Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/aba4-_AEa-xMNzdyWgNWhWFZobY.roa
File: aba4-_AEa-xMNzdyWgNWhWFZobY.roa (raw, json)
Hash identifier: iayN8M11rj1bIPGsejMfv6P8Dp5J+/oFoKpLEeYm6mQ=
Subject key identifier: 69:B6:B8:FB:F0:04:6B:EC:4C:37:37:72:5A:03:56:85:61:59:A1:B6
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018D78F7B0DF27A3B7543C981BAB3C5C5F16
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/aba4-_AEa-xMNzdyWgNWhWFZobY.roa
Signing time: Mon 05 Feb 2024 11:11:54 +0000
ROA not before: Mon 05 Feb 2024 11:11:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206509
IP address blocks: 62.164.128.0/18 maxlen: 18
62.164.144.0/21 maxlen: 21
62.164.192.0/21 maxlen: 21
86.54.0.0/16 maxlen: 16
193.108.169.0/24 maxlen: 24
194.62.44.0/22 maxlen: 22
194.164.97.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
194.164.181.0/24 maxlen: 24
195.26.224.0/19 maxlen: 19
195.200.0.0/19 maxlen: 19
213.254.171.0/24 maxlen: 24
213.254.178.0/24 maxlen: 24
213.254.185.0/24 maxlen: 24
217.154.0.0/16 maxlen: 16
2001:15e0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:f7:b0:df:27:a3:b7:54:3c:98:1b:ab:3c:5c:5f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 5 11:11:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69b6b8fbf0046bec4c3737725a0356856159a1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:82:32:87:8c:c8:7e:09:fa:d6:e8:4f:32:
76:68:8e:36:4e:db:ac:57:ff:a1:ee:15:52:e2:6c:
6a:7b:07:01:9e:9c:2e:1d:5d:5a:b3:50:57:54:dd:
1c:d9:ef:44:ad:17:89:6b:45:f2:2f:f7:45:1f:fa:
10:cc:97:51:6c:ad:e5:df:c1:df:19:f9:a8:06:12:
9e:c4:15:9e:a2:e7:18:fe:34:97:8f:3f:12:1e:46:
32:8e:44:27:74:69:3f:b3:10:85:27:d0:3d:8e:e0:
f5:ad:67:f5:e1:63:0e:2f:ec:d9:5e:3d:2f:e4:c4:
3c:5d:73:95:a2:50:b5:6d:eb:a7:0b:9f:4a:2e:5e:
a1:15:64:49:c2:08:3b:e5:23:6f:e4:33:79:ee:06:
57:6e:b4:fb:93:eb:4b:b8:64:13:39:10:8d:22:75:
67:42:02:ed:5b:1e:ae:7f:be:63:cd:37:f7:18:f7:
dc:ef:b5:21:b1:1b:ce:8e:35:74:5d:a3:56:22:1c:
e8:04:77:1c:fb:bd:2b:ca:08:3d:f8:32:c1:51:e4:
aa:13:60:87:ad:45:87:32:e6:aa:ce:20:8f:28:0f:
d3:eb:86:f5:0c:18:f7:ae:2c:86:c2:ea:ec:3a:5c:
d5:02:7a:7f:a8:66:c6:ce:fc:fe:e4:bb:8b:62:76:
aa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B6:B8:FB:F0:04:6B:EC:4C:37:37:72:5A:03:56:85:61:59:A1:B6
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/aba4-_AEa-xMNzdyWgNWhWFZobY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0-62.164.199.255
86.54.0.0/16
193.108.169.0/24
194.62.44.0/22
194.164.97.0/24
