Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/J7YQi3Da5TEgbPKG6aaNJgfoTAo.roa
File: J7YQi3Da5TEgbPKG6aaNJgfoTAo.roa (raw, json)
Hash identifier: NL2O5zaSJwMW5syO8Ho+1mmdY+QQaLuke9H25JceBhA=
Subject key identifier: 27:B6:10:8B:70:DA:E5:31:20:6C:F2:86:E9:A6:8D:26:07:E8:4C:0A
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018D65A56C34828C6DDC497AA9BE73D8E57D
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/J7YQi3Da5TEgbPKG6aaNJgfoTAo.roa
Signing time: Thu 01 Feb 2024 17:09:16 +0000
ROA not before: Thu 01 Feb 2024 17:09:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206509
IP address blocks: 62.164.128.0/18 maxlen: 18
62.164.144.0/21 maxlen: 21
62.164.192.0/21 maxlen: 21
86.54.0.0/16 maxlen: 16
193.108.169.0/24 maxlen: 24
194.62.44.0/22 maxlen: 22
194.164.97.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
194.164.181.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.200.0.0/19 maxlen: 19
213.254.171.0/24 maxlen: 24
213.254.178.0/24 maxlen: 24
213.254.185.0/24 maxlen: 24
217.29.192.0/20 maxlen: 22
217.154.0.0/16 maxlen: 16
2001:15e0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:a5:6c:34:82:8c:6d:dc:49:7a:a9:be:73:d8:e5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 1 17:09:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27b6108b70dae531206cf286e9a68d2607e84c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6f:72:7c:fd:69:78:98:b0:e3:c1:17:69:42:
ee:66:f1:ff:2d:90:41:40:6d:ea:d4:47:b7:f5:ed:
8b:75:e0:44:33:6e:4b:8a:8a:ff:93:26:69:b7:39:
e2:0b:99:93:ce:6e:b9:66:a9:a8:c4:41:e6:2c:98:
9e:04:29:74:4a:eb:28:e7:0d:67:2f:d4:b0:25:b8:
af:9c:1f:bb:b7:bf:ee:c7:c2:10:e3:d0:68:c5:d4:
d2:d4:80:2c:6c:f7:cc:a1:4c:c2:1a:c6:13:b3:29:
6a:bb:46:3d:0a:7c:72:5b:83:22:25:46:39:70:11:
35:e6:e7:71:88:1a:f9:8b:b6:0b:08:8f:f9:82:42:
38:88:a2:ab:9a:1c:ff:dc:40:59:de:b5:d9:e1:ea:
6b:d1:a6:5b:18:aa:36:f4:c4:95:70:47:2c:04:98:
e5:4d:1e:e4:59:14:be:86:ff:65:e2:20:3c:19:a1:
99:d2:9f:26:ed:6b:f5:f7:4e:87:97:c5:02:c6:73:
eb:63:4e:fe:aa:b0:a8:9d:a8:8b:00:36:eb:e1:e6:
76:ef:90:c7:62:7b:2f:96:7a:9b:fa:8a:ba:37:cf:
fc:da:bc:30:a6:c1:34:f3:8d:4d:c2:df:9f:fd:9b:
7b:38:e8:66:b3:03:25:aa:1f:e7:50:c4:c8:07:bc:
cc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B6:10:8B:70:DA:E5:31:20:6C:F2:86:E9:A6:8D:26:07:E8:4C:0A
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/J7YQi3Da5TEgbPKG6aaNJgfoTAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0-62.164.199.255
86.54.0.0/16
193.108.169.0/24
194.62.44.0/22
