Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91z5qVt1yf0gAmeCNNGUIFVO8ms.roa
File: 91z5qVt1yf0gAmeCNNGUIFVO8ms.roa (raw, json)
Hash identifier: 6AXyC5UUc/GwmUEBuM9ghQydR+dtEN+6iIxAwBD2rAE=
Subject key identifier: F7:5C:F9:A9:5B:75:C9:FD:20:02:67:82:34:D1:94:20:55:4E:F2:6B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193914B960BF74823485EC3FA7D7E444C61
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91z5qVt1yf0gAmeCNNGUIFVO8ms.roa
Signing time: Wed 04 Dec 2024 10:51:10 +0000
ROA not before: Wed 04 Dec 2024 10:51:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.89.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.37.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:4b:96:0b:f7:48:23:48:5e:c3:fa:7d:7e:44:4c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 4 10:51:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f75cf9a95b75c9fd2002678234d19420554ef26b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:09:29:47:8f:89:7e:e4:b0:06:43:2f:f1:
8d:8d:01:70:d7:fe:51:44:34:bc:42:9d:e6:dc:d9:
f4:80:c1:3a:8d:1d:2a:3b:2b:88:67:80:69:e5:65:
84:48:07:38:8c:7a:4d:d4:3d:33:52:68:e3:76:da:
b4:33:c4:ac:0d:1f:d2:15:2f:91:dd:9b:ba:d8:8d:
9b:6e:2d:b3:59:fc:09:9c:15:3f:36:d1:3f:f3:c6:
2b:39:b0:8d:41:da:57:35:9b:bc:e9:08:ef:7a:3d:
5b:d6:a4:b8:50:b0:2b:3c:63:dc:c0:35:c1:c0:e1:
e1:9c:43:35:a9:db:37:f7:93:d0:72:f7:31:18:29:
3c:0d:f2:d4:5d:41:ec:6c:4b:e7:09:af:e1:2a:87:
ac:4f:9d:29:48:fb:f3:c8:ee:ef:7f:f2:d8:3f:27:
ed:2c:ff:cf:5d:aa:cf:55:5d:c9:ee:73:c3:9c:f2:
40:4b:c5:de:49:56:dd:46:75:78:e1:1b:42:45:9e:
1e:2f:47:dd:56:a1:6f:f2:f7:f1:e3:c4:19:51:8d:
89:00:90:cb:89:0e:57:ce:50:4d:19:71:06:ce:aa:
56:10:79:5a:a6:86:fa:e0:d2:6f:cc:be:bd:87:0e:
29:5f:00:4a:52:68:f1:f7:f6:76:68:f1:f5:eb:29:
c5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:5C:F9:A9:5B:75:C9:FD:20:02:67:82:34:D1:94:20:55:4E:F2:6B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91z5qVt1yf0gAmeCNNGUIFVO8ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.89.0/24
194.58.155.0/24
194.85.251.0/24
194.87.17.0/24
194.87.105.0/24
194.87.108.0/24
194.87.169.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.37.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
8b:0e:d4:f8:84:97:65:08:51:f9:90:1b:63:b4:e2:c0:3b:d1:
f0:cc:84:b8:61:9c:f1:12:66:15:bb:55:f1:69:ce:10:10:c5:
b9:68:bf:26:77:97:41:db:86:81:9d:65:dd:2d:d2:cc:3f:4e:
a9:6c:74:77:7a:8c:b4:ab:11:5b:56:54:99:05:2f:e1:e1:5e:
62:5c:02:77:10:09:94:13:5a:d9:1b:97:4e:fa:dc:81:ef:5a:
3f:b3:25:02:c9:28:bb:8e:14:e7:bd:9c:44:ac:e8:09:0a:1d:
05:59:ce:af:7d:9a:45:15:e9:6f:47:37:ea:39:1b:0f:c6:e6:
a5:69:40:3f:0a:96:2c:1f:cb:9f:f7:30:6f:6d:26:67:ac:b1:
d8:e0:3d:da:59:78:dd:06:5d:74:57:9c:de:08:9c:e7:b9:04:
d8:e8:26:6a:c6:5e:f0:5c:c5:d9:d2:c8:fa:90:d7:87:a9:0c:
11:1c:7f:61:b1:0e:d6:ca:5e:25:2d:55:eb:4a:de:a9:76:36:
b0:fe:51:ca:69:b4:c3:92:e4:9b:a5:20:62:cb:71:42:35:80:
1a:d9:55:b2:1d:b7:14:da:d3:8f:6b:23:c8:2f:98:38:07:b2:
9f:c6:11:81:59:fc:60:b9:a4:70:e2:13:bf:16:3d:0b:ec:b9:
28:ac:d4:d4
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZORS5YL90gjSF7D+n1+RExhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjA0MTA1MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzVjZjlhOTViNzVjOWZkMjAwMjY3ODIzNGQxOTQyMDU1NGVmMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfQJKUePiX7ksAZDL/GNjQFw1/5R
RDS8Qp3m3Nn0gME6jR0qOyuIZ4Bp5WWESAc4jHpN1D0zUmjjdtq0M8SsDR/SFS+R
3Zu62I2bbi2zWfwJnBU/NtE/88YrObCNQdpXNZu86Qjvej1b1qS4ULArPGPcwDXB
wOHhnEM1qds395PQcvcxGCk8DfLUXUHsbEvnCa/hKoesT50pSPvzyO7vf/LYPyft
LP/PXarPVV3J7nPDnPJAS8XeSVbdRnV44RtCRZ4eL0fdVqFv8vfx48QZUY2JAJDL
iQ5XzlBNGXEGzqpWEHlapob64NJvzL69hw4pXwBKUmjx9/Z2aPH16ynFSwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFPdc+albdcn9IAJngjTRlCBVTvJrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOTF6NXFWdDF5ZjBnQW1lQ05OR1VJRlZPOG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBADBfFkD
BADCOpsDBADCVfsDBADCVxEDBADCV2kDBADCV2wDBADCV6kDBADCV+ADBADChyED
BAHDhRgDBADDhSUDBAHDhSgDBAHDhTIDBAHDhVwDBADUwAEDBAHUwRowFAQCAAIw
DgMFAyoBV8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IBAQCLDtT4hJdlCFH5kBtj
tOLAO9HwzIS4YZzxEmYVu1Xxac4QEMW5aL8md5dB24aBnWXdLdLMP06pbHR3eoy0
qxFbVlSZBS/h4V5iXAJ3EAmUE1rZG5dO+tyB71o/syUCySi7jhTnvZxErOgJCh0F
Wc6vfZpFFelvRzfqORsPxualaUA/CpYsH8uf9zBvbSZnrLHY4D3aWXjdBl10V5ze
CJznuQTY6CZqxl7wXMXZ0sj6kNeHqQwRHH9hsQ7Wyl4lLVXrSt6pdjaw/lHKabTD
kuSbpSBiy3FCNYAa2VWyHbcU2tOPayPIL5g4B7KfxhGBWfxguaRw4hO/Fj0L7Lko
rNTU
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:36:03 2025 by rpki-client