Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/UNiMFeWqzQbMwLOj9_Ins3O0qa0.roa
File: UNiMFeWqzQbMwLOj9_Ins3O0qa0.roa (raw, json)
Hash identifier: /Ix9O3EBSeVMqwbYCXH0wJhNvAGeYOKK3K5BDhSqGEs=
Subject key identifier: 50:D8:8C:15:E5:AA:CD:06:CC:C0:B3:A3:F7:F2:27:B3:73:B4:A9:AD
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01857246CA06856624DDD20C899B106B4A4A
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/UNiMFeWqzQbMwLOj9_Ins3O0qa0.roa
Signing time: Mon 02 Jan 2023 11:38:39 +0000
ROA not before: Mon 02 Jan 2023 11:38:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 212.172.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
194.162.0.0/16 maxlen: 24
80.83.96.0/20 maxlen: 24
62.144.0.0/16 maxlen: 24
194.112.16.0/20 maxlen: 24
79.140.176.0/20 maxlen: 24
213.54.0.0/16 maxlen: 24
62.246.0.0/16 maxlen: 24
85.212.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
195.63.0.0/16 maxlen: 24
62.26.0.0/15 maxlen: 24
185.210.52.0/22 maxlen: 24
195.185.0.0/16 maxlen: 24
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
2001:4090::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ca:06:85:66:24:dd:d2:0c:89:9b:10:6b:4a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 2 11:38:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50d88c15e5aacd06ccc0b3a3f7f227b373b4a9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f8:a9:e7:88:01:c2:75:ca:16:2b:bc:4b:ca:
22:ed:04:12:44:ad:e7:75:68:ee:da:a8:31:fe:70:
8c:1b:f6:da:10:b7:ae:b6:2b:36:d1:66:4e:56:9f:
7e:61:9f:03:c2:e4:d7:67:1f:a2:f1:48:56:a6:62:
c6:04:13:29:a7:ab:f3:8b:27:ff:19:aa:97:d2:96:
90:e3:fd:31:bc:4a:0f:59:3f:48:37:d0:89:83:7c:
da:74:ef:ef:6d:40:1d:1b:29:97:b5:3f:8c:c3:bc:
a1:84:fc:72:ff:3f:ae:34:56:d6:17:57:2d:ac:fd:
1a:c8:8e:a4:2e:02:66:78:e2:d4:85:e0:ab:73:98:
f0:85:3d:b9:c6:a2:d0:e5:75:df:81:c0:ad:de:59:
78:5d:63:a6:e6:12:4c:22:cf:94:b3:86:58:59:0a:
36:1f:cb:23:48:fe:e3:71:1c:c2:63:0e:9e:ee:33:
10:98:9b:ee:c3:1d:01:19:c8:b3:aa:6e:fc:a6:1c:
8e:7a:85:f6:60:41:bf:cf:89:44:87:3d:c1:cf:9c:
09:0b:da:0e:da:b5:6b:5d:ca:6c:ff:10:5a:bf:eb:
16:bc:98:52:5c:ae:7e:72:50:2c:e0:86:a7:ec:43:
34:8c:01:2b:30:c2:2a:0d:f7:ae:a5:de:c7:07:29:
0c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D8:8C:15:E5:AA:CD:06:CC:C0:B3:A3:F7:F2:27:B3:73:B4:A9:AD
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/UNiMFeWqzQbMwLOj9_Ins3O0qa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/16
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
57:b0:ee:d8:e7:51:b2:12:32:8a:7b:0a:36:ff:f2:8c:b8:ff:
4e:8d:b7:17:ca:82:19:cf:67:79:9a:f0:91:eb:1c:ec:53:9d:
77:7a:09:11:99:bb:86:c6:5a:cc:b1:c3:2c:21:96:be:f3:bc:
0d:c7:5d:dd:78:ba:2d:66:04:d7:e0:5e:45:e7:97:da:bd:5b:
94:9c:92:23:2e:37:5b:e6:01:71:59:22:65:6e:87:62:d0:b6:
e9:5d:89:42:ba:d4:42:0e:dc:d8:f2:dd:4e:8a:1f:f3:bd:9d:
77:f0:37:77:f9:e3:cd:e7:2b:0c:50:16:b6:02:fd:23:9e:d9:
b0:7d:6b:50:fc:30:42:da:54:32:43:bc:96:db:8a:58:7c:a8:
87:e5:94:4a:e8:e2:db:2c:f7:24:6c:8a:38:3c:91:90:ee:ef:
90:04:b3:a9:5b:45:01:2a:90:5d:f3:20:45:ae:d9:9f:f2:e3:
02:23:79:a0:e7:3c:e5:02:8b:5d:56:a6:20:a5:44:47:63:73:
1d:25:42:dd:af:54:e8:2b:ad:b5:e1:a5:79:f1:9f:0e:f6:e4:
95:59:6a:b2:9a:3b:57:b5:e7:36:ba:3d:a0:f1:72:94:7a:89:
c4:6e:42:7f:90:0a:f0:4f:7a:73:c2:89:68:15:76:51:eb:a2:
2f:2c:34:b4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVyRsoGhWYk3dIMiZsQa0pKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjMwMTAyMTEzODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQ4OGMxNWU1YWFjZDA2Y2NjMGIzYTNmN2YyMjdiMzczYjRhOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPip54gBwnXKFiu8S8oi7QQSRK3n
dWju2qgx/nCMG/baELeutis20WZOVp9+YZ8DwuTXZx+i8UhWpmLGBBMpp6vziyf/
GaqX0paQ4/0xvEoPWT9IN9CJg3zadO/vbUAdGymXtT+Mw7yhhPxy/z+uNFbWF1ct
rP0ayI6kLgJmeOLUheCrc5jwhT25xqLQ5XXfgcCt3ll4XWOm5hJMIs+Us4ZYWQo2
H8sjSP7jcRzCYw6e7jMQmJvuwx0BGcizqm78phyOeoX2YEG/z4lEhz3Bz5wJC9oO
2rVrXcps/xBav+sWvJhSXK5+clAs4Ian7EM0jAErMMIqDfeupd7HBykMCwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFFDYjBXlqs0GzMCzo/fyJ7NztKmtMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvVU5pTUZlV3F6UWJNd0xPajlfSW5zM08wcWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwMAVdQDBAK50jQDBATCcBADAwDCogMDAMM0AwMA
wz8DBAXDTqADAwDDuQMDANSsAwMA1TYwFAQCAAIwDgMFASABQJADBQAqAQXIMA0G
CSqGSIb3DQEBCwUAA4IBAQBXsO7Y51GyEjKKewo2//KMuP9OjbcXyoIZz2d5mvCR
6xzsU513egkRmbuGxlrMscMsIZa+87wNx13deLotZgTX4F5F55favVuUnJIjLjdb
5gFxWSJlbodi0LbpXYlCutRCDtzY8t1Oih/zvZ138Dd3+ePN5ysMUBa2Av0jntmw
fWtQ/DBC2lQyQ7yW24pYfKiH5ZRK6OLbLPckbIo4PJGQ7u+QBLOpW0UBKpBd8yBF
rtmf8uMCI3mg5zzlAotdVqYgpURHY3MdJULdr1ToK6214aV58Z8O9uSVWWqymjtX
tec2uj2g8XKUeonEbkJ/kArwT3pzwoloFXZR66IvLDS0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:39 2024 by rpki-client on console-ams.rpki-client.org