Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/6bcac1-e30f-4ba7-a74e-741d55c99802/1/t4KYegiR9nAn-HHvoQtvfDI5GEU.roa
File: t4KYegiR9nAn-HHvoQtvfDI5GEU.roa (raw, json)
Hash identifier: sMs4anRmfEEVjnRaoD9WE7JUmyj32CsUSxagesaP354=
Subject key identifier: B7:82:98:7A:08:91:F6:70:27:F8:71:EF:A1:0B:6F:7C:32:39:18:45
Certificate issuer: /CN=cc13be84718f551c241477f22a041c734eb97dc5
Certificate serial: 0405C0EB
Authority key identifier: CC:13:BE:84:71:8F:55:1C:24:14:77:F2:2A:04:1C:73:4E:B9:7D:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zBO-hHGPVRwkFHfyKgQcc065fcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/6bcac1-e30f-4ba7-a74e-741d55c99802/1/t4KYegiR9nAn-HHvoQtvfDI5GEU.roa
Signing time: Sat 01 Jan 2022 13:56:43 +0000
ROA not before: Sat 01 Jan 2022 13:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199274
IP address blocks: 194.177.20.0/22 maxlen: 24
176.112.192.0/19 maxlen: 24
176.103.128.0/19 maxlen: 24
185.22.60.0/22 maxlen: 24
91.239.26.0/23 maxlen: 24
2a00:5a60::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67485931 (0x405c0eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc13be84718f551c241477f22a041c734eb97dc5
Validity
Not Before: Jan 1 13:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b782987a0891f67027f871efa10b6f7c32391845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:f7:a6:d2:d9:09:23:e1:47:42:8a:74:0c:
ec:d1:d4:ee:b0:44:3a:a3:33:16:62:12:6f:34:ed:
13:e0:51:6d:88:33:b3:45:9e:5b:f9:26:3b:86:f5:
86:42:64:74:fa:4e:14:e1:41:8a:cc:ad:cd:45:26:
89:98:c3:a2:33:e9:0b:48:49:fd:e1:2a:81:e2:d1:
c9:d2:11:a7:c1:73:8c:ab:3e:a7:70:0b:ae:0f:bc:
16:63:8f:24:51:57:5d:5b:aa:e5:6d:e9:fd:cc:ab:
f5:f7:1c:54:5a:d7:fc:6c:e8:6f:87:75:84:6e:ce:
60:b3:6e:fa:b8:bc:17:ef:19:03:d0:ad:2a:33:f5:
4f:11:17:a6:ba:8f:49:1f:2c:46:84:7a:e6:35:c4:
e7:54:c6:64:03:df:da:0a:db:78:71:b8:86:95:be:
6a:cc:57:68:6d:69:3f:0b:78:60:4f:40:14:93:a6:
60:a6:4f:e7:3b:f5:08:f4:1b:8e:c0:0b:68:ed:c5:
e5:4d:c1:1e:60:2e:79:7f:3b:a6:7e:2f:28:66:7d:
ef:db:c7:92:e5:3c:2d:ab:cb:f6:86:37:18:62:bc:
e0:6a:10:a1:cd:8a:1e:18:42:c7:ce:b7:a0:4c:7e:
e0:b9:12:b2:1f:25:87:81:3c:6b:a9:8c:54:f4:fc:
ee:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:82:98:7A:08:91:F6:70:27:F8:71:EF:A1:0B:6F:7C:32:39:18:45
X509v3 Authority Key Identifier:
keyid:CC:13:BE:84:71:8F:55:1C:24:14:77:F2:2A:04:1C:73:4E:B9:7D:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zBO-hHGPVRwkFHfyKgQcc065fcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/6bcac1-e30f-4ba7-a74e-741d55c99802/1/t4KYegiR9nAn-HHvoQtvfDI5GEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/6bcac1-e30f-4ba7-a74e-741d55c99802/1/zBO-hHGPVRwkFHfyKgQcc065fcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.26.0/23
