Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/cu6I15ZsLE9ozUiscVCwJK2DPIA.roa
File: cu6I15ZsLE9ozUiscVCwJK2DPIA.roa (raw, json)
Hash identifier: 9Emeymy+ZHaZrM4TQH34B8DvQve6goWMEsPBjb8IlgU=
Subject key identifier: 72:EE:88:D7:96:6C:2C:4F:68:CD:48:AC:71:50:B0:24:AD:83:3C:80
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 052C1882
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/cu6I15ZsLE9ozUiscVCwJK2DPIA.roa
Signing time: Thu 02 Jun 2022 07:45:20 +0000
ROA not before: Thu 02 Jun 2022 07:45:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 212.172.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
194.162.0.0/16 maxlen: 24
80.83.96.0/20 maxlen: 24
62.144.0.0/16 maxlen: 24
194.112.16.0/20 maxlen: 24
79.140.176.0/20 maxlen: 24
213.54.0.0/16 maxlen: 24
62.246.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
85.212.0.0/15 maxlen: 24
195.63.0.0/16 maxlen: 24
62.26.0.0/15 maxlen: 24
185.210.52.0/22 maxlen: 24
195.185.0.0/16 maxlen: 24
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
2001:4090::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86775938 (0x52c1882)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jun 2 07:45:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72ee88d7966c2c4f68cd48ac7150b024ad833c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fb:5f:c4:eb:81:d0:82:31:64:37:99:ee:36:
9a:8b:0c:e9:6c:20:b2:45:4e:2a:fe:01:eb:19:1c:
99:78:27:00:d4:b8:b8:de:bd:7a:43:dc:69:be:9a:
d9:68:bd:c3:26:b8:02:09:45:fe:c8:39:25:e6:01:
c1:78:3a:fa:35:e3:38:03:b5:5f:bd:c1:38:bf:7f:
a9:98:44:77:79:36:eb:76:ae:68:5d:1b:c0:4b:29:
c3:d0:fd:d4:5c:f9:b8:36:ab:66:3e:35:d8:90:e0:
8f:fd:f4:3f:b5:ee:54:9a:78:52:c5:e2:5c:5d:37:
d1:2b:21:fd:2f:b1:fd:01:70:cc:8f:ce:67:06:90:
f9:19:a1:dd:97:b7:a8:df:92:80:19:7f:c0:72:e8:
ab:28:59:19:06:9c:71:fb:aa:08:87:64:69:5d:37:
5f:4a:f6:d4:eb:d4:80:a9:48:90:76:0b:16:66:03:
15:4a:5c:64:cb:22:ed:88:1a:a7:90:00:e1:67:c6:
4f:82:01:09:2c:2a:b6:77:ae:83:2b:1f:e6:28:d7:
ed:62:61:a6:4b:0b:53:87:c9:f7:24:c0:7c:a3:a0:
a3:3d:aa:07:3b:0d:ba:48:3a:3c:98:30:97:f2:61:
5b:16:6a:2c:83:01:eb:5d:4c:ed:13:ff:7d:bd:c7:
11:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EE:88:D7:96:6C:2C:4F:68:CD:48:AC:71:50:B0:24:AD:83:3C:80
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/cu6I15ZsLE9ozUiscVCwJK2DPIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/15
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
a0:77:d8:2e:81:78:3b:d6:02:c8:5a:f7:b9:c3:ea:7a:18:a3:
b8:a3:f7:ee:40:97:18:1a:4a:c9:29:1d:b5:e5:e7:44:a8:d4:
a2:74:4b:57:49:17:8d:c2:8a:50:ea:a6:76:a5:ee:49:25:53:
0d:52:fa:6b:d0:6a:c8:d6:f4:a3:17:dd:7b:4e:00:ed:b1:73:
58:3f:b0:8a:38:24:55:c3:3a:47:7e:6d:be:07:43:40:9e:c6:
72:dc:9c:5c:23:71:38:06:1f:96:7e:7e:50:e6:b5:7d:65:53:
bc:c2:2c:4a:ef:fd:87:2c:66:8f:26:bf:c5:ed:01:da:15:f6:
d8:d7:e3:bb:81:86:d8:2e:16:81:22:19:49:3d:ce:a5:8f:c0:
a1:43:81:01:63:86:30:bd:58:0a:b5:8e:e4:8d:f1:ac:9d:ac:
ea:a7:e6:e0:d6:49:90:62:4e:67:70:aa:04:e4:3c:6e:04:99:
db:19:fa:04:1e:79:e6:69:3b:14:f6:e5:ca:74:63:00:bb:cc:
e9:06:61:8b:85:9d:71:8e:6b:91:c8:68:27:48:13:08:01:47:
28:9c:b9:07:75:db:ef:28:44:85:19:13:2f:d0:c9:4f:0e:47:
ac:dd:4f:b3:f2:d9:92:80:88:ba:23:94:1a:7c:c4:7f:c8:4c:
c6:4d:87:92
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEBSwYgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDYw
MjA3NDUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJlZTg4ZDc5NjZj
MmM0ZjY4Y2Q0OGFjNzE1MGIwMjRhZDgzM2M4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMb7X8TrgdCCMWQ3me42mosM6WwgskVOKv4B6xkcmXgnANS4
uN69ekPcab6a2Wi9wya4AglF/sg5JeYBwXg6+jXjOAO1X73BOL9/qZhEd3k263au
aF0bwEspw9D91Fz5uDarZj412JDgj/30P7XuVJp4UsXiXF030Ssh/S+x/QFwzI/O
ZwaQ+Rmh3Ze3qN+SgBl/wHLoqyhZGQaccfuqCIdkaV03X0r21OvUgKlIkHYLFmYD
FUpcZMsi7Ygap5AA4WfGT4IBCSwqtneugysf5ijX7WJhpksLU4fJ9yTAfKOgoz2q
BzsNukg6PJgwl/JhWxZqLIMB611M7RP/fb3HEcUCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBRy7ojXlmwsT2jNSKxxULAkrYM8gDAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
L2N1NkkxNVpzTEU5b3pVaXNjVkN3SksyRFBJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wVgQCAAEwUAMDAT4aAwMAPpADAwA+9gMEBE+MsAME
BFBTYAMDAVXUAwQCudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQFw06gAwMAw7kD
AwDUrAMDANU2MBQEAgACMA4DBQEgAUCQAwUAKgEFyDANBgkqhkiG9w0BAQsFAAOC
AQEAoHfYLoF4O9YCyFr3ucPqehijuKP37kCXGBpKySkdteXnRKjUonRLV0kXjcKK
UOqmdqXuSSVTDVL6a9BqyNb0oxfde04A7bFzWD+wijgkVcM6R35tvgdDQJ7Gctyc
XCNxOAYfln5+UOa1fWVTvMIsSu/9hyxmjya/xe0B2hX22Nfju4GG2C4WgSIZST3O
pY/AoUOBAWOGML1YCrWO5I3xrJ2s6qfm4NZJkGJOZ3CqBOQ8bgSZ2xn6BB555mk7
FPblynRjALvM6QZhi4WdcY5rkchoJ0gTCAFHKJy5B3Xb7yhEhRkTL9DJTw5HrN1P
s/LZkoCIuiOUGnzEf8hMxk2Hkg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:55 2025 by rpki-client