Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/QGRa-JWlQ82Vlck_havO81XdkOY.roa
File: QGRa-JWlQ82Vlck_havO81XdkOY.roa (raw, json)
Hash identifier: 7GBC7WJYFhS44QM7qisnJ/NStiuqVOVNLuWQs3mLn58=
Subject key identifier: 40:64:5A:F8:95:A5:43:CD:95:95:C9:3F:85:AB:CE:F3:55:DD:90:E6
Certificate issuer: /CN=bfabf5a474afe7212331670e831e119da38f284f
Certificate serial: 0AC69E89
Authority key identifier: BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/QGRa-JWlQ82Vlck_havO81XdkOY.roa
Signing time: Mon 04 Apr 2022 13:15:24 +0000
ROA not before: Mon 04 Apr 2022 13:15:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21232
IP address blocks: 185.41.132.0/22 maxlen: 22
185.108.244.0/22 maxlen: 22
185.70.68.0/22 maxlen: 22
185.110.184.0/22 maxlen: 22
185.119.36.0/22 maxlen: 22
62.32.0.0/19 maxlen: 19
185.41.76.0/22 maxlen: 22
82.192.224.0/19 maxlen: 19
185.110.88.0/22 maxlen: 22
77.74.56.0/21 maxlen: 21
213.160.32.0/19 maxlen: 19
79.142.128.0/20 maxlen: 20
195.216.64.0/19 maxlen: 19
185.132.16.0/22 maxlen: 22
185.64.184.0/22 maxlen: 22
185.11.168.0/22 maxlen: 22
185.31.248.0/22 maxlen: 22
185.110.72.0/22 maxlen: 22
185.45.236.0/22 maxlen: 22
93.184.16.0/20 maxlen: 20
2a02:5c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180788873 (0xac69e89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfabf5a474afe7212331670e831e119da38f284f
Validity
Not Before: Apr 4 13:15:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40645af895a543cd9595c93f85abcef355dd90e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2f:68:9d:07:de:ce:75:92:79:14:64:87:1b:
9b:9b:62:2d:46:60:df:24:7f:b2:70:2d:b3:42:c0:
30:72:04:a1:b0:61:a6:c2:0e:c2:94:99:8e:44:f7:
79:fd:2c:af:19:58:f1:65:a8:d2:e9:bf:00:fd:11:
f3:3c:de:aa:84:c6:82:40:b0:97:de:35:d2:ce:01:
f7:78:0e:af:70:20:c0:62:1b:56:bb:fe:11:1b:8f:
0f:54:ba:3a:84:47:33:42:58:b1:10:2c:1c:9d:0d:
26:71:8d:e2:6e:27:c6:dc:94:95:b3:28:29:9e:43:
fa:47:61:2e:a9:cd:d0:65:32:ec:49:3e:50:0a:06:
96:0f:4c:10:d9:b6:49:65:84:a4:10:dd:c7:b0:40:
c5:d6:04:54:4e:b8:6c:38:8e:aa:e8:03:e8:13:f9:
01:4b:67:9b:2d:42:09:2b:5f:22:12:0a:3e:43:ed:
d5:8c:21:90:f9:65:13:a8:e3:26:76:24:51:17:38:
9e:c4:e1:bd:11:8b:b2:41:d3:5a:a9:61:63:c3:8e:
7c:e6:6c:07:82:26:d0:ac:00:5a:05:0f:21:16:2c:
1b:f4:20:c2:50:a0:95:8d:ca:58:40:b6:dc:7b:ec:
15:d2:16:49:68:d3:54:a5:04:60:56:6e:14:7f:6e:
c5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:64:5A:F8:95:A5:43:CD:95:95:C9:3F:85:AB:CE:F3:55:DD:90:E6
X509v3 Authority Key Identifier:
keyid:BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/QGRa-JWlQ82Vlck_havO81XdkOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.0.0/19
77.74.56.0/21
79.142.128.0/20
82.192.224.0/19
93.184.16.0/20
185.11.168.0/22
185.31.248.0/22
185.41.76.0/22
185.41.132.0/22
185.45.236.0/22
185.64.184.0/22
185.70.68.0/22
185.108.244.0/22
185.110.72.0/22
