Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/V-RdCvOAqsHTZHFk-Y5vK_VP1aw.roa
File: V-RdCvOAqsHTZHFk-Y5vK_VP1aw.roa (raw, json)
Hash identifier: GSaib9JCU6Tp4cnrVxEARZ6UGX8ovM28mGQpW1ieXg8=
Subject key identifier: 57:E4:5D:0A:F3:80:AA:C1:D3:64:71:64:F9:8E:6F:2B:F5:4F:D5:AC
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0197B72E1FBE9E61917D7462916C27C64F0F
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/V-RdCvOAqsHTZHFk-Y5vK_VP1aw.roa
Signing time: Sat 28 Jun 2025 15:35:42 +0000
ROA not before: Sat 28 Jun 2025 15:35:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 94.183.152.0/22 maxlen: 22
94.183.192.0/22 maxlen: 22
94.183.196.0/22 maxlen: 22
94.183.200.0/22 maxlen: 22
94.183.204.0/22 maxlen: 22
94.183.208.0/22 maxlen: 22
94.183.212.0/22 maxlen: 22
94.183.216.0/22 maxlen: 22
94.183.220.0/22 maxlen: 22
94.183.224.0/22 maxlen: 22
94.183.228.0/22 maxlen: 22
94.183.232.0/22 maxlen: 22
94.183.236.0/22 maxlen: 22
94.183.240.0/22 maxlen: 22
94.183.244.0/22 maxlen: 22
94.183.248.0/22 maxlen: 22
94.183.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:2e:1f:be:9e:61:91:7d:74:62:91:6c:27:c6:4f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 28 15:35:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57e45d0af380aac1d3647164f98e6f2bf54fd5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dd:ec:b2:b3:6c:9f:3d:c9:27:9d:ec:b0:49:
1a:f3:74:91:f0:5e:39:1a:c5:bf:ac:be:a3:d6:39:
f5:50:67:3d:4a:c0:66:ec:e2:d4:ae:e9:19:b9:be:
d8:d6:d6:73:18:4c:b6:04:fe:5f:5a:69:67:c1:50:
17:d8:f6:9e:7d:44:7c:33:39:72:94:f8:2d:bb:3b:
21:00:9c:e4:44:fc:bd:da:a4:0e:f8:a9:da:ce:6d:
ff:0b:9e:6e:a2:dc:d6:c5:7e:35:6a:f0:d9:a3:be:
a4:63:51:7f:04:81:8c:46:7d:df:ab:ab:f1:56:35:
86:e3:bc:47:90:60:b8:b3:60:36:ce:c9:7f:19:1b:
22:43:4c:17:43:26:a2:d7:12:53:0d:e3:d8:98:89:
33:bb:50:da:a1:24:ca:c1:50:53:65:e5:49:12:65:
eb:33:db:6d:63:a8:63:b0:e1:ee:25:4b:e4:86:a7:
a9:1e:3b:84:74:01:b6:98:83:6a:c3:9d:db:cc:12:
78:ee:ce:24:72:26:47:d2:4e:fb:63:39:47:c5:a2:
17:3f:e7:53:75:4b:0f:b1:88:ee:0b:bc:03:93:98:
d1:b7:9a:a9:9f:9e:09:cb:0f:14:41:12:37:0f:da:
b2:7c:8f:16:ae:58:93:8b:1e:0c:e6:50:0f:be:a2:
9f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E4:5D:0A:F3:80:AA:C1:D3:64:71:64:F9:8E:6F:2B:F5:4F:D5:AC
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/V-RdCvOAqsHTZHFk-Y5vK_VP1aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.152.0/22
94.183.192.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:29:bf:bb:8a:c0:dd:5c:ea:f5:ec:7f:cd:57:33:43:33:df:
12:6a:87:1b:91:80:f5:ba:3a:1f:0a:ca:29:f3:ef:d4:34:c5:
47:c8:71:0f:5f:2c:a4:f6:be:e5:9c:41:1b:e2:f0:23:2a:78:
1e:ff:3e:d0:de:ab:f0:0e:8a:04:4d:0e:3d:59:5a:0b:d3:5e:
0d:8d:08:1d:cd:4f:76:3e:58:32:50:8b:d5:15:85:57:38:f7:
5b:4c:81:3c:e4:c9:8d:b7:75:89:29:e5:ca:e0:6a:5e:23:8a:
d5:d1:20:c0:5e:d6:33:69:ea:3f:0a:3e:22:77:18:01:b4:23:
62:75:7e:62:17:15:0b:54:9a:68:a8:7d:40:b8:fe:65:7c:67:
9d:76:b5:73:bf:9c:bc:48:d5:84:70:14:1b:f6:71:20:4c:0d:
23:f6:83:55:b8:84:00:b9:55:79:ce:3d:ff:fd:4f:e7:86:9a:
22:44:d3:ed:52:f2:29:40:0e:00:53:d7:02:ad:e6:51:83:3b:
db:e7:17:11:53:ec:22:49:ef:91:6d:48:fe:e4:19:d6:4c:09:
9f:e8:ab:a1:5c:a6:3c:11:5e:da:d1:53:c9:d4:10:f6:cf:f4:
a2:96:64:44:62:43:c8:8b:70:6e:d7:16:8d:55:90:2d:4f:9c:
38:1d:db:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZe3Lh++nmGRfXRikWwnxk8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNjI4MTUzNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2U0NWQwYWYzODBhYWMxZDM2NDcxNjRmOThlNmYyYmY1NGZkNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d3ssrNsnz3JJ53ssEka83SR8F45
GsW/rL6j1jn1UGc9SsBm7OLUrukZub7Y1tZzGEy2BP5fWmlnwVAX2PaefUR8Mzly
lPgtuzshAJzkRPy92qQO+Knazm3/C55uotzWxX41avDZo76kY1F/BIGMRn3fq6vx
VjWG47xHkGC4s2A2zsl/GRsiQ0wXQyai1xJTDePYmIkzu1DaoSTKwVBTZeVJEmXr
M9ttY6hjsOHuJUvkhqepHjuEdAG2mINqw53bzBJ47s4kciZH0k77YzlHxaIXP+dT
dUsPsYjuC7wDk5jRt5qpn54Jyw8UQRI3D9qyfI8WrliTix4M5lAPvqKf+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFfkXQrzgKrB02RxZPmObyv1T9WsMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvVi1SZEN2T0Fxc0hUWkhGay1ZNXZLX1ZQMWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXreYAwQG
XrfAMA0GCSqGSIb3DQEBCwUAA4IBAQB/Kb+7isDdXOr17H/NVzNDM98SaocbkYD1
ujofCsop8+/UNMVHyHEPXyyk9r7lnEEb4vAjKnge/z7Q3qvwDooETQ49WVoL014N
jQgdzU92PlgyUIvVFYVXOPdbTIE85MmNt3WJKeXK4GpeI4rV0SDAXtYzaeo/Cj4i
dxgBtCNidX5iFxULVJpoqH1AuP5lfGeddrVzv5y8SNWEcBQb9nEgTA0j9oNVuIQA
uVV5zj3//U/nhpoiRNPtUvIpQA4AU9cCreZRgzvb5xcRU+wiSe+RbUj+5BnWTAmf
6KuhXKY8EV7a0VPJ1BD2z/SilmREYkPIi3Bu1xaNVZAtT5w4HdvP
-----END CERTIFICATE-----
Generated at Fri Jul 25 00:32:44 2025 by rpki-client