Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/WHTSGlHvR5erZ-jZcO8M2hFWLys.roa
File: WHTSGlHvR5erZ-jZcO8M2hFWLys.roa (raw, json)
Hash identifier: GyND5xLHa83er1anMEwKdYDQcPdLSEg7pMy+cXXfU5Q=
Subject key identifier: 58:74:D2:1A:51:EF:47:97:AB:67:E8:D9:70:EF:0C:DA:11:56:2F:2B
Certificate issuer: /CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Certificate serial: 0197ACED4D8666A4BD8FDC51D34630A0798F
Authority key identifier: F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/WHTSGlHvR5erZ-jZcO8M2hFWLys.roa
Signing time: Thu 26 Jun 2025 15:48:42 +0000
ROA not before: Thu 26 Jun 2025 15:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207160
IP address blocks: 2001:67c:232c::/48 maxlen: 48
2a14:d100::/33 maxlen: 33
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:ed:4d:86:66:a4:bd:8f:dc:51:d3:46:30:a0:79:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Validity
Not Before: Jun 26 15:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5874d21a51ef4797ab67e8d970ef0cda11562f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:b1:b3:3d:2c:2c:9c:7d:e5:da:7d:b0:0b:
fd:f0:f6:02:20:05:c7:4a:8c:ac:6e:b7:77:f1:67:
0f:4e:a5:98:fd:89:07:46:11:97:b0:ff:b0:0a:39:
21:89:51:a9:e3:1f:bb:12:56:ba:79:a2:05:83:71:
cc:ad:bc:6c:6f:4d:c3:45:f9:f9:9a:ff:fc:b3:1e:
b6:f5:6e:14:90:50:d8:bb:0c:2e:59:ce:08:e4:17:
ab:f8:ab:5c:8c:97:42:5a:71:c9:c5:bd:0d:06:21:
16:3f:39:63:6f:18:78:e1:12:71:38:8b:5e:a4:5b:
73:4e:67:48:c9:22:33:8e:43:a5:a3:64:78:df:66:
d9:0c:92:ff:15:fd:fc:14:21:ff:46:f8:11:f0:df:
d6:03:3d:89:a2:19:29:a9:e8:66:a9:56:e1:9b:89:
f4:e2:b5:61:a6:0b:8e:00:5b:72:a0:74:6f:5c:22:
bb:b5:91:ea:bb:be:01:7f:74:47:6e:74:32:57:03:
ff:04:44:d3:25:0b:03:6b:50:d5:e5:07:94:17:e9:
a8:0f:fc:bd:ba:c5:d7:98:48:10:94:88:77:c3:c9:
52:b2:f7:37:04:69:a6:64:91:a0:17:88:68:5c:1b:
dd:37:82:70:e5:84:ad:18:dd:3a:5d:fc:17:21:9a:
17:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:74:D2:1A:51:EF:47:97:AB:67:E8:D9:70:EF:0C:DA:11:56:2F:2B
X509v3 Authority Key Identifier:
keyid:F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/WHTSGlHvR5erZ-jZcO8M2hFWLys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:232c::/48
2a14:d100::/33
Signature Algorithm: sha256WithRSAEncryption
58:c0:92:ae:eb:c3:9c:0e:81:14:23:05:e9:57:2f:2d:1b:d5:
b1:7f:f7:32:ff:67:40:f3:62:66:ff:a2:46:80:07:2e:b5:8c:
b6:67:2b:bf:a2:28:bc:3c:f1:83:3f:45:9b:de:c8:2a:3d:93:
e5:6f:12:b1:6f:0b:4a:32:8f:58:66:2c:6c:9b:ad:87:d6:66:
51:0e:8d:7b:8e:59:34:86:af:f1:92:05:ed:d2:e2:35:c4:b4:
bc:06:75:65:a5:7e:14:2b:d8:50:ce:3d:58:06:7e:ab:a4:d8:
47:5c:16:98:f6:59:3f:44:61:62:45:76:dd:4e:26:84:bc:24:
0b:36:52:81:c8:ae:31:af:4e:4d:82:9d:09:24:7f:89:b8:45:
57:13:f2:b2:0e:a0:11:60:df:9a:7a:26:13:64:17:30:20:1c:
c9:38:2c:7a:d8:c7:cd:c6:7b:dd:32:35:90:03:e9:f6:ae:56:
1f:0b:f3:dc:6c:c0:6d:f7:1d:d8:22:52:24:0e:0f:b5:47:0e:
d7:cb:03:b1:8e:c4:fd:b7:0d:59:e6:fc:0d:ed:50:1b:1d:83:
4d:f9:cf:f0:1c:b7:c4:66:89:ed:80:d3:b1:f1:58:9f:fe:2a:
87:ff:ab:91:7d:46:86:90:4c:5f:b6:00:11:4d:df:e8:80:59:
5e:67:66:cb
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZes7U2GZqS9j9xR00YwoHmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OWZjZmQyODc1YWJkZjYxZTE5ZDMyNzBlYWZlMWVmZmFk
YzY2NjIwHhcNMjUwNjI2MTU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc0ZDIxYTUxZWY0Nzk3YWI2N2U4ZDk3MGVmMGNkYTExNTYyZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd+xsz0sLJx95dp9sAv98PYCIAXH
Soysbrd38WcPTqWY/YkHRhGXsP+wCjkhiVGp4x+7Ela6eaIFg3HMrbxsb03DRfn5
mv/8sx629W4UkFDYuwwuWc4I5Ber+KtcjJdCWnHJxb0NBiEWPzljbxh44RJxOIte
pFtzTmdIySIzjkOlo2R432bZDJL/Ff38FCH/RvgR8N/WAz2JohkpqehmqVbhm4n0
4rVhpguOAFtyoHRvXCK7tZHqu74Bf3RHbnQyVwP/BETTJQsDa1DV5QeUF+moD/y9
usXXmEgQlIh3w8lSsvc3BGmmZJGgF4hoXBvdN4Jw5YStGN06XfwXIZoXPwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFFh00hpR70eXq2fo2XDvDNoRVi8rMB8GA1UdIwQY
MBaAFPefz9KHWr32HhnTJw6v4e/63GZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEt
OTA3NzZmODRjOWI3LzEvV0hUU0dsSHZSNWVyWi1qWmNPOE0yaEZXTHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEtOTA3NzZmODRjOWI3
LzEvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAIAEGfCMs
AwYHKhTRAAAwDQYJKoZIhvcNAQELBQADggEBAFjAkq7rw5wOgRQjBelXLy0b1bF/
9zL/Z0DzYmb/okaABy61jLZnK7+iKLw88YM/RZveyCo9k+VvErFvC0oyj1hmLGyb
rYfWZlEOjXuOWTSGr/GSBe3S4jXEtLwGdWWlfhQr2FDOPVgGfquk2EdcFpj2WT9E
YWJFdt1OJoS8JAs2UoHIrjGvTk2CnQkkf4m4RVcT8rIOoBFg35p6JhNkFzAgHMk4
LHrYx83Ge90yNZAD6fauVh8L89xswG33HdgiUiQOD7VHDtfLA7GOxP23DVnm/A3t
UBsdg035z/Act8Rmie2A07HxWJ/+Kof/q5F9RoaQTF+2ABFN3+iAWV5nZss=
-----END CERTIFICATE-----
Generated at Tue Jul 29 03:45:41 2025 by rpki-client