Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/dzoBF40ELA8LhyMNbIW6PWtus38.roa
File: dzoBF40ELA8LhyMNbIW6PWtus38.roa (raw, json)
Hash identifier: MVN8g+aBkUpnsDcfHTnilkhFPHModjhZp+M2cvdohhY=
Subject key identifier: 77:3A:01:17:8D:04:2C:0F:0B:87:23:0D:6C:85:BA:3D:6B:6E:B3:7F
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 383A6827
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/dzoBF40ELA8LhyMNbIW6PWtus38.roa
Signing time: Sat 01 Jan 2022 09:06:23 +0000
ROA not before: Sat 01 Jan 2022 09:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206509
IP address blocks: 62.169.128.0/19 maxlen: 19
217.29.192.0/20 maxlen: 22
62.164.128.0/17 maxlen: 21
213.254.160.0/19 maxlen: 19
62.164.144.0/21 maxlen: 21
212.32.0.0/17 maxlen: 17
193.108.168.0/23 maxlen: 23
194.154.32.0/19 maxlen: 19
212.47.64.0/19 maxlen: 19
86.54.0.0/16 maxlen: 16
194.164.0.0/16 maxlen: 16
194.62.44.0/22 maxlen: 22
217.154.0.0/16 maxlen: 16
195.26.224.0/19 maxlen: 19
195.200.0.0/19 maxlen: 19
195.184.224.0/19 maxlen: 19
212.56.32.0/19 maxlen: 19
2001:15e0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943351847 (0x383a6827)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Jan 1 09:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=773a01178d042c0f0b87230d6c85ba3d6b6eb37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1c:41:bd:06:30:3b:61:31:14:7e:3b:0d:95:
d1:bb:0c:0e:bb:13:c9:ac:41:71:55:d3:b1:95:30:
2d:63:f6:86:c3:3d:8b:33:79:b9:4a:4c:d6:a9:9c:
5b:17:bb:90:46:ed:3b:fa:c5:cf:a5:2b:00:04:34:
2d:78:6e:a5:4d:eb:62:aa:5a:f5:3f:bf:f9:7d:a6:
95:60:7c:48:f3:71:d5:d5:d8:50:18:59:04:aa:a6:
31:96:0d:19:43:ed:41:74:ba:ae:c3:3b:22:e8:f4:
c7:be:e7:42:b5:95:9e:98:9c:37:7b:f3:9c:dd:0b:
d3:b8:1d:cc:62:e7:bd:4d:c1:b7:03:3f:95:c2:1b:
c9:28:9c:fa:94:ed:9f:22:32:01:63:d3:f2:be:7f:
2d:ff:cc:e2:c5:d5:dc:42:00:54:84:69:d9:27:db:
2d:ea:f7:05:4f:87:8d:f9:21:c1:61:23:eb:5c:f9:
e1:df:ed:09:bc:a0:3b:d4:c2:5c:95:74:e5:73:40:
07:44:66:95:2e:3e:a3:70:fc:54:28:3c:c4:47:56:
93:7f:2f:46:b5:b8:fb:19:90:69:f6:80:7b:6e:aa:
c7:eb:ad:06:c7:36:82:e8:0d:cf:16:fa:75:a7:ac:
12:53:8d:b8:df:09:14:bf:75:37:91:c5:c3:15:b2:
bb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3A:01:17:8D:04:2C:0F:0B:87:23:0D:6C:85:BA:3D:6B:6E:B3:7F
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/dzoBF40ELA8LhyMNbIW6PWtus38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0/19
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.154.32.0/19
194.164.0.0/16
195.26.224.0/19
195.184.224.0/19
195.200.0.0/19
212.32.0.0/17
212.47.64.0/19
212.56.32.0/19
213.254.160.0/19
217.29.192.0/20
217.154.0.0/16
IPv6:
2001:15e0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:1a:b5:d5:fa:e5:40:71:fc:ac:37:d4:ce:5e:76:53:b4:93:
