Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/ptH3UBEsDsLFzDSveevD-s6_yLI.roa
File: ptH3UBEsDsLFzDSveevD-s6_yLI.roa (raw, json)
Hash identifier: HlYgOwMLK7VFYL1U88NcG8LRVYI9G0blkfBjYlbTAh0=
Subject key identifier: A6:D1:F7:50:11:2C:0E:C2:C5:CC:34:AF:79:EB:C3:FA:CE:BF:C8:B2
Certificate issuer: /CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Certificate serial: 1300AAF2
Authority key identifier: 23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/ptH3UBEsDsLFzDSveevD-s6_yLI.roa
Signing time: Sat 01 Jan 2022 08:56:35 +0000
ROA not before: Sat 01 Jan 2022 08:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197248
IP address blocks: 77.111.96.0/20 maxlen: 20
93.88.192.0/20 maxlen: 20
109.61.0.0/24 maxlen: 24
109.61.0.0/17 maxlen: 17
109.61.0.0/18 maxlen: 18
109.61.11.0/24 maxlen: 24
77.111.64.0/19 maxlen: 19
109.61.69.0/24 maxlen: 24
109.61.64.0/18 maxlen: 18
109.61.80.0/24 maxlen: 24
62.112.192.0/19 maxlen: 19
109.61.22.0/24 maxlen: 24
2a01:be00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 318810866 (0x1300aaf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23394a125fa3ace0c47a6fe34f4086b4d3ba5588
Validity
Not Before: Jan 1 08:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6d1f750112c0ec2c5cc34af79ebc3facebfc8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0c:a7:d8:af:75:f1:25:3d:f2:2f:02:80:bd:
aa:15:62:f3:00:6d:66:16:4e:a8:ed:38:f3:5d:8a:
36:d0:8c:39:dc:bc:90:be:b3:f6:45:da:5e:da:01:
33:24:69:e6:27:e0:61:2d:74:12:bb:a7:cb:6c:1e:
b3:76:23:b4:87:5f:63:bd:dd:47:71:fb:79:82:35:
58:c2:0f:52:e0:0a:ac:72:df:70:ee:1c:7f:2c:d2:
8f:e4:6a:de:4e:3f:0d:43:f3:90:9f:2a:df:9b:96:
33:92:31:8c:ee:14:bf:b6:a4:bf:8e:36:13:8b:c0:
f8:c7:aa:12:be:53:67:8c:59:89:7b:33:c9:4e:95:
ea:e2:5c:68:7e:8a:f4:2d:c4:be:89:b3:11:3d:d5:
ac:c8:41:ed:df:b8:e3:ef:46:eb:5b:12:64:dd:34:
4f:24:09:e1:21:41:36:df:45:88:1b:f3:10:d8:fb:
c6:fe:53:e7:5c:c0:ef:e8:2c:af:f7:92:ee:14:10:
78:27:11:86:12:6c:2f:15:da:96:79:c8:40:d1:eb:
13:c3:78:04:ed:e3:f0:62:af:bb:40:e5:d2:8c:5a:
ab:b3:1c:09:40:2b:6d:d3:05:58:ef:bf:99:5d:34:
cd:e9:18:c7:58:70:92:2b:0c:f1:25:07:2b:f4:9e:
f8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D1:F7:50:11:2C:0E:C2:C5:CC:34:AF:79:EB:C3:FA:CE:BF:C8:B2
X509v3 Authority Key Identifier:
keyid:23:39:4A:12:5F:A3:AC:E0:C4:7A:6F:E3:4F:40:86:B4:D3:BA:55:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzlKEl-jrODEem_jT0CGtNO6VYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/ptH3UBEsDsLFzDSveevD-s6_yLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/afd415-0a86-431f-bc3a-d43207d62dfe/1/IzlKEl-jrODEem_jT0CGtNO6VYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.192.0/19
77.111.64.0-77.111.111.255
93.88.192.0/20
109.61.0.0/17
IPv6:
2a01:be00::/32
Signature Algorithm: sha256WithRSAEncryption
13:03:e8:e3:ae:c0:ee:bf:bb:77:81:3d:b2:c9:33:dc:ed:ed:
23:b2:39:f2:ee:e6:67:08:ce:09:52:89:75:ed:11:ac:ea:de:
2a:19:b3:7a:6a:57:d4:ba:fa:9c:08:69:b1:c8:77:f9:69:c9:
24:68:37:e0:25:3d:7f:5e:ee:ac:22:2c:d7:94:88:2f:ea:c4:
85:2b:ea:1a:de:ad:da:bb:1c:9c:22:98:b8:ab:1a:90:06:ca:
b4:c5:9d:d5:de:fd:81:80:56:3e:b8:22:03:21:b2:b2:88:e1:
2c:56:45:63:bf:02:a8:35:5e:b3:76:21:67:c0:5d:17:a0:af:
33:27:d6:e6:de:30:42:53:3e:86:f3:69:65:86:e8:81:c7:7f:
1e:97:f9:88:13:bd:60:4b:c1:60:2e:3d:f8:f0:57:ff:fc:79:
fb:a1:46:71:55:31:d4:74:37:71:84:27:7f:d4:28:86:9a:1a:
2f:24:9e:0b:90:29:0d:59:46:d5:22:56:e5:f5:4e:14:02:ae:
42:64:ff:30:e3:af:d6:72:cc:3b:2b:2f:a2:51:f9:47:aa:96:
27:13:2e:ce:73:44:ec:a4:d6:79:84:14:9b:36:c3:85:fa:11:
7f:fb:2b:f8:e6:d2:e7:a8:7d:d1:1e:ac:d9:f1:ab:81:6c:b3:
64:9e:a1:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEEwCq8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzM5NGExMjVmYTNhY2UwYzQ3YTZmZTM0ZjQwODZiNGQzYmE1NTg4MB4XDTIyMDEw
MTA4NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZkMWY3NTAxMTJj
MGVjMmM1Y2MzNGFmNzllYmMzZmFjZWJmYzhiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI0Mp9ivdfElPfIvAoC9qhVi8wBtZhZOqO04812KNtCMOdy8
kL6z9kXaXtoBMyRp5ifgYS10Eruny2wes3YjtIdfY73dR3H7eYI1WMIPUuAKrHLf
cO4cfyzSj+Rq3k4/DUPzkJ8q35uWM5IxjO4Uv7akv442E4vA+MeqEr5TZ4xZiXsz
yU6V6uJcaH6K9C3EvomzET3VrMhB7d+44+9G61sSZN00TyQJ4SFBNt9FiBvzENj7
xv5T51zA7+gsr/eS7hQQeCcRhhJsLxXalnnIQNHrE8N4BO3j8GKvu0Dl0oxaq7Mc
CUArbdMFWO+/mV00zekYx1hwkisM8SUHK/Se+DMCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBSm0fdQESwOwsXMNK9568P6zr/IsjAfBgNVHSMEGDAWgBQjOUoSX6Os4MR6
b+NPQIa007pViDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l6bEtFbC1qck9ERWVtX2pUMENHdE5PNlZZZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvYWZkNDE1LTBhODYtNDMxZi1iYzNhLWQ0MzIwN2Q2MmRmZS8x
L3B0SDNVQkVzRHNMRnpEU3ZlZXZELXM2X3lMSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
YWZkNDE1LTBhODYtNDMxZi1iYzNhLWQ0MzIwN2Q2MmRmZS8xL0l6bEtFbC1qck9E
RWVtX2pUMENHdE5PNlZZZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEBT5wwDAMAwQGTW9AAwQETW9gAwQE
XVjAAwQHbT0AMA0EAgACMAcDBQAqAb4AMA0GCSqGSIb3DQEBCwUAA4IBAQATA+jj
rsDuv7t3gT2yyTPc7e0jsjny7uZnCM4JUol17RGs6t4qGbN6alfUuvqcCGmxyHf5
ackkaDfgJT1/Xu6sIizXlIgv6sSFK+oa3q3auxycIpi4qxqQBsq0xZ3V3v2BgFY+
uCIDIbKyiOEsVkVjvwKoNV6zdiFnwF0XoK8zJ9bm3jBCUz6G82llhuiBx38el/mI
E71gS8FgLj348Ff//Hn7oUZxVTHUdDdxhCd/1CiGmhovJJ4LkCkNWUbVIlbl9U4U
Aq5CZP8w46/Wcsw7Ky+iUflHqpYnEy7Oc0TspNZ5hBSbNsOF+hF/+yv45tLnqH3R
HqzZ8auBbLNknqHj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:39 2024 by rpki-client on console-fra.rpki-client.org