Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/jZUEVDJQIrmTOlPUqZNBYIPUARQ.roa
File: jZUEVDJQIrmTOlPUqZNBYIPUARQ.roa (raw, json)
Hash identifier: Z6pE0uLq1yY9U6pOLm5vA0xsvS0bhqxIUNVI0Yj15RM=
Subject key identifier: 8D:95:04:54:32:50:22:B9:93:3A:53:D4:A9:93:41:60:83:D4:01:14
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018C1BC019CDE4C4C194820AB6091FC17770
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/jZUEVDJQIrmTOlPUqZNBYIPUARQ.roa
Signing time: Wed 29 Nov 2023 15:43:43 +0000
ROA not before: Wed 29 Nov 2023 15:43:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206509
IP address blocks: 62.169.128.0/19 maxlen: 19
217.29.192.0/20 maxlen: 22
62.164.128.0/17 maxlen: 21
213.254.160.0/19 maxlen: 19
62.164.144.0/21 maxlen: 21
212.32.0.0/17 maxlen: 17
193.108.168.0/23 maxlen: 23
194.154.32.0/19 maxlen: 19
212.47.64.0/19 maxlen: 19
86.54.0.0/16 maxlen: 16
194.164.0.0/16 maxlen: 16
194.62.44.0/22 maxlen: 22
217.154.0.0/16 maxlen: 16
195.26.224.0/19 maxlen: 19
195.200.0.0/19 maxlen: 19
195.184.224.0/19 maxlen: 19
2001:15e0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:c0:19:cd:e4:c4:c1:94:82:0a:b6:09:1f:c1:77:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Nov 29 15:43:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d950454325022b9933a53d4a993416083d40114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:41:85:80:0f:91:4d:ca:09:41:9a:ca:77:6b:
07:d3:76:b9:17:48:f8:93:77:7b:ee:ca:dc:d4:80:
e7:be:64:1b:b5:6e:5f:cc:f3:7f:90:de:35:94:d9:
df:03:55:70:8e:b4:09:b8:27:dc:0c:b8:0f:0c:53:
64:1a:f5:71:34:6a:4d:49:b7:51:37:ce:2c:1e:bf:
cb:9e:e4:26:0f:85:d3:c1:1a:d4:02:c9:01:f0:22:
69:7c:8f:58:60:d0:ad:b5:a2:5c:37:d9:32:77:8c:
13:1d:4f:62:6c:d6:5a:c5:65:07:d7:9f:f1:b0:5c:
e1:b9:68:b6:a0:17:81:33:d4:47:30:e7:56:1d:92:
6f:7b:f3:58:bb:5e:ed:85:b1:36:c1:55:53:f6:75:
a4:cb:f3:a2:34:f6:d4:a4:20:0a:0f:ae:52:1d:fa:
a5:5d:c1:98:37:3e:32:79:62:85:f4:c8:ef:fb:ca:
2c:ca:4b:78:1b:3a:80:63:f0:90:fb:54:13:de:38:
b7:1b:8a:18:30:55:ea:ce:4f:d9:63:40:c9:57:65:
4a:18:7e:ce:28:9d:15:fc:2f:b5:00:89:5a:3b:b3:
25:ce:32:16:66:d5:82:70:82:94:83:f3:c3:9d:72:
fe:e0:4f:52:0a:0b:43:c2:4a:2a:d0:3a:b6:9a:42:
bc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:95:04:54:32:50:22:B9:93:3A:53:D4:A9:93:41:60:83:D4:01:14
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/jZUEVDJQIrmTOlPUqZNBYIPUARQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0/19
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.154.32.0/19
194.164.0.0/16
