maxlen: 24
212.132.128.0/19 maxlen: 24
217.177.64.0/19 maxlen: 24
185.192.228.0/22 maxlen: 24
212.132.64.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.180.0.0/17 maxlen: 24
217.177.128.0/17 maxlen: 24
194.154.0.0/19 maxlen: 24
212.132.32.0/19 maxlen: 24
217.181.0.0/17 maxlen: 24
62.171.192.0/18 maxlen: 24
217.179.0.0/16 maxlen: 24
194.238.0.0/17 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:27:93:2d:79:0c:5c:07:1b:3f:0d:f9:33:d1:7e:5f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 18 23:30:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ed576771294ac2239c541778f1275a967154ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:86:f9:15:e2:1f:7c:5a:59:57:06:16:dd:26:
d7:35:9f:a5:6a:72:79:7f:7e:44:ed:3c:5d:6e:27:
74:ff:89:29:3a:63:86:17:f8:91:19:3a:25:05:fa:
95:1d:c5:a4:6b:39:40:37:45:95:eb:44:d6:05:7c:
7a:ee:89:62:d1:71:4f:d8:2f:cf:3f:81:2d:af:7d:
c8:74:28:5f:57:a9:e1:f7:ed:cd:c4:ba:93:f7:2f:
4a:da:3d:31:f2:f1:28:9d:15:2d:53:f1:a5:99:92:
da:a5:28:98:af:b1:75:35:66:b0:ff:90:85:e9:31:
88:69:10:e9:4a:07:71:1e:ac:dc:df:fc:98:54:d1:
39:6b:db:75:64:bf:a6:78:e7:05:48:a8:bf:43:e2:
67:15:85:1d:fe:d7:97:d5:5a:59:3b:77:9f:bd:f8:
41:d2:8e:8c:9a:fb:1f:9e:b3:4f:07:24:c9:53:b2:
85:12:2f:2d:58:21:42:90:27:df:ac:bb:4f:a8:1d:
d6:9e:f5:51:7c:e6:29:27:ec:11:6b:4d:98:3f:ad:
49:25:4e:94:31:d5:d5:c1:54:24:12:7b:36:22:d0:
fc:29:88:2b:50:1b:b0:73:c2:bc:38:b0:13:cb:68:
4f:55:b0:bb:3f:3f:86:9e:0a:04:2c:19:93:0e:db:
d0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D5:76:77:12:94:AC:22:39:C5:41:77:8F:12:75:A9:67:15:4A:E8
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HtV2dxKUrCI5xUF3jxJ1qWcVSug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.0.0/17
212.132.32.0-212.132.159.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.177.128.0/17
217.179.0.0-217.180.127.255
217.181.0.0/17
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
87:ae:a6:63:75:87:0c:ae:68:d3:a1:c6:61:40:2d:da:cc:e7:
8c:a0:ce:c4:4c:bb:d0:11:da:2d:c9:81:03:81:eb:9b:37:92:
e1:3f:38:27:e2:0d:3b:a5:66:6d:da:92:f4:e7:33:4b:72:b2:
9e:d8:b5:58:be:3a:af:67:30:12:99:54:2d:9f:00:6c:0d:22:
3a:b9:82:29:0f:24:0d:79:70:1c:60:7b:0d:f1:d6:b3:e8:cd:
b8:ad:51:04:d4:9d:28:d9:e7:fd:2f:39:4f:de:6f:cd:0f:e1:
9e:4c:57:61:ae:36:54:bb:e6:55:48:79:23:68:26:e3:4b:fe:
73:9d:d4:b6:d6:13:5f:aa:65:e5:f1:14:e6:d3:9b:f7:af:7a:
34:e7:8c:a1:81:c5:f3:ea:d0:c1:51:9d:1f:e0:3d:6a:3f:19:
0d:77:3d:be:d5:58:92:ad:ca:3b:b9:0e:93:26:da:b3:23:ee:
b4:2c:b1:94:ac:f8:53:cf:d0:ac:80:a7:45:c7:f7:60:ad:b4:
c8:87:b1:32:74:6a:c0:b5:62:70:7e:c5:af:c5:ba:0c:a4:2c:
0b:33:11:c6:80:07:37:17:65:4c:01:9e:9e:c0:19:37:15:54:
fc:3a:25:14:09:b3:86:73:29:c6:72:24:69:33:cb:5b:60:7a:
bd:c1:bc:d3
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYUnky15DFwHGz8N+TPRfl/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjIxMjE4MjMzMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ1NzY3NzEyOTRhYzIyMzljNTQxNzc4ZjEyNzVhOTY3MTU0YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIb5FeIffFpZVwYW3SbXNZ+lanJ5
f35E7Txdbid0/4kpOmOGF/iRGTolBfqVHcWkazlAN0WV60TWBXx67oli0XFP2C/P
P4Etr33IdChfV6nh9+3NxLqT9y9K2j0x8vEonRUtU/GlmZLapSiYr7F1NWaw/5CF
6TGIaRDpSgdxHqzc3/yYVNE5a9t1ZL+meOcFSKi/Q+JnFYUd/teX1VpZO3efvfhB
0o6MmvsfnrNPByTJU7KFEi8tWCFCkCffrLtPqB3WnvVRfOYpJ+wRa02YP61JJU6U
MdXVwVQkEns2ItD8KYgrUBuwc8K8OLATy2hPVbC7Pz+GngoELBmTDtvQSQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFB7VdncSlKwiOcVBd48SdalnFUroMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvSHRWMmR4S1VyQ0k1eFVGM2p4SjFxV2NWU3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQGPqvAAwQC
ucDkAwQFwpoAAwQHwu4AMAwDBAXUhCADBAXUhIADBAbVEsAwCwMDANmxAwQF2bFA
AwQH2bGAMAsDAwDZswMEB9m0AAMEB9m1ADANBAIAAjAHAwUAKgIPsDANBgkqhkiG
9w0BAQsFAAOCAQEAh66mY3WHDK5o06HGYUAt2sznjKDOxEy70BHaLcmBA4HrmzeS
4T84J+INO6VmbdqS9OczS3Kynti1WL46r2cwEplULZ8AbA0iOrmCKQ8kDXlwHGB7
DfHWs+jNuK1RBNSdKNnn/S85T95vzQ/hnkxXYa42VLvmVUh5I2gm40v+c53UttYT
X6pl5fEU5tOb9696NOeMoYHF8+rQwVGdH+A9aj8ZDXc9vtVYkq3KO7kOkybasyPu
tCyxlKz4U8/QrICnRcf3YK20yIexMnRqwLVicH7Fr8W6DKQsCzMRxoAHNxdlTAGe
nsAZNxVU/DolFAmzhnMpxnIkaTPLW2B6vcG80w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:08 2024 by rpki-client on console-fra.rpki-client.org