Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/TK7COkbMmMVyzEmiWN-mqnDLnwI.roa
File: TK7COkbMmMVyzEmiWN-mqnDLnwI.roa (raw, json)
Hash identifier: BRaO2CS5KXWhN18mWtlyGaveqKOSbFKnhqbgZ/ZaAUo=
Subject key identifier: 4C:AE:C2:3A:46:CC:98:C5:72:CC:49:A2:58:DF:A6:AA:70:CB:9F:02
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 0543E065
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/TK7COkbMmMVyzEmiWN-mqnDLnwI.roa
Signing time: Tue 07 Jun 2022 19:12:02 +0000
ROA not before: Tue 07 Jun 2022 19:12:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12312
IP address blocks: 195.78.160.0/19 maxlen: 19
212.122.128.0/19 maxlen: 22
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
85.212.0.0/18 maxlen: 18
85.212.0.0/17 maxlen: 17
195.52.0.0/16 maxlen: 16
85.212.0.0/16 maxlen: 16
185.210.52.0/22 maxlen: 22
195.185.0.0/16 maxlen: 16
212.172.0.0/16 maxlen: 16
85.212.128.0/17 maxlen: 17
85.212.128.0/18 maxlen: 18
194.162.0.0/16 maxlen: 16
85.212.64.0/18 maxlen: 18
213.54.0.0/16 maxlen: 16
62.246.0.0/16 maxlen: 16
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 15
85.212.192.0/18 maxlen: 18
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88334437 (0x543e065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jun 7 19:12:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4caec23a46cc98c572cc49a258dfa6aa70cb9f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5a:9b:81:0c:9d:4f:96:32:b6:7c:c9:da:01:
42:8f:da:15:06:d1:8b:56:bb:7e:a4:97:a3:3e:93:
0a:b7:06:ee:a4:44:ad:40:22:0c:9f:61:e9:aa:f5:
f4:6b:ca:d6:4a:7d:98:97:1f:c2:22:76:bb:1f:f0:
49:2e:c7:3c:57:d5:25:90:1b:1f:85:f1:5b:18:ca:
bf:b3:9d:35:da:7a:00:e5:9b:df:15:ac:71:10:7f:
14:12:d7:0e:4a:da:42:a7:11:69:25:a2:43:a1:7f:
20:4d:34:f9:4b:32:57:33:95:10:bc:d5:e4:58:8a:
8f:83:a6:25:52:c5:0f:73:cc:bb:4f:d7:82:7a:e0:
8b:ba:f5:04:1e:ce:40:10:65:d8:fd:15:d9:9e:16:
7a:aa:ba:58:15:f9:84:cc:f6:bd:90:b4:d0:63:9b:
a8:a8:33:ed:0e:87:f5:cc:84:6e:5c:bb:4a:5a:aa:
78:07:7d:6d:51:2b:84:dc:fa:b1:cd:13:95:d7:b5:
52:7e:41:35:84:df:62:57:c5:2f:41:af:a7:b8:4f:
79:3d:67:ba:c8:ac:d1:5e:7b:54:7e:f2:e5:fa:2f:
3c:2d:04:86:9b:fd:52:4c:ad:c3:67:29:6f:13:23:
b4:96:b0:e0:51:ff:dc:f6:81:4d:e7:9c:7c:3d:1c:
35:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AE:C2:3A:46:CC:98:C5:72:CC:49:A2:58:DF:A6:AA:70:CB:9F:02
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/TK7COkbMmMVyzEmiWN-mqnDLnwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/16
