![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/Wg4GOjsoNNxxYaMTQ60vpECkvrg.roa
File: Wg4GOjsoNNxxYaMTQ60vpECkvrg.roa (raw, json)
Hash identifier: nEPZuY86k9m/zugL3H2VGOcoNPOCUoRvsplOwA9y3O4=
Subject key identifier: 5A:0E:06:3A:3B:28:34:DC:71:61:A3:13:43:AD:2F:A4:40:A4:BE:B8
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 383AFC41
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/Wg4GOjsoNNxxYaMTQ60vpECkvrg.roa
Signing time: Mon 14 Mar 2022 13:54:24 +0000
ROA not before: Mon 14 Mar 2022 13:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6700
IP address blocks: 217.26.64.0/20 maxlen: 20
195.252.110.0/24 maxlen: 24
195.252.109.0/24 maxlen: 24
195.252.122.0/23 maxlen: 23
195.252.64.0/19 maxlen: 19
195.252.78.0/23 maxlen: 23
195.252.76.0/23 maxlen: 23
195.252.80.0/23 maxlen: 23
195.252.96.0/19 maxlen: 19
195.252.102.0/24 maxlen: 24
213.244.224.0/20 maxlen: 20
194.106.165.0/24 maxlen: 24
194.106.166.0/24 maxlen: 24
194.106.162.0/24 maxlen: 24
194.106.160.0/20 maxlen: 20
194.106.170.0/24 maxlen: 24
194.106.176.0/20 maxlen: 20
194.106.182.0/24 maxlen: 24
62.193.131.0/24 maxlen: 24
62.193.129.0/24 maxlen: 24
62.193.130.0/24 maxlen: 24
62.193.128.0/19 maxlen: 19
62.193.137.0/24 maxlen: 24
62.193.151.0/24 maxlen: 24
91.148.117.0/24 maxlen: 24
91.148.118.0/24 maxlen: 24
91.148.124.0/24 maxlen: 24
91.148.125.0/24 maxlen: 24
91.148.123.0/24 maxlen: 24
91.148.122.0/24 maxlen: 24
91.148.120.0/23 maxlen: 23
91.148.126.0/24 maxlen: 24
91.148.127.0/24 maxlen: 24
85.222.160.0/24 maxlen: 24
85.222.160.0/21 maxlen: 21
85.222.166.0/23 maxlen: 23
91.148.69.0/24 maxlen: 24
91.148.70.0/24 maxlen: 24
91.148.68.0/24 maxlen: 24
91.148.64.0/18 maxlen: 18
91.148.72.0/24 maxlen: 24
91.148.73.0/24 maxlen: 24
91.148.80.0/20 maxlen: 20
91.148.96.0/21 maxlen: 21
91.148.105.0/24 maxlen: 24
91.148.104.0/24 maxlen: 24
185.47.210.0/24 maxlen: 24
185.47.211.0/24 maxlen: 24
185.47.208.0/22 maxlen: 22
185.47.208.0/24 maxlen: 24
178.20.206.0/24 maxlen: 24
62.108.96.0/19 maxlen: 19
178.20.205.0/24 maxlen: 24
178.20.200.0/24 maxlen: 24
178.20.207.0/24 maxlen: 24
2001:8c8::/32 maxlen: 32
2a02:e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943389761 (0x383afc41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Mar 14 13:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a0e063a3b2834dc7161a31343ad2fa440a4beb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ca:30:1a:2d:3c:b5:d6:d7:a1:eb:2d:f2:5d:
6f:ab:c7:58:2c:41:5e:66:c5:20:9e:3b:36:8a:5c:
f0:81:76:77:e1:5d:ad:8c:64:23:c7:b7:04:8e:5f:
83:35:96:14:31:43:8e:78:2b:eb:c2:ec:b7:4a:af:
45:71:aa:96:ee:69:6c:d6:e1:41:48:17:d3:c6:7c:
22:03:91:df:73:d9:87:b6:d3:9d:77:73:14:97:8f:
30:51:bd:8e:cd:b9:a5:2e:2d:e5:2e:09:0a:a0:eb:
db:45:7a:21:6f:43:e2:52:51:4c:d0:dc:f9:0f:c1:
42:b3:e6:e0:54:63:0a:34:42:33:b2:67:7b:ad:8d:
ba:4b:2f:00:de:88:21:fd:0a:fb:f1:41:5b:dc:b0:
6f:f5:ec:2d:8e:55:db:d5:8e:95:46:e2:62:c3:20:
