Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/FZzvxL6uJaZNiHXY4CfHwUavYXs.roa
File: FZzvxL6uJaZNiHXY4CfHwUavYXs.roa (raw, json)
Hash identifier: Z/Sg8DqRGyxbEg3O4XNkCouG5aNtb/qNgRhyC/yR1xY=
Subject key identifier: 15:9C:EF:C4:BE:AE:25:A6:4D:88:75:D8:E0:27:C7:C1:46:AF:61:7B
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018C59CBEEF097B004A938673D7C465DE7A1
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/FZzvxL6uJaZNiHXY4CfHwUavYXs.roa
Signing time: Mon 11 Dec 2023 16:53:06 +0000
ROA not before: Mon 11 Dec 2023 16:53:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 217.29.192.0/22 maxlen: 22
62.164.128.0/17 maxlen: 17
62.164.144.0/21 maxlen: 21
194.164.144.0/24 maxlen: 24
194.164.140.0/22 maxlen: 22
194.164.80.0/22 maxlen: 22
194.164.85.0/24 maxlen: 24
194.164.86.0/24 maxlen: 24
194.164.223.0/24 maxlen: 24
194.164.232.0/24 maxlen: 24
194.164.231.0/24 maxlen: 24
194.164.238.0/24 maxlen: 24
194.164.241.0/24 maxlen: 24
194.164.242.0/23 maxlen: 23
194.164.247.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.184.224.0/19 maxlen: 19
195.184.228.0/23 maxlen: 23
195.184.236.0/24 maxlen: 24
195.184.245.0/24 maxlen: 24
212.32.56.0/21 maxlen: 21
212.32.54.0/23 maxlen: 23
212.32.64.0/18 maxlen: 18
213.254.160.0/19 maxlen: 19
212.32.0.0/17 maxlen: 17
212.32.0.0/20 maxlen: 20
212.32.16.0/21 maxlen: 21
212.32.24.0/22 maxlen: 22
212.32.28.0/23 maxlen: 23
212.32.32.0/21 maxlen: 21
212.32.42.0/23 maxlen: 23
212.32.44.0/23 maxlen: 23
212.32.48.0/22 maxlen: 22
212.56.57.0/24 maxlen: 24
194.164.2.0/24 maxlen: 24
212.56.56.0/23 maxlen: 23
212.56.60.0/22 maxlen: 22
194.164.12.0/24 maxlen: 24
194.164.38.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
212.56.48.0/21 maxlen: 21
62.169.128.0/20 maxlen: 20
62.169.144.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
62.169.150.0/24 maxlen: 24
62.169.152.0/22 maxlen: 22
62.169.156.0/24 maxlen: 24
62.169.158.0/23 maxlen: 23
193.108.168.0/23 maxlen: 23
194.62.44.0/22 maxlen: 22
195.200.0.0/19 maxlen: 19
86.54.0.0/16 maxlen: 16
212.47.80.0/23 maxlen: 23
212.47.84.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:cb:ee:f0:97:b0:04:a9:38:67:3d:7c:46:5d:e7:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Dec 11 16:53:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=159cefc4beae25a64d8875d8e027c7c146af617b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:0a:81:8a:af:e9:af:f0:02:81:d5:98:16:
f0:6c:9e:b3:5f:98:23:2e:37:e1:23:9c:50:2b:ad:
23:f0:9b:30:6d:63:8f:8d:50:d2:44:5d:7d:90:5c:
8c:05:5a:15:cd:da:33:33:63:0a:23:fd:88:fe:f0:
0d:a6:1a:54:07:6e:f0:8c:a3:a9:8f:05:49:58:d4:
28:ec:75:47:e3:e8:cb:90:8b:8e:80:52:c6:69:e5:
ec:7d:0b:dc:e3:d9:7d:f0:43:f8:90:6e:9a:ae:7b:
36:b0:12:f3:a5:4c:32:dc:13:9f:27:8a:e4:e1:ec:
eb:b8:9b:73:bb:9e:4a:8c:4d:40:40:cc:c5:8c:5c:
e6:be:53:12:3b:b0:d6:74:f4:d7:52:84:0b:40:09:
a9:49:4c:3f:ff:f1:36:6d:ea:ba:b0:2a:27:56:36:
69:c0:9c:d8:e5:f0:6d:9d:58:63:0a:89:7f:c7:6b:
51:e6:00:b5:86:e2:61:cc:12:72:36:ae:c7:5f:70:
b0:fa:f6:96:3b:a8:a1:a4:1f:ac:e3:fc:af:e5:68:
5d:4f:d0:2a:57:57:bc:48:78:54:a6:7a:d3:c6:5b:
b0:fe:2a:d0:75:bf:27:f8:6a:c3:b4:99:21:e5:91:
95:be:63:b0:cc:d7:7a:1c:10:ff:19:9e:e0:aa:6d:
a9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9C:EF:C4:BE:AE:25:A6:4D:88:75:D8:E0:27:C7:C1:46:AF:61:7B
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/FZzvxL6uJaZNiHXY4CfHwUavYXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0-62.169.150.255
62.169.152.0-62.169.156.255
62.169.158.0/23
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.164.2.0/24
194.164.12.0/24
194.164.38.0/24
194.164.80.0/22
194.164.85.0-194.164.86.255
194.164.140.0-194.164.144.255
194.164.223.0/24
194.164.231.0-194.164.232.255
194.164.238.0/24
194.164.241.0-194.164.243.255
194.164.247.0/24
195.26.224.0/19
195.184.224.0/19
195.200.0.0/19
212.32.0.0/17
212.47.80.0/23
212.47.84.0/24
212.56.48.0-212.56.57.255
212.56.60.0/22
213.254.160.0/19
217.29.192.0/22
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:67:4b:25:63:6c:f4:79:70:ee:d8:ff:91:4d:fb:d6:ca:24:
0a:41:48:33:85:ba:72:31:48:6c:21:36:75:18:f6:fe:e1:28:
20:22:9a:66:53:d3:32:6e:23:19:5f:1c:0c:24:53:54:38:8b:
49:f8:cd:d7:ba:67:3f:8f:0d:f5:50:9c:50:df:69:e8:34:3f:
6d:80:1a:b5:e8:f6:2c:99:f4:56:2a:00:bb:96:cc:7d:3f:a5:
30:37:b2:c8:c7:5b:58:d5:cd:9c:c2:2c:d5:90:1d:5d:80:34:
45:66:1c:59:fe:eb:48:2c:b2:62:32:f0:83:73:ef:5a:7d:51:
36:b2:a4:8b:0c:37:7b:a0:74:c7:11:c7:63:ee:c2:08:7c:e5:
a8:c0:e4:61:18:5d:d3:f9:44:b3:22:4f:3a:09:8b:7f:a6:2c:
c7:c7:9f:d0:c7:b9:e4:e9:07:ae:8a:6e:d7:ab:aa:0e:7a:01:
09:2a:cb:f6:b9:fe:55:bd:4e:c7:4d:3f:5a:78:85:ed:d7:97:
14:a7:b5:70:8a:42:58:b2:77:d5:de:ab:a6:f8:4b:06:7a:1b:
a2:16:92:48:3f:05:5f:89:f8:21:a4:30:ca:1b:3e:46:dc:70:
6d:18:a8:b7:15:d6:67:80:db:8b:4d:07:06:c7:12:69:f7:38:
fd:9d:a4:74
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYxZy+7wl7AEqThnPXxGXeehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjMxMjExMTY1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTljZWZjNGJlYWUyNWE2NGQ4ODc1ZDhlMDI3YzdjMTQ2YWY2MTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+YKgYqv6a/wAoHVmBbwbJ6zX5gj
LjfhI5xQK60j8JswbWOPjVDSRF19kFyMBVoVzdozM2MKI/2I/vANphpUB27wjKOp
jwVJWNQo7HVH4+jLkIuOgFLGaeXsfQvc49l98EP4kG6arns2sBLzpUwy3BOfJ4rk
4ezruJtzu55KjE1AQMzFjFzmvlMSO7DWdPTXUoQLQAmpSUw///E2beq6sConVjZp
wJzY5fBtnVhjCol/x2tR5gC1huJhzBJyNq7HX3Cw+vaWO6ihpB+s4/yv5WhdT9Aq
V1e8SHhUpnrTxluw/irQdb8n+GrDtJkh5ZGVvmOwzNd6HBD/GZ7gqm2pDwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFBWc78S+riWmTYh12OAnx8FGr2F7MB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvRlp6dnhMNnVKYVpOaUhYWTRDZkh3VWF2WVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQH
PqSAMAwDBAc+qYADBAA+qZYwDAMEAz6pmAMEAD6pnAMEAT6pngMDAFY2AwQBwWyo
AwQCwj4sAwQAwqQCAwQAwqQMAwQAwqQmAwQCwqRQMAwDBADCpFUDBADCpFYwDAME
AsKkjAMEAMKkkAMEAMKk3zAMAwQAwqTnAwQAwqToAwQAwqTuMAwDBADCpPEDBALC
pPADBADCpPcDBAXDGuADBAXDuOADBAXDyAADBAfUIAADBAHUL1ADBADUL1QwDAME
BNQ4MAMEAdQ4OAMEAtQ4PAMEBdX+oAMEAtkdwAMDANmaMA0GCSqGSIb3DQEBCwUA
A4IBAQBMZ0slY2z0eXDu2P+RTfvWyiQKQUgzhbpyMUhsITZ1GPb+4SggIppmU9My
biMZXxwMJFNUOItJ+M3Xumc/jw31UJxQ32noND9tgBq16PYsmfRWKgC7lsx9P6Uw
N7LIx1tY1c2cwizVkB1dgDRFZhxZ/utILLJiMvCDc+9afVE2sqSLDDd7oHTHEcdj
7sIIfOWowORhGF3T+USzIk86CYt/pizHx5/Qx7nk6Qeuim7Xq6oOegEJKsv2uf5V
vU7HTT9aeIXt15cUp7VwikJYsnfV3qum+EsGehuiFpJIPwVfifghpDDKGz5G3HBt
GKi3FdZngNuLTQcGxxJp9zj9naR0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:16 2024 by rpki-client on console-fra.rpki-client.org