Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/xMbQMtWhHAiWxyQfy9JJTdM6vRA.roa
File: xMbQMtWhHAiWxyQfy9JJTdM6vRA.roa (raw, json)
Hash identifier: 8yitqiXCNlys2E2AiMKMS52j0CpDfJfO9t1jOuWSULY=
Subject key identifier: C4:C6:D0:32:D5:A1:1C:08:96:C7:24:1F:CB:D2:49:4D:D3:3A:BD:10
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 03D27CEF
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/xMbQMtWhHAiWxyQfy9JJTdM6vRA.roa
Signing time: Sat 01 Jan 2022 10:02:16 +0000
ROA not before: Sat 01 Jan 2022 10:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12312
IP address blocks: 195.247.0.0/16 maxlen: 16
195.78.160.0/19 maxlen: 19
212.122.128.0/19 maxlen: 22
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
83.129.0.0/16 maxlen: 16
85.212.0.0/18 maxlen: 18
195.52.0.0/16 maxlen: 16
85.212.0.0/15 maxlen: 15
185.210.52.0/22 maxlen: 22
195.254.0.0/17 maxlen: 17
195.185.0.0/16 maxlen: 16
212.172.0.0/16 maxlen: 16
85.212.128.0/18 maxlen: 18
194.162.0.0/16 maxlen: 16
195.20.64.0/19 maxlen: 19
85.212.64.0/18 maxlen: 18
213.54.0.0/16 maxlen: 16
62.246.0.0/16 maxlen: 16
212.255.0.0/16 maxlen: 16
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 15
85.212.192.0/18 maxlen: 18
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64126191 (0x3d27cef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 1 10:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4c6d032d5a11c0896c7241fcbd2494dd33abd10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e7:dc:6e:e5:46:b8:ea:17:47:72:5f:3c:7e:
2c:c6:ed:ed:e0:a5:4a:16:fd:4e:43:0d:cb:af:ee:
1d:57:14:28:3c:f0:58:71:81:c1:fd:11:07:3d:7d:
dd:e5:6a:1b:af:c6:23:bd:93:1d:d9:04:f6:c4:74:
c3:86:09:18:74:ec:99:5a:cc:a2:a2:e4:34:7b:33:
ce:67:be:e3:bf:43:55:7d:15:9b:a4:b4:69:e6:d4:
b5:0e:52:71:b9:51:2d:94:19:42:b4:16:06:36:97:
28:73:3d:ab:3e:c9:ba:5c:b8:3c:60:36:66:4d:0c:
77:61:1d:fb:59:1a:f6:83:a8:4b:5e:d8:0c:f8:d4:
14:1b:31:ff:0f:88:0b:a8:5d:e1:5a:b0:e8:5e:dd:
b3:0d:99:b8:e0:56:6b:87:f5:e7:24:0d:c7:f3:85:
16:82:2f:90:7b:87:69:ab:8f:d7:16:fe:d5:16:53:
82:7f:87:5c:23:f0:88:f9:98:f4:cc:20:8d:dd:32:
b8:6a:17:56:d7:b6:d0:bd:02:4d:94:d8:02:3e:b2:
f2:74:b1:09:37:43:aa:7f:fa:6e:a4:2a:09:ff:5a:
17:09:f3:02:e1:a3:68:16:a9:ce:a6:6d:69:8a:f3:
35:1d:9d:8e:20:38:6e:b9:b6:8c:7a:cc:ab:b2:b8:
2e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C6:D0:32:D5:A1:1C:08:96:C7:24:1F:CB:D2:49:4D:D3:3A:BD:10
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/xMbQMtWhHAiWxyQfy9JJTdM6vRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
83.129.0.0/16
85.212.0.0/15
