Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/1ztQYvGACJbDwayfr8ThtXCcvH8.roa
File: 1ztQYvGACJbDwayfr8ThtXCcvH8.roa (raw, json)
Hash identifier: wWJxEJWDPaqFO8yHKb66SioHbsbEDCHSUzL0Ekxm41s=
Subject key identifier: D7:3B:50:62:F1:80:08:96:C3:C1:AC:9F:AF:C4:E1:B5:70:9C:BC:7F
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 33EC21D1
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/1ztQYvGACJbDwayfr8ThtXCcvH8.roa
Signing time: Thu 10 Feb 2022 08:11:26 +0000
ROA not before: Thu 10 Feb 2022 08:11:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 94.172.0.0/17 maxlen: 17
94.172.0.0/16 maxlen: 16
78.103.0.0/16 maxlen: 16
80.111.128.0/17 maxlen: 17
195.34.134.0/23 maxlen: 23
92.235.0.0/18 maxlen: 18
92.235.0.0/19 maxlen: 19
94.171.0.0/16 maxlen: 16
92.235.32.0/19 maxlen: 19
84.116.0.0/16 maxlen: 16
80.111.0.0/17 maxlen: 17
213.47.222.0/23 maxlen: 23
213.47.220.0/22 maxlen: 22
213.47.220.0/23 maxlen: 23
80.111.0.0/16 maxlen: 16
94.172.128.0/17 maxlen: 17
94.170.0.0/16 maxlen: 16
94.170.0.0/15 maxlen: 15
195.34.130.0/24 maxlen: 24
195.34.132.0/22 maxlen: 22
195.34.132.0/23 maxlen: 23
62.179.0.0/17 maxlen: 17
2001:730::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 871113169 (0x33ec21d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Feb 10 08:11:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d73b5062f1800896c3c1ac9fafc4e1b5709cbc7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c0:6e:ff:26:d4:f4:f3:a7:07:07:d5:bf:00:
48:dc:d8:8d:3c:a3:bf:d1:b8:11:57:e9:6c:2b:ac:
12:47:ae:05:e0:0b:57:8e:cd:83:46:fa:87:0d:23:
30:29:b7:53:7e:2c:96:93:1c:f1:d5:fd:28:6b:b5:
6e:9e:97:9d:ab:13:5b:e4:a4:2f:68:dc:db:ac:9c:
7e:bc:84:7c:46:a1:d0:08:5c:e0:1e:8d:63:c8:bf:
d6:bf:8b:48:7e:83:fe:57:76:ea:66:7b:e0:1b:8d:
f5:ba:0f:c2:11:7c:1e:6f:05:d3:83:9f:92:fe:3c:
7f:a8:eb:4b:bc:ba:d3:b3:20:b4:5b:cc:6d:4e:6b:
14:31:be:68:ae:3f:97:76:0d:d4:15:db:7a:a6:a6:
86:41:82:38:fa:fe:d7:e5:2d:fa:f7:2e:7b:ee:56:
fe:92:af:16:93:de:79:37:66:4e:cf:d4:7c:52:1e:
b3:d2:63:74:b1:35:46:06:81:3c:f6:fe:f7:aa:c4:
2c:ab:e2:2f:85:54:fe:26:9e:60:d9:b0:aa:3c:90:
e6:a8:9c:be:93:36:99:38:71:9d:6a:ca:bf:1a:55:
4c:71:25:87:a2:42:45:b6:25:d2:66:3d:a7:eb:6f:
10:41:ed:3c:57:56:62:5c:81:10:46:c6:68:dd:6d:
ee:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3B:50:62:F1:80:08:96:C3:C1:AC:9F:AF:C4:E1:B5:70:9C:BC:7F
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/1ztQYvGACJbDwayfr8ThtXCcvH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.179.0.0/17
78.103.0.0/16
80.111.0.0/16
84.116.0.0/16
92.235.0.0/18
94.170.0.0-94.172.255.255
195.34.130.0/24
