Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/ppmr1RLTqiceYflVpER2ZAZEeHI.roa
File: ppmr1RLTqiceYflVpER2ZAZEeHI.roa (raw, json)
Hash identifier: z2GVXwL2XeGHC0UbXDQ0ItIJERV6AnylBH9DCi0T0K8=
Subject key identifier: A6:99:AB:D5:12:D3:AA:27:1E:61:F9:55:A4:44:76:64:06:44:78:72
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 3895AEFD
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/ppmr1RLTqiceYflVpER2ZAZEeHI.roa
Signing time: Mon 14 Feb 2022 11:30:48 +0000
ROA not before: Mon 14 Feb 2022 11:30:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206509
IP address blocks: 62.169.128.0/19 maxlen: 19
217.29.192.0/20 maxlen: 22
62.164.128.0/17 maxlen: 21
213.254.160.0/19 maxlen: 19
62.164.144.0/21 maxlen: 21
212.32.0.0/17 maxlen: 17
193.108.168.0/23 maxlen: 23
194.154.32.0/19 maxlen: 19
212.47.64.0/19 maxlen: 19
86.54.0.0/16 maxlen: 16
194.164.0.0/16 maxlen: 16
194.62.44.0/22 maxlen: 22
217.154.0.0/16 maxlen: 16
195.26.224.0/19 maxlen: 19
195.200.0.0/19 maxlen: 19
195.184.224.0/19 maxlen: 19
212.56.32.0/19 maxlen: 19
212.56.48.0/20 maxlen: 20
2001:15e0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 949333757 (0x3895aefd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Feb 14 11:30:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a699abd512d3aa271e61f955a444766406447872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:24:5f:e9:d3:8a:86:87:16:75:1e:ac:ac:31:
aa:e1:47:1e:92:81:a8:7b:3f:da:39:60:8d:e1:90:
bf:ca:8b:86:ac:15:05:6b:4b:83:7d:f0:3d:11:8b:
91:fd:76:65:6d:fe:fd:c9:83:a4:4c:0b:66:87:08:
8d:52:2a:bd:10:21:9a:a1:e2:4f:81:4b:7d:9d:23:
3c:75:32:9e:32:ae:0f:a3:b5:ac:3d:b6:cb:ab:77:
88:a0:f6:70:3c:55:cc:66:e6:30:95:53:38:cf:7f:
b3:5f:d3:0a:47:c8:97:db:c7:4a:5a:98:03:68:fc:
fb:0d:41:3d:b8:24:c9:16:0e:cf:0a:0b:42:ef:64:
ba:fa:7e:eb:d6:3f:b3:f8:6b:97:0f:39:39:6b:96:
7f:78:e1:65:e2:4b:10:2e:e1:8a:0d:4e:88:1a:5b:
7d:25:6d:74:f1:cb:cf:70:49:1c:e7:14:09:6e:11:
38:a9:64:a9:c8:b7:e4:26:e2:11:94:9c:9e:79:51:
9e:d0:d1:25:1b:21:75:62:d1:50:7e:4f:70:d3:ef:
cb:e4:76:93:b6:42:4b:1d:d9:d4:ed:3e:15:03:90:
0c:ec:fa:7e:57:77:40:bd:62:fc:57:ab:ef:3a:24:
ec:01:cc:a3:4d:01:7c:c4:8d:32:e4:94:56:d7:28:
e5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:99:AB:D5:12:D3:AA:27:1E:61:F9:55:A4:44:76:64:06:44:78:72
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/ppmr1RLTqiceYflVpER2ZAZEeHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0/19
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.154.32.0/19
194.164.0.0/16
195.26.224.0/19
195.184.224.0/19
195.200.0.0/19
212.32.0.0/17
212.47.64.0/19
212.56.32.0/19
213.254.160.0/19
217.29.192.0/20
217.154.0.0/16
IPv6:
2001:15e0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:ac:9d:22:18:59:33:cb:23:4d:6b:56:46:3b:bb:1d:85:6c:
96:42:19:8f:6b:1b:4d:96:11:64:c2:00:c2:d1:cf:d6:06:58:
90:c6:9e:69:04:16:7e:fd:1a:a9:a1:66:aa:54:05:65:28:8a:
d0:ec:f6:13:a3:d7:d0:11:e0:ad:09:77:c1:1f:f4:e1:da:fe:
39:93:8b:19:c6:72:d3:fb:50:87:0c:23:f7:a4:82:60:65:2e:
f2:35:17:ef:3c:05:5e:8a:f7:f5:8b:c4:71:6c:c5:26:07:0c:
d7:91:f1:20:2e:98:58:3a:30:cf:22:ce:c5:76:a3:9f:2c:cb:
8c:41:8a:78:b7:e7:49:ca:b7:3b:58:bc:2a:4a:89:37:4c:2d:
f7:4a:9e:df:1d:44:ac:48:49:7f:61:38:e4:6b:df:6e:b4:57:
59:b5:fa:e0:80:70:92:20:50:89:2a:1d:95:8e:dd:d0:90:f6:
0d:e5:21:85:34:32:01:01:83:1d:f2:d6:31:a8:dd:d0:49:dc:
1a:88:bf:37:f9:ec:c0:9a:41:ea:55:35:1f:0a:64:06:e9:91:
89:ae:35:ec:71:09:70:c2:77:32:51:2c:8d:2f:b1:f4:a9:12:
95:6a:04:56:43:df:99:59:5a:80:88:f7:c6:3f:dd:4e:19:29:
6a:7c:32:da
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEOJWu/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDAxZjRkZmZkNmZiYTY2Y2RmOGMzNzRjOWIwZjA0NzU1MjcwNWRkMB4XDTIyMDIx
NDExMzA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY5OWFiZDUxMmQz
YWEyNzFlNjFmOTU1YTQ0NDc2NjQwNjQ0Nzg3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYkX+nTioaHFnUerKwxquFHHpKBqHs/2jlgjeGQv8qLhqwV
BWtLg33wPRGLkf12ZW3+/cmDpEwLZocIjVIqvRAhmqHiT4FLfZ0jPHUynjKuD6O1
rD22y6t3iKD2cDxVzGbmMJVTOM9/s1/TCkfIl9vHSlqYA2j8+w1BPbgkyRYOzwoL
Qu9kuvp+69Y/s/hrlw85OWuWf3jhZeJLEC7hig1OiBpbfSVtdPHLz3BJHOcUCW4R
OKlkqci35CbiEZScnnlRntDRJRshdWLRUH5PcNPvy+R2k7ZCSx3Z1O0+FQOQDOz6
fld3QL1i/Fer7zok7AHMo00BfMSNMuSUVtco5VECAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBSmmavVEtOqJx5h+VWkRHZkBkR4cjAfBgNVHSMEGDAWgBQdAfTf/W+6Zs34
w3TJsPBHVScF3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hRSDAzXzF2dW1iTi1NTjB5YkR3UjFVbkJkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvYjgwMzg0LWYyZmUtNDQ1Ni05Y2FlLWZlNGEwMmNhZWY3Zi8x
L3BwbXIxUkxUcWljZVlmbFZwRVIyWkFaRWVISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
YjgwMzg0LWYyZmUtNDQ1Ni05Y2FlLWZlNGEwMmNhZWY3Zi8xL0hRSDAzXzF2dW1i
Ti1NTjB5YkR3UjFVbkJkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MGMEAgABMF0DBAc+pIADBAU+qYADAwBWNgMEAcFs
qAMEAsI+LAMEBcKaIAMDAMKkAwQFwxrgAwQFw7jgAwQFw8gAAwQH1CAAAwQF1C9A
AwQF1DggAwQF1f6gAwQE2R3AAwMA2ZowDQQCAAIwBwMFACABFeAwDQYJKoZIhvcN
AQELBQADggEBACysnSIYWTPLI01rVkY7ux2FbJZCGY9rG02WEWTCAMLRz9YGWJDG
nmkEFn79GqmhZqpUBWUoitDs9hOj19AR4K0Jd8Ef9OHa/jmTixnGctP7UIcMI/ek
gmBlLvI1F+88BV6K9/WLxHFsxSYHDNeR8SAumFg6MM8izsV2o58sy4xBini350nK
tztYvCpKiTdMLfdKnt8dRKxISX9hOORr3260V1m1+uCAcJIgUIkqHZWO3dCQ9g3l
IYU0MgEBgx3y1jGo3dBJ3BqIvzf57MCaQepVNR8KZAbpkYmuNexxCXDCdzJRLI0v
sfSpEpVqBFZD35lZWoCI98Y/3U4ZKWp8Mto=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:09:05 2025 by rpki-client