Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/zMF0U8rvRG5mCtpZXigs6Ay8_T8.roa
File: zMF0U8rvRG5mCtpZXigs6Ay8_T8.roa (raw, json)
Hash identifier: HkiSbd3tSlzFHK9KVtZsV7EV8606SPsjnDJSHsgfP9Y=
Subject key identifier: CC:C1:74:53:CA:EF:44:6E:66:0A:DA:59:5E:28:2C:E8:0C:BC:FD:3F
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018C39F0981BF235CD15B52BC1F99A7CAE24
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/zMF0U8rvRG5mCtpZXigs6Ay8_T8.roa
Signing time: Tue 05 Dec 2023 12:25:18 +0000
ROA not before: Tue 05 Dec 2023 12:25:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 62.169.128.0/20 maxlen: 20
217.29.192.0/22 maxlen: 22
62.169.144.0/22 maxlen: 22
62.164.128.0/17 maxlen: 17
62.169.148.0/23 maxlen: 23
62.169.150.0/24 maxlen: 24
62.169.152.0/22 maxlen: 22
62.164.144.0/21 maxlen: 21
62.169.156.0/24 maxlen: 24
62.169.158.0/23 maxlen: 23
194.154.32.0/19 maxlen: 19
193.108.168.0/23 maxlen: 23
194.62.44.0/22 maxlen: 22
195.26.224.0/19 maxlen: 19
195.200.0.0/19 maxlen: 19
195.184.224.0/19 maxlen: 19
212.32.56.0/21 maxlen: 21
212.32.54.0/23 maxlen: 23
212.32.64.0/18 maxlen: 18
213.254.160.0/19 maxlen: 19
212.32.0.0/17 maxlen: 17
212.32.0.0/20 maxlen: 20
212.32.16.0/21 maxlen: 21
212.32.24.0/22 maxlen: 22
212.32.28.0/23 maxlen: 23
212.32.32.0/21 maxlen: 21
86.54.0.0/16 maxlen: 16
212.32.42.0/23 maxlen: 23
212.32.44.0/23 maxlen: 23
212.32.48.0/22 maxlen: 22
212.56.56.0/23 maxlen: 23
194.164.0.0/16 maxlen: 16
212.56.60.0/22 maxlen: 22
217.154.0.0/16 maxlen: 16
212.56.48.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:f0:98:1b:f2:35:cd:15:b5:2b:c1:f9:9a:7c:ae:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Dec 5 12:25:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccc17453caef446e660ada595e282ce80cbcfd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c1:86:3a:4b:2f:c2:a9:ea:18:b8:bb:8d:30:
b4:4d:d8:06:16:c9:f9:68:b1:65:28:29:2a:a1:e5:
31:26:7a:92:9a:cb:6b:59:1f:96:04:73:d0:db:99:
af:48:ea:5b:fe:6a:26:51:7a:bd:3d:17:1a:2a:1a:
61:3a:31:01:6e:06:37:61:53:ae:9f:c2:c7:42:6a:
dc:4a:8c:c4:35:e3:b2:61:ee:19:96:2b:23:d4:61:
79:15:46:86:7d:50:20:22:da:a0:86:50:ca:df:2d:
d6:67:cc:0d:0c:b5:fc:82:a5:c3:6e:31:b8:af:9b:
0b:61:ff:de:e9:66:22:26:93:1f:26:82:6c:c4:b1:
9a:48:bc:c6:5c:a7:7e:58:84:2f:2c:13:26:47:34:
69:f4:98:dd:00:53:65:1e:aa:de:d6:4f:f8:4b:83:
54:9e:8a:fb:01:86:be:53:f2:83:80:69:d4:d9:2c:
bf:37:e7:03:36:c6:28:a0:d6:44:e4:37:22:b7:26:
88:9d:9b:95:ec:04:c0:2b:fc:8b:21:98:57:21:2c:
cf:57:35:a7:5c:02:44:71:aa:70:a1:3b:56:ae:75:
8a:07:61:99:9d:9c:83:d1:0e:3a:c3:d7:d3:2b:b9:
fc:bc:d7:22:2f:8d:13:21:8a:de:54:33:b5:0f:a2:
55:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C1:74:53:CA:EF:44:6E:66:0A:DA:59:5E:28:2C:E8:0C:BC:FD:3F
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/zMF0U8rvRG5mCtpZXigs6Ay8_T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.128.0/17
62.169.128.0-62.169.150.255
62.169.152.0-62.169.156.255
62.169.158.0/23
86.54.0.0/16
193.108.168.0/23
194.62.44.0/22
194.154.32.0/19
194.164.0.0/16
195.26.224.0/19
195.184.224.0/19
195.200.0.0/19
212.32.0.0/17
212.56.48.0-212.56.57.255
212.56.60.0/22
213.254.160.0/19
217.29.192.0/22
217.154.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:44:67:05:6a:32:76:f5:ea:47:e6:70:de:6e:6a:9c:43:1f:
15:b6:0a:58:f5:27:c4:39:ce:67:32:b3:cd:09:4d:5b:0f:50:
2c:af:22:9d:70:d4:ee:f0:6d:cd:9a:18:b5:c0:ec:0c:0c:dd:
b5:b3:5a:a0:df:70:8a:ef:63:3f:28:97:e0:86:ac:96:e9:88:
be:f4:63:3d:46:5b:dc:e5:db:73:bf:91:09:da:05:64:f9:05:
9c:80:c3:c6:d5:03:7b:c6:6b:a8:34:a4:e0:46:c4:5f:6b:93:
e4:25:c9:f5:74:97:1d:86:b9:d2:bc:f6:cd:65:b8:0f:04:af:
ad:7a:85:93:eb:be:70:ce:b0:23:f9:9d:68:69:1d:95:29:93:
62:8a:fe:bd:b2:40:be:58:31:4b:b5:44:26:42:77:87:a3:61:
44:34:c4:87:94:28:61:54:eb:59:1e:05:84:0f:e6:4a:89:27:
1b:b5:44:25:8b:ad:3b:3e:17:f9:ea:51:c4:98:90:c7:6d:14:
d1:a5:dd:47:bb:e1:99:7e:cf:24:44:72:7f:a8:bc:ed:1b:9d:
f4:0f:b7:77:b8:6f:29:86:95:03:6c:c6:a1:c2:68:c5:6b:66:
d8:46:79:dc:9e:40:d9:23:3b:08:77:96:a0:95:ee:e2:40:f8:
d9:76:91:c4
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYw58Jgb8jXNFbUrwfmafK4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjMxMjA1MTIyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2MxNzQ1M2NhZWY0NDZlNjYwYWRhNTk1ZTI4MmNlODBjYmNmZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcGGOksvwqnqGLi7jTC0TdgGFsn5
aLFlKCkqoeUxJnqSmstrWR+WBHPQ25mvSOpb/momUXq9PRcaKhphOjEBbgY3YVOu
n8LHQmrcSozENeOyYe4Zlisj1GF5FUaGfVAgItqghlDK3y3WZ8wNDLX8gqXDbjG4
r5sLYf/e6WYiJpMfJoJsxLGaSLzGXKd+WIQvLBMmRzRp9JjdAFNlHqre1k/4S4NU
nor7AYa+U/KDgGnU2Sy/N+cDNsYooNZE5DcityaInZuV7ATAK/yLIZhXISzPVzWn
XAJEcapwoTtWrnWKB2GZnZyD0Q46w9fTK7n8vNciL40TIYreVDO1D6JVYwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFMzBdFPK70RuZgraWV4oLOgMvP0/MB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvek1GMFU4cnZSRzVtQ3RwWlhpZ3M2QXk4X1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizCBiAQCAAEwgYEDBAc+
pIAwDAMEBz6pgAMEAD6pljAMAwQDPqmYAwQAPqmcAwQBPqmeAwMAVjYDBAHBbKgD
BALCPiwDBAXCmiADAwDCpAMEBcMa4AMEBcO44AMEBcPIAAMEB9QgADAMAwQE1Dgw
AwQB1Dg4AwQC1Dg8AwQF1f6gAwQC2R3AAwMA2ZowDQYJKoZIhvcNAQELBQADggEB
ABhEZwVqMnb16kfmcN5uapxDHxW2Clj1J8Q5zmcys80JTVsPUCyvIp1w1O7wbc2a
GLXA7AwM3bWzWqDfcIrvYz8ol+CGrJbpiL70Yz1GW9zl23O/kQnaBWT5BZyAw8bV
A3vGa6g0pOBGxF9rk+QlyfV0lx2GudK89s1luA8Er616hZPrvnDOsCP5nWhpHZUp
k2KK/r2yQL5YMUu1RCZCd4ejYUQ0xIeUKGFU61keBYQP5kqJJxu1RCWLrTs+F/nq
UcSYkMdtFNGl3Ue74Zl+zyREcn+ovO0bnfQPt3e4bymGlQNsxqHCaMVrZthGedye
QNkjOwh3lqCV7uJA+Nl2kcQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:16 2024 by rpki-client on console-fra.rpki-client.org