Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/4sHsT4p5vrDDuCAx5tRxyxlZYok.roa
File: 4sHsT4p5vrDDuCAx5tRxyxlZYok.roa (raw, json)
Hash identifier: Q2i5ffGvtSKfIIbIcfIbPGfzK6D71rGB0lSnGgjIbvw=
Subject key identifier: E2:C1:EC:4F:8A:79:BE:B0:C3:B8:20:31:E6:D4:71:CB:19:59:62:89
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 054195B1
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/4sHsT4p5vrDDuCAx5tRxyxlZYok.roa
Signing time: Tue 07 Jun 2022 09:48:22 +0000
ROA not before: Tue 07 Jun 2022 09:48:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 212.172.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
194.162.0.0/16 maxlen: 24
80.83.96.0/20 maxlen: 24
62.144.0.0/16 maxlen: 24
194.112.16.0/20 maxlen: 24
79.140.176.0/20 maxlen: 24
213.54.0.0/16 maxlen: 24
62.246.0.0/16 maxlen: 24
85.212.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
195.63.0.0/16 maxlen: 24
62.26.0.0/15 maxlen: 24
185.210.52.0/22 maxlen: 24
195.185.0.0/16 maxlen: 24
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
2001:4090::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88184241 (0x54195b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jun 7 09:48:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2c1ec4f8a79beb0c3b82031e6d471cb19596289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d1:3c:41:68:e7:ea:ac:18:51:45:ce:46:3e:
c5:71:7d:27:da:1c:4b:00:42:aa:05:02:88:31:80:
37:4d:0f:e5:00:41:e5:79:bd:6c:8c:d3:60:c6:8b:
e4:dc:de:23:37:ef:90:2c:e7:fe:0d:a7:73:02:9b:
32:53:29:b8:af:20:40:5f:24:34:27:e3:13:9b:d7:
dd:67:3e:34:fe:f7:a8:c7:37:ea:3b:75:20:79:4f:
9e:1f:0c:33:b3:7f:7a:2c:05:ca:e0:f0:4a:53:0a:
be:3d:32:a2:22:ab:a3:59:60:e6:3f:d5:a3:5e:1d:
4b:27:a9:95:90:21:fd:05:71:f2:58:54:27:23:dd:
da:98:ec:93:65:e1:c5:16:b5:4d:7d:70:ef:82:16:
b9:9e:f8:f3:f7:9d:23:39:db:32:d2:02:82:bd:4c:
38:0f:33:a9:a6:59:1b:f3:b5:75:ca:de:9a:78:0c:
4a:f2:38:53:80:14:55:31:c0:5d:4b:75:93:4c:98:
b2:81:6e:f7:27:27:4a:56:29:13:61:58:00:17:6b:
27:05:b4:94:47:fe:8a:aa:83:0e:f9:da:be:63:12:
13:21:26:f7:3b:da:df:2f:3d:2c:f8:08:e1:49:cd:
30:f7:e3:61:21:a2:cd:78:63:d5:25:bc:57:e4:1e:
d4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C1:EC:4F:8A:79:BE:B0:C3:B8:20:31:E6:D4:71:CB:19:59:62:89
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/4sHsT4p5vrDDuCAx5tRxyxlZYok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/16
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
0c:b4:6a:9f:70:90:a3:2e:7f:d0:52:70:3b:76:dc:43:60:08:
3d:ff:02:de:85:9c:4c:88:53:ed:6b:23:e0:8e:dc:13:8a:dc:
6f:5f:c6:c6:b7:cc:23:ee:64:e4:22:43:1d:e5:09:ae:9e:d9:
03:60:bb:f7:90:a5:e2:c1:91:59:59:df:46:77:ab:84:97:e3:
e3:1a:b8:25:0c:e1:39:47:e7:59:9b:d5:74:1a:f0:fd:d8:b9:
bc:17:df:bb:24:15:67:61:3b:a1:c5:67:f1:f6:cc:4d:06:16:
e0:fc:4c:e7:7c:0c:e4:40:94:50:4b:1a:56:cd:d8:5a:3d:e0:
22:76:1d:d4:8d:a8:09:c6:76:d7:bc:c9:b0:e0:31:ce:48:11:
10:d9:5f:81:ae:46:86:54:19:4f:91:5c:d0:d0:9a:1d:a4:b4:
2e:9e:e1:a0:4a:33:27:1e:0a:d2:53:c8:b3:24:ae:49:63:91:
e3:19:1f:f5:64:85:ce:f3:5f:7b:60:9a:50:ad:ea:fb:2e:45:
0a:18:a1:47:f5:b1:57:6a:1b:eb:03:d4:70:61:5d:d1:4a:eb:
4b:32:35:31:2c:e7:65:27:0a:3d:78:af:15:a1:c2:d8:e2:6d:
20:47:1d:00:cc:52:1b:72:3c:82:86:0c:e6:cc:c8:9b:27:07:
c3:7a:8d:7b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEBUGVsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDYw
NzA5NDgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJjMWVjNGY4YTc5
YmViMGMzYjgyMDMxZTZkNDcxY2IxOTU5NjI4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO/RPEFo5+qsGFFFzkY+xXF9J9ocSwBCqgUCiDGAN00P5QBB
5Xm9bIzTYMaL5NzeIzfvkCzn/g2ncwKbMlMpuK8gQF8kNCfjE5vX3Wc+NP73qMc3
6jt1IHlPnh8MM7N/eiwFyuDwSlMKvj0yoiKro1lg5j/Vo14dSyeplZAh/QVx8lhU
JyPd2pjsk2XhxRa1TX1w74IWuZ748/edIznbMtICgr1MOA8zqaZZG/O1dcremngM
SvI4U4AUVTHAXUt1k0yYsoFu9ycnSlYpE2FYABdrJwW0lEf+iqqDDvnavmMSEyEm
9zva3y89LPgI4UnNMPfjYSGizXhj1SW8V+Qe1H8CAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBTiwexPinm+sMO4IDHm1HHLGVliiTAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
LzRzSHNUNHA1dnJERHVDQXg1dFJ4eXhsWllvay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wVgQCAAEwUAMDAT4aAwMAPpADAwA+9gMEBE+MsAME
BFBTYAMDAFXUAwQCudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQFw06gAwMAw7kD
AwDUrAMDANU2MBQEAgACMA4DBQEgAUCQAwUAKgEFyDANBgkqhkiG9w0BAQsFAAOC
AQEADLRqn3CQoy5/0FJwO3bcQ2AIPf8C3oWcTIhT7Wsj4I7cE4rcb1/GxrfMI+5k
5CJDHeUJrp7ZA2C795Cl4sGRWVnfRnerhJfj4xq4JQzhOUfnWZvVdBrw/di5vBff
uyQVZ2E7ocVn8fbMTQYW4PxM53wM5ECUUEsaVs3YWj3gInYd1I2oCcZ217zJsOAx
zkgRENlfga5GhlQZT5Fc0NCaHaS0Lp7hoEozJx4K0lPIsySuSWOR4xkf9WSFzvNf
e2CaUK3q+y5FChihR/WxV2ob6wPUcGFd0UrrSzI1MSznZScKPXivFaHC2OJtIEcd
AMxSG3I8goYM5szImycHw3qNew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:39 2024 by rpki-client on console-ams.rpki-client.org