Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/q0kjPC5cjvxphQVAF3k7emNhwOQ.roa
File: q0kjPC5cjvxphQVAF3k7emNhwOQ.roa (raw, json)
Hash identifier: iWbyg27c+HQ0N3gOf6QJ+wErAK189lEAIzDrOeSn9eQ=
Subject key identifier: AB:49:23:3C:2E:5C:8E:FC:69:85:05:40:17:79:3B:7A:63:61:C0:E4
Certificate issuer: /CN=2841262acd62c90e68081a6f777375df2c3713c2
Certificate serial: 38425BF1
Authority key identifier: 28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/q0kjPC5cjvxphQVAF3k7emNhwOQ.roa
Signing time: Sat 01 Jan 2022 03:59:14 +0000
ROA not before: Sat 01 Jan 2022 03:59:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13110
IP address blocks: 194.24.164.0/23 maxlen: 24
94.127.104.0/21 maxlen: 21
80.87.32.0/20 maxlen: 20
185.44.172.0/22 maxlen: 22
85.221.128.0/17 maxlen: 24
109.173.128.0/17 maxlen: 24
151.249.80.0/21 maxlen: 21
46.228.80.0/20 maxlen: 20
77.65.0.0/17 maxlen: 24
195.160.180.0/23 maxlen: 24
88.151.136.0/21 maxlen: 21
46.238.64.0/18 maxlen: 18
62.21.0.0/17 maxlen: 24
185.14.72.0/22 maxlen: 22
193.23.54.0/24 maxlen: 24
2001:4020::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943873009 (0x38425bf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2841262acd62c90e68081a6f777375df2c3713c2
Validity
Not Before: Jan 1 03:59:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab49233c2e5c8efc6985054017793b7a6361c0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e2:2c:b8:ea:49:73:4b:e8:85:68:f5:98:22:
c2:cd:20:4b:49:c6:7f:56:82:58:da:60:dd:d6:10:
10:ae:1f:d9:6c:b9:04:47:2f:46:cd:55:bd:c3:8e:
f0:d4:50:f6:ae:3f:86:1a:4a:26:e0:96:08:b9:e2:
74:05:1e:75:1c:03:75:20:9e:54:88:18:57:11:3a:
2b:84:c7:7e:49:8c:1d:2e:fe:df:61:5c:69:7a:95:
ac:9d:0d:09:c3:68:b8:00:39:8c:bb:ae:ed:3d:3c:
42:70:9d:cc:d1:bd:da:43:51:ad:6c:f7:ae:39:08:
8e:72:a0:1c:3c:85:26:89:ea:b4:2a:34:4c:a0:3d:
1b:06:e8:fd:d7:ed:ac:6a:f2:5f:e4:ca:e0:f7:ac:
2b:90:18:f7:c5:ac:7d:50:cd:5f:88:e2:d5:fd:6f:
e4:70:ea:c1:8c:ff:17:1b:a0:7d:47:1c:25:6e:7b:
d7:a5:12:5e:0d:ba:59:a8:0f:29:56:60:6e:9d:bb:
db:08:19:b0:c8:e1:80:ee:db:2c:a4:e0:ea:5c:4f:
85:3b:fa:63:7b:36:b0:be:14:df:97:52:f2:93:c9:
a7:e1:5d:15:ca:c7:d3:ff:5f:68:2c:3b:65:39:a9:
36:ba:b4:ca:41:88:70:f1:be:0c:2c:b8:f8:05:df:
88:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:49:23:3C:2E:5C:8E:FC:69:85:05:40:17:79:3B:7A:63:61:C0:E4
X509v3 Authority Key Identifier:
keyid:28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/q0kjPC5cjvxphQVAF3k7emNhwOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/KEEmKs1iyQ5oCBpvd3N13yw3E8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.80.0/20
46.238.64.0/18
62.21.0.0/17
77.65.0.0/17
80.87.32.0/20
85.221.128.0/17
88.151.136.0/21
94.127.104.0/21
109.173.128.0/17
151.249.80.0/21
185.14.72.0/22
185.44.172.0/22