185.110.88.0/22
185.110.184.0/22
185.119.36.0/22
185.132.16.0/22
195.216.64.0/19
213.160.32.0/19
IPv6:
2a02:5c0::/32
Signature Algorithm: sha256WithRSAEncryption
72:a4:2e:f6:a7:f8:c7:92:10:cb:d7:c7:53:32:52:e3:c8:56:
9a:76:44:56:58:b9:33:b0:7f:ba:e8:f8:c8:87:21:0c:39:fb:
86:71:60:5a:bb:a6:ca:69:7d:8b:63:87:2e:1b:3f:8d:7a:53:
da:c1:21:96:a1:16:7b:43:f3:32:47:7a:d1:20:31:b6:a1:b7:
03:78:1a:85:ac:00:38:53:c2:4c:1a:37:0c:a9:bc:0c:95:5d:
43:0c:a7:91:1b:6b:25:51:98:c3:a3:3c:9a:de:a3:64:88:70:
28:f8:5b:82:73:fd:c8:49:6b:28:56:3f:94:04:89:d5:df:8b:
ba:c7:28:49:d3:de:25:76:34:e4:c7:c1:af:86:75:b6:32:8e:
d3:13:37:ba:b4:1c:98:99:85:a8:35:51:65:0c:09:9b:28:25:
db:8c:17:f4:a6:ae:c0:f5:dd:c0:d9:a9:69:20:b3:9d:d4:d8:
f9:59:c7:9c:63:31:ee:96:9f:40:c4:0c:e4:a9:ef:69:a1:b6:
5c:03:cf:3d:bc:fb:55:f9:38:f5:2d:7e:c8:70:5d:0d:9b:73:
75:38:88:76:b5:75:44:87:44:23:3a:b8:d6:6f:f3:68:84:a0:
39:d3:47:36:dc:9f:ae:69:10:df:18:b5:03:57:c0:2a:6a:a6:
32:4d:b0:c2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIECsaeiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmFiZjVhNDc0YWZlNzIxMjMzMTY3MGU4MzFlMTE5ZGEzOGYyODRmMB4XDTIyMDQw
NDEzMTUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2NDVhZjg5NWE1
NDNjZDk1OTVjOTNmODVhYmNlZjM1NWRkOTBlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsvaJ0H3s51knkUZIcbm5tiLUZg3yR/snAts0LAMHIEobBh
psIOwpSZjkT3ef0srxlY8WWo0um/AP0R8zzeqoTGgkCwl9410s4B93gOr3AgwGIb
Vrv+ERuPD1S6OoRHM0JYsRAsHJ0NJnGN4m4nxtyUlbMoKZ5D+kdhLqnN0GUy7Ek+
UAoGlg9MENm2SWWEpBDdx7BAxdYEVE64bDiOqugD6BP5AUtnmy1CCStfIhIKPkPt
1YwhkPllE6jjJnYkURc4nsThvRGLskHTWqlhY8OOfOZsB4Im0KwAWgUPIRYsG/Qg
wlCglY3KWEC23HvsFdIWSWjTVKUEYFZuFH9uxSMCAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBRAZFr4laVDzZWVyT+Fq87zVd2Q5jAfBgNVHSMEGDAWgBS/q/WkdK/nISMx
Zw6DHhGdo48oTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y2djFwSFN2NXlFak1XY09neDRSbmFPUEtFOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMDE4OGRhLTM2NTUtNDgyZC04ODFiLWZlYmJjNGEzYjQ1Yi8x
L1FHUmEtSldsUTgyVmxja19oYXZPODFYZGtPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MDE4OGRhLTM2NTUtNDgyZC04ODFiLWZlYmJjNGEzYjQ1Yi8xL3Y2djFwSFN2NXlF
ak1XY09neDRSbmFPUEtFOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wfgQCAAEweAMEBT4gAAMEA01KOAMEBE+OgAME
BVLA4AMEBF24EAMEArkLqAMEArkf+AMEArkpTAMEArkphAMEArkt7AMEArlAuAME
ArlGRAMEArls9AMEArluSAMEArluWAMEArluuAMEArl3JAMEArmEEAMEBcPYQAME
BdWgIDANBAIAAjAHAwUAKgIFwDANBgkqhkiG9w0BAQsFAAOCAQEAcqQu9qf4x5IQ
y9fHUzJS48hWmnZEVli5M7B/uuj4yIchDDn7hnFgWrumyml9i2OHLhs/jXpT2sEh
lqEWe0PzMkd60SAxtqG3A3gahawAOFPCTBo3DKm8DJVdQwynkRtrJVGYw6M8mt6j
ZIhwKPhbgnP9yElrKFY/lASJ1d+LuscoSdPeJXY05MfBr4Z1tjKO0xM3urQcmJmF
qDVRZQwJmygl24wX9KauwPXdwNmpaSCzndTY+VnHnGMx7pafQMQM5KnvaaG2XAPP
Pbz7Vfk49S1+yHBdDZtzdTiIdrV1RIdEIzq41m/zaISgOdNHNtyfrmkQ3xi1A1fA
KmqmMk2wwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org