Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/yPOLvM3GjtGWJlpaVxmJnA4ayxw.roa
File: yPOLvM3GjtGWJlpaVxmJnA4ayxw.roa (raw, json)
Hash identifier: K13JDa17K9Vg+1s6yyJHrsjzZZMO/hW7O4mIFoDWSMc=
Subject key identifier: C8:F3:8B:BC:CD:C6:8E:D1:96:26:5A:5A:57:19:89:9C:0E:1A:CB:1C
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01918E738B24DAD934CF0343DD043478AC53
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/yPOLvM3GjtGWJlpaVxmJnA4ayxw.roa
Signing time: Mon 26 Aug 2024 11:30:22 +0000
ROA not before: Mon 26 Aug 2024 11:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 62.26.0.0/15 maxlen: 24
62.144.0.0/16 maxlen: 24
62.246.0.0/16 maxlen: 24
79.140.176.0/20 maxlen: 24
80.83.96.0/20 maxlen: 24
185.210.52.0/23 maxlen: 24
194.112.16.0/20 maxlen: 24
194.162.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
195.63.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
195.185.0.0/16 maxlen: 24
212.172.0.0/16 maxlen: 24
2001:4090::/32 maxlen: 48
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:73:8b:24:da:d9:34:cf:03:43:dd:04:34:78:ac:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Aug 26 11:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8f38bbccdc68ed196265a5a5719899c0e1acb1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:69:87:79:c8:68:46:f6:03:5a:e7:8a:18:b7:
ff:e5:79:d8:aa:e1:5b:a9:ff:14:0b:18:36:20:52:
ae:e6:99:e5:5a:03:dd:f8:87:2f:e9:30:b4:65:a5:
3c:07:5c:1a:59:dd:01:de:8c:6c:1b:fd:a2:9e:13:
db:8c:6e:ea:76:86:bd:ca:b5:5a:c0:a4:3f:43:e1:
8c:f5:ce:4b:e5:fb:b1:82:dd:e6:92:f3:b8:e6:25:
d2:20:d1:e8:66:ac:d3:dd:8e:73:8b:b1:53:80:c7:
37:ce:31:55:21:96:29:7b:80:71:14:94:ca:04:4a:
40:0a:30:f7:90:0e:a0:43:46:c5:db:74:76:95:05:
0b:c4:92:1e:1b:d7:1c:f2:94:ed:06:c8:d7:c1:21:
e0:fc:e9:38:d5:b0:66:0e:99:d5:69:4e:8e:34:df:
2c:2c:f3:f5:fb:40:ec:6f:18:c1:76:15:4f:09:5c:
bd:01:76:dd:40:9e:fa:14:02:da:ee:5d:31:91:30:
4d:50:be:21:92:79:e7:cf:9f:fa:f3:46:0e:36:a5:
b2:1f:8e:fc:d2:9e:22:6f:ad:60:0e:19:cb:76:1f:
7e:36:4b:4e:33:fd:19:b3:a1:64:ac:02:c1:bc:41:
b2:42:7a:ef:ad:31:0c:58:e6:56:af:a7:c0:76:a0:
bc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F3:8B:BC:CD:C6:8E:D1:96:26:5A:5A:57:19:89:9C:0E:1A:CB:1C
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/yPOLvM3GjtGWJlpaVxmJnA4ayxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
185.210.52.0/23
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
8d:96:26:fc:d0:d6:e4:27:3d:e3:cf:89:af:08:05:0c:30:d2:
0c:8a:71:56:e4:8e:1f:02:35:5d:3a:71:6f:02:e5:19:c1:0a:
8e:ff:04:1b:c3:97:1a:1d:12:55:7f:1c:b3:32:c2:42:9f:f8:
3f:38:21:e1:38:58:9e:54:c6:2d:6e:c9:5e:08:24:75:da:59:
9b:20:74:95:ac:cf:79:79:af:10:4d:cc:9d:1b:5c:52:26:0a:
ad:eb:84:67:d3:6b:56:af:de:fe:9c:9a:3d:2a:ac:c6:f1:63:
f7:b8:82:5f:f7:11:73:33:32:cc:db:30:87:1b:86:60:9d:91:
aa:11:43:06:c3:6a:a9:0d:f8:6f:7b:29:ec:b1:ba:e0:46:13:
f6:28:f8:b9:6d:97:27:3f:a6:09:09:44:b4:bf:c0:44:f8:82:
ee:36:9f:8f:17:6e:b0:74:3f:a3:27:2b:2f:e2:95:f4:15:73:
10:75:06:68:44:84:93:76:a9:d3:a5:91:0f:92:c5:09:e9:22:
70:f7:c6:c5:80:ce:50:17:20:a5:5f:78:95:a7:a1:36:09:65:
c1:17:de:f1:02:83:e1:64:e7:37:b4:7c:ba:96:af:a5:08:b7:
f4:e8:53:fb:51:3a:e5:4f:7e:c0:a2:19:49:64:93:51:03:da:
c7:ed:8c:7c
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZGOc4sk2tk0zwND3QQ0eKxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjQwODI2MTEzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYzOGJiY2NkYzY4ZWQxOTYyNjVhNWE1NzE5ODk5YzBlMWFjYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2mHechoRvYDWueKGLf/5XnYquFb
qf8UCxg2IFKu5pnlWgPd+Icv6TC0ZaU8B1waWd0B3oxsG/2inhPbjG7qdoa9yrVa
wKQ/Q+GM9c5L5fuxgt3mkvO45iXSINHoZqzT3Y5zi7FTgMc3zjFVIZYpe4BxFJTK
BEpACjD3kA6gQ0bF23R2lQULxJIeG9cc8pTtBsjXwSHg/Ok41bBmDpnVaU6ONN8s
LPP1+0DsbxjBdhVPCVy9AXbdQJ76FALa7l0xkTBNUL4hknnnz5/680YONqWyH478
0p4ib61gDhnLdh9+NktOM/0Zs6FkrALBvEGyQnrvrTEMWOZWr6fAdqC8TQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFMjzi7zNxo7RliZaWlcZiZwOGsscMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEveVBPTHZNM0dqdEdXSmxwYVZ4bUpuQTRheXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBMBAIAATBGAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwQBudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQF
w06gAwMAw7kDAwDUrDAUBAIAAjAOAwUBIAFAkAMFACoBBcgwDQYJKoZIhvcNAQEL
BQADggEBAI2WJvzQ1uQnPePPia8IBQww0gyKcVbkjh8CNV06cW8C5RnBCo7/BBvD
lxodElV/HLMywkKf+D84IeE4WJ5Uxi1uyV4IJHXaWZsgdJWsz3l5rxBNzJ0bXFIm
Cq3rhGfTa1av3v6cmj0qrMbxY/e4gl/3EXMzMszbMIcbhmCdkaoRQwbDaqkN+G97
KeyxuuBGE/Yo+Lltlyc/pgkJRLS/wET4gu42n48XbrB0P6MnKy/ilfQVcxB1BmhE
hJN2qdOlkQ+SxQnpInD3xsWAzlAXIKVfeJWnoTYJZcEX3vECg+Fk5ze0fLqWr6UI
t/ToU/tROuVPfsCiGUlkk1ED2sftjHw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:02 2025 by rpki-client