194.164.114.0/24
194.164.181.0/24
195.26.224.0/19
195.200.0.0/19
213.254.171.0/24
213.254.178.0/24
213.254.185.0/24
217.154.0.0/16
IPv6:
2001:15e0::/32
Signature Algorithm: sha256WithRSAEncryption
5c:12:0b:46:ed:b2:62:6b:b4:0e:99:e7:16:58:67:15:3f:0a:
a7:e1:12:38:c9:c7:df:0b:62:24:74:71:ee:60:83:0d:9c:0a:
ab:ef:9e:58:ec:18:69:ed:33:28:0d:96:2f:63:61:99:ab:28:
ac:72:85:54:1e:3c:49:c5:c2:52:95:92:35:7f:ae:91:ec:a5:
54:e0:a6:c9:e9:5a:6f:08:72:45:02:0d:86:42:04:8b:72:1c:
3c:76:0a:8e:0b:d6:4b:e0:6d:a2:db:b0:39:2a:fb:33:3c:3d:
7c:c1:05:62:87:a2:9c:cd:1a:47:12:de:bc:4a:93:93:6d:5d:
90:b9:73:e1:0f:a3:cc:0c:57:54:f7:ef:78:10:6e:bf:b0:7d:
e1:67:c9:30:f4:20:6c:c4:80:1b:fd:0c:ff:71:57:bf:3a:e1:
40:47:29:9b:f1:62:25:18:5f:01:ff:37:8d:11:20:38:84:2f:
f2:f3:c6:68:f0:d5:4f:72:db:b8:c3:92:6f:b7:ba:3d:e3:ad:
26:1e:9a:06:27:aa:83:0f:a9:68:38:b5:d1:78:89:bd:e1:76:
24:97:66:2e:81:ec:53:87:72:a1:a1:0b:50:bb:b2:ba:6a:63:
69:f1:90:8a:b1:7c:5d:b7:3e:28:ab:3c:c2:b5:2c:f7:37:60:
1f:2f:84:fc
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY1497DfJ6O3VDyYG6s8XF8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMjA1MTExMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWI2YjhmYmYwMDQ2YmVjNGMzNzM3NzI1YTAzNTY4NTYxNTlhMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmuCMoeMyH4J+tboTzJ2aI42Ttus
V/+h7hVS4mxqewcBnpwuHV1as1BXVN0c2e9ErReJa0XyL/dFH/oQzJdRbK3l38Hf
GfmoBhKexBWeoucY/jSXjz8SHkYyjkQndGk/sxCFJ9A9juD1rWf14WMOL+zZXj0v
5MQ8XXOVolC1beunC59KLl6hFWRJwgg75SNv5DN57gZXbrT7k+tLuGQTORCNInVn
QgLtWx6uf75jzTf3GPfc77UhsRvOjjV0XaNWIhzoBHcc+70rygg9+DLBUeSqE2CH
rUWHMuaqziCPKA/T64b1DBj3riyGwursOlzVAnp/qGbGzvz+5LuLYnaq3QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFGm2uPvwBGvsTDc3cloDVoVhWaG2MB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvYWJhNC1fQUVhLXhNTnpkeVdnTldoV0Zab2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUMAwDBAc+pIAD
BAM+pMADAwBWNgMEAMFsqQMEAsI+LAMEAMKkYQMEAMKkcgMEAMKktQMEBcMa4AME
BcPIAAMEANX+qwMEANX+sgMEANX+uQMDANmaMA0EAgACMAcDBQAgARXgMA0GCSqG
SIb3DQEBCwUAA4IBAQBcEgtG7bJia7QOmecWWGcVPwqn4RI4ycffC2IkdHHuYIMN
nAqr755Y7Bhp7TMoDZYvY2GZqyiscoVUHjxJxcJSlZI1f66R7KVU4KbJ6VpvCHJF
Ag2GQgSLchw8dgqOC9ZL4G2i27A5KvszPD18wQVih6KczRpHEt68SpOTbV2QuXPh
D6PMDFdU9+94EG6/sH3hZ8kw9CBsxIAb/Qz/cVe/OuFARymb8WIlGF8B/zeNESA4
hC/y88Zo8NVPctu4w5Jvt7o9460mHpoGJ6qDD6loOLXReIm94XYkl2YugexTh3Kh
oQtQu7K6amNp8ZCKsXxdtz4oqzzCtSz3N2AfL4T8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:16 2024 by rpki-client on console-fra.rpki-client.org