2d:43:90:d3:e6:d1:00:2f:11:ff:c4:22:4e:84:89:
73:67:f0:08:75:97:12:fa:8b:e9:f1:1e:b8:ad:dc:
80:0c:3a:12:12:c3:07:81:4f:ef:27:b8:46:7d:31:
13:92:bd:16:1d:f1:e3:87:e4:50:dd:29:f4:95:64:
9c:3b:06:df:58:3f:f5:75:55:18:b3:18:4a:c7:36:
58:20:30:37:1e:32:84:92:0b:c8:fc:a3:63:1c:02:
76:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:0E:06:3A:3B:28:34:DC:71:61:A3:13:43:AD:2F:A4:40:A4:BE:B8
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/Wg4GOjsoNNxxYaMTQ60vpECkvrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.96.0/19
62.193.128.0/19
85.222.160.0/21
91.148.64.0/18
178.20.200.0/24
178.20.205.0-178.20.207.255
185.47.208.0/22
194.106.160.0/19
195.252.64.0/18
213.244.224.0/20
217.26.64.0/20
IPv6:
2001:8c8::/32
2a02:e40::/32
Signature Algorithm: sha256WithRSAEncryption
9e:98:0b:e3:63:12:1e:9d:95:29:d6:f8:68:27:0b:71:d6:8b:
00:8b:c5:02:c9:48:d1:d5:f1:fe:be:91:c0:2c:ab:43:ee:80:
84:d2:47:32:d8:cd:01:26:39:1d:bb:7a:5d:7b:33:c6:28:1a:
95:f5:54:85:88:63:1d:36:52:3d:49:e0:fa:2b:5d:19:5a:82:
57:7e:71:8c:4f:2e:15:e1:c4:e9:b4:7b:e5:57:86:58:9b:9e:
63:3a:87:67:21:84:af:2b:65:29:f2:79:de:5e:3b:b8:68:f1:
f6:39:5a:91:24:85:7d:d5:e1:e9:7a:2d:f3:6e:25:41:15:7f:
10:a9:38:cc:39:55:f5:a1:f8:04:7c:8a:5d:a7:93:87:b1:e1:
fc:7f:a5:f3:ea:cc:6a:99:16:57:85:7f:a3:ea:ad:c9:66:6c:
93:9e:a8:84:45:06:5c:8e:89:1e:a6:e6:07:6b:e8:82:d2:2f:
01:95:60:b2:d8:19:2a:bf:93:d7:e9:86:7f:62:c2:c6:47:d4:
b0:66:00:f7:b5:fa:e2:d6:c0:e6:2f:ea:c0:f4:be:59:66:de:
7b:62:52:c0:b7:ff:b5:21:e6:40:ae:38:8f:13:04:2e:a5:0d:
6d:a5:af:df:4a:5c:fa:d9:4a:23:13:fb:71:66:ef:fd:3e:8e:
80:30:0f:8d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEODr8QTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Mjc4YTc2OGM5MTBiYWRjZDVjNGFlZjdjMTcyYTlmMDYxNTQ3ZThjMB4XDTIyMDMx
NDEzNTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWEwZTA2M2EzYjI4
MzRkYzcxNjFhMzEzNDNhZDJmYTQ0MGE0YmViODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTKMBotPLXW16HrLfJdb6vHWCxBXmbFIJ47Nopc8IF2d+Fd
rYxkI8e3BI5fgzWWFDFDjngr68Lst0qvRXGqlu5pbNbhQUgX08Z8IgOR33PZh7bT
nXdzFJePMFG9js25pS4t5S4JCqDr20V6IW9D4lJRTNDc+Q/BQrPm4FRjCjRCM7Jn
e62NuksvAN6IIf0K+/FBW9ywb/XsLY5V29WOlUbiYsMgLUOQ0+bRAC8R/8QiToSJ
c2fwCHWXEvqL6fEeuK3cgAw6EhLDB4FP7ye4Rn0xE5K9Fh3x44fkUN0p9JVknDsG
31g/9XVVGLMYSsc2WCAwNx4yhJILyPyjYxwCdl8CAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBRaDgY6Oyg03HFhoxNDrS+kQKS+uDAfBgNVHSMEGDAWgBRieKdoyRC63NXE
rvfBcqnwYVR+jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1luaW5hTWtRdXR6VnhLNzN3WEtwOEdGVWZvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8x
L1dnNEdPanNvTk54eFlhTVRRNjB2cEVDa3ZyZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8xL1luaW5hTWtRdXR6
VnhLNzN3WEtwOEdGVWZvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwUAQCAAEwSgMEBT5sYAMEBT7BgAMEA1XeoAMEBluU
QAMEALIUyDAMAwQAshTNAwQEshTAAwQCuS/QAwQFwmqgAwQGw/xAAwQE1fTgAwQE
2RpAMBQEAgACMA4DBQAgAQjIAwUAKgIOQDANBgkqhkiG9w0BAQsFAAOCAQEAnpgL
42MSHp2VKdb