Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/9sQYzXqkZpj_qEesRdISxR0obzQ.roa
File: 9sQYzXqkZpj_qEesRdISxR0obzQ.roa (raw, json)
Hash identifier: ueD7J2eBnSGUhVqzytIRJoyf9CxPWGAq+R9vmT/VIUk=
Subject key identifier: F6:C4:18:CD:7A:A4:66:98:FF:A8:47:AC:45:D2:12:C5:1D:28:6F:34
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 05304759
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/9sQYzXqkZpj_qEesRdISxR0obzQ.roa
Signing time: Fri 03 Jun 2022 12:26:20 +0000
ROA not before: Fri 03 Jun 2022 12:26:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12312
IP address blocks: 195.247.0.0/16 maxlen: 16
195.78.160.0/19 maxlen: 19
212.122.128.0/19 maxlen: 22
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
83.129.0.0/16 maxlen: 16
85.212.0.0/18 maxlen: 18
195.52.0.0/16 maxlen: 16
85.212.0.0/16 maxlen: 16
85.212.0.0/15 maxlen: 15
185.210.52.0/22 maxlen: 22
195.254.0.0/17 maxlen: 17
195.185.0.0/16 maxlen: 16
212.172.0.0/16 maxlen: 16
85.212.128.0/18 maxlen: 18
194.162.0.0/16 maxlen: 16
85.212.64.0/18 maxlen: 18
213.54.0.0/16 maxlen: 16
62.246.0.0/16 maxlen: 16
212.255.0.0/16 maxlen: 16
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 15
85.213.0.0/16 maxlen: 16
85.212.192.0/18 maxlen: 18
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87050073 (0x5304759)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jun 3 12:26:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6c418cd7aa46698ffa847ac45d212c51d286f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:26:17:0b:4d:56:51:3f:87:f8:7c:ae:4c:1c:
24:1a:a1:5c:c2:45:43:3d:6c:a7:8e:2d:98:39:be:
db:e2:3a:19:bc:61:c9:4e:1d:5e:ed:12:b5:f4:11:
d0:3f:30:3a:fc:57:d8:e2:50:f2:28:47:05:fb:aa:
3f:b4:69:bb:0d:42:d7:5a:67:c7:8d:2d:40:e1:ae:
97:70:5c:eb:28:85:62:17:d3:a9:6a:c0:c9:47:c7:
56:e4:e0:08:d4:dc:4b:c0:6e:2e:35:a1:e9:d4:f6:
a1:74:48:0d:4e:62:54:6c:12:b2:65:9e:13:1c:0e:
dd:7e:1a:76:e6:91:b4:04:e4:d0:7a:10:39:95:f0:
a9:43:ba:bf:f2:3d:12:2c:64:6d:f8:d9:af:bd:bb:
88:aa:3d:f1:41:5e:2b:ac:75:b2:57:06:c1:7c:e5:
f4:94:2c:db:c2:d1:05:3c:9c:2d:b0:a9:01:53:50:
62:eb:fa:3b:f9:ad:cd:01:d4:f9:75:5a:9e:90:df:
1c:f3:39:70:d5:5d:04:6b:a6:c4:f5:c5:19:54:5c:
39:14:f2:64:66:4e:12:a1:e9:5f:da:5b:b5:90:bf:
8f:58:29:04:dc:50:7a:75:9e:11:92:9d:1e:03:bd:
8d:02:ca:fd:9c:ef:e3:8c:f2:9f:44:ce:cf:50:cf:
ec:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C4:18:CD:7A:A4:66:98:FF:A8:47:AC:45:D2:12:C5:1D:28:6F:34
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/9sQYzXqkZpj_qEesRdISxR0obzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
