Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/hTic0LH8ezeaTkRyXvvog7kVMto.roa
File: hTic0LH8ezeaTkRyXvvog7kVMto.roa (raw, json)
Hash identifier: dX4m0Fmu+/XV+XAPEAelMn2i2tmiu83qPxAYK6Xtv7g=
Subject key identifier: 85:38:9C:D0:B1:FC:7B:37:9A:4E:44:72:5E:FB:E8:83:B9:15:32:DA
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 0185C553C59283FE12C85622AF31E10782F6
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/hTic0LH8ezeaTkRyXvvog7kVMto.roa
Signing time: Wed 18 Jan 2023 14:41:19 +0000
ROA not before: Wed 18 Jan 2023 14:41:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12312
IP address blocks: 212.172.0.0/16 maxlen: 16
85.212.128.0/17 maxlen: 17
85.212.128.0/18 maxlen: 18
195.78.160.0/19 maxlen: 19
194.162.0.0/16 maxlen: 16
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
85.212.64.0/18 maxlen: 18
213.54.0.0/16 maxlen: 16
62.246.0.0/16 maxlen: 16
85.212.0.0/18 maxlen: 18
85.212.0.0/17 maxlen: 17
195.52.0.0/16 maxlen: 23
85.212.0.0/16 maxlen: 16
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 23
185.210.52.0/22 maxlen: 22
85.212.192.0/18 maxlen: 18
195.185.0.0/16 maxlen: 16
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c5:53:c5:92:83:fe:12:c8:56:22:af:31:e1:07:82:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 18 14:41:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85389cd0b1fc7b379a4e44725efbe883b91532da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:73:57:08:26:94:92:7e:07:e1:f4:2d:1d:0e:
37:f3:2a:dd:86:4f:3b:1b:ba:3b:76:3d:1a:d6:29:
f1:7d:7b:ee:31:bd:9f:78:e3:ba:7f:a7:0e:5f:f0:
72:eb:8d:3d:ae:06:14:36:ba:27:4c:3e:c9:5a:5e:
8b:22:7f:18:82:0a:b8:8d:85:2c:5f:97:39:0c:13:
df:89:5e:31:b1:9d:8e:31:ff:b0:e4:df:28:5d:8e:
80:8a:be:b0:a8:34:f0:16:d7:4d:bc:63:41:b9:5d:
7b:a0:d1:24:53:f3:c6:a0:c4:0e:1e:fb:4a:73:59:
f1:62:79:76:ff:cd:e7:00:cb:1f:14:b5:a8:40:ac:
05:df:bf:aa:4b:f2:06:d5:13:8c:a3:74:54:a2:bd:
7d:32:14:0f:37:a5:f7:14:1b:0b:ad:3d:d6:fd:bb:
9d:d6:33:d1:5e:3e:8f:cf:d1:80:e5:4b:fb:75:15:
82:4d:f4:ac:71:7b:d3:75:11:3e:67:93:8f:2a:e2:
13:d1:e1:17:08:33:9e:92:3d:88:6e:43:57:a3:74:
1c:b9:cb:da:45:26:2b:90:2f:c2:50:46:9b:a5:a3:
61:d5:73:d9:bd:38:4b:05:c8:f6:fb:68:c0:9f:71:
7f:53:9e:c7:a7:a8:a1:09:2a:de:ac:17:66:3a:2d:
14:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:38:9C:D0:B1:FC:7B:37:9A:4E:44:72:5E:FB:E8:83:B9:15:32:DA
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/hTic0LH8ezeaTkRyXvvog7kVMto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/16
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
08:4d:e1:b4:20:24:4b:ba:b8:1e:63:1f:65:ca:9c:ce:71:36:
66:84:9e:6a:32:9d:40:54:b4:ac:05:28:a2:dc:a1:6e:47:d8:
2d:88:bf:85:76:ff:89:4e:90:84:3a:3d:51:0c:7a:3e:f0:42:
5a:6e:31:b6:c0:1c:80:6c:ae:45:38:52:93:07:60:39:0d:53:
a9:f0:a3:25:c3:0b:3a:23:75:a1:79:9e:09:c7:57:64:22:e8:
ca:95:6a:e4:6b:a9:59:46:ce:eb:f8:45:ae:5d:cb:ff:01:76:
ba:b8:44:6a:71:7e:d7:3b:aa:9a:02:84:b4:0c:09:2f:07:96:
a2:6d:31:d2:8f:9d:b7:4e:89:9b:d7:53:cd:bf:ef:ee:ec:17:
21:90:59:d9:7c:f4:ad:f3:70:2e:72:4d:7a:7a:1d:7c:2c:24:
61:25:d6:da:f4:2c:87:54:c3:1c:9f:22:a6:ff:09:b0:7f:ee:
13:b2:99:57:71:4d:70:5e:dc:f3:8e:ad:53:6e:ee:8a:bc:6c:
5d:84:a1:5d:b2:6d:30:62:e5:e6:2a:8c:ac:bf:99:cd:80:90:
4d:43:0d:90:3a:b2:89:78:2c:e4:ec:c0:d1:d6:24:ad:e0:24:
21:5f:59:0a:b5:a5:0c:2a:30:17:45:8f:99:08:d6:91:a3:df:
5f:77:05:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYXFU8WSg/4SyFYirzHhB4L2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjMwMTE4MTQ0MTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM4OWNkMGIxZmM3YjM3OWE0ZTQ0NzI1ZWZiZTg4M2I5MTUzMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XNXCCaUkn4H4fQtHQ438yrdhk87
G7o7dj0a1inxfXvuMb2feOO6f6cOX/By6409rgYUNronTD7JWl6LIn8Yggq4jYUs
X5c5DBPfiV4xsZ2OMf+w5N8oXY6Air6wqDTwFtdNvGNBuV17oNEkU/PGoMQOHvtK
c1nxYnl2/83nAMsfFLWoQKwF37+qS/IG1ROMo3RUor19MhQPN6X3FBsLrT3W/bud
1jPRXj6Pz9GA5Uv7dRWCTfSscXvTdRE+Z5OPKuIT0eEXCDOekj2IbkNXo3Qcucva
RSYrkC/CUEabpaNh1XPZvThLBcj2+2jAn3F/U57Hp6ihCSrerBdmOi0UmQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIU4nNCx/Hs3mk5Ecl776IO5FTLaMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvaFRpYzBMSDhlemVhVGtSeVh2dm9nN2tWTXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwMAVdQDBAK50jQDBATCcBADAwDCogMDAMM0AwMA
wz8DBAXDTqADAwDDuQMDANSsAwMA1TYwFAQCAAIwDgMFASABQJADBQAqAQXIMA0G
CSqGSIb3DQEBCwUAA4IBAQAITeG0ICRLurgeYx9lypzOcTZmhJ5qMp1AVLSsBSii
3KFuR9gtiL+Fdv+JTpCEOj1RDHo+8EJabjG2wByAbK5FOFKTB2A5DVOp8KMlwws6
I3WheZ4Jx1dkIujKlWrka6lZRs7r+EWuXcv/AXa6uERqcX7XO6qaAoS0DAkvB5ai
bTHSj523Tomb11PNv+/u7BchkFnZfPSt83Auck16eh18LCRhJdba9CyHVMMcnyKm
/wmwf+4TsplXcU1wXtzzjq1Tbu6KvGxdhKFdsm0wYuXmKoysv5nNgJBNQw2QOrKJ
eCzk7MDR1iSt4CQhX1kKtaUMKjAXRY+ZCNaRo99fdwUN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org