176.103.128.0/19
176.112.192.0/19
185.22.60.0/22
194.177.20.0/22
IPv6:
2a00:5a60::/32
Signature Algorithm: sha256WithRSAEncryption
47:d2:41:f0:2c:6f:55:88:8e:47:c1:e6:a9:c1:87:fe:da:3b:
08:0d:de:d3:3e:7b:96:a5:a9:fc:45:b5:65:96:ec:df:b4:3d:
82:d0:5e:b5:d8:23:de:27:ac:8e:22:06:7a:9b:6e:3d:8c:f6:
b3:c5:9a:ea:bc:71:b4:59:3d:ec:6f:d0:76:c5:11:1f:77:88:
57:27:d0:75:e7:f5:c1:3a:de:41:bf:19:b8:a1:53:b8:6d:b0:
19:64:5e:3e:b6:29:35:9e:96:e7:33:7b:89:07:83:62:f8:6b:
46:e4:14:dd:59:da:70:1a:71:ca:07:b9:27:f9:db:e8:95:ed:
9a:82:91:8d:b9:41:29:61:80:e0:27:a8:47:d2:3e:e2:26:b4:
bb:a4:8d:14:9a:81:c1:4a:e4:64:0e:3b:77:bc:a1:d5:0b:20:
bc:58:aa:ff:60:d5:f2:9a:b9:74:33:79:7f:85:4d:49:0a:da:
0f:4f:87:10:4e:0f:da:72:35:95:69:82:e5:f6:1a:34:7c:8a:
71:e9:0c:3b:07:b0:58:6d:db:7f:dd:69:12:fc:b3:70:12:ad:
53:b0:bd:31:c8:af:f4:24:8c:af:40:13:cb:09:25:66:29:7e:
8a:2b:f3:1a:37:24:c8:f5:25:12:71:12:a8:d6:f0:e4:77:73:
62:0a:42:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBAXA6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YzEzYmU4NDcxOGY1NTFjMjQxNDc3ZjIyYTA0MWM3MzRlYjk3ZGM1MB4XDTIyMDEw
MTEzNTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc4Mjk4N2EwODkx
ZjY3MDI3Zjg3MWVmYTEwYjZmN2MzMjM5MTg0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUz96bS2Qkj4UdCinQM7NHU7rBEOqMzFmISbzTtE+BRbYgz
s0WeW/kmO4b1hkJkdPpOFOFBisytzUUmiZjDojPpC0hJ/eEqgeLRydIRp8FzjKs+
p3ALrg+8FmOPJFFXXVuq5W3p/cyr9fccVFrX/Gzob4d1hG7OYLNu+ri8F+8ZA9Ct
KjP1TxEXprqPSR8sRoR65jXE51TGZAPf2grbeHG4hpW+asxXaG1pPwt4YE9AFJOm
YKZP5zv1CPQbjsALaO3F5U3BHmAueX87pn4vKGZ979vHkuU8LavL9oY3GGK84GoQ
oc2KHhhCx863oEx+4LkSsh8lh4E8a6mMVPT87qUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS3gph6CJH2cCf4ce+hC298MjkYRTAfBgNVHSMEGDAWgBTME76EcY9VHCQU
d/IqBBxzTrl9xTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pCTy1oSEdQVlJ3a0ZIZnlLZ1FjYzA2NWZjVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvNmJjYWMxLWUzMGYtNGJhNy1hNzRlLTc0MWQ1NWM5OTgwMi8x
L3Q0S1llZ2lSOW5Bbi1ISHZvUXR2ZkRJNUdFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
NmJjYWMxLWUzMGYtNGJhNy1hNzRlLTc0MWQ1NWM5OTgwMi8xL3pCTy1oSEdQVlJ3
a0ZIZnlLZ1FjYzA2NWZjVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAVvvGgMEBbBngAMEBbBwwAMEArkW
PAMEAsKxFDANBAIAAjAHAwUAKgBaYDANBgkqhkiG9w0BAQsFAAOCAQEAR9JB8Cxv
VYiOR8HmqcGH/to7CA3e0z57lqWp/EW1ZZbs37Q9gtBetdgj3iesjiIGeptuPYz2
s8Wa6rxxtFk97G/QdsURH3eIVyfQdef1wTreQb8ZuKFTuG2wGWRePrYpNZ6W5zN7
iQeDYvhrRuQU3VnacBpxyge5J/nb6JXtmoKRjblBKWGA4CeoR9I+4ia0u6SNFJqB
wUrkZA47d7yh1QsgvFiq/2DV8pq5dDN5f4VNSQraD0+HEE4P2nI1lWmC5fYaNHyK
cekMOwewWG3bf91pEvyzcBKtU7C9Mciv9CSMr0ATywklZil+iivzGjckyPUlEnES
qNbw5HdzYgpCig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org