195.26.224.0/19
195.184.224.0/19
195.200.0.0/19
212.32.0.0/17
212.47.64.0/19
213.254.160.0/19
217.29.192.0/20
217.154.0.0/16
IPv6:
2001:15e0::/32
Signature Algorithm: sha256WithRSAEncryption
58:10:d4:eb:13:e6:74:be:29:90:81:dd:20:f8:8b:6e:e1:f8:
c3:aa:b0:f3:01:79:78:55:1e:b5:10:b6:8c:d6:4c:6c:83:2f:
25:62:e7:49:3a:a9:7e:c2:aa:46:97:97:89:19:a7:42:5a:b0:
8c:e1:69:52:3c:67:f6:30:69:71:7a:07:f1:43:ef:72:08:14:
ec:d4:f6:11:d0:58:06:15:c2:cc:b2:5a:b0:e3:44:23:f0:42:
cd:9e:06:fd:c0:f9:40:f7:a5:13:2a:a1:bb:28:10:6f:00:7a:
d4:3a:b6:e6:99:47:ea:83:79:6d:dd:e3:e8:23:21:41:a6:d1:
d4:e2:30:85:39:0c:9f:19:1e:84:78:e4:74:32:66:1a:59:6a:
35:43:06:32:1b:83:3a:24:35:77:a0:ab:c3:3d:87:0c:6e:b5:
57:e4:94:87:ef:10:d7:15:8c:33:7a:bf:cf:98:74:22:9d:13:
ce:29:69:57:19:cd:1a:bb:b5:c3:bd:57:8d:4f:aa:6a:53:d2:
bd:7d:a8:77:7c:ba:2b:1c:5c:47:37:49:16:b3:56:d6:2b:3a:
8b:a8:98:f5:f6:5e:05:95:00:36:75:ca:1c:96:30:e8:5f:80:
f5:8f:12:2e:30:45:57:69:8e:0f:6d:28:91:62:69:bf:ab:c7:
08:e6:c9:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYwbwBnN5MTBlIIKtgkfwXdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjMxMTI5MTU0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk1MDQ1NDMyNTAyMmI5OTMzYTUzZDRhOTkzNDE2MDgzZDQwMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUGFgA+RTcoJQZrKd2sH03a5F0j4
k3d77src1IDnvmQbtW5fzPN/kN41lNnfA1VwjrQJuCfcDLgPDFNkGvVxNGpNSbdR
N84sHr/LnuQmD4XTwRrUAskB8CJpfI9YYNCttaJcN9kyd4wTHU9ibNZaxWUH15/x
sFzhuWi2oBeBM9RHMOdWHZJve/NYu17thbE2wVVT9nWky/OiNPbUpCAKD65SHfql
XcGYNz4yeWKF9Mjv+8osykt4GzqAY/CQ+1QT3ji3G4oYMFXqzk/ZY0DJV2VKGH7O
KJ0V/C+1AIlaO7MlzjIWZtWCcIKUg/PDnXL+4E9SCgtDwkoq0Dq2mkK8rwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFI2VBFQyUCK5kzpT1KmTQWCD1AEUMB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvalpVRVZESlFJcm1UT2xQVXFaTkJZSVBVQVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBdBAIAATBXAwQHPqSAAwQF
PqmAAwMAVjYDBAHBbKgDBALCPiwDBAXCmiADAwDCpAMEBcMa4AMEBcO44AMEBcPI
AAMEB9QgAAMEBdQvQAMEBdX+oAMEBNkdwAMDANmaMA0EAgACMAcDBQAgARXgMA0G
CSqGSIb3DQEBCwUAA4IBAQBYENTrE+Z0vimQgd0g+Itu4fjDqrDzAXl4VR61ELaM
1kxsgy8lYudJOql+wqpGl5eJGadCWrCM4WlSPGf2MGlxegfxQ+9yCBTs1PYR0FgG
FcLMslqw40Qj8ELNngb9wPlA96UTKqG7KBBvAHrUOrbmmUfqg3lt3ePoIyFBptHU
4jCFOQyfGR6EeOR0MmYaWWo1QwYyG4M6JDV3oKvDPYcMbrVX5JSH7xDXFYwzer/P
mHQinRPOKWlXGc0au7XDvVeNT6pqU9K9fah3fLorHFxHN0kWs1bWKzqLqJj19l4F
lQA2dcocljDoX4D1jxIuMEVXaY4PbSiRYmm/q8cI5smA
-----END CERTIFICATE-----
Generated at Tue Dec 5 13:20:46 2023 by rpki-client on console-ams.rpki-client.org