Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/OgKpDqIALZw6cIAoBIHekb36ddc.roa
File: OgKpDqIALZw6cIAoBIHekb36ddc.roa (raw, json)
Hash identifier: djiTuXqFuWNzMQWtO49+5ackyC7wA/byQrzkUKcZOz4=
Subject key identifier: 3A:02:A9:0E:A2:00:2D:9C:3A:70:80:28:04:81:DE:91:BD:FA:75:D7
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 05314723
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/OgKpDqIALZw6cIAoBIHekb36ddc.roa
Signing time: Fri 03 Jun 2022 12:27:20 +0000
ROA not before: Fri 03 Jun 2022 12:27:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 212.172.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
194.162.0.0/16 maxlen: 24
80.83.96.0/20 maxlen: 24
62.144.0.0/16 maxlen: 24
194.112.16.0/20 maxlen: 24
79.140.176.0/20 maxlen: 24
213.54.0.0/16 maxlen: 24
62.246.0.0/16 maxlen: 24
85.212.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
85.212.0.0/15 maxlen: 24
195.63.0.0/16 maxlen: 24
62.26.0.0/15 maxlen: 24
185.210.52.0/22 maxlen: 24
195.185.0.0/16 maxlen: 24
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
2001:4090::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87115555 (0x5314723)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jun 3 12:27:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a02a90ea2002d9c3a7080280481de91bdfa75d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e3:60:8f:24:60:ff:07:ee:52:15:6d:13:84:
4c:99:4f:75:13:f6:a3:4d:75:ab:ce:0c:95:27:c1:
ce:27:d7:71:65:89:82:be:02:ac:32:4a:ec:e3:64:
7e:09:ba:a5:9e:51:71:aa:a5:aa:7c:a9:16:49:4e:
6e:1a:f9:02:b6:61:4c:a7:59:e4:a8:2c:12:65:8a:
85:7e:50:f9:54:50:c8:e0:86:e5:5a:fd:e8:ae:e6:
da:a5:33:c4:76:b2:bf:c8:1e:dc:94:d6:4f:85:3c:
2e:f0:9a:22:b0:62:41:ff:a7:03:95:a5:68:df:80:
e1:3a:12:3d:ea:c7:13:c8:b1:9c:68:aa:3b:f4:e1:
22:31:92:16:32:04:69:b2:28:17:39:f6:e5:45:8f:
ff:65:44:26:26:1b:34:7f:5e:54:e9:ec:f8:d6:79:
02:67:97:5e:cb:a8:97:a8:42:84:2d:8e:a7:be:98:
5b:e1:16:86:f9:f2:e8:cd:05:66:09:92:1d:ca:2a:
74:46:dc:0a:24:b2:96:e4:95:03:c5:15:e0:65:0a:
63:1c:cf:6d:a7:36:19:b4:da:13:9c:c2:51:54:81:
15:8c:ec:5c:e0:fd:d4:d6:99:08:02:55:da:e3:09:
a0:43:f7:04:48:d2:3c:a6:33:c2:58:93:fb:de:66:
81:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:02:A9:0E:A2:00:2D:9C:3A:70:80:28:04:81:DE:91:BD:FA:75:D7
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/OgKpDqIALZw6cIAoBIHekb36ddc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/15
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
2d:ad:6f:65:f0:9f:11:ae:67:ea:ae:9f:36:4f:6c:23:39:99:
e1:37:fb:f4:77:cf:e8:fb:94:0d:2e:7c:44:59:de:bc:55:1c:
e8:32:5b:34:7c:91:be:9c:7d:07:99:af:80:d8:a3:e6:fa:a3:
40:c8:43:c2:74:5a:d3:7b:c4:6a:5a:ab:47:3d:45:08:06:f7:
33:5d:d2:a9:20:c6:57:b3:31:af:68:06:22:24:aa:a4:e9:4c:
4c:bd:34:61:fe:c0:b3:f3:8d:c0:bb:d3:30:42:dc:5c:89:f4:
ec:d6:c2:97:dd:7e:ff:41:25:7a:b2:c4:8e:ff:42:f6:f9:0f:
01:55:6c:9d:d2:c2:6f:64:3d:88:f7:68:ff:11:68:ba:2c:3e:
c7:7c:69:4a:ab:47:1c:7a:c4:4a:ce:e4:66:80:1c:d1:2b:54:
2c:49:a9:8d:ac:64:10:76:b4:06:dd:09:9d:4e:71:2c:e6:d8:
4f:a4:1b:ce:f8:74:97:0a:0a:1a:a3:8e:77:9a:17:e2:97:0e:
ce:80:66:69:53:a7:73:85:bf:48:1f:86:21:45:6e:65:b8:2f:
3e:ce:24:27:c3:44:7e:49:76:b0:0c:67:16:fc:58:88:66:92:
a0:a1:e2:40:b0:d4:1d:ee:b7:ef:11:91:9e:55:c1:31:6f:f8:
f0:a3:7f:9b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEBTFHIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDYw
MzEyMjcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2EwMmE5MGVhMjAw
MmQ5YzNhNzA4MDI4MDQ4MWRlOTFiZGZhNzVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfjYI8kYP8H7lIVbROETJlPdRP2o011q84MlSfBzifXcWWJ
gr4CrDJK7ONkfgm6pZ5RcaqlqnypFklObhr5ArZhTKdZ5KgsEmWKhX5Q+VRQyOCG
5Vr96K7m2qUzxHayv8ge3JTWT4U8LvCaIrBiQf+nA5WlaN+A4ToSPerHE8ixnGiq
O/ThIjGSFjIEabIoFzn25UWP/2VEJiYbNH9eVOns+NZ5AmeXXsuol6hChC2Op76Y
W+EWhvny6M0FZgmSHcoqdEbcCiSyluSVA8UV4GUKYxzPbac2GbTaE5zCUVSBFYzs
XOD91NaZCAJV2uMJoEP3BEjSPKYzwliT+95mgXkCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBQ6AqkOogAtnDpwgCgEgd6Rvfp11zAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
L09nS3BEcUlBTFp3NmNJQW9CSUhla2IzNmRkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wVgQCAAEwUAMDAT4aAwMAPpADAwA+9gMEBE+MsAME
BFBTYAMDAVXUAwQCudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQFw06gAwMAw7kD
AwDUrAMDANU2MBQEAgACMA4DBQEgAUCQAwUAKgEFyDANBgkqhkiG9w0BAQsFAAOC
AQEALa1vZfCfEa5n6q6fNk9sIzmZ4Tf79HfP6PuUDS58RFnevFUc6DJbNHyRvpx9
B5mvgNij5vqjQMhDwnRa03vEalqrRz1FCAb3M13SqSDGV7Mxr2gGIiSqpOlMTL00
Yf7As/ONwLvTMELcXIn07NbCl91+/0ElerLEjv9C9vkPAVVsndLCb2Q9iPdo/xFo
uiw+x3xpSqtHHHrESs7kZoAc0StULEmpjaxkEHa0Bt0JnU5xLObYT6Qbzvh0lwoK
GqOOd5oX4pcOzoBmaVOnc4W/SB+GIUVuZbgvPs4kJ8NEfkl2sAxnFvxYiGaSoKHi
QLDUHe637xGRnlXBMW/48KN/mw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:27 2025 by rpki-client