Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/HFqQuSZI1u9aeNEfHz6AoISG5kY.roa
File: HFqQuSZI1u9aeNEfHz6AoISG5kY.roa (raw, json)
Hash identifier: StJ5UYrolCBOMhF3H6ibPlnKwq1rmTZ2Qbvo1rgE6dg=
Subject key identifier: 1C:5A:90:B9:26:48:D6:EF:5A:78:D1:1F:1F:3E:80:A0:84:86:E6:46
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 16252778
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/HFqQuSZI1u9aeNEfHz6AoISG5kY.roa
Signing time: Mon 30 May 2022 10:56:15 +0000
ROA not before: Mon 30 May 2022 10:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12513
IP address blocks: 194.46.32.0/19 maxlen: 19
91.84.0.0/15 maxlen: 15
194.46.64.0/19 maxlen: 19
194.46.80.0/20 maxlen: 20
212.104.128.0/19 maxlen: 19
212.108.80.0/21 maxlen: 21
212.108.88.0/22 maxlen: 22
2a02:c2c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 371533688 (0x16252778)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: May 30 10:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c5a90b92648d6ef5a78d11f1f3e80a08486e646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:b7:aa:8a:29:40:6c:1d:89:0d:82:0e:4f:6f:
13:a5:20:40:dd:b7:8a:77:46:da:3b:a6:ed:27:e5:
38:0b:7c:ae:ad:8c:e6:4e:83:9c:b8:eb:6d:19:8a:
03:ac:f3:06:46:fd:87:03:06:95:80:c7:bf:4d:63:
2a:07:4c:b8:68:19:9b:62:c9:3c:10:6b:54:27:1b:
92:4e:7d:95:32:f0:e6:86:48:01:8f:71:33:9f:95:
e1:8f:a2:69:06:e6:9f:05:4d:db:5e:8b:c9:6f:73:
7e:ba:71:69:28:84:0d:1f:ee:a0:ba:8e:aa:11:38:
1d:ba:26:af:a3:15:39:0d:9a:ed:1f:cc:69:5e:30:
39:ca:37:34:32:51:05:a0:37:c1:98:c0:05:d2:17:
c2:ac:8b:a4:f5:72:44:21:d1:12:07:d0:64:af:eb:
56:25:fd:cf:e4:43:10:db:c4:b8:9b:03:38:62:18:
50:c0:89:bd:b0:0f:2b:5b:af:39:f2:b3:9c:5d:01:
c1:35:44:00:49:ab:17:c5:02:97:53:b3:ff:d8:42:
ef:d5:7a:88:20:83:28:80:d4:88:98:f7:db:f5:a6:
37:41:bd:eb:64:27:39:7c:51:e6:51:5f:da:cd:20:
b3:08:d1:5c:6e:ba:2e:c1:21:50:45:f0:58:46:02:
e0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5A:90:B9:26:48:D6:EF:5A:78:D1:1F:1F:3E:80:A0:84:86:E6:46
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/HFqQuSZI1u9aeNEfHz6AoISG5kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/15
194.46.32.0-194.46.95.255
212.104.128.0/19
212.108.80.0-212.108.91.255
IPv6:
2a02:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:98:ba:d7:66:1c:c3:76:bc:4c:e3:70:92:f0:27:44:3f:9d:
8d:ec:ec:25:01:07:e1:8a:cc:61:9e:02:ac:a7:fb:31:39:f6:
fb:05:1b:56:da:79:9a:92:dd:4c:59:e5:ac:7b:ee:5a:d0:11:
