Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/UEzRuNA1BhutXV9BB7ifH4A12lk.roa
File: UEzRuNA1BhutXV9BB7ifH4A12lk.roa (raw, json)
Hash identifier: 10Upl47i/Nw50lhAS7rlQrRuI+ooC/IaNBK06N4zB4w=
Subject key identifier: 50:4C:D1:B8:D0:35:06:1B:AD:5D:5F:41:07:B8:9F:1F:80:35:DA:59
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 3ECE6137
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/UEzRuNA1BhutXV9BB7ifH4A12lk.roa
Signing time: Mon 25 Apr 2022 08:01:17 +0000
ROA not before: Mon 25 Apr 2022 08:01:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 217.208.0.0/13 maxlen: 13
194.18.0.0/16 maxlen: 16
195.252.32.0/19 maxlen: 19
194.16.0.0/15 maxlen: 15
195.198.0.0/16 maxlen: 16
62.20.0.0/16 maxlen: 16
195.67.0.0/16 maxlen: 16
2.255.191.0/24 maxlen: 24
192.16.152.0/23 maxlen: 23
2.255.190.0/24 maxlen: 24
192.16.153.0/24 maxlen: 24
193.44.0.0/15 maxlen: 15
194.236.0.0/15 maxlen: 15
192.150.58.0/23 maxlen: 23
192.150.64.0/22 maxlen: 22
192.150.60.0/22 maxlen: 22
192.150.68.0/23 maxlen: 23
192.150.78.0/23 maxlen: 23
213.64.0.0/14 maxlen: 14
212.28.192.0/19 maxlen: 19
194.22.0.0/15 maxlen: 15
81.228.4.0/24 maxlen: 24
81.228.4.0/23 maxlen: 23
2.248.0.0/13 maxlen: 13
81.228.5.0/24 maxlen: 24
194.218.0.0/16 maxlen: 16
212.181.0.0/16 maxlen: 16
78.64.0.0/12 maxlen: 12
95.192.0.0/12 maxlen: 12
90.224.0.0/12 maxlen: 12
81.224.0.0/12 maxlen: 12
192.150.80.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1053712695 (0x3ece6137)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Apr 25 08:01:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=504cd1b8d035061bad5d5f4107b89f1f8035da59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e4:ca:ff:10:68:6c:24:c0:a0:39:20:af:a8:
51:c7:85:64:cb:20:48:b2:6f:cf:15:1b:9f:c7:b5:
e8:be:a5:ba:d0:f4:6c:db:87:93:52:71:95:df:a2:
d8:72:5d:cb:4b:c7:e4:89:88:eb:ce:c6:17:b6:6c:
94:c8:50:3f:52:c5:57:08:b6:78:a6:8f:57:2d:a5:
86:dc:58:55:5d:b7:4b:e2:9a:02:da:18:0b:6f:13:
60:6e:cd:da:dd:8f:14:4f:f0:c9:8c:18:e0:12:6f:
c5:39:03:94:a3:ba:83:37:42:f2:4e:47:5d:ae:dc:
e0:31:23:e6:76:39:b5:fc:09:e8:09:c4:79:86:bd:
76:9b:10:30:5c:a4:f0:e4:7d:07:4c:15:48:9c:6d:
65:c7:a2:a4:0d:43:80:08:38:be:c1:52:e4:db:0c:
20:e3:38:f0:32:38:44:57:52:69:46:d6:64:13:68:
c1:9f:26:d8:23:40:9d:d6:06:e9:88:fa:3b:11:01:
78:4f:4b:7e:e1:19:4c:b3:83:ac:e8:c3:9a:ee:a2:
1f:53:bf:47:0f:c5:bf:40:de:3f:f9:d1:b0:e2:7d:
51:71:52:ef:e9:b1:5f:24:e3:67:5e:0d:d8:d4:ea:
0c:df:70:48:50:1e:7e:32:34:24:b2:33:bd:d5:91:
b0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4C:D1:B8:D0:35:06:1B:AD:5D:5F:41:07:B8:9F:1F:80:35:DA:59
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/UEzRuNA1BhutXV9BB7ifH4A12lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.248.0.0/13
62.20.0.0/16
78.64.0.0/12
81.224.0.0/12
90.224.0.0/12
95.192.0.0/12
192.16.152.0/23
192.150.58.0-192.150.69.255
192.150.78.0-192.150.81.255
