Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l2pHoujL9UpqA_s82p8LOSvtOeU.roa
File: l2pHoujL9UpqA_s82p8LOSvtOeU.roa (raw, json)
Hash identifier: e1HMtMI8vLJjQBhehU9zSnV9U3BF8ncm8CAtPwsIh6w=
Subject key identifier: 97:6A:47:A2:E8:CB:F5:4A:6A:03:FB:3C:DA:9F:0B:39:2B:ED:39:E5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193A26E5E91085C2052CE42D76F08C1E757
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l2pHoujL9UpqA_s82p8LOSvtOeU.roa
Signing time: Sat 07 Dec 2024 18:42:42 +0000
ROA not before: Sat 07 Dec 2024 18:42:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.89.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.37.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.192.2.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a2:6e:5e:91:08:5c:20:52:ce:42:d7:6f:08:c1:e7:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 18:42:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=976a47a2e8cbf54a6a03fb3cda9f0b392bed39e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:14:76:7c:9c:5a:8b:6e:1e:28:8b:c2:92:
bc:04:c0:d5:fb:63:52:73:c9:94:28:f6:d6:2c:24:
09:50:2d:49:c6:12:a6:63:ea:22:e0:6d:5c:11:6f:
98:03:eb:64:ba:13:ef:19:34:e2:96:1e:2d:52:22:
6c:b3:ea:ca:1e:01:ed:ca:51:cf:69:7a:3a:b4:f4:
6a:43:e2:2f:78:8c:62:e3:2f:e0:a8:48:c4:49:c3:
26:a1:6a:af:a3:2b:3c:b9:8d:ff:c5:90:94:f6:4c:
07:04:db:e3:13:42:e6:bf:5d:32:46:58:5d:a0:78:
ed:b6:92:c8:11:6a:a4:d1:87:d0:4c:ba:26:21:8a:
be:5a:5c:e8:89:fa:2e:d6:db:f3:a9:78:20:3c:78:
19:46:ce:ae:0a:a8:7f:99:77:6b:bc:d1:19:2b:70:
bc:58:96:eb:b9:5d:ed:29:13:36:88:de:4d:a9:f5:
d4:b9:1a:e9:db:f8:d6:da:3c:dc:62:cc:8b:50:eb:
4a:6c:4e:bc:e7:8a:35:c3:1c:f0:ee:b8:4c:ca:b2:
19:29:67:55:24:22:f0:74:3c:58:c2:df:89:60:d4:
63:0e:a8:82:36:9d:19:70:14:93:c0:5f:35:5c:44:
de:3d:28:8e:c3:90:ab:96:25:e4:86:dd:eb:8d:06:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6A:47:A2:E8:CB:F5:4A:6A:03:FB:3C:DA:9F:0B:39:2B:ED:39:E5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l2pHoujL9UpqA_s82p8LOSvtOeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.89.0/24
194.58.155.0/24
194.85.251.0/24
194.87.17.0/24
194.87.23.0/24
194.87.105.0/24
194.87.108.0/24
194.87.169.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.37.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0-212.192.2.255
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
79:7b:d7:05:b5:7b:e8:68:e4:99:4c:18:a1:bf:67:f7:73:93:
79:1b:cc:62:b7:a7:5d:3b:50:47:f1:89:7c:c8:c4:8a:1a:56:
89:d8:86:69:ec:83:42:30:18:ff:af:8c:ef:38:51:4a:49:c7:
af:e3:33:5b:85:c3:df:b6:f1:0b:18:d6:be:fc:a0:15:02:1b:
73:69:f4:85:70:2f:15:1d:1d:aa:2e:9b:00:6d:c2:19:1a:b4:
67:3f:20:52:93:aa:b2:08:85:e2:af:29:b5:76:88:82:90:5c:
74:d5:93:66:ec:3e:ae:77:41:29:84:05:b8:15:9d:81:51:81:
66:0b:5c:12:f6:dd:74:8a:76:8d:eb:64:41:1d:b2:d1:b4:6e:
18:9c:f1:58:df:da:3f:73:db:98:d1:9a:d8:60:7b:51:5b:cd:
18:ad:8b:3f:71:7c:7c:35:9d:69:24:81:05:c6:c0:80:d2:1e:
61:c1:e1:66:73:72:ff:67:e4:50:cc:6d:eb:dd:5c:81:39:1c:
a7:7e:48:df:6c:ec:0e:f1:c8:4f:f3:ec:51:61:5b:8a:82:6f:
5b:ba:0a:7a:6d:2e:49:56:24:b3:7d:11:cd:9c:b8:3f:ac:df:
d0:71:fe:c3:08:78:9f:0b:b4:64:b0:2a:d4:ba:2d:d7:32:33:
a5:61:68:b0
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZOibl6RCFwgUs5C128IwedXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjA3MTg0MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzZhNDdhMmU4Y2JmNTRhNmEwM2ZiM2NkYTlmMGIzOTJiZWQzOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3AUdnycWotuHiiLwpK8BMDV+2NS
c8mUKPbWLCQJUC1JxhKmY+oi4G1cEW+YA+tkuhPvGTTilh4tUiJss+rKHgHtylHP
aXo6tPRqQ+IveIxi4y/gqEjEScMmoWqvoys8uY3/xZCU9kwHBNvjE0Lmv10yRlhd
oHjttpLIEWqk0YfQTLomIYq+Wlzoifou1tvzqXggPHgZRs6uCqh/mXdrvNEZK3C8
WJbruV3tKRM2iN5NqfXUuRrp2/jW2jzcYsyLUOtKbE6854o1wxzw7rhMyrIZKWdV
JCLwdDxYwt+JYNRjDqiCNp0ZcBSTwF81XETePSiOw5CrliXkht3rjQZljwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFJdqR6Loy/VKagP7PNqfCzkr7TnlMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbDJwSG91akw5VXBxQV9zODJwOExPU3Z0T2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuAwQAwXxZ
AwQAwjqbAwQAwlX7AwQAwlcRAwQAwlcXAwQAwldpAwQAwldsAwQAwlepAwQAwlfg
AwQAwochAwQBw4UYAwQAw4UlAwQBw4UoAwQBw4UyAwQBw4VcMAwDBADUwAEDBADU
wAIDBAHUwRowFAQCAAIwDgMFAyoBV8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IB
AQB5e9cFtXvoaOSZTBihv2f3c5N5G8xit6ddO1BH8Yl8yMSKGlaJ2IZp7INCMBj/
r4zvOFFKScev4zNbhcPftvELGNa+/KAVAhtzafSFcC8VHR2qLpsAbcIZGrRnPyBS
k6qyCIXirym1doiCkFx01ZNm7D6ud0EphAW4FZ2BUYFmC1wS9t10inaN62RBHbLR
tG4YnPFY39o/c9uY0ZrYYHtRW80YrYs/cXx8NZ1pJIEFxsCA0h5hweFmc3L/Z+RQ
zG3r3VyBORynfkjfbOwO8chP8+xRYVuKgm9bugp6bS5JViSzfRHNnLg/rN/Qcf7D
CHifC7RksCrUui3XMjOlYWiw
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:07:41 2025 by rpki-client