Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/7p2cr6iFpgbtmtWt1ZN2njcwHfE.roa
File: 7p2cr6iFpgbtmtWt1ZN2njcwHfE.roa (raw, json)
Hash identifier: e3G13FtzjitwAS0aUzPaDvGFpXqdGBL/m1dfUL34fQM=
Subject key identifier: EE:9D:9C:AF:A8:85:A6:06:ED:9A:D5:AD:D5:93:76:9E:37:30:1D:F1
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01857246CA98881E8A349868FE1B383D3CE8
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/7p2cr6iFpgbtmtWt1ZN2njcwHfE.roa
Signing time: Mon 02 Jan 2023 11:38:40 +0000
ROA not before: Mon 02 Jan 2023 11:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12312
IP address blocks: 212.172.0.0/16 maxlen: 16
85.212.128.0/17 maxlen: 17
85.212.128.0/18 maxlen: 18
195.78.160.0/19 maxlen: 19
194.162.0.0/16 maxlen: 16
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
85.212.64.0/18 maxlen: 18
62.246.0.0/16 maxlen: 16
213.54.0.0/16 maxlen: 16
85.212.0.0/18 maxlen: 18
85.212.0.0/17 maxlen: 17
195.52.0.0/16 maxlen: 16
85.212.0.0/16 maxlen: 16
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 15
185.210.52.0/22 maxlen: 22
85.212.192.0/18 maxlen: 18
195.185.0.0/16 maxlen: 16
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ca:98:88:1e:8a:34:98:68:fe:1b:38:3d:3c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 2 11:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee9d9cafa885a606ed9ad5add593769e37301df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:07:2d:db:84:2f:70:44:6c:3f:c9:8b:73:1c:
52:ee:d7:c9:6e:20:91:b5:0b:13:f0:31:26:13:98:
79:bf:f9:62:ea:bb:30:2d:77:04:3b:c4:4c:c5:5e:
89:1a:0f:bb:68:92:fc:97:b4:07:fc:2f:da:18:8a:
bf:f5:18:fa:74:6a:29:d4:af:08:fb:e6:e0:e4:ae:
d1:0b:c2:8b:6e:d4:c2:e0:8f:67:c6:ca:16:f4:0e:
30:e3:19:ae:96:b1:64:03:ea:55:a9:a1:18:fa:76:
63:80:8c:20:28:01:df:13:55:86:a2:1e:fe:e9:cf:
9f:ad:bd:48:c8:15:ed:19:be:e0:5c:19:95:17:65:
a0:ff:f5:ff:07:fb:2b:91:4d:fe:7d:d6:f8:c3:de:
6e:a0:56:45:34:e5:16:35:f5:69:50:20:1b:db:c2:
88:f2:cf:f9:8b:49:c5:ca:18:37:13:40:44:b1:d1:
5e:90:28:78:44:1c:33:02:50:b3:92:b1:4b:16:f4:
0d:29:6a:dd:d5:5d:80:06:d3:61:c1:98:13:39:98:
0b:cd:3d:c9:18:01:3f:7a:60:be:83:35:39:f8:2c:
67:82:42:a9:7f:e8:66:ec:07:1b:53:98:36:2b:19:
a1:b6:c9:2c:59:28:2a:df:c3:6a:78:8a:2e:fb:99:
2a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9D:9C:AF:A8:85:A6:06:ED:9A:D5:AD:D5:93:76:9E:37:30:1D:F1
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/7p2cr6iFpgbtmtWt1ZN2njcwHfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/16
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
9a:de:da:c5:1f:13:12:90:62:39:f9:fa:dc:86:5e:d8:b0:b7:
57:1f:36:3a:69:d3:6a:a7:4c:a5:9d:34:3e:44:ac:3a:98:9b:
b7:99:c1:df:1e:9a:05:8f:69:87:cb:1e:e5:67:23:c2:79:53:
c2:cb:b1:35:16:15:ae:8b:ca:19:4f:0a:65:14:10:33:88:99:
2c:09:2e:43:52:3a:2d:15:01:a0:a1:8b:c2:e6:9a:ca:77:a0:
81:1f:f9:de:2b:fa:9a:31:72:88:4f:f8:bd:b0:44:6c:6e:89:
16:11:75:dd:76:34:fb:78:0e:a1:68:83:e8:1e:65:3c:37:e5:
46:6e:09:ba:e2:36:a3:82:70:5f:c8:72:fb:00:a6:12:5b:fa:
1e:5e:72:12:13:6d:3b:36:f5:3c:b7:d5:3f:aa:70:df:c9:61:
09:5f:55:89:fb:04:70:05:56:41:99:dd:ec:6e:44:23:e2:d0:
b5:a2:1f:aa:b4:99:46:3d:f1:1c:22:01:52:26:f9:4b:dd:17:
f5:56:eb:a5:1e:35:dc:ca:17:9d:32:42:53:76:76:b4:64:6d:
0b:f3:a3:0b:04:b2:d1:aa:24:82:bb:a5:a4:36:fe:3f:84:31:
1b:80:99:b3:ef:c6:44:7c:be:00:34:ee:00:b5:2a:16:67:d1:
da:6d:20:2a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVyRsqYiB6KNJho/hs4PTzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTlkOWNhZmE4ODVhNjA2ZWQ5YWQ1YWRkNTkzNzY5ZTM3MzAxZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQct24QvcERsP8mLcxxS7tfJbiCR
tQsT8DEmE5h5v/li6rswLXcEO8RMxV6JGg+7aJL8l7QH/C/aGIq/9Rj6dGop1K8I
++bg5K7RC8KLbtTC4I9nxsoW9A4w4xmulrFkA+pVqaEY+nZjgIwgKAHfE1WGoh7+
6c+frb1IyBXtGb7gXBmVF2Wg//X/B/srkU3+fdb4w95uoFZFNOUWNfVpUCAb28KI
8s/5i0nFyhg3E0BEsdFekCh4RBwzAlCzkrFLFvQNKWrd1V2ABtNhwZgTOZgLzT3J
GAE/emC+gzU5+CxngkKpf+hm7AcbU5g2KxmhtsksWSgq38NqeIou+5kqKwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFO6dnK+ohaYG7ZrVrdWTdp43MB3xMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvN3AyY3I2aUZwZ2J0bXRXdDFaTjJuamN3SGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwMAVdQDBAK50jQDBATCcBADAwDCogMDAMM0AwMA
wz8DBAXDTqADAwDDuQMDANSsAwMA1TYwFAQCAAIwDgMFASABQJADBQAqAQXIMA0G
CSqGSIb3DQEBCwUAA4IBAQCa3trFHxMSkGI5+frchl7YsLdXHzY6adNqp0ylnTQ+
RKw6mJu3mcHfHpoFj2mHyx7lZyPCeVPCy7E1FhWui8oZTwplFBAziJksCS5DUjot
FQGgoYvC5prKd6CBH/neK/qaMXKIT/i9sERsbokWEXXddjT7eA6haIPoHmU8N+VG
bgm64jajgnBfyHL7AKYSW/oeXnISE207NvU8t9U/qnDfyWEJX1WJ+wRwBVZBmd3s
bkQj4tC1oh+qtJlGPfEcIgFSJvlL3Rf1VuulHjXcyhedMkJTdna0ZG0L86MLBLLR
qiSCu6WkNv4/hDEbgJmz78ZEfL4ANO4AtSoWZ9HabSAq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org