Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/jTSLt3mkXm3Hu_olHE-j3xdqxr4.roa
File: jTSLt3mkXm3Hu_olHE-j3xdqxr4.roa (raw, json)
Hash identifier: zo50X8MVMQBAgyM66LtstWhAF2Ulxc1yVDfsAEliVX8=
Subject key identifier: 8D:34:8B:B7:79:A4:5E:6D:C7:BB:FA:25:1C:4F:A3:DF:17:6A:C6:BE
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01826E893A9D55FE092B01AB5A585D2652F7
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/jTSLt3mkXm3Hu_olHE-j3xdqxr4.roa
Signing time: Fri 05 Aug 2022 15:04:23 +0000
ROA not before: Fri 05 Aug 2022 15:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12312
IP address blocks: 212.172.0.0/16 maxlen: 16
85.212.128.0/17 maxlen: 17
85.212.128.0/18 maxlen: 18
195.78.160.0/19 maxlen: 19
194.162.0.0/16 maxlen: 16
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
85.212.64.0/18 maxlen: 18
62.246.0.0/16 maxlen: 16
213.54.0.0/16 maxlen: 16
85.212.0.0/18 maxlen: 18
85.212.0.0/17 maxlen: 17
195.52.0.0/16 maxlen: 16
85.212.0.0/16 maxlen: 16
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 15
185.210.52.0/22 maxlen: 22
85.212.192.0/18 maxlen: 18
195.185.0.0/16 maxlen: 16
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6e:89:3a:9d:55:fe:09:2b:01:ab:5a:58:5d:26:52:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Aug 5 15:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d348bb779a45e6dc7bbfa251c4fa3df176ac6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:82:97:af:7f:ef:73:fe:dd:d7:0c:2a:01:4a:
87:6b:51:7a:30:4f:e5:b9:50:fa:4d:37:cf:ed:fe:
24:dc:46:61:ee:e6:16:7f:59:e7:a0:30:2f:43:06:
80:e1:59:1a:f8:21:ba:cf:2b:82:d9:fe:70:07:05:
96:f5:e7:a9:0b:0f:6c:90:a6:f5:0c:7b:4c:80:4f:
68:e9:60:31:eb:67:f1:26:55:1a:9b:fa:62:94:eb:
cd:6e:ab:35:60:6b:3e:41:6e:48:9c:38:62:6c:65:
f3:1b:a0:e1:01:81:59:4b:fa:c4:21:25:d2:02:a4:
ea:3d:5d:e2:34:ed:66:3c:37:1f:dc:ba:74:36:32:
05:52:50:32:b3:ec:0b:3e:50:4f:44:86:90:dd:9b:
55:4d:cc:ec:ab:2a:f4:4e:da:e0:46:40:99:6b:b8:
53:e9:95:2e:e9:17:a3:f4:ab:f6:b3:6b:64:20:65:
b5:50:ea:14:b5:de:a0:39:65:b8:19:50:58:9e:9f:
15:f3:69:16:38:d3:ac:e8:3f:68:73:83:17:72:1d:
6b:b9:92:9b:b8:39:bd:d8:bc:57:80:33:6b:ee:62:
65:26:c1:37:15:c0:91:b6:a8:e0:4e:ae:81:59:f9:
19:84:45:5a:e5:7a:67:74:b0:97:07:fe:df:b8:a3:
9c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:34:8B:B7:79:A4:5E:6D:C7:BB:FA:25:1C:4F:A3:DF:17:6A:C6:BE
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/jTSLt3mkXm3Hu_olHE-j3xdqxr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
85.212.0.0/16
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
8e:73:00:21:e2:bf:a1:d8:81:12:51:74:f1:a7:1e:20:15:ae:
30:d5:50:23:33:8d:1e:8e:41:69:16:86:e9:34:de:8f:9c:c1:
60:08:81:32:d3:a4:fe:5c:0a:91:25:67:be:8d:ac:34:b7:c4:
ee:38:b2:00:e0:51:b1:b9:24:26:fd:2a:32:c5:22:bd:d2:55:
5c:23:a3:bc:be:f8:0c:82:1c:e6:b7:f5:3f:1e:1d:4d:5a:85:
8a:ad:42:65:5e:26:ec:04:bc:0a:01:66:5c:93:7c:9f:8c:c9:
46:f9:7d:7b:69:f0:b3:ac:03:c8:70:a3:20:77:77:c0:eb:81:
06:76:1d:f8:7d:b0:1e:64:17:bb:ce:38:07:c9:a1:13:1a:0b:
53:1f:4f:eb:8b:8e:e8:35:82:17:97:4b:bc:95:12:12:5c:12:
9c:2f:a1:e2:13:9a:49:fe:c1:fd:0a:5a:58:b8:7e:d6:03:ca:
09:85:3d:43:8a:bc:f6:51:62:2d:2e:a8:71:5f:7d:7f:53:5e:
43:9d:88:76:42:2d:56:48:7d:fa:4b:3f:ee:1b:2f:1b:90:64:
39:97:ee:aa:5b:58:98:a5:bd:d5:4e:34:22:ca:f5:5d:11:b2:
3f:c6:7d:70:34:76:73:93:ba:bf:ca:3f:39:90:7b:ab:47:96:
3e:99:fd:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYJuiTqdVf4JKwGrWlhdJlL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjIwODA1MTUwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM0OGJiNzc5YTQ1ZTZkYzdiYmZhMjUxYzRmYTNkZjE3NmFjNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4KXr3/vc/7d1wwqAUqHa1F6ME/l
uVD6TTfP7f4k3EZh7uYWf1nnoDAvQwaA4Vka+CG6zyuC2f5wBwWW9eepCw9skKb1
DHtMgE9o6WAx62fxJlUam/pilOvNbqs1YGs+QW5InDhibGXzG6DhAYFZS/rEISXS
AqTqPV3iNO1mPDcf3Lp0NjIFUlAys+wLPlBPRIaQ3ZtVTczsqyr0TtrgRkCZa7hT
6ZUu6Rej9Kv2s2tkIGW1UOoUtd6gOWW4GVBYnp8V82kWONOs6D9oc4MXch1ruZKb
uDm92LxXgDNr7mJlJsE3FcCRtqjgTq6BWfkZhEVa5XpndLCXB/7fuKOcowIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFI00i7d5pF5tx7v6JRxPo98Xasa+MB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvalRTTHQzbWtYbTNIdV9vbEhFLWozeGRxeHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwMAVdQDBAK50jQDBATCcBADAwDCogMDAMM0AwMA
wz8DBAXDTqADAwDDuQMDANSsAwMA1TYwFAQCAAIwDgMFASABQJADBQAqAQXIMA0G
CSqGSIb3DQEBCwUAA4IBAQCOcwAh4r+h2IESUXTxpx4gFa4w1VAjM40ejkFpFobp
NN6PnMFgCIEy06T+XAqRJWe+jaw0t8TuOLIA4FGxuSQm/SoyxSK90lVcI6O8vvgM
ghzmt/U/Hh1NWoWKrUJlXibsBLwKAWZck3yfjMlG+X17afCzrAPIcKMgd3fA64EG
dh34fbAeZBe7zjgHyaETGgtTH0/ri47oNYIXl0u8lRISXBKcL6HiE5pJ/sH9ClpY
uH7WA8oJhT1Dirz2UWItLqhxX31/U15DnYh2Qi1WSH36Sz/uGy8bkGQ5l+6qW1iY
pb3VTjQiyvVdEbI/xn1wNHZzk7q/yj85kHurR5Y+mf1G
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:52 2025 by rpki-client