ba:54:4a:73:08:be:f6:b5:f9:19:07:5d:40:51:ab:95:7f:10:
d4:96:5f:a4:6b:b2:2d:1d:41:bc:e7:12:82:77:26:dc:e6:90:
a6:7e:0c:0f:90:25:47:a3:1a:d1:98:68:58:39:cc:10:d4:dc:
0b:2a:5a:6d:d8:90:e2:16:2f:33:36:c0:c7:5f:2d:df:bd:e1:
99:12:b7:56:35:82:c9:5f:38:79:75:35:1e:e0:61:f8:63:6a:
42:92:54:c4:3c:9c:5c:3e:08:2f:db:7a:9d:53:01:24:c5:0e:
d6:fc:f0:7e:74:2a:8c:b6:09:31:21:78:ca:6d:5c:80:f1:0e:
cd:06:be:71:d6:96:1d:0c:19:cc:21:4b:cd:b5:cb:d4:f0:12:
5e:9b:f6:96:fe:63:b0:58:ec:b1:b3:4c:1e:e0:f2:f1:a4:f5:
00:d2:b6:4a:cd:a3:1d:c3:69:03:b7:b2:68:47:14:1b:19:c5:
dd:db:7a:7a:6a:49:f6:93:99:18:c7:d2:d4:7d:2e:25:4f:f6:
3f:4a:ca:58
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEFiUneDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGQzNTM5MzM2NzRhNTYwOGY2ZDFlZTJkYWI0ZjY0YzhiZmY4ZjM5MB4XDTIyMDUz
MDEwNTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM1YTkwYjkyNjQ4
ZDZlZjVhNzhkMTFmMWYzZTgwYTA4NDg2ZTY0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPe3qoopQGwdiQ2CDk9vE6UgQN23indG2jum7SflOAt8rq2M
5k6DnLjrbRmKA6zzBkb9hwMGlYDHv01jKgdMuGgZm2LJPBBrVCcbkk59lTLw5oZI
AY9xM5+V4Y+iaQbmnwVN216LyW9zfrpxaSiEDR/uoLqOqhE4Hbomr6MVOQ2a7R/M
aV4wOco3NDJRBaA3wZjABdIXwqyLpPVyRCHREgfQZK/rViX9z+RDENvEuJsDOGIY
UMCJvbAPK1uvOfKznF0BwTVEAEmrF8UCl1Oz/9hC79V6iCCDKIDUiJj32/WmN0G9
62QnOXxR5lFf2s0gswjRXG66LsEhUEXwWEYC4DUCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQcWpC5JkjW71p40R8fPoCghIbmRjAfBgNVHSMEGDAWgBSt01OTNnSlYI9t
HuLatPZMi/+POTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JkTlRrelowcFdDUGJSN2kyclQyVEl2X2p6ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvNDhiNDA3LTZkOTQtNDlhZS1hM2Q4LTcyYzgzMTI4NzYxYi8x
L0hGcVF1U1pJMXU5YWVORWZIejZBb0lTRzVrWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
NDhiNDA3LTZkOTQtNDlhZS1hM2Q4LTcyYzgzMTI4NzYxYi8xL3JkTlRrelowcFdD
UGJSN2kyclQyVEl2X2p6ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wLQQCAAEwJwMDAVtUMAwDBAXCLiADBAXCLkADBAXU
aIAwDAMEBNRsUAMEAtRsWDANBAIAAjAHAwUDKgLCwDANBgkqhkiG9w0BAQsFAAOC
AQEAUpi612Ycw3a8TONwkvAnRD+djezsJQEH4YrMYZ4CrKf7MTn2+wUbVtp5mpLd
TFnlrHvuWtARulRKcwi+9rX5GQddQFGrlX8Q1JZfpGuyLR1BvOcSgncm3OaQpn4M
D5AlR6Ma0ZhoWDnMENTcCypabdiQ4hYvMzbAx18t373hmRK3VjWCyV84eXU1HuBh
+GNqQpJUxDycXD4IL9t6nVMBJMUO1vzwfnQqjLYJMSF4ym1cgPEOzQa+cdaWHQwZ
zCFLzbXL1PASXpv2lv5jsFjssbNMHuDy8aT1ANK2Ss2jHcNpA7eyaEcUGxnF3dt6
empJ9pOZGMfS1H0uJU/2P0rKWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:37 2024 by rpki-client on console-ams.rpki-client.org