Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7q388XXypPrVR4m9HE-LuceZFPc.roa
File: 7q388XXypPrVR4m9HE-LuceZFPc.roa (raw, json)
Hash identifier: Z97+4CsGWKLEQB+yfTrA4Ev+4VKTjx4Bc2dx5hZVcNc=
Subject key identifier: EE:AD:FC:F1:75:F2:A4:FA:D5:47:89:BD:1C:4F:8B:B9:C7:99:14:F7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193BC896AD77C3DEADF5F660090B14486A2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7q388XXypPrVR4m9HE-LuceZFPc.roa
Signing time: Thu 12 Dec 2024 20:22:22 +0000
ROA not before: Thu 12 Dec 2024 20:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.89.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.192.0/22 maxlen: 22
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.37.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.2.0/24 maxlen: 24
212.192.16.0/21 maxlen: 21
212.193.8.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bc:89:6a:d7:7c:3d:ea:df:5f:66:00:90:b1:44:86:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 12 20:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eeadfcf175f2a4fad54789bd1c4f8bb9c79914f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1d:7f:31:4e:2a:c3:64:de:68:ed:2c:81:c1:
cc:50:6e:32:d6:24:6a:a9:4a:f0:d9:06:4e:25:50:
9d:b3:0a:7f:62:29:c9:97:df:20:63:a7:33:68:d5:
56:78:c4:3c:a2:c2:ed:b6:1c:b1:f5:5d:15:84:d5:
13:4f:eb:0c:22:eb:86:44:9c:3b:3d:db:08:58:1b:
d5:15:d0:df:a4:30:25:bc:f7:4e:f2:22:02:7f:ac:
40:db:cf:70:2c:01:01:a9:63:91:39:dd:f4:e0:ed:
9e:13:40:1e:a5:d8:33:66:7c:5a:ef:ae:45:db:bc:
c4:6e:db:d7:4e:92:6d:05:22:a3:ce:53:4c:1c:54:
c1:bf:4c:9f:1f:73:0d:31:4f:9e:a8:fe:8d:cc:fc:
b4:83:99:b1:68:04:7c:f7:d4:be:91:4b:0d:11:53:
49:3d:46:2e:a8:6e:f3:12:78:25:fc:52:64:e7:41:
c1:02:39:b3:85:87:b7:32:f1:1c:06:7e:07:6b:62:
e7:40:24:77:66:8c:d5:92:f6:09:a3:ef:30:f7:75:
64:8f:21:e7:fa:0a:b6:28:a0:1d:71:e8:b4:91:f3:
8b:a6:6e:eb:df:77:bb:43:b7:82:ae:46:79:a7:05:
97:c1:ee:ae:ac:e8:a1:34:bb:3c:e2:53:64:e7:7f:
95:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:AD:FC:F1:75:F2:A4:FA:D5:47:89:BD:1C:4F:8B:B9:C7:99:14:F7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7q388XXypPrVR4m9HE-LuceZFPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.89.0/24
193.124.224.0/23
194.58.155.0/24
194.85.251.0/24
194.87.17.0/24
194.87.23.0/24
194.87.105.0/24
194.87.108.0/24
194.87.169.0/24
194.87.192.0/22
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.37.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0-212.192.2.255
212.192.16.0/21
212.193.8.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
04:ab:12:35:9b:12:cc:a1:94:93:58:e5:80:8a:50:a1:73:63:
9a:bf:54:1b:ab:88:30:8a:48:3b:41:64:a3:70:20:52:87:0a:
55:cf:d2:7d:57:63:3e:7d:19:52:c7:32:0c:00:b8:10:7f:4a:
a6:c5:58:db:62:ba:d2:f4:d4:b4:45:f4:d1:7a:a0:cb:a1:6c:
e4:c3:ac:c5:10:08:40:3e:55:30:89:17:90:ba:ba:1a:ac:a8:
6e:c7:ea:b9:0d:e0:6d:bc:f6:54:45:73:f1:d4:40:91:51:1e:
a9:63:94:3e:ee:07:9e:09:d0:db:3f:7d:33:e6:8f:d3:c1:43:
ef:5f:5a:d0:dc:31:c6:04:dc:e6:88:fc:b8:fd:e8:26:1d:ec:
a6:92:a5:7a:d1:db:d0:44:20:6a:51:76:e6:aa:c7:4b:c6:64:
14:66:ee:c3:b1:6e:e5:96:39:78:a5:e3:89:f2:c1:c6:60:4d:
47:a7:1e:6a:c6:32:31:10:97:a1:ea:d4:76:c8:91:8d:8d:39:
1f:17:23:31:17:fc:58:8a:09:54:fb:c5:5d:55:dc:81:22:16:
b0:78:75:a5:1e:81:b2:5b:e2:2a:27:dc:4e:d2:cb:59:1c:15:
21:e6:8f:38:6a:ac:81:dc:71:31:3a:70:00:47:8b:15:9e:be:
b6:7a:32:e2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZO8iWrXfD3q319mAJCxRIaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEyMjAyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWFkZmNmMTc1ZjJhNGZhZDU0Nzg5YmQxYzRmOGJiOWM3OTkxNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh1/MU4qw2TeaO0sgcHMUG4y1iRq
qUrw2QZOJVCdswp/YinJl98gY6czaNVWeMQ8osLtthyx9V0VhNUTT+sMIuuGRJw7
PdsIWBvVFdDfpDAlvPdO8iICf6xA289wLAEBqWOROd304O2eE0AepdgzZnxa765F
27zEbtvXTpJtBSKjzlNMHFTBv0yfH3MNMU+eqP6NzPy0g5mxaAR899S+kUsNEVNJ
PUYuqG7zEngl/FJk50HBAjmzhYe3MvEcBn4Ha2LnQCR3ZozVkvYJo+8w93VkjyHn
+gq2KKAdcei0kfOLpm7r33e7Q7eCrkZ5pwWXwe6urOihNLs84lNk53+V0wIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFO6t/PF18qT61UeJvRxPi7nHmRT3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN3EzODhYWHlwUHJWUjRtOUhFLUx1Y2VaRlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBkwQCAAEwgYwDBADB
fA8DBADBfFkDBAHBfOADBADCOpsDBADCVfsDBADCVxEDBADCVxcDBADCV2kDBADC
V2wDBADCV6kDBALCV8ADBADCV+ADBADChyEDBAHDhRgDBADDhSUDBAHDhSgDBAHD
hTIDBAHDhVwwDAMEANTAAQMEANTAAgMEA9TAEAMEANTBCAMEAdTBGjAUBAIAAjAO
AwUDKgFXwAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBAASrEjWbEsyhlJNY5YCK
UKFzY5q/VBuriDCKSDtBZKNwIFKHClXP0n1XYz59GVLHMgwAuBB/SqbFWNtiutL0
1LRF9NF6oMuhbOTDrMUQCEA+VTCJF5C6uhqsqG7H6rkN4G289lRFc/HUQJFRHqlj
lD7uB54J0Ns/fTPmj9PBQ+9fWtDcMcYE3OaI/Lj96CYd7KaSpXrR29BEIGpRduaq
x0vGZBRm7sOxbuWWOXil44nywcZgTUenHmrGMjEQl6Hq1HbIkY2NOR8XIzEX/FiK
CVT7xV1V3IEiFrB4daUegbJb4ion3E7Sy1kcFSHmjzhqrIHccTE6cABHixWevrZ6
MuI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:35:18 2025 by rpki-client