Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/qWaccUfGX_v6WqAJE_NZU9i-Qyk.roa
File: qWaccUfGX_v6WqAJE_NZU9i-Qyk.roa (raw, json)
Hash identifier: dd1eeTkZBBRSBFAt265FDOJVGNgMD+Kgdik0uonNwus=
Subject key identifier: A9:66:9C:71:47:C6:5F:FB:FA:5A:A0:09:13:F3:59:53:D8:BE:43:29
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 01842E31603D8008CB8D754CF5F688AC323C
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/qWaccUfGX_v6WqAJE_NZU9i-Qyk.roa
Signing time: Mon 31 Oct 2022 13:18:18 +0000
ROA not before: Mon 31 Oct 2022 13:18:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 286
IP address blocks: 194.120.0.252/32 maxlen: 32
193.141.0.0/23 maxlen: 23
193.141.2.0/24 maxlen: 24
194.120.112.0/22 maxlen: 22
194.120.120.0/22 maxlen: 22
193.242.80.0/20 maxlen: 20
194.121.52.0/22 maxlen: 22
193.141.44.0/23 maxlen: 23
193.141.40.0/22 maxlen: 22
194.45.182.0/23 maxlen: 23
194.122.248.0/22 maxlen: 22
194.123.164.0/24 maxlen: 24
194.120.0.0/24 maxlen: 24
194.123.122.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
194.122.80.0/21 maxlen: 21
62.132.116.0/23 maxlen: 23
62.132.114.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
62.41.160.0/24 maxlen: 24
194.45.4.0/23 maxlen: 23
194.122.120.0/21 maxlen: 21
62.41.84.0/23 maxlen: 23
62.41.80.0/22 maxlen: 22
62.41.102.0/24 maxlen: 24
212.1.0.0/19 maxlen: 19
194.122.76.0/22 maxlen: 22
194.45.98.0/23 maxlen: 23
194.122.224.0/20 maxlen: 20
194.45.12.0/23 maxlen: 23
194.45.47.0/24 maxlen: 24
194.121.123.0/24 maxlen: 24
194.151.203.0/24 maxlen: 24
92.71.0.0/17 maxlen: 17
212.189.0.0/17 maxlen: 17
193.141.140.0/23 maxlen: 23
194.121.104.0/23 maxlen: 23
62.41.16.0/21 maxlen: 21
62.132.0.0/22 maxlen: 22
62.41.24.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.41.37.0/24 maxlen: 24
62.132.24.0/23 maxlen: 23
62.41.32.0/24 maxlen: 24
62.132.28.0/24 maxlen: 24
92.71.128.0/18 maxlen: 18
62.41.56.0/21 maxlen: 21
62.132.42.0/23 maxlen: 23
62.41.64.0/20 maxlen: 20
194.41.62.0/24 maxlen: 24
192.54.104.0/24 maxlen: 24
194.121.203.0/24 maxlen: 24
62.41.0.0/20 maxlen: 20
194.121.220.0/22 maxlen: 22
2a00:1750::/32 maxlen: 32
2001:680:12::/48 maxlen: 48
2001:680:19::/48 maxlen: 48
2001:680::/32 maxlen: 32
2001:680:20::/48 maxlen: 48
2001:680:16::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:31:60:3d:80:08:cb:8d:75:4c:f5:f6:88:ac:32:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Oct 31 13:18:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9669c7147c65ffbfa5aa00913f35953d8be4329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:96:24:f3:56:63:66:41:f6:76:b6:10:65:a9:
00:b1:cc:23:37:06:ef:4f:56:1d:f3:56:f8:90:5c:
a4:7b:25:5a:be:57:8e:e8:08:b7:5b:f0:ad:8e:2c:
cd:17:b2:6f:09:d7:32:fd:fd:7d:ce:a0:ee:82:9a:
36:72:29:04:59:00:6d:42:29:f9:01:55:41:5e:ad:
72:30:06:85:1d:35:d3:3d:05:d0:f1:a2:f1:a2:63:
5a:2d:b5:91:3d:25:c9:13:d3:bb:20:72:c8:8b:a1:
43:a8:09:55:e3:0c:22:8a:43:f0:4c:ee:81:81:2d:
c6:d5:01:7a:1b:99:0c:4e:f0:af:b3:92:03:d6:56:
00:86:7d:b8:ca:9f:69:58:3c:80:6f:82:96:ff:49:
45:fa:3c:27:33:a4:2e:3e:a0:39:af:b4:82:1f:07:
cc:1f:55:f1:8b:22:e0:f8:bb:1d:a5:98:40:43:c2:
4c:bf:1c:6c:7a:1a:52:04:59:31:8d:fe:7f:22:b5:
43:ff:1d:f2:fa:09:1c:a3:1d:d2:a2:96:a7:ec:8b:
a6:4f:4c:09:de:dc:66:1a:6b:76:6c:72:f0:d2:9f:
ce:1c:91:2b:65:e6:e4:07:ec:5e:d2:1a:6c:a6:bd:
c6:c7:24:01:40:d0:a4:25:e5:57:ef:84:a4:46:17:
62:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:66:9C:71:47:C6:5F:FB:FA:5A:A0:09:13:F3:59:53:D8:BE:43:29
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/qWaccUfGX_v6WqAJE_NZU9i-Qyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
92.71.0.0-92.71.191.255
192.54.104.0/24
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.120.0.0/24
194.120.43.0/24
194.120.112.0/22
194.120.120.0/22
194.121.52.0/22
194.121.104.0/23
194.121.123.0/24
194.121.203.0/24
194.121.220.0/22
194.122.76.0-194.122.87.255
194.122.120.0/21
194.122.224.0/20
194.122.248.0/22
194.123.122.0/24
194.123.164.0/24
194.151.203.0/24
212.1.0.0/19
212.189.0.0/17
IPv6:
2001:680::/32
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
6d:17:2c:aa:86:4b:37:d1:df:4e:17:0d:b0:f7:98:ca:f3:b5:
ec:15:30:25:a0:d9:b3:39:82:d6:d8:07:2c:e2:dc:9f:7d:2e:
a9:70:72:15:d3:53:f1:75:a8:b0:86:4f:9f:3f:db:96:7f:e1:
45:32:ad:0c:a2:83:4f:12:c5:fc:1d:e8:c4:3d:bd:f9:0b:da:
36:22:e3:5e:5b:31:2f:30:92:2f:51:3d:66:a1:d3:75:66:ac:
b0:0c:9b:9d:66:c3:37:23:3c:14:e3:a5:6d:bd:e4:14:35:44:
f1:d0:b6:89:34:11:6b:0f:48:10:d9:b0:b7:1c:f5:8d:7a:b1:
80:ad:7b:3a:ba:2e:4e:4e:30:29:b8:19:a2:ca:cc:ee:a4:ee:
ad:c8:5e:53:4a:54:02:19:32:1c:8c:ba:4c:62:1e:3b:53:e8:
99:23:0b:ac:2c:35:39:51:98:14:70:78:a2:3e:aa:fb:ae:df:
90:3a:b1:c0:4d:eb:02:33:b4:8d:bf:ac:ce:80:31:92:15:bc:
f2:ae:8f:e0:83:44:13:80:59:1f:3b:e9:92:db:58:f3:18:9e:
0c:ba:a5:22:22:67:36:94:eb:77:af:42:eb:48:98:f7:d3:4e:
ad:57:42:23:38:1f:f5:a3:de:7d:7b:76:08:5d:36:5e:85:34:
be:a3:f8:24
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgISAYQuMWA9gAjLjXVM9faIrDI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjIxMDMxMTMxODE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTY2OWM3MTQ3YzY1ZmZiZmE1YWEwMDkxM2YzNTk1M2Q4YmU0MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZYk81ZjZkH2drYQZakAscwjNwbv
T1Yd81b4kFykeyVavleO6Ai3W/CtjizNF7JvCdcy/f19zqDugpo2cikEWQBtQin5
AVVBXq1yMAaFHTXTPQXQ8aLxomNaLbWRPSXJE9O7IHLIi6FDqAlV4wwiikPwTO6B
gS3G1QF6G5kMTvCvs5ID1lYAhn24yp9pWDyAb4KW/0lF+jwnM6QuPqA5r7SCHwfM
H1XxiyLg+LsdpZhAQ8JMvxxsehpSBFkxjf5/IrVD/x3y+gkcox3Sopan7IumT0wJ
3txmGmt2bHLw0p/OHJErZebkB+xe0hpspr3GxyQBQNCkJeVX74SkRhdi/wIDAQAB
o4IDWjCCA1YwHQYDVR0OBBYEFKlmnHFHxl/7+lqgCRPzWVPYvkMpMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvcVdhY2NVZkdYX3Y2V3FBSkVfTlpVOWktUXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbgYIKwYBBQUHAQcBAf8EggFdMIIBWTCCAT8EAgABMIIB
NzALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAMEAD4pZgME
AD4poAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAMAwQBPoRyAwQBPoR0
AwQBPoSEMAsDAwBcRwMEBlxHgAMEAMA2aDALAwMAwY0DBADBjQIwDAMEA8GNKAME
AcGNLAMEAcGNjAMEBMHyUAMEAMIpPgMEAcItBAMEAcItDAMEAMItLwMEAcItYgME
AcIttgMEAMJ4AAMEAMJ4KwMEAsJ4cAMEAsJ4eAMEAsJ5NAMEAcJ5aAMEAMJ5ewME
AMJ5ywMEAsJ53DAMAwQCwnpMAwQDwnpQAwQDwnp4AwQEwnrgAwQCwnr4AwQAwnt6
AwQAwnukAwQAwpfLAwQF1AEAAwQH1L0AMBQEAgACMA4DBQAgAQaAAwUAKgAXUDAN
BgkqhkiG9w0BAQsFAAOCAQEAbRcsqoZLN9HfThcNsPeYyvO17BUwJaDZszmC1tgH
LOLcn30uqXByFdNT8XWosIZPnz/bln/hRTKtDKKDTxLF/B3oxD29+QvaNiLjXlsx
LzCSL1E9ZqHTdWassAybnWbDNyM8FOOlbb3kFDVE8dC2iTQRaw9IENmwtxz1jXqx
gK17OrouTk4wKbgZosrM7qTurcheU0pUAhkyHIy6TGIeO1PomSMLrCw1OVGYFHB4
oj6q+67fkDqxwE3rAjO0jb+szoAxkhW88q6P4INEE4BZHzvpkttY8xieDLqlIiJn
NpTrd69C60iY99NOrVdCIzgf9aPefXt2CF02XoU0vqP4JA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org