195.34.132.0/22
213.47.220.0/22
IPv6:
2001:730::/29
Signature Algorithm: sha256WithRSAEncryption
81:f2:88:8b:fc:5b:9b:dd:2e:3e:f3:ea:43:0f:b9:c7:19:39:
fd:d5:8a:86:79:d1:31:c0:ee:8e:8c:dc:f3:17:ef:08:9f:9f:
50:43:d1:ff:b2:3e:92:7d:e8:87:15:0f:10:28:c5:0d:b2:22:
17:58:66:99:f9:33:15:87:5f:f2:60:cd:2e:46:33:28:7f:ba:
d6:e0:bd:a9:dd:6a:65:49:8e:2a:30:f0:80:66:1b:2c:e8:fe:
6d:62:8f:cf:d2:42:10:18:40:c2:53:e1:d5:96:3d:c4:8a:36:
3f:1a:03:1a:84:01:ee:2a:46:92:90:40:ed:10:d8:65:73:aa:
84:cd:69:ef:43:35:9f:69:65:73:0d:20:0f:8a:9c:f0:0e:7b:
f7:4a:1c:1b:06:9d:d1:a0:5c:2e:17:bb:63:f1:61:e0:15:ad:
58:2c:37:a7:1f:c8:6f:c3:fe:34:e1:4f:a0:b2:bc:ff:0c:06:
7c:13:0f:8f:18:5d:b7:aa:06:fb:74:4d:22:16:35:8e:fc:18:
46:fe:5b:22:6a:55:33:37:38:82:91:95:66:ad:d8:9d:a0:bb:
4f:73:f8:db:a7:5b:f5:2d:42:2b:74:e7:04:04:d9:c9:0d:50:
1e:6f:90:11:ae:48:bb:e0:15:86:de:54:80:08:41:59:c1:3d:
ed:bf:84:cd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEM+wh0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGYyNWU2YTY4OTNmNDY2ZDI2OTVlOTA2NzBjMDQ3NDQzNjQzNzAxMB4XDTIyMDIx
MDA4MTEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDczYjUwNjJmMTgw
MDg5NmMzYzFhYzlmYWZjNGUxYjU3MDljYmM3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOzAbv8m1PTzpwcH1b8ASNzYjTyjv9G4EVfpbCusEkeuBeAL
V47Ng0b6hw0jMCm3U34slpMc8dX9KGu1bp6XnasTW+SkL2jc26ycfryEfEah0Ahc
4B6NY8i/1r+LSH6D/ld26mZ74BuN9boPwhF8Hm8F04Ofkv48f6jrS7y607MgtFvM
bU5rFDG+aK4/l3YN1BXbeqamhkGCOPr+1+Ut+vcue+5W/pKvFpPeeTdmTs/UfFIe
s9JjdLE1RgaBPPb+96rELKviL4VU/iaeYNmwqjyQ5qicvpM2mThxnWrKvxpVTHEl
h6JCRbYl0mY9p+tvEEHtPFdWYlyBEEbGaN1t7pcCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBTXO1Bi8YAIlsPBrJ+vxOG1cJy8fzAfBgNVHSMEGDAWgBSQ8l5qaJP0ZtJp
XpBnDAR0Q2Q3ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQSmVhbWlUOUdiU2FWNlFad3dFZEVOa053RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8x
LzF6dFFZdkdBQ0piRHdheWZyOFRodFhDY3ZIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8xL2tQSmVhbWlUOUdi
U2FWNlFad3dFZEVOa053RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwPwQCAAEwOQMEBz6zAAMDAE5nAwMAUG8DAwBUdAME
BlzrADAKAwMBXqoDAwBerAMEAMMiggMEAsMihAMEAtUv3DANBAIAAjAHAwUDIAEH
MDANBgkqhkiG9w0BAQsFAAOCAQEAgfKIi/xbm90uPvPqQw+5xxk5/dWKhnnRMcDu
jozc8xfvCJ+fUEPR/7I+kn3ohxUPECjFDbIiF1hmmfkzFYdf8mDNLkYzKH+61uC9
qd1qZUmOKjDwgGYbLOj+bWKPz9JCEBhAwlPh1ZY9xIo2PxoDGoQB7ipGkpBA7RDY
ZXOqhM1p70M1n2llcw0gD4qc8A5790ocGwad0aBcLhe7Y/Fh4BWtWCw3px/Ib8P+
NOFPoLK8/wwGfBMPjxhdt6oG+3RNIhY1jvwYRv5bImpVMzc4gpGVZq3YnaC7T3P4
26db9S1CK3TnBATZyQ1QHm+QEa5Iu+AVht5UgAhBWcE97b+EzQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:12 2025 by rpki-client