4f:d6:c0:bf:56:d0:77:d8:3c:c0:cc:06:78:90:6b:88:98:17:
06:8e:99:76:d5:f7:cb:22:58:39:9e:d3:e3:ea:02:d2:db:34:
39:14:03:e9:1b:b6:d1:f9:68:ac:fd:ea:41:27:0e:da:ea:50:
25:7b:9a:4e:a1:af:aa:49:c1:09:ad:e7:9c:80:3f:f2:fd:f2:
b2:75:e4:55:1c:d9:5f:2b:51:5c:dd:01:21:03:1e:5e:a6:ee:
c5:67:eb:53:d8:04:02:7c:76:15:9f:c0:3c:fb:74:e0:4c:8a:
b3:33:57:a7:00:d8:e8:2c:60:5a:08:43:fd:ad:b8:3f:0a:fd:
33:af:62:b8:53:32:b5:a0:d7:d2:f1:df:d2:e5:1f:aa:18:af:
51:97:3d:f6:a4:72:9e:59:80:cb:af:79:f2:50:41:72:70:2b:
f1:07:c9:6b:fc:bd:2d:08:ea:0c:78:9b:2b:32:41:13:74:39:
5c:42:4b:a6:bc:a4:61:23:a3:3a:db:f5:26:b5:a5:b4:40:eb:
b2:33:77:cb:30:2d:5f:34:94:38:5f:15:35:82:73:f8:25:18:
32:53:95:36:db:a8:2c:43:76:2f:96:bc:c7:61:8c:f6:24:40:
80:56:75:6a
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEODpoJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDAxZjRkZmZkNmZiYTY2Y2RmOGMzNzRjOWIwZjA0NzU1MjcwNWRkMB4XDTIyMDEw
MTA5MDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzczYTAxMTc4ZDA0
MmMwZjBiODcyMzBkNmM4NWJhM2Q2YjZlYjM3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkcQb0GMDthMRR+Ow2V0bsMDrsTyaxBcVXTsZUwLWP2hsM9
izN5uUpM1qmcWxe7kEbtO/rFz6UrAAQ0LXhupU3rYqpa9T+/+X2mlWB8SPNx1dXY
UBhZBKqmMZYNGUPtQXS6rsM7Iuj0x77nQrWVnpicN3vznN0L07gdzGLnvU3BtwM/
lcIbySic+pTtnyIyAWPT8r5/Lf/M4sXV3EIAVIRp2SfbLer3BU+HjfkhwWEj61z5
4d/tCbygO9TCXJV05XNAB0RmlS4+o3D8VCg8xEdWk38vRrW4+xmQafaAe26qx+ut
Bsc2gugNzxb6daesElONuN8JFL91N5HFwxWyuzUCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBR3OgEXjQQsDwuHIw1shbo9a26zfzAfBgNVHSMEGDAWgBQdAfTf/W+6Zs34
w3TJsPBHVScF3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hRSDAzXzF2dW1iTi1NTjB5YkR3UjFVbkJkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvYjgwMzg0LWYyZmUtNDQ1Ni05Y2FlLWZlNGEwMmNhZWY3Zi8x
L2R6b0JGNDBFTEE4TGh5TU5iSVc2UFd0dXMzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
YjgwMzg0LWYyZmUtNDQ1Ni05Y2FlLWZlNGEwMmNhZWY3Zi8xL0hRSDAzXzF2dW1i
Ti1NTjB5YkR3UjFVbkJkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MGMEAgABMF0DBAc+pIADBAU+qYADAwBWNgMEAcFs
qAMEAsI+LAMEBcKaIAMDAMKkAwQFwxrgAwQFw7jgAwQFw8gAAwQH1CAAAwQF1C9A
AwQF1DggAwQF1f6gAwQE2R3AAwMA2ZowDQQCAAIwBwMFACABFeAwDQYJKoZIhvcN
AQELBQADggEBAAsatdX65UBx/Kw31M5edlO0k0/WwL9W0HfYPMDMBniQa4iYFwaO
mXbV98siWDme0+PqAtLbNDkUA+kbttH5aKz96kEnDtrqUCV7mk6hr6pJwQmt55yA
P/L98rJ15FUc2V8rUVzdASEDHl6m7sVn61PYBAJ8dhWfwDz7dOBMirMzV6cA2Ogs
YFoIQ/2tuD8K/TOvYrhTMrWg19Lx39LlH6oYr1GXPfakcp5ZgMuvefJQQXJwK/EH
yWv8vS0I6gx4mysyQRN0OVxCS6a8pGEjozrb9Sa1pbRA67Izd8swLV80lDhfFTWC
c/glGDJTlTbbqCxDdi+WvMdhjPYkQIBWdWo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:51 2024 by rpki-client on console-ams.rpki-client.org