193.44.0.0/15
194.16.0.0-194.18.255.255
194.22.0.0/15
194.218.0.0/16
194.236.0.0/15
195.67.0.0/16
195.198.0.0/16
195.252.32.0/19
212.28.192.0/19
212.181.0.0/16
213.64.0.0/14
217.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
7d:3e:1c:2f:ed:70:e9:96:af:3f:88:a1:ed:1f:93:61:a6:a0:
4b:9b:4b:08:00:39:27:d0:07:b4:e9:75:e5:d2:00:a4:b0:d3:
bd:a6:28:d6:f8:8d:e0:af:76:ce:4b:e2:14:64:c8:55:6e:d1:
8d:c9:61:30:04:2e:4c:c2:99:64:96:fc:51:b5:a8:ab:ce:7d:
fd:5e:66:cd:c5:73:56:57:76:2e:97:cd:c5:83:13:31:31:d6:
84:ef:16:91:ef:64:88:31:a7:38:4a:2a:ee:d8:af:96:53:53:
9b:4d:76:53:38:0f:1c:15:fb:42:03:ed:6e:6a:7f:79:4b:92:
db:65:69:01:ba:59:25:04:f8:59:96:24:4b:4e:d2:e6:e1:d5:
25:af:6d:94:78:0b:d6:c2:f0:e4:8b:be:ca:ee:1c:ad:49:a2:
45:9f:5f:eb:ab:9b:30:bf:3f:3c:bc:b9:4c:05:81:26:71:37:
8c:4d:a7:07:ad:b3:e8:76:88:82:86:7c:85:8f:6c:19:6a:74:
1d:99:4c:2e:a0:bf:f4:0b:38:97:76:93:f9:a5:cb:73:bf:b5:
59:93:61:8d:e9:00:9d:9f:f4:f1:c0:fc:21:53:c4:f9:04:35:
fc:7a:4d:52:6b:c1:1a:c6:da:bd:da:45:c5:3d:8d:19:db:85:
54:ba:62:2d
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIEPs5hNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY4MTM4ZDRlYzJlYTUxY2FjZWYwOWZmMTA1OGEzNzBhNWJlMTkwMB4XDTIyMDQy
NTA4MDExN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA0Y2QxYjhkMDM1
MDYxYmFkNWQ1ZjQxMDdiODlmMWY4MDM1ZGE1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7kyv8QaGwkwKA5IK+oUceFZMsgSLJvzxUbn8e16L6lutD0
bNuHk1Jxld+i2HJdy0vH5ImI687GF7ZslMhQP1LFVwi2eKaPVy2lhtxYVV23S+Ka
AtoYC28TYG7N2t2PFE/wyYwY4BJvxTkDlKO6gzdC8k5HXa7c4DEj5nY5tfwJ6AnE
eYa9dpsQMFyk8OR9B0wVSJxtZceipA1DgAg4vsFS5NsMIOM48DI4RFdSaUbWZBNo
wZ8m2CNAndYG6Yj6OxEBeE9LfuEZTLODrOjDmu6iH1O/Rw/Fv0DeP/nRsOJ9UXFS
7+mxXyTjZ14N2NTqDN9wSFAefjI0JLIzvdWRsIcCAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBRQTNG40DUGG61dX0EHuJ8fgDXaWTAfBgNVHSMEGDAWgBQfaBONTsLqUcrO
8J/xBYo3ClvhkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyZ1RqVTdDNmxIS3p2Q2Y4UVdLTndwYjRaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8x
L1VFelJ1TkExQmh1dFhWOUJCN2lmSDRBMTJsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8xL0gyZ1RqVTdDNmxI
S3p2Q2Y4UVdLTndwYjRaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wgYwEAgABMIGFAwMDAvgDAwA+FAMDBE5AAwME
UeADAwRa4AMDBF/AAwQBwBCYMAwDBAHAljoDBAHAlkQwDAMEAcCWTgMEAcCWUAMD
AcEsMAoDAwTCEAMDAMISAwMBwhYDAwDC2gMDAcLsAwMAw0MDAwDDxgMEBcP8IAME
BdQcwAMDANS1AwMC1UADAwPZ0DANBgkqhkiG9w0BAQsFAAOCAQEAfT4cL+1w6Zav
P4ih7R+TYaagS5tLCAA5J9AHtOl15dIApLDTvaYo1viN4K92zkviFGTIVW7Rjclh
MAQuTMKZZJb8UbWoq859/V5mzcVzVld2LpfNxYMTMTHWhO8Wke9kiDGnOEoq7tiv
llNTm012UzgPHBX7QgPtbmp/eUuS22VpAbpZJQT4WZYkS07S5uHVJa9tlHgL1sLw
5Iu+yu4crUmiRZ9f66ubML8/PLy5TAWBJnE3jE2nB62z6HaIgoZ8hY9sGWp0HZlM
LqC/9As4l3aT+aXLc7+1WZNhjekAnZ/08cD8IVPE+QQ1/HpNUmvBGsbavdpFxT2N
GduFVLpiLQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:52 2023 by rpki-client on console-fra.rpki-client.org