193.23.54.0/24
194.24.164.0/23
195.160.180.0/23
IPv6:
2001:4020::/32
Signature Algorithm: sha256WithRSAEncryption
28:7f:f1:e4:0a:bc:72:f0:bb:f5:22:a0:89:fd:06:f7:7d:8c:
8f:bd:f0:0e:8f:ab:ad:0c:52:0b:48:6c:53:9c:ef:0e:97:9a:
76:e9:c5:50:22:a6:c1:ea:3c:51:66:ee:96:02:1e:31:08:6a:
db:2c:04:8f:6e:3b:7d:55:df:c7:f4:72:d8:06:b2:9c:69:fe:
9d:77:29:00:b4:4c:a7:11:7c:78:b6:27:0c:4d:04:e9:56:62:
7f:1d:a3:31:1d:45:db:1c:67:a5:d5:69:eb:53:92:62:e0:ad:
46:ea:31:03:c3:8f:42:8e:81:fa:86:9d:67:fd:88:81:3b:27:
35:d8:c8:94:d0:01:77:d0:6c:ee:e5:59:75:96:1f:7e:22:72:
65:db:78:28:43:ab:29:b7:60:26:b3:99:d9:7a:5d:f9:9b:b1:
54:9d:b8:a1:ac:b1:07:b7:ac:03:0c:35:fa:74:a8:0a:8c:fa:
51:d0:c0:59:19:b3:c3:07:28:03:16:48:69:78:c3:41:80:9e:
3b:b1:c6:1d:13:79:d8:5a:af:18:79:bd:69:de:8e:c2:ad:9c:
43:1d:d7:17:68:d1:74:2e:62:51:ba:32:62:15:e8:8a:af:cf:
df:0d:9a:92:24:d4:b7:8a:79:dc:6d:8a:4a:24:c6:99:95:69:
be:ee:47:2f
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIEOEJb8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODQxMjYyYWNkNjJjOTBlNjgwODFhNmY3NzczNzVkZjJjMzcxM2MyMB4XDTIyMDEw
MTAzNTkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI0OTIzM2MyZTVj
OGVmYzY5ODUwNTQwMTc3OTNiN2E2MzYxYzBlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTiLLjqSXNL6IVo9Zgiws0gS0nGf1aCWNpg3dYQEK4f2Wy5
BEcvRs1VvcOO8NRQ9q4/hhpKJuCWCLnidAUedRwDdSCeVIgYVxE6K4THfkmMHS7+
32FcaXqVrJ0NCcNouAA5jLuu7T08QnCdzNG92kNRrWz3rjkIjnKgHDyFJonqtCo0
TKA9Gwbo/dftrGryX+TK4PesK5AY98WsfVDNX4ji1f1v5HDqwYz/FxugfUccJW57
16USXg26WagPKVZgbp272wgZsMjhgO7bLKTg6lxPhTv6Y3s2sL4U35dS8pPJp+Fd
FcrH0/9faCw7ZTmpNrq0ykGIcPG+DCy4+AXfiIsCAwEAAaOCAm0wggJpMB0GA1Ud
DgQWBBSrSSM8LlyO/GmFBUAXeTt6Y2HA5DAfBgNVHSMEGDAWgBQoQSYqzWLJDmgI
Gm93c3XfLDcTwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tFRW1LczFpeVE1b0NCcHZkM04xM3l3M0U4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvMDMyMjc2LTI1ZGMtNGMzMC04YTdiLTk1YTMzZTEyYTNhZC8x
L3Ewa2pQQzVjanZ4cGhRVkFGM2s3ZW1OaHdPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
MDMyMjc2LTI1ZGMtNGMzMC04YTdiLTk1YTMzZTEyYTNhZC8xL0tFRW1LczFpeVE1
b0NCcHZkM04xM3l3M0U4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ggYIKwYBBQUHAQcBAf8EczBxMGAEAgABMFoDBAQu5FADBAYu7kADBAc+FQADBAdN
QQADBARQVyADBAdV3YADBANYl4gDBANef2gDBAdtrYADBAOX+VADBAK5DkgDBAK5
LKwDBADBFzYDBAHCGKQDBAHDoLQwDQQCAAIwBwMFACABQCAwDQYJKoZIhvcNAQEL
BQADggEBACh/8eQKvHLwu/UioIn9Bvd9jI+98A6Pq60MUgtIbFOc7w6XmnbpxVAi
psHqPFFm7pYCHjEIatssBI9uO31V38f0ctgGspxp/p13KQC0TKcRfHi2JwxNBOlW
Yn8dozEdRdscZ6XVaetTkmLgrUbqMQPDj0KOgfqGnWf9iIE7JzXYyJTQAXfQbO7l
WXWWH34icmXbeChDqym3YCazmdl6XfmbsVSduKGssQe3rAMMNfp0qAqM+lHQwFkZ
s8MHKAMWSGl4w0GAnjuxxh0Tedharxh5vWnejsKtnEMd1xdo0XQuYlG6MmIV6Iqv
z98NmpIk1LeKedxtikokxpmVab7uRy8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:03 2025 by rpki-client