Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/0EqLLDnRI2910vwSZ6o5ZSBtLxc.roa
File: 0EqLLDnRI2910vwSZ6o5ZSBtLxc.roa (raw, json)
Hash identifier: vwHv6g0OuHt3GuiOl8duScI8wvDP04pGMX5ByEHT+kk=
Subject key identifier: D0:4A:8B:2C:39:D1:23:6F:75:D2:FC:12:67:AA:39:65:20:6D:2F:17
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 051CFFEF
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/0EqLLDnRI2910vwSZ6o5ZSBtLxc.roa
Signing time: Fri 27 May 2022 12:12:13 +0000
ROA not before: Fri 27 May 2022 12:12:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12312
IP address blocks: 195.247.0.0/16 maxlen: 16
195.78.160.0/19 maxlen: 19
212.122.128.0/19 maxlen: 22
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
83.129.0.0/16 maxlen: 16
85.212.0.0/18 maxlen: 18
195.52.0.0/16 maxlen: 16
85.212.0.0/15 maxlen: 15
185.210.52.0/22 maxlen: 22
195.254.0.0/17 maxlen: 17
195.185.0.0/16 maxlen: 16
212.172.0.0/16 maxlen: 16
85.212.128.0/18 maxlen: 18
194.162.0.0/16 maxlen: 16
85.212.64.0/18 maxlen: 18
213.54.0.0/16 maxlen: 16
62.246.0.0/16 maxlen: 16
212.255.0.0/16 maxlen: 16
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 15
85.212.192.0/18 maxlen: 18
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85786607 (0x51cffef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: May 27 12:12:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d04a8b2c39d1236f75d2fc1267aa3965206d2f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:66:da:af:ae:69:9a:d8:17:2b:12:59:72:
90:c0:af:6f:48:00:86:5c:b1:ab:4e:81:62:86:3d:
50:d6:e3:56:d8:c7:7f:d2:eb:f8:1f:b4:00:7f:24:
ab:54:8c:fb:44:4b:de:7a:0f:6f:7e:55:6b:20:6c:
59:44:76:c4:8d:91:c1:b6:ea:f4:b5:ab:3f:32:49:
c7:5c:7e:94:01:b5:c2:f4:f4:7a:0c:62:e1:1d:8d:
c1:a4:19:7b:86:cf:8e:f1:80:fb:f0:52:7b:f3:13:
d6:5d:f0:b9:1a:da:9b:cf:92:5e:7d:85:e2:87:05:
56:e9:6a:f2:d8:ce:d2:9b:bc:63:f3:6e:a4:20:44:
9c:ef:54:e6:40:86:89:16:ad:56:28:57:a2:37:f4:
a0:00:d9:f3:56:ae:61:e3:39:6d:a7:5f:d9:52:d4:
1c:6b:7f:49:4e:1d:30:2c:17:30:3e:95:78:25:c9:
3e:3f:5b:aa:27:33:18:fe:5e:77:8b:31:67:e7:21:
ac:06:7d:8c:ef:e0:66:a1:bd:e4:d5:14:cc:a3:12:
d3:f7:64:72:19:84:51:60:0a:64:15:40:e1:73:3a:
f0:de:4d:ac:ad:fc:0c:81:0f:0e:05:ea:b1:ce:c4:
ce:b3:9a:e6:4d:f5:0b:2b:c4:f8:95:5b:ad:85:53:
c3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4A:8B:2C:39:D1:23:6F:75:D2:FC:12:67:AA:39:65:20:6D:2F:17
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/0EqLLDnRI2910vwSZ6o5ZSBtLxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
83.129.0.0/16
85.212.0.0/15
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
195.247.0.0/16
195.254.0.0/17
212.122.128.0/19
212.172.0.0/16
212.255.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
b1:4e:d1:e9:90:ba:7b:45:53:ea:10:d7:bd:3c:4e:96:8e:9f:
23:bb:f1:f0:26:de:50:ba:74:1a:8c:3b:ff:64:7b:f4:35:64:
8a:7e:4d:5b:e2:25:83:7e:47:69:48:a5:1c:29:ad:65:fd:76:
bc:c2:d5:bf:17:0f:be:f5:59:98:12:25:90:70:13:db:1f:a2:
82:52:34:4f:86:66:c3:fa:d8:3f:fe:5b:0a:d7:63:ff:51:fc:
ff:31:3b:f9:aa:5d:a8:0e:ca:db:17:23:82:3a:b4:21:cb:80:
e7:c4:54:48:32:a3:a4:97:7e:ea:e7:57:35:10:c5:53:f5:da:
38:04:ed:fd:93:ed:70:ff:ae:bd:b0:c1:26:66:84:9d:35:93:
67:00:e2:51:f2:c1:2d:e8:eb:1d:60:1e:57:14:03:fd:0f:f7:
e6:76:22:82:52:69:76:da:a5:52:d3:1a:af:c2:3d:00:63:78:
91:e0:b1:9a:30:8f:a6:fa:0b:ec:aa:33:6b:0d:03:d5:2c:80:
86:39:3a:e3:82:0a:5f:29:08:d8:e7:62:08:cc:a1:b5:32:d5:
10:cf:db:7d:69:d5:18:6e:26:51:f7:b1:7e:13:f7:a1:8f:a8:
ff:72:eb:d8:33:f5:1f:20:82:3b:78:61:d7:f8:cf:13:b1:da:
bd:d8:37:0b
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIEBRz/7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDUy
NzEyMTIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA0YThiMmMzOWQx
MjM2Zjc1ZDJmYzEyNjdhYTM5NjUyMDZkMmYxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJNZtqvrmma2BcrEllykMCvb0gAhlyxq06BYoY9UNbjVtjH
f9Lr+B+0AH8kq1SM+0RL3noPb35VayBsWUR2xI2Rwbbq9LWrPzJJx1x+lAG1wvT0
egxi4R2NwaQZe4bPjvGA+/BSe/MT1l3wuRram8+SXn2F4ocFVulq8tjO0pu8Y/Nu
pCBEnO9U5kCGiRatVihXojf0oADZ81auYeM5badf2VLUHGt/SU4dMCwXMD6VeCXJ
Pj9bqiczGP5ed4sxZ+chrAZ9jO/gZqG95NUUzKMS0/dkchmEUWAKZBVA4XM68N5N
rK38DIEPDgXqsc7EzrOa5k31CyvE+JVbrYVTw5kCAwEAAaOCAocwggKDMB0GA1Ud
DgQWBBTQSossOdEjb3XS/BJnqjllIG0vFzAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
LzBFcUxMRG5SSTI5MTB2d1NaNm81WlNCdEx4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nAYIKwYBBQUHAQcBAf8EgYwwgYkwcQQCAAEwawMDAT4aAwMAPpADAwA+9gMEBE+M
sAMEBFBTYAMDAFOBAwMBVdQDBAK50jQDBATCcBADAwDCogMDAMM0AwMAwz8DBAXD
TqADAwDDuQMDAMP3AwQHw/4AAwQF1HqAAwMA1KwDAwDU/wMDANU2MBQEAgACMA4D
BQEgAUCQAwUAKgEFyDANBgkqhkiG9w0BAQsFAAOCAQEAsU7R6ZC6e0VT6hDXvTxO
lo6fI7vx8CbeULp0Gow7/2R79DVkin5NW+Ilg35HaUilHCmtZf12vMLVvxcPvvVZ
mBIlkHAT2x+iglI0T4Zmw/rYP/5bCtdj/1H8/zE7+apdqA7K2xcjgjq0IcuA58RU
SDKjpJd+6udXNRDFU/XaOATt/ZPtcP+uvbDBJmaEnTWTZwDiUfLBLejrHWAeVxQD
/Q/35nYiglJpdtqlUtMar8I9AGN4keCxmjCPpvoL7Kozaw0D1SyAhjk644IKXykI
2OdiCMyhtTLVEM/bfWnVGG4mUfexfhP3oY+o/3Lr2DP1HyCCO3hh1/jPE7Havdg3
Cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org