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.122.128.0/19
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
b5:91:39:27:b0:84:15:d5:1e:67:53:44:0d:b8:f3:ff:08:3b:
36:8d:e6:e7:5a:22:a5:5b:68:41:63:9a:95:8f:aa:da:f4:ad:
b0:67:24:4c:d2:0c:4a:73:39:2c:22:e4:6f:45:a9:e2:6d:4c:
0d:8f:25:6b:60:2c:e5:ac:44:6c:8c:2c:ca:8f:2b:12:af:1a:
b9:a5:61:7c:be:93:36:73:a0:51:6a:f9:58:85:92:0b:c9:dd:
01:56:06:a4:e8:84:9a:2c:11:9f:7d:2f:45:ee:bb:ab:07:1c:
ad:7a:c6:97:00:fa:75:48:77:fd:69:e4:6b:7c:68:17:ae:d8:
42:3a:34:2f:73:9f:48:8b:9f:1b:0b:2d:49:0b:4b:78:f4:61:
34:9e:f7:3c:a0:16:f6:bb:fb:0d:4f:cf:08:6c:af:29:69:77:
dc:31:f5:d2:84:14:6d:95:ca:a0:63:78:35:9d:e1:22:1c:d9:
6e:e3:0e:38:a8:20:92:8e:80:34:e4:c0:b4:0a:80:35:90:08:
11:90:2b:86:36:e1:54:75:13:ab:49:ca:b8:6c:c0:ad:1b:c7:
94:4d:9e:9a:74:42:c1:c5:9e:af:08:e2:0e:e5:37:ef:3d:7f:
03:13:d3:8c:2f:e9:b4:96:99:ff:02:99:ec:dd:cc:b3:8f:d7:
6d:ec:5d:2e
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEBUPgZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDYw
NzE5MTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNhZWMyM2E0NmNj
OThjNTcyY2M0OWEyNThkZmE2YWE3MGNiOWYwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBam4EMnU+WMrZ8ydoBQo/aFQbRi1a7fqSXoz6TCrcG7qRE
rUAiDJ9h6ar19GvK1kp9mJcfwiJ2ux/wSS7HPFfVJZAbH4XxWxjKv7OdNdp6AOWb
3xWscRB/FBLXDkraQqcRaSWiQ6F/IE00+UsyVzOVELzV5FiKj4OmJVLFD3PMu0/X
gnrgi7r1BB7OQBBl2P0V2Z4Weqq6WBX5hMz2vZC00GObqKgz7Q6H9cyEbly7Slqq
eAd9bVErhNz6sc0Tlde1Un5BNYTfYlfFL0Gvp7hPeT1nusis0V57VH7y5fovPC0E
hpv9Ukytw2cpbxMjtJaw4FH/3PaBTeecfD0cNfMCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBRMrsI6RsyYxXLMSaJY36aqcMufAjAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
L1RLN0NPa2JNbU1WeXpFbWlXTi1tcW5ETG53SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MFwEAgABMFYDAwE+GgMDAD6QAwMAPvYDBARPjLAD
BARQU2ADAwBV1AMEArnSNAMEBMJwEAMDAMKiAwMAwzQDAwDDPwMEBcNOoAMDAMO5
AwQF1HqAAwMA1KwDAwDVNjAUBAIAAjAOAwUBIAFAkAMFACoBBcgwDQYJKoZIhvcN
AQELBQADggEBALWROSewhBXVHmdTRA248/8IOzaN5udaIqVbaEFjmpWPqtr0rbBn
JEzSDEpzOSwi5G9FqeJtTA2PJWtgLOWsRGyMLMqPKxKvGrmlYXy+kzZzoFFq+ViF
kgvJ3QFWBqTohJosEZ99L0Xuu6sHHK16xpcA+nVId/1p5Gt8aBeu2EI6NC9zn0iL
nxsLLUkLS3j0YTSe9zygFva7+w1Pzwhsrylpd9wx9dKEFG2VyqBjeDWd4SIc2W7j
DjioIJKOgDTkwLQKgDWQCBGQK4Y24VR1E6tJyrhswK0bx5RNnpp0QsHFnq8I4g7l
N+89fwMT04wv6bSWmf8CmezdzLOP123sXS4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:52 2025 by rpki-client