Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/5DOEdt4agdWPdVrr7kFT4AUGrb8.roa
File: 5DOEdt4agdWPdVrr7kFT4AUGrb8.roa (raw, json)
Hash identifier: boICnF9+U2ICN+E4LaITdawwTTq5eU5mhk2YmvAEGRo=
Subject key identifier: E4:33:84:76:DE:1A:81:D5:8F:75:5A:EB:EE:41:53:E0:05:06:AD:BF
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018D64F9058876A220BF55D539038DD44EA2
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/5DOEdt4agdWPdVrr7kFT4AUGrb8.roa
Signing time: Thu 01 Feb 2024 14:00:57 +0000
ROA not before: Thu 01 Feb 2024 14:00:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206509
IP address blocks: 62.164.128.0/18 maxlen: 18
62.164.144.0/21 maxlen: 21
62.164.192.0/21 maxlen: 21
62.169.154.0/24 maxlen: 24
86.54.0.0/16 maxlen: 16
193.108.168.0/23 maxlen: 23
193.108.169.0/24 maxlen: 24
194.62.44.0/22 maxlen: 22
194.164.97.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
194.164.181.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.200.0.0/19 maxlen: 19
213.254.160.0/19 maxlen: 19
213.254.171.0/24 maxlen: 24
213.254.178.0/24 maxlen: 24
213.254.185.0/24 maxlen: 24
217.29.192.0/20 maxlen: 22
217.154.0.0/16 maxlen: 16
2001:15e0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:f9:05:88:76:a2:20:bf:55:d5:39:03:8d:d4:4e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 1 14:00:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4338476de1a81d58f755aebee4153e00506adbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e2:4c:c7:ab:a6:c8:f3:f5:0f:29:e8:16:7d:
fc:27:53:bf:79:c6:2b:42:ea:0e:5b:66:c5:90:76:
46:8b:ed:4b:13:ce:55:05:1e:06:d4:4f:a0:29:d9:
5d:5c:14:5d:10:90:2c:fb:5e:bf:30:6c:4f:33:7f:
8b:3c:84:09:1a:22:8c:ae:eb:64:ed:33:f0:33:02:
1f:ee:2c:c2:e8:3a:f9:f8:bf:58:73:de:6c:4f:25:
0d:c7:04:f3:45:b2:97:f0:66:78:54:cc:5a:4e:0d:
87:ec:ac:8b:a2:5e:cc:c2:ee:6e:39:7b:83:9e:21:
32:a7:50:18:f8:aa:3b:8b:96:b4:d4:37:c0:3b:f5:
b0:d5:65:5b:71:08:69:75:8c:61:b5:35:99:41:ca:
3c:04:9f:45:ed:80:e6:4f:2f:fb:c3:9d:48:c0:59:
0d:2e:ee:c4:91:2d:5b:d9:26:84:f9:40:3a:53:f9:
1a:12:57:2e:3d:cd:d5:11:cb:f6:d2:50:23:7e:94:
10:01:74:e5:38:f8:ae:6e:0e:23:83:9d:02:5e:82:
6b:0b:f1:1b:54:46:c3:5e:ca:aa:96:29:f5:42:a6:
f8:15:52:6d:e5:3c:16:ef:85:36:da:24:85:f5:c7:
10:f2:f5:0e:25:7c:8f:e5:42:11:62:cc:87:8b:9a:
f3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:33:84:76:DE:1A:81:D5:8F:75:5A:EB:EE:41:53:E0:05:06:AD:BF
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/5DOEdt4agdWPdVrr7kFT4AUGrb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0-62.164.199.255
62.169.154.0/24
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.164.97.0/24
194.164.114.0/24
194.164.181.0/24
195.26.224.0/19
195.200.0.0/19
213.254.160.0/19
217.29.192.0/20
217.154.0.0/16
IPv6:
2001:15e0::/32
Signature Algorithm: sha256WithRSAEncryption
3c:2e:05:07:60:95:0b:6d:2c:1b:28:f8:f9:b8:50:b6:f9:8b:
71:09:b1:d0:bc:95:c6:c7:69:41:d0:ba:79:40:0b:64:fc:2d:
e8:bf:f7:2e:05:0d:35:7c:d1:0c:b9:5c:b8:48:73:3a:d8:cd:
dd:a0:85:91:5e:36:75:3b:ce:09:95:e0:f8:24:51:5e:f5:3d:
60:df:52:07:d6:df:5f:d0:f2:37:33:09:fc:75:a8:44:56:91:
4b:d7:87:6b:68:b1:c3:34:40:3b:3c:96:d7:26:73:e6:1b:64:
a9:30:9e:80:a7:ff:e1:28:e9:c9:4d:4d:1c:76:49:53:c8:1c:
bc:b0:f7:a8:b2:ef:3b:a9:cc:c1:62:01:f7:f8:2f:93:1d:58:
6a:3a:58:d8:74:f2:42:28:d2:bb:12:c6:d7:1e:c8:18:8c:f3:
a6:4b:29:32:ad:bd:d7:1f:41:2e:d0:d9:d8:49:99:6d:5b:2d:
36:95:50:6d:46:5b:bd:aa:14:53:66:6a:2b:da:63:cb:bc:66:
72:fa:fa:f0:5d:e2:d0:47:92:e1:e7:53:cd:23:0c:6b:68:e9:
12:12:47:df:4d:cf:e1:5e:59:ee:f2:57:69:12:ef:b4:42:ab:
6b:57:42:e2:3f:25:ea:46:ce:94:ef:56:bd:91:37:62:f5:22:
5c:85:12:4b
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY1k+QWIdqIgv1XVOQON1E6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMjAxMTQwMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDMzODQ3NmRlMWE4MWQ1OGY3NTVhZWJlZTQxNTNlMDA1MDZhZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+JMx6umyPP1DynoFn38J1O/ecYr
QuoOW2bFkHZGi+1LE85VBR4G1E+gKdldXBRdEJAs+16/MGxPM3+LPIQJGiKMrutk
7TPwMwIf7izC6Dr5+L9Yc95sTyUNxwTzRbKX8GZ4VMxaTg2H7KyLol7Mwu5uOXuD
niEyp1AY+Ko7i5a01DfAO/Ww1WVbcQhpdYxhtTWZQco8BJ9F7YDmTy/7w51IwFkN
Lu7EkS1b2SaE+UA6U/kaElcuPc3VEcv20lAjfpQQAXTlOPiubg4jg50CXoJrC/Eb
VEbDXsqqlin1Qqb4FVJt5TwW74U22iSF9ccQ8vUOJXyP5UIRYsyHi5rzgQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFOQzhHbeGoHVj3Va6+5BU+AFBq2/MB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvNURPRWR0NGFnZFdQZFZycjdrRlQ0QVVHcmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUMAwDBAc+pIAD
BAM+pMADBAA+qZoDAwBWNgMEAcFsqAMEAsI+LAMEAMKkYQMEAMKkcgMEAMKktQME
BcMa4AMEBcPIAAMEBdX+oAMEBNkdwAMDANmaMA0EAgACMAcDBQAgARXgMA0GCSqG
SIb3DQEBCwUAA4IBAQA8LgUHYJULbSwbKPj5uFC2+YtxCbHQvJXGx2lB0Lp5QAtk
/C3ov/cuBQ01fNEMuVy4SHM62M3doIWRXjZ1O84JleD4JFFe9T1g31IH1t9f0PI3
Mwn8dahEVpFL14draLHDNEA7PJbXJnPmG2SpMJ6Ap//hKOnJTU0cdklTyBy8sPeo
su87qczBYgH3+C+THVhqOljYdPJCKNK7EsbXHsgYjPOmSykyrb3XH0Eu0NnYSZlt
Wy02lVBtRlu9qhRTZmor2mPLvGZy+vrwXeLQR5Lh51PNIwxraOkSEkffTc/hXlnu
8ldpEu+0QqtrV0LiPyXqRs6U71a9kTdi9SJchRJL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:51 2024 by rpki-client on console-ams.rpki-client.org