Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LILbPIY-UBSov8Vbc06_F66gf1w.roa
File: LILbPIY-UBSov8Vbc06_F66gf1w.roa (raw, json)
Hash identifier: Zm89ECX6VrbesgZajVtcyiXCviXCWlDoCh67nL5w3bw=
Subject key identifier: 2C:82:DB:3C:86:3E:50:14:A8:BF:C5:5B:73:4E:BF:17:AE:A0:7F:5C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193C0B4AFB07B76EC576793C3980D850C21
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LILbPIY-UBSov8Vbc06_F66gf1w.roa
Signing time: Fri 13 Dec 2024 15:48:07 +0000
ROA not before: Fri 13 Dec 2024 15:48:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.89.0/24 maxlen: 24
193.124.224.0/23 maxlen: 23
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.37.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:b4:af:b0:7b:76:ec:57:67:93:c3:98:0d:85:0c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 15:48:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c82db3c863e5014a8bfc55b734ebf17aea07f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d5:ef:f1:6d:ff:9d:62:af:08:e8:ce:78:25:
96:aa:42:67:05:51:6e:de:a5:16:d2:5a:2c:fa:1c:
4d:ef:ca:eb:5f:92:a8:a6:b0:03:c0:2c:d6:a9:61:
2b:a4:82:b1:43:35:9a:95:24:52:56:fe:99:2b:8a:
a3:fc:93:03:a3:15:19:9c:61:b1:f5:89:22:a7:95:
3a:9f:30:c6:f5:11:17:6a:fb:47:71:92:68:3f:14:
9b:9b:a3:13:8d:78:d6:7e:97:eb:50:59:a3:aa:1e:
9b:a4:39:5f:31:a2:cf:13:66:13:b9:52:70:e5:ed:
bb:99:d1:c7:82:e7:01:3c:38:7b:c5:39:7f:da:a1:
f1:55:ab:29:f4:8d:b3:0a:cb:5b:90:a7:06:a9:d9:
14:fb:e4:aa:a5:72:9e:06:2c:c7:3e:a5:0b:af:68:
0f:d2:df:7b:d2:be:26:07:25:16:37:ca:a6:1f:29:
5d:13:ee:04:c9:cc:f3:a8:b8:a1:e4:82:dd:f9:3c:
f5:8e:b8:94:f5:a6:8c:69:62:8e:71:e7:f1:44:7d:
44:40:ae:26:8f:1c:2f:d2:1b:cc:27:01:ac:d5:53:
66:29:30:5f:25:b3:12:d1:12:f2:9a:d6:a7:8a:e7:
dd:e3:b8:7d:67:af:8d:7e:f0:4d:f8:9b:af:aa:22:
99:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:82:DB:3C:86:3E:50:14:A8:BF:C5:5B:73:4E:BF:17:AE:A0:7F:5C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LILbPIY-UBSov8Vbc06_F66gf1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.89.0/24
193.124.224.0/23
194.58.155.0/24
194.85.251.0/24
194.87.17.0/24
194.87.23.0/24
194.87.105.0/24
194.87.108.0/24
194.87.169.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.37.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
5b:05:8b:d9:d1:19:d2:5f:83:7f:14:e1:f3:b6:d6:53:60:a8:
4d:87:75:1b:7a:30:5c:8f:b9:2e:30:d8:7e:ca:9c:c7:f9:9d:
1d:0f:f3:b9:42:a7:90:4c:46:be:d8:cc:15:c2:3e:61:41:2f:
5a:7a:65:a5:de:e2:40:5c:a3:70:38:fd:d7:b7:47:e2:7b:c2:
41:be:2b:c5:e3:36:47:8a:de:bf:e9:90:d4:bf:16:cb:86:e0:
5a:de:47:22:20:4c:39:8f:d2:98:1f:0e:8b:27:58:83:ff:5a:
a0:d9:a1:24:c9:80:b9:3f:6c:f3:eb:eb:3e:c3:14:31:1b:1b:
d3:7c:82:7a:1e:41:94:2e:62:64:98:e3:84:a6:db:fb:52:37:
3f:8c:00:3e:20:2e:99:dd:77:20:bf:2f:50:07:78:38:09:ef:
9e:c6:9e:70:5f:d8:22:6d:e9:2e:e5:9d:70:27:d5:43:da:24:
88:ae:ce:9b:f5:a7:23:3a:7c:ec:6a:e1:52:72:05:fb:63:c9:
a5:86:e1:99:67:2b:76:b9:76:ba:07:c2:4c:34:b9:c4:78:96:
3a:22:41:a2:db:b9:79:05:b1:c2:5a:de:59:cf:1f:ca:1a:27:
91:7b:ea:7e:2f:ba:a0:98:74:a9:33:a9:ad:0f:4f:84:76:34:
c2:a5:72:5a
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZPAtK+we3bsV2eTw5gNhQwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEzMTU0ODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzgyZGIzYzg2M2U1MDE0YThiZmM1NWI3MzRlYmYxN2FlYTA3ZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9Xv8W3/nWKvCOjOeCWWqkJnBVFu
3qUW0los+hxN78rrX5KoprADwCzWqWErpIKxQzWalSRSVv6ZK4qj/JMDoxUZnGGx
9Ykip5U6nzDG9REXavtHcZJoPxSbm6MTjXjWfpfrUFmjqh6bpDlfMaLPE2YTuVJw
5e27mdHHgucBPDh7xTl/2qHxVasp9I2zCstbkKcGqdkU++SqpXKeBizHPqULr2gP
0t970r4mByUWN8qmHyldE+4EyczzqLih5ILd+Tz1jriU9aaMaWKOcefxRH1EQK4m
jxwv0hvMJwGs1VNmKTBfJbMS0RLymtaniufd47h9Z6+NfvBN+JuvqiKZzQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFCyC2zyGPlAUqL/FW3NOvxeuoH9cMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTElMYlBJWS1VQlNvdjhWYmMwNl9GNjZnZjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQAwXwP
AwQAwXxZAwQBwXzgAwQAwjqbAwQAwlX7AwQAwlcRAwQAwlcXAwQAwldpAwQAwlds
AwQAwlepAwQAwlfgAwQAwochAwQBw4UYAwQAw4UlAwQBw4UoAwQBw4UyAwQBw4Vc
AwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEA
WwWL2dEZ0l+DfxTh87bWU2CoTYd1G3owXI+5LjDYfsqcx/mdHQ/zuUKnkExGvtjM
FcI+YUEvWnplpd7iQFyjcDj917dH4nvCQb4rxeM2R4rev+mQ1L8Wy4bgWt5HIiBM
OY/SmB8OiydYg/9aoNmhJMmAuT9s8+vrPsMUMRsb03yCeh5BlC5iZJjjhKbb+1I3
P4wAPiAumd13IL8vUAd4OAnvnsaecF/YIm3pLuWdcCfVQ9okiK7Om/WnIzp87Grh
UnIF+2PJpYbhmWcrdrl2ugfCTDS5xHiWOiJBotu5eQWxwlreWc8fyhonkXvqfi+6
oJh0qTOprQ9PhHY0wqVyWg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:05:52 2025 by rpki-client