Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/xgXWKPqeO5AJZcQRI68VtoMCtxg.roa
File: xgXWKPqeO5AJZcQRI68VtoMCtxg.roa (raw, json)
Hash identifier: orMg5QtlX7AnqvW1um8EXgXWSEVIewi/1tVNnhPwuyY=
Subject key identifier: C6:05:D6:28:FA:9E:3B:90:09:65:C4:11:23:AF:15:B6:83:02:B7:18
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 01842E3161DEBD8D063EA4F7B06B064B7D76
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/xgXWKPqeO5AJZcQRI68VtoMCtxg.roa
Signing time: Mon 31 Oct 2022 13:18:18 +0000
ROA not before: Mon 31 Oct 2022 13:18:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 194.120.0.252/32 maxlen: 32
193.141.0.0/23 maxlen: 23
193.141.2.0/24 maxlen: 24
194.120.112.0/22 maxlen: 22
194.120.120.0/22 maxlen: 22
193.242.80.0/20 maxlen: 20
194.121.52.0/22 maxlen: 22
193.141.44.0/23 maxlen: 23
193.141.40.0/22 maxlen: 22
194.45.182.0/23 maxlen: 23
194.122.248.0/22 maxlen: 22
194.123.164.0/24 maxlen: 24
194.120.0.0/24 maxlen: 24
194.123.122.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
194.122.80.0/21 maxlen: 21
62.132.114.0/23 maxlen: 23
62.132.116.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
194.45.4.0/23 maxlen: 23
194.122.120.0/21 maxlen: 21
62.41.160.0/24 maxlen: 24
62.41.84.0/23 maxlen: 23
62.41.80.0/22 maxlen: 22
62.41.102.0/24 maxlen: 24
212.1.0.0/19 maxlen: 19
194.122.76.0/22 maxlen: 22
194.45.98.0/23 maxlen: 23
194.122.224.0/20 maxlen: 20
194.45.12.0/23 maxlen: 23
194.45.47.0/24 maxlen: 24
194.151.203.0/24 maxlen: 24
194.121.123.0/24 maxlen: 24
92.71.0.0/17 maxlen: 17
212.189.0.0/17 maxlen: 17
193.141.140.0/23 maxlen: 23
194.121.104.0/23 maxlen: 23
62.41.16.0/21 maxlen: 21
62.132.0.0/22 maxlen: 22
62.41.24.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.41.32.0/24 maxlen: 24
62.132.24.0/23 maxlen: 23
62.41.37.0/24 maxlen: 24
62.132.28.0/24 maxlen: 24
92.71.128.0/18 maxlen: 18
62.41.56.0/21 maxlen: 21
62.132.42.0/23 maxlen: 23
194.41.62.0/24 maxlen: 24
62.41.64.0/20 maxlen: 20
192.54.104.0/24 maxlen: 24
194.121.203.0/24 maxlen: 24
62.41.0.0/20 maxlen: 20
194.121.220.0/22 maxlen: 22
2a00:1750::/32 maxlen: 32
2001:680:12::/48 maxlen: 48
2001:680:19::/48 maxlen: 48
2001:680::/32 maxlen: 32
2001:680:20::/48 maxlen: 48
2001:680:16::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:31:61:de:bd:8d:06:3e:a4:f7:b0:6b:06:4b:7d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Oct 31 13:18:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c605d628fa9e3b900965c41123af15b68302b718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:18:6b:c4:29:3f:e2:b5:f9:28:2b:87:dc:62:
eb:3a:4c:58:37:da:c6:2b:9b:bf:79:b2:09:a9:0c:
5b:a6:ff:df:03:6e:97:fc:d4:db:c6:51:18:cf:6e:
6c:c1:5a:47:f7:02:af:9c:51:61:c8:4d:62:ed:10:
c3:ea:83:b9:96:6b:c4:fc:20:38:7e:c7:bf:68:ae:
6f:e9:cb:16:c6:3f:35:68:c0:39:c6:7b:f9:7f:68:
1e:12:6c:44:47:f1:f8:83:41:2c:c7:1a:b9:0a:1e:
d6:64:e6:b4:b2:cf:45:f5:75:31:55:27:ac:e4:e4:
ef:4b:3f:28:b2:dd:16:56:0e:d8:2e:94:de:f0:9d:
ab:99:c4:8e:e2:cd:2b:59:aa:16:e1:37:df:bd:5f:
b6:35:77:37:2b:c6:4d:b7:23:bf:6e:da:70:f9:8c:
db:63:1d:8b:ca:a4:f5:7c:0b:ea:84:b1:3c:60:34:
9b:a9:23:46:70:1e:89:84:ce:b7:46:6f:17:58:22:
15:7b:e9:f8:98:95:11:8c:60:e6:f2:2d:f0:fb:5a:
e5:d7:ed:0c:cc:00:cc:51:43:67:8c:3a:75:9d:88:
ac:7d:ad:4c:b6:ab:4c:f3:a1:86:61:7e:e1:f6:02:
28:f5:b9:c2:47:e9:bc:44:3e:99:6d:bf:fe:68:02:
1d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:05:D6:28:FA:9E:3B:90:09:65:C4:11:23:AF:15:B6:83:02:B7:18
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/xgXWKPqeO5AJZcQRI68VtoMCtxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
92.71.0.0-92.71.191.255
192.54.104.0/24
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.120.0.0/24
194.120.43.0/24
194.120.112.0/22
194.120.120.0/22
194.121.52.0/22
194.121.104.0/23
194.121.123.0/24
194.121.203.0/24
194.121.220.0/22
194.122.76.0-194.122.87.255
194.122.120.0/21
194.122.224.0/20
194.122.248.0/22
194.123.122.0/24
194.123.164.0/24
194.151.203.0/24
212.1.0.0/19
212.189.0.0/17
IPv6:
2001:680::/32
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
63:35:55:34:98:d5:21:fc:82:d9:e7:4e:c9:9d:ad:9f:d0:7c:
ad:04:78:28:30:2c:6e:9b:22:9b:a4:da:94:8f:fa:ac:7c:d9:
0b:7d:0f:00:a2:37:42:9c:31:a2:d0:89:f4:80:ce:39:86:6c:
38:d3:ce:a5:39:41:06:94:8a:64:42:f7:ff:a2:8c:b7:3e:24:
d9:4d:b4:f9:b2:a4:4a:68:8a:d2:4d:27:b3:8e:0f:f9:ac:6c:
de:fd:de:85:8b:cb:17:f5:d6:a1:f9:a2:a9:11:c2:68:b9:97:
13:bb:ee:55:da:fc:64:84:07:5f:56:6d:4a:ed:de:a6:db:42:
f8:2c:ff:c9:17:2f:ca:18:9a:8b:f4:e4:39:25:db:f3:75:28:
14:b7:82:d0:94:63:30:31:87:7e:81:2a:3d:6d:fe:75:f9:9e:
1f:15:85:e4:a1:82:02:e5:78:52:a2:47:21:0d:ac:6c:62:55:
4b:61:9a:e3:3c:57:1e:c9:b7:ca:88:50:4f:fa:8b:6e:a6:78:
db:cc:00:bb:72:86:f7:39:ad:22:30:cd:b6:18:17:9a:82:45:
15:94:92:fe:f9:ef:27:e5:44:93:83:e2:32:9b:c2:2a:96:a6:
c4:6a:2a:f3:51:a8:a1:69:ee:11:bc:1a:5e:5a:f4:df:36:28:
91:67:56:f9
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgISAYQuMWHevY0GPqT3sGsGS312MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjIxMDMxMTMxODE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA1ZDYyOGZhOWUzYjkwMDk2NWM0MTEyM2FmMTViNjgzMDJiNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRhrxCk/4rX5KCuH3GLrOkxYN9rG
K5u/ebIJqQxbpv/fA26X/NTbxlEYz25swVpH9wKvnFFhyE1i7RDD6oO5lmvE/CA4
fse/aK5v6csWxj81aMA5xnv5f2geEmxER/H4g0Esxxq5Ch7WZOa0ss9F9XUxVSes
5OTvSz8ost0WVg7YLpTe8J2rmcSO4s0rWaoW4TffvV+2NXc3K8ZNtyO/btpw+Yzb
Yx2LyqT1fAvqhLE8YDSbqSNGcB6JhM63Rm8XWCIVe+n4mJURjGDm8i3w+1rl1+0M
zADMUUNnjDp1nYisfa1MtqtM86GGYX7h9gIo9bnCR+m8RD6Zbb/+aAIdrwIDAQAB
o4IDWjCCA1YwHQYDVR0OBBYEFMYF1ij6njuQCWXEESOvFbaDArcYMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEveGdYV0tQcWVPNUFKWmNRUkk2OFZ0b01DdHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbgYIKwYBBQUHAQcBAf8EggFdMIIBWTCCAT8EAgABMIIB
NzALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAMEAD4pZgME
AD4poAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAMAwQBPoRyAwQBPoR0
AwQBPoSEMAsDAwBcRwMEBlxHgAMEAMA2aDALAwMAwY0DBADBjQIwDAMEA8GNKAME
AcGNLAMEAcGNjAMEBMHyUAMEAMIpPgMEAcItBAMEAcItDAMEAMItLwMEAcItYgME
AcIttgMEAMJ4AAMEAMJ4KwMEAsJ4cAMEAsJ4eAMEAsJ5NAMEAcJ5aAMEAMJ5ewME
AMJ5ywMEAsJ53DAMAwQCwnpMAwQDwnpQAwQDwnp4AwQEwnrgAwQCwnr4AwQAwnt6
AwQAwnukAwQAwpfLAwQF1AEAAwQH1L0AMBQEAgACMA4DBQAgAQaAAwUAKgAXUDAN
BgkqhkiG9w0BAQsFAAOCAQEAYzVVNJjVIfyC2edOyZ2tn9B8rQR4KDAsbpsim6Ta
lI/6rHzZC30PAKI3QpwxotCJ9IDOOYZsONPOpTlBBpSKZEL3/6KMtz4k2U20+bKk
SmiK0k0ns44P+axs3v3ehYvLF/XWofmiqRHCaLmXE7vuVdr8ZIQHX1ZtSu3epttC
+Cz/yRcvyhiai/TkOSXb83UoFLeC0JRjMDGHfoEqPW3+dfmeHxWF5KGCAuV4UqJH
IQ2sbGJVS2Ga4zxXHsm3yohQT/qLbqZ428wAu3KG9zmtIjDNthgXmoJFFZSS/vnv
J+VEk4PiMpvCKpamxGoq81GooWnuEbwaXlr03zYokWdW+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org