Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/QGqQFTCZVt97ND2PzdsbW9G1z9U.roa
File: QGqQFTCZVt97ND2PzdsbW9G1z9U.roa (raw, json)
Hash identifier: T6npVgl85HhKC0cA9++LJuutK6myEAb3uIyTa9f8fHM=
Subject key identifier: 40:6A:90:15:30:99:56:DF:7B:34:3D:8F:CD:DB:1B:5B:D1:B5:CF:D5
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 1AA51F40
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/QGqQFTCZVt97ND2PzdsbW9G1z9U.roa
Signing time: Sun 26 Jun 2022 05:13:32 +0000
ROA not before: Sun 26 Jun 2022 05:13:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12310
IP address blocks: 185.64.92.0/23 maxlen: 23
185.64.95.0/24 maxlen: 24
185.64.94.0/24 maxlen: 24
188.240.216.0/22 maxlen: 22
83.166.192.0/19 maxlen: 19
188.240.8.0/22 maxlen: 22
194.102.203.0/24 maxlen: 24
195.95.228.0/23 maxlen: 23
89.42.16.0/21 maxlen: 21
89.149.0.0/18 maxlen: 18
80.86.96.0/20 maxlen: 20
80.86.96.0/19 maxlen: 19
84.247.64.0/18 maxlen: 18
2a02:2a00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447029056 (0x1aa51f40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jun 26 05:13:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=406a9015309956df7b343d8fcddb1b5bd1b5cfd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:69:a9:14:7f:09:7e:80:fd:19:9c:ea:bf:f9:
84:c9:87:c4:fb:b8:88:91:ab:07:eb:69:04:04:b2:
21:21:cf:18:66:13:5f:08:59:56:96:1f:dd:fe:f6:
85:8b:87:bf:c1:f5:f0:25:59:70:94:fd:81:6d:01:
df:1f:70:1b:0b:4c:e7:d6:8e:ba:3a:4a:c4:4d:43:
01:c6:80:31:1e:f1:87:9f:2d:60:a5:1b:67:11:db:
0c:89:35:9e:d7:cc:9c:d4:b8:b0:b3:a6:f1:ed:e6:
26:b4:65:89:f5:5d:7b:92:0a:33:ec:95:2b:78:89:
c8:cd:bf:58:a3:be:97:d6:12:c2:e8:89:48:29:c5:
8c:36:39:2b:bf:d2:71:1b:8b:c5:9d:d9:6c:6e:0d:
25:74:a6:40:88:f2:e9:15:ee:d7:3d:5b:ac:1a:93:
c2:a5:02:42:8b:a9:a0:ff:77:94:48:3c:e0:ea:12:
c7:c9:f0:e1:f5:eb:be:d7:3a:e5:cf:d4:dc:44:b6:
4d:e1:f2:c4:d0:ff:c1:48:31:ce:77:d1:32:d5:8a:
0e:3e:1a:ca:dc:ba:0c:ec:8c:4c:05:19:d3:b1:39:
cf:90:b7:83:67:3e:a6:62:ce:de:65:77:80:c0:30:
c8:53:09:73:a7:8d:c3:6d:2a:ec:9a:09:a4:46:0f:
18:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6A:90:15:30:99:56:DF:7B:34:3D:8F:CD:DB:1B:5B:D1:B5:CF:D5
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/QGqQFTCZVt97ND2PzdsbW9G1z9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.96.0/19
83.166.192.0/19
84.247.64.0/18
89.42.16.0/21
89.149.0.0/18
185.64.92.0/22
188.240.8.0/22
188.240.216.0/22
194.102.203.0/24
195.95.228.0/23
IPv6:
2a02:2a00::/32
Signature Algorithm: sha256WithRSAEncryption
86:66:b3:d6:cd:c6:17:40:ba:25:39:c4:ac:b5:4d:fd:44:33:
d0:3b:6a:97:c6:1a:b4:02:5f:98:8c:62:e2:3a:b1:d6:9a:99:
e1:72:49:71:26:3f:52:21:21:30:53:2a:8b:10:e4:27:00:00:
c0:c9:36:24:64:b6:44:16:c9:d5:2a:29:f8:e5:97:6d:9f:55:
f8:7a:7a:77:79:49:a4:0d:4f:87:db:88:b6:d5:4e:f9:e3:bc:
f9:c5:5b:75:e1:19:8c:b6:c1:fd:9b:e8:15:5b:1d:9e:eb:da:
b1:c5:1b:95:82:05:9e:7e:35:f2:c3:0c:5c:f4:c4:d9:97:af:
66:dc:87:ef:b8:dd:5b:82:a4:7d:64:7e:09:04:f0:87:14:98:
a0:3b:60:38:6a:80:2c:ef:8c:d0:de:2c:cb:bb:18:b4:0d:c4:
8f:3b:76:0f:c6:f8:1e:1e:db:57:f1:77:2a:db:14:d0:22:85:
a8:e7:c9:8c:e4:71:43:01:a1:cb:f3:4b:f3:1d:f4:ab:d2:46:
5b:3f:87:12:40:6f:0b:97:29:96:a7:0b:18:79:1f:1e:83:6f:
f4:c5:3b:f4:ab:18:6f:b8:6a:b0:95:c3:66:69:4e:8a:e8:82:
54:a5:0b:84:6e:b3:b1:04:7b:96:b5:18:49:6a:43:5a:1e:5c:
89:3e:59:07
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEGqUfQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTQ1OWFhNDYwMmJmZmEyZDI2NTBiYTY2ODE4NDU4Yzg5ZmM0NTgyMB4XDTIyMDYy
NjA1MTMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2YTkwMTUzMDk5
NTZkZjdiMzQzZDhmY2RkYjFiNWJkMWI1Y2ZkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRpqRR/CX6A/Rmc6r/5hMmHxPu4iJGrB+tpBASyISHPGGYT
XwhZVpYf3f72hYuHv8H18CVZcJT9gW0B3x9wGwtM59aOujpKxE1DAcaAMR7xh58t
YKUbZxHbDIk1ntfMnNS4sLOm8e3mJrRlifVde5IKM+yVK3iJyM2/WKO+l9YSwuiJ
SCnFjDY5K7/ScRuLxZ3ZbG4NJXSmQIjy6RXu1z1brBqTwqUCQoupoP93lEg84OoS
x8nw4fXrvtc65c/U3ES2TeHyxND/wUgxznfRMtWKDj4ayty6DOyMTAUZ07E5z5C3
g2c+pmLO3mV3gMAwyFMJc6eNw20q7JoJpEYPGDkCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBRAapAVMJlW33s0PY/N2xtb0bXP1TAfBgNVHSMEGDAWgBSeRZqkYCv/otJl
C6ZoGEWMifxFgjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25rV2FwR0FyXzZMU1pRdW1hQmhGakluOFJZSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvOWNjMzMzLTY4ZDUtNDY5Mi05YzViLTI4YTg0MWRhMGJmZC8x
L1FHcVFGVENaVnQ5N05EMlB6ZHNiVzlHMXo5VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
OWNjMzMzLTY4ZDUtNDY5Mi05YzViLTI4YTg0MWRhMGJmZC8xL25rV2FwR0FyXzZM
U1pRdW1hQmhGakluOFJZSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEBVBWYAMEBVOmwAMEBlT3QAMEA1kq
EAMEBlmVAAMEArlAXAMEArzwCAMEArzw2AMEAMJmywMEAcNf5DANBAIAAjAHAwUA
KgIqADANBgkqhkiG9w0BAQsFAAOCAQEAhmaz1s3GF0C6JTnErLVN/UQz0Dtql8Ya
tAJfmIxi4jqx1pqZ4XJJcSY/UiEhMFMqixDkJwAAwMk2JGS2RBbJ1Sop+OWXbZ9V
+Hp6d3lJpA1Ph9uIttVO+eO8+cVbdeEZjLbB/ZvoFVsdnuvascUblYIFnn418sMM
XPTE2ZevZtyH77jdW4KkfWR+CQTwhxSYoDtgOGqALO+M0N4sy7sYtA3Ejzt2D8b4
Hh7bV/F3KtsU0CKFqOfJjORxQwGhy/NL8x30q9JGWz+HEkBvC5cplqcLGHkfHoNv
9MU79KsYb7hqsJXDZmlOiuiCVKULhG6zsQR7lrUYSWpDWh5ciT5ZBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:29 2024 by rpki-client on console-fra.rpki-client.org