194.164.97.0/24
194.164.114.0/24
194.164.181.0/24
195.26.224.0/19
195.200.0.0/19
213.254.171.0/24
213.254.178.0/24
213.254.185.0/24
217.29.192.0/20
217.154.0.0/16
IPv6:
2001:15e0::/32
Signature Algorithm: sha256WithRSAEncryption
51:56:db:cc:ce:7d:1a:b0:be:c4:86:6a:96:78:20:7b:a8:8e:
d0:4f:81:59:1a:c4:49:4f:f0:f9:8c:21:8a:1c:03:b3:0b:12:
31:c9:91:7c:3c:b0:c0:0b:d4:1d:e7:89:18:ac:6c:91:ed:59:
1a:91:7b:74:68:8d:fd:6b:c5:6e:74:83:8a:bb:b0:1d:11:be:
34:81:f3:09:bc:60:00:4d:ff:8c:f8:56:03:c5:a6:5f:6d:3e:
f2:91:9e:a2:14:3d:ca:c6:4e:95:d4:32:05:70:36:23:48:a9:
6f:6d:c0:e2:10:e2:4e:65:11:b0:06:3d:af:21:6a:67:ad:97:
56:f4:b2:1f:f6:d3:76:c4:1a:50:bd:f3:51:41:3f:88:7c:70:
17:e9:14:c8:1d:7c:2c:47:bc:2f:2e:2f:e5:4a:92:b3:7d:e2:
17:95:aa:4c:ba:8f:a3:e3:93:1b:cb:9e:8d:3f:3a:a7:a6:01:
ba:91:2d:90:22:04:a5:f4:b6:68:5d:63:0e:8f:6a:ad:78:dd:
32:ee:e1:ca:5a:bf:8b:e5:13:0a:48:ce:ab:dd:d9:f7:4c:af:
4f:22:d8:12:99:8c:a8:db:9f:8a:57:6f:40:4a:38:e2:40:25:
2e:68:cb:29:0f:5a:11:0f:ba:0b:a4:aa:a1:2b:d6:55:69:85:
bf:b2:9b:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAY1lpWw0goxt3El6qb5z2OV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMjAxMTcwOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2I2MTA4YjcwZGFlNTMxMjA2Y2YyODZlOWE2OGQyNjA3ZTg0YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu29yfP1peJiw48EXaULuZvH/LZBB
QG3q1Ee39e2LdeBEM25Lior/kyZptzniC5mTzm65ZqmoxEHmLJieBCl0Suso5w1n
L9SwJbivnB+7t7/ux8IQ49BoxdTS1IAsbPfMoUzCGsYTsylqu0Y9CnxyW4MiJUY5
cBE15udxiBr5i7YLCI/5gkI4iKKrmhz/3EBZ3rXZ4epr0aZbGKo29MSVcEcsBJjl
TR7kWRS+hv9l4iA8GaGZ0p8m7Wv1906Hl8UCxnPrY07+qrConaiLADbr4eZ275DH
Ynsvlnqb+oq6N8/82rwwpsE0841Nwt+f/Zt7OOhmswMlqh/nUMTIB7zMaQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFCe2EItw2uUxIGzyhummjSYH6EwKMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvSjdZUWkzRGE1VEVnYlBLRzZhYU5KZ2ZvVEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWjAMAwQHPqSA
AwQDPqTAAwMAVjYDBADBbKkDBALCPiwDBADCpGEDBADCpHIDBADCpLUDBAXDGuAD
BAXDyAADBADV/qsDBADV/rIDBADV/rkDBATZHcADAwDZmjANBAIAAjAHAwUAIAEV
4DANBgkqhkiG9w0BAQsFAAOCAQEAUVbbzM59GrC+xIZqlngge6iO0E+BWRrESU/w
+YwhihwDswsSMcmRfDywwAvUHeeJGKxske1ZGpF7dGiN/WvFbnSDiruwHRG+NIHz
CbxgAE3/jPhWA8WmX20+8pGeohQ9ysZOldQyBXA2I0ipb23A4hDiTmURsAY9ryFq
Z62XVvSyH/bTdsQaUL3zUUE/iHxwF+kUyB18LEe8Ly4v5UqSs33iF5WqTLqPo+OT
G8uejT86p6YBupEtkCIEpfS2aF1jDo9qrXjdMu7hylq/i+UTCkjOq93Z90yvTyLY
EpmMqNufildvQEo44kAlLmjLKQ9aEQ+6C6SqoSvWVWmFv7KbaA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:14 2025 by rpki-client