Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/y71K1AtaNpXUGtyyYLvQrOHb_2o.roa
File: y71K1AtaNpXUGtyyYLvQrOHb_2o.roa (raw, json)
Hash identifier: VYmfvVm6sREWHeAWF9pXV+//rPCA37WEXRc+G0QaLaY=
Subject key identifier: CB:BD:4A:D4:0B:5A:36:95:D4:1A:DC:B2:60:BB:D0:AC:E1:DB:FF:6A
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0183C25904E88C4638F7BBC02DB1A1264A30
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/y71K1AtaNpXUGtyyYLvQrOHb_2o.roa
Signing time: Mon 10 Oct 2022 14:42:37 +0000
ROA not before: Mon 10 Oct 2022 14:42:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5503
IP address blocks: 213.18.192.0/18 maxlen: 24
212.132.128.0/19 maxlen: 24
212.173.0.0/19 maxlen: 24
212.173.128.0/17 maxlen: 24
217.176.0.0/15 maxlen: 24
185.192.228.0/22 maxlen: 24
213.72.128.0/17 maxlen: 24
212.173.64.0/18 maxlen: 24
217.180.0.0/17 maxlen: 24
212.132.0.0/17 maxlen: 24
212.207.0.0/16 maxlen: 24
194.154.0.0/19 maxlen: 24
217.181.0.0/17 maxlen: 24
62.171.192.0/18 maxlen: 24
217.179.0.0/16 maxlen: 24
212.173.32.0/19 maxlen: 24
194.238.2.0/23 maxlen: 24
194.238.0.0/16 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:59:04:e8:8c:46:38:f7:bb:c0:2d:b1:a1:26:4a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Oct 10 14:42:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbbd4ad40b5a3695d41adcb260bbd0ace1dbff6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:12:7a:4b:c3:d1:64:8a:08:95:ff:c1:bf:
06:33:f2:9c:df:08:cc:0f:94:76:b0:48:b9:fb:89:
5f:f7:5e:be:e7:e6:86:ba:7c:05:1a:d9:b2:58:ea:
54:00:be:04:7d:46:90:88:4e:ea:b2:76:de:39:7a:
03:7c:6d:42:54:86:00:2a:d0:01:b3:f9:ab:74:a6:
c1:66:93:e9:c5:3a:b0:74:15:6a:ac:11:4a:6e:26:
21:4b:7e:4e:23:00:2c:4b:d0:f1:53:7e:a0:39:be:
7a:2e:f6:49:45:0e:c6:5f:01:e2:7e:db:96:e2:61:
12:ab:c0:5e:6c:4f:f7:46:ff:46:02:67:dd:63:8b:
fa:76:3c:6d:13:f3:16:b0:c1:f5:58:8e:2b:62:8a:
50:41:21:b3:61:d5:7e:57:cd:ef:24:1b:14:27:1a:
71:e2:92:42:f2:70:33:ac:86:27:a3:24:33:67:ab:
96:e8:1d:e0:03:de:f9:b5:e0:6a:be:a8:66:01:7a:
81:ed:f8:4f:2d:b5:ae:e2:c8:6b:ef:a6:d2:58:7c:
ac:30:db:a9:f7:3c:e4:18:2b:7e:61:50:aa:1e:d3:
2d:f7:c2:21:bb:06:19:07:54:4d:aa:5e:b4:39:6c:
d0:68:df:3e:db:1f:0d:76:94:44:a0:a1:ec:2c:c3:
74:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BD:4A:D4:0B:5A:36:95:D4:1A:DC:B2:60:BB:D0:AC:E1:DB:FF:6A
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/y71K1AtaNpXUGtyyYLvQrOHb_2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.0.0/16
212.132.0.0-212.132.159.255
212.173.0.0/16
212.207.0.0/16
213.18.192.0/18
213.72.128.0/17
217.176.0.0/15
217.179.0.0-217.180.127.255
217.181.0.0/17
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
52:bb:37:59:7b:4b:bb:b2:53:c5:fb:e2:9d:e0:35:7e:98:cf:
26:bb:84:13:6a:b8:35:40:d0:11:bc:46:4e:5a:17:c7:cf:bd:
9e:4d:a1:e8:b7:13:14:15:22:57:c2:b9:b0:fa:35:83:fb:7d:
2e:f5:d3:64:35:1d:94:93:ec:fe:d7:6c:93:c1:09:21:d4:d9:
93:a0:b0:9d:d9:30:c1:3f:d3:36:3c:7b:24:2a:33:c9:48:ac:
09:57:1f:b8:ec:e4:a2:68:1b:ec:18:0b:45:af:1f:bb:d1:0e:
3f:2c:7a:cb:d4:bf:dd:66:7e:c0:a8:f3:b6:17:13:68:e5:e4:
a7:0b:cc:14:0f:97:5c:f6:07:a4:27:64:b0:eb:ba:91:38:50:
74:73:58:ad:a5:39:96:0d:06:f8:b7:70:e0:ed:f8:6b:ad:fc:
4e:11:e4:2b:38:50:51:ea:a6:8e:7b:c2:21:23:89:e4:3e:21:
cf:99:5f:34:b9:63:a3:e6:b4:66:20:b6:3a:51:f2:f4:a8:67:
a6:1b:af:72:b4:15:c0:b5:b1:d7:c9:8b:fe:2d:93:1d:68:2a:
51:e7:0a:7c:75:3e:b2:0f:74:9a:a5:3b:fa:ad:ef:b0:3a:30:
94:dd:7c:18:a8:5a:67:47:1d:d6:95:d9:5b:46:b0:40:99:87:
66:03:af:49
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYPCWQTojEY497vALbGhJkowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjIxMDEwMTQ0MjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmJkNGFkNDBiNWEzNjk1ZDQxYWRjYjI2MGJiZDBhY2UxZGJmZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE0SekvD0WSKCJX/wb8GM/Kc3wjM
D5R2sEi5+4lf916+5+aGunwFGtmyWOpUAL4EfUaQiE7qsnbeOXoDfG1CVIYAKtAB
s/mrdKbBZpPpxTqwdBVqrBFKbiYhS35OIwAsS9DxU36gOb56LvZJRQ7GXwHiftuW
4mESq8BebE/3Rv9GAmfdY4v6djxtE/MWsMH1WI4rYopQQSGzYdV+V83vJBsUJxpx
4pJC8nAzrIYnoyQzZ6uW6B3gA975teBqvqhmAXqB7fhPLbWu4shr76bSWHysMNup
9zzkGCt+YVCqHtMt98IhuwYZB1RNql60OWzQaN8+2x8NdpREoKHsLMN0XQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFMu9StQLWjaV1BrcsmC70Kzh2/9qMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEveTcxSzFBdGFOcFhVR3R5eVlMdlFyT0hiXzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQGPqvAAwQC
ucDkAwQFwpoAAwMAwu4wCwMDAtSEAwQF1ISAAwMA1K0DAwDUzwMEBtUSwAMEB9VI
gAMDAdmwMAsDAwDZswMEB9m0AAMEB9m1ADANBAIAAjAHAwUAKgIPsDANBgkqhkiG
9w0BAQsFAAOCAQEAUrs3WXtLu7JTxfvineA1fpjPJruEE2q4NUDQEbxGTloXx8+9
nk2h6LcTFBUiV8K5sPo1g/t9LvXTZDUdlJPs/tdsk8EJIdTZk6CwndkwwT/TNjx7
JCozyUisCVcfuOzkomgb7BgLRa8fu9EOPyx6y9S/3WZ+wKjzthcTaOXkpwvMFA+X
XPYHpCdksOu6kThQdHNYraU5lg0G+Ldw4O34a638ThHkKzhQUeqmjnvCISOJ5D4h
z5lfNLljo+a0ZiC2OlHy9KhnphuvcrQVwLWx18mL/i2THWgqUecKfHU+sg90mqU7
+q3vsDowlN18GKhaZ0cd1pXZW0awQJmHZgOvSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:08 2024 by rpki-client on console-fra.rpki-client.org