Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FpicL0jCrw0qkcZJPd9nHtlnRts.roa
File: FpicL0jCrw0qkcZJPd9nHtlnRts.roa (raw, json)
Hash identifier: 5KgjnHbjdwOpvGo31F9ehwc30Twb4WtBO4H/6lSXA88=
Subject key identifier: 16:98:9C:2F:48:C2:AF:0D:2A:91:C6:49:3D:DF:67:1E:D9:67:46:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193BE2F79BD55B662075DED760DA2C79FA7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FpicL0jCrw0qkcZJPd9nHtlnRts.roa
Signing time: Fri 13 Dec 2024 04:03:22 +0000
ROA not before: Fri 13 Dec 2024 04:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.89.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.192.0/22 maxlen: 22
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.37.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.2.0/24 maxlen: 24
212.192.16.0/21 maxlen: 21
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:be:2f:79:bd:55:b6:62:07:5d:ed:76:0d:a2:c7:9f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 04:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16989c2f48c2af0d2a91c6493ddf671ed96746db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:eb:ea:5c:1b:3b:8e:59:6f:eb:e4:93:d4:3f:
07:50:d2:27:c2:7b:c4:55:9d:91:67:a7:b3:1c:27:
9a:83:60:de:6c:45:15:06:95:78:5b:0f:bb:99:f1:
6c:53:7b:c7:26:a0:54:9a:91:be:19:91:d5:30:10:
b2:1d:58:a1:c9:60:95:75:0b:9d:84:5f:16:0d:ef:
93:21:50:0c:f0:e9:c9:92:c7:e6:4c:e0:c3:3b:94:
2e:19:1d:c3:4b:16:4d:76:92:1a:4b:83:76:61:db:
69:47:c3:d6:9d:e6:ac:ed:45:23:4f:3f:f4:61:ee:
2b:ad:b2:42:e8:9b:e0:f3:dc:bb:32:de:8f:66:e3:
0e:e9:14:0a:18:14:cc:a8:0a:53:45:f4:43:a3:30:
ee:41:f3:da:aa:5e:a7:0e:8a:8c:b9:f4:47:30:7f:
d2:0c:bc:f3:b5:6d:19:cb:28:72:10:08:a3:c6:b9:
06:b4:3d:65:47:e9:55:07:15:55:c2:c9:b1:59:4b:
b5:bf:15:f9:d3:b1:a0:88:a5:f9:f0:9b:ae:9c:44:
e7:52:95:9a:0e:01:ad:90:a8:dd:bc:92:95:9a:70:
d8:40:49:60:32:74:18:92:b7:e3:2e:4c:48:85:4b:
17:d5:33:9b:3c:44:72:15:8b:9d:39:ca:6e:a6:28:
be:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:98:9C:2F:48:C2:AF:0D:2A:91:C6:49:3D:DF:67:1E:D9:67:46:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FpicL0jCrw0qkcZJPd9nHtlnRts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.89.0/24
193.124.224.0/23
194.58.155.0/24
194.85.251.0/24
194.87.17.0/24
194.87.23.0/24
194.87.105.0/24
194.87.108.0/24
194.87.169.0/24
194.87.192.0/22
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.37.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0-212.192.2.255
212.192.16.0/21
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
06:28:fc:df:61:a3:ee:46:3a:3f:1b:26:74:91:83:25:c9:ee:
56:ad:3e:36:3a:8f:a8:c4:7a:b9:86:df:9e:9c:3a:50:16:b3:
4b:e9:37:c7:2a:67:41:48:7b:9c:f5:61:19:c3:3e:43:e3:2c:
d3:e7:bf:6c:a1:b1:2c:4d:77:01:c6:3f:ff:3c:c8:64:28:c5:
be:03:b8:11:a7:ba:27:dc:bc:f1:db:c0:2c:cd:0a:09:4c:96:
0a:32:0d:57:49:b5:de:c5:48:eb:83:0b:e8:43:a8:7c:11:b2:
a2:f5:2f:eb:2f:21:06:03:70:df:39:04:0f:9b:41:c9:dc:fe:
44:20:79:be:6f:86:ce:6c:af:e5:4e:24:33:b9:6b:c6:74:e7:
21:9d:58:ee:7c:67:28:24:cb:77:48:93:13:ef:48:18:15:b5:
6c:7f:82:2c:f3:aa:88:32:9b:4c:d7:60:5d:9c:43:af:b4:83:
88:2a:7d:c3:84:93:e4:13:b5:14:e3:3a:9c:c8:68:6e:88:0e:
a1:25:82:65:c5:69:aa:a7:c9:5c:45:f1:bd:e6:1e:40:9d:96:
e2:4f:9b:c0:0a:46:55:17:34:c0:25:7c:4a:e5:36:a9:ad:91:
d5:d6:1d:68:d3:3f:1f:c9:16:fe:17:3b:b6:d1:c2:7e:75:fd:
1c:fb:4c:08
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZO+L3m9VbZiB13tdg2ix5+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEzMDQwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjk4OWMyZjQ4YzJhZjBkMmE5MWM2NDkzZGRmNjcxZWQ5Njc0NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+vqXBs7jllv6+ST1D8HUNInwnvE
VZ2RZ6ezHCeag2DebEUVBpV4Ww+7mfFsU3vHJqBUmpG+GZHVMBCyHVihyWCVdQud
hF8WDe+TIVAM8OnJksfmTODDO5QuGR3DSxZNdpIaS4N2YdtpR8PWneas7UUjTz/0
Ye4rrbJC6Jvg89y7Mt6PZuMO6RQKGBTMqApTRfRDozDuQfPaql6nDoqMufRHMH/S
DLzztW0ZyyhyEAijxrkGtD1lR+lVBxVVwsmxWUu1vxX507GgiKX58JuunETnUpWa
DgGtkKjdvJKVmnDYQElgMnQYkrfjLkxIhUsX1TObPERyFYudOcpupii+WQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFBaYnC9Iwq8NKpHGST3fZx7ZZ0bbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRnBpY0wwakNydzBxa2NaSlBkOW5IdGxuUnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBjQQCAAEwgYYDBADB
fA8DBADBfFkDBAHBfOADBADCOpsDBADCVfsDBADCVxEDBADCVxcDBADCV2kDBADC
V2wDBADCV6kDBALCV8ADBADCV+ADBADChyEDBAHDhRgDBADDhSUDBAHDhSgDBAHD
hTIDBAHDhVwwDAMEANTAAQMEANTAAgMEA9TAEAMEAdTBGjAUBAIAAjAOAwUDKgFX
wAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBAAYo/N9ho+5GOj8bJnSRgyXJ7lat
PjY6j6jEermG356cOlAWs0vpN8cqZ0FIe5z1YRnDPkPjLNPnv2yhsSxNdwHGP/88
yGQoxb4DuBGnuifcvPHbwCzNCglMlgoyDVdJtd7FSOuDC+hDqHwRsqL1L+svIQYD
cN85BA+bQcnc/kQgeb5vhs5sr+VOJDO5a8Z05yGdWO58Zygky3dIkxPvSBgVtWx/
gizzqogym0zXYF2cQ6+0g4gqfcOEk+QTtRTjOpzIaG6IDqElgmXFaaqnyVxF8b3m
HkCdluJPm8AKRlUXNMAlfErlNqmtkdXWHWjTPx/JFv4XO7bRwn51/Rz7TAg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:09 2025 by rpki-client