83.129.0.0/16
85.212.0.0/15
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
195.247.0.0/16
195.254.0.0/17
212.122.128.0/19
212.172.0.0/16
212.255.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
1a:d1:b4:ba:77:ba:3b:3f:7e:97:88:46:2d:b9:d0:69:ef:02:
f6:7d:fe:b8:d5:2b:b4:ee:2a:9f:fc:5b:b8:f0:ba:a5:f7:bb:
6e:a1:07:fd:e5:bf:e4:f5:c9:d0:13:35:4e:0e:10:9d:52:fe:
36:9f:4b:3e:55:fd:2b:24:79:2e:0a:e6:59:da:c4:a0:b5:e4:
e3:55:38:2e:36:6b:e5:4d:a7:2b:bc:c3:e2:5a:4b:e8:e4:d9:
08:6a:2a:54:b0:9e:8d:07:2c:b3:c8:99:b2:41:b6:5b:f9:76:
a2:ae:27:4f:fa:6a:f1:ef:6c:1e:f9:08:23:36:fd:2c:ad:e8:
ad:ae:40:fd:98:99:33:70:bf:9e:02:4c:e2:6a:e3:ba:e9:20:
ba:e3:4a:3e:f3:8c:48:be:a3:7c:ef:dc:f7:5b:1d:a9:bd:ca:
b3:ad:f5:3e:03:01:54:2d:d3:03:ce:60:1d:83:fa:fe:23:2b:
76:c6:9d:95:ad:ce:65:9e:36:b7:39:cb:a9:dc:34:24:e3:6a:
df:e3:48:92:ee:4f:58:a2:73:18:70:72:a7:70:1a:c1:af:0a:
48:cd:8d:d8:31:f6:60:0c:5d:10:04:b7:08:50:16:a9:27:4f:
d5:85:68:6a:ed:d5:cc:28:ce:07:7c:cc:b8:46:9f:e0:1d:66:
07:f3:aa:36
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIEBTBHWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDYw
MzEyMjYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZjNDE4Y2Q3YWE0
NjY5OGZmYTg0N2FjNDVkMjEyYzUxZDI4NmYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0mFwtNVlE/h/h8rkwcJBqhXMJFQz1sp44tmDm+2+I6Gbxh
yU4dXu0StfQR0D8wOvxX2OJQ8ihHBfuqP7Rpuw1C11pnx40tQOGul3Bc6yiFYhfT
qWrAyUfHVuTgCNTcS8BuLjWh6dT2oXRIDU5iVGwSsmWeExwO3X4aduaRtATk0HoQ
OZXwqUO6v/I9EixkbfjZr727iKo98UFeK6x1slcGwXzl9JQs28LRBTycLbCpAVNQ
Yuv6O/mtzQHU+XVanpDfHPM5cNVdBGumxPXFGVRcORTyZGZOEqHpX9pbtZC/j1gp
BNxQenWeEZKdHgO9jQLK/Zzv44zyn0TOz1DP7L0CAwEAAaOCAocwggKDMB0GA1Ud
DgQWBBT2xBjNeqRmmP+oR6xF0hLFHShvNDAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
LzlzUVl6WHFrWnBqX3FFZXNSZElTeFIwb2J6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nAYIKwYBBQUHAQcBAf8EgYwwgYkwcQQCAAEwawMDAT4aAwMAPpADAwA+9gMEBE+M
sAMEBFBTYAMDAFOBAwMBVdQDBAK50jQDBATCcBADAwDCogMDAMM0AwMAwz8DBAXD
TqADAwDDuQMDAMP3AwQHw/4AAwQF1HqAAwMA1KwDAwDU/wMDANU2MBQEAgACMA4D
BQEgAUCQAwUAKgEFyDANBgkqhkiG9w0BAQsFAAOCAQEAGtG0une6Oz9+l4hGLbnQ
ae8C9n3+uNUrtO4qn/xbuPC6pfe7bqEH/eW/5PXJ0BM1Tg4QnVL+Np9LPlX9KyR5
LgrmWdrEoLXk41U4LjZr5U2nK7zD4lpL6OTZCGoqVLCejQcss8iZskG2W/l2oq4n
T/pq8e9sHvkIIzb9LK3ora5A/ZiZM3C/ngJM4mrjuukguuNKPvOMSL6jfO/c91sd
qb3Ks631PgMBVC3TA85gHYP6/iMrdsadla3OZZ42tznLqdw0JONq3+NIku5PWKJz
GHByp3Aawa8KSM2N2DH2YAxdEAS3CFAWqSdP1YVoau3VzCjOB3zMuEaf4B1mB/Oq
Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:39 2024 by rpki-client on console-ams.rpki-client.org