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.20.64.0/19
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
195.247.0.0/16
195.254.0.0/17
212.122.128.0/19
212.172.0.0/16
212.255.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
27:13:6d:ef:ac:90:5a:97:e0:c6:18:57:e3:fa:0e:87:90:3f:
b2:b4:34:3f:37:f4:0c:67:1f:f9:2f:db:1c:4c:b3:51:ae:34:
74:be:81:10:ee:1e:a1:0f:2e:47:88:fe:b8:82:32:50:97:ca:
ee:4c:db:3e:0a:9d:d6:7d:8a:ec:b9:1f:cb:31:43:e0:4a:4e:
78:42:99:78:cb:c8:8f:1e:ba:68:c8:31:4f:a0:97:69:5b:f2:
9d:16:c6:3f:f7:5b:31:5f:7b:8a:27:a4:41:83:ff:b9:c7:c6:
0a:1b:c2:4a:16:75:10:ea:66:b5:2d:2b:5a:87:76:a5:13:d3:
74:6f:b1:11:69:ce:92:fe:85:f8:83:63:56:b0:6d:b6:00:b4:
40:59:64:38:ad:a2:d9:7c:54:1c:18:9d:e0:7f:fa:fb:08:2c:
5f:cd:13:9c:9a:3a:a1:d9:26:99:12:4a:50:67:c5:0e:e4:cb:
f7:c6:0e:82:35:e5:25:4a:92:86:17:f8:83:29:4a:f6:c3:03:
bf:da:93:fe:f2:d0:57:37:4c:38:ac:37:3d:19:23:63:d5:c7:
3f:c9:cf:36:d7:a9:76:5d:44:e9:90:40:7e:8f:d3:6e:ef:c1:
59:30:73:21:f2:8c:27:82:35:3a:1d:d6:1e:af:22:63:de:24:
3e:0d:b7:98
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIEA9J87zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDEw
MTEwMDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRjNmQwMzJkNWEx
MWMwODk2YzcyNDFmY2JkMjQ5NGRkMzNhYmQxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfn3G7lRrjqF0dyXzx+LMbt7eClShb9TkMNy6/uHVcUKDzw
WHGBwf0RBz193eVqG6/GI72THdkE9sR0w4YJGHTsmVrMoqLkNHszzme+479DVX0V
m6S0aebUtQ5ScblRLZQZQrQWBjaXKHM9qz7July4PGA2Zk0Md2Ed+1ka9oOoS17Y
DPjUFBsx/w+IC6hd4Vqw6F7dsw2ZuOBWa4f15yQNx/OFFoIvkHuHaauP1xb+1RZT
gn+HXCPwiPmY9Mwgjd0yuGoXVte20L0CTZTYAj6y8nSxCTdDqn/6bqQqCf9aFwnz
AuGjaBapzqZtaYrzNR2djiA4brm2jHrMq7K4LkUCAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBTExtAy1aEcCJbHJB/L0klN0zq9EDAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
L3hNYlFNdFdoSEFpV3h5UWZ5OUpKVGRNNnZSQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wdwQCAAEwcQMDAT4aAwMAPpADAwA+9gMEBE+M
sAMEBFBTYAMDAFOBAwMBVdQDBAK50jQDBATCcBADAwDCogMEBcMUQAMDAMM0AwMA
wz8DBAXDTqADAwDDuQMDAMP3AwQHw/4AAwQF1HqAAwMA1KwDAwDU/wMDANU2MBQE
AgACMA4DBQEgAUCQAwUAKgEFyDANBgkqhkiG9w0BAQsFAAOCAQEAJxNt76yQWpfg
xhhX4/oOh5A/srQ0Pzf0DGcf+S/bHEyzUa40dL6BEO4eoQ8uR4j+uIIyUJfK7kzb
Pgqd1n2K7LkfyzFD4EpOeEKZeMvIjx66aMgxT6CXaVvynRbGP/dbMV97iiekQYP/
ucfGChvCShZ1EOpmtS0rWod2pRPTdG+xEWnOkv6F+INjVrBttgC0QFlkOK2i2XxU
HBid4H/6+wgsX80TnJo6odkmmRJKUGfFDuTL98YOgjXlJUqShhf4gylK9sMDv9qT
/vLQVzdMOKw3PRkjY9XHP8nPNtepdl1E6ZBAfo/Tbu/BWTBzIfKMJ4I1Oh3WHq8i
Y94kPg23mA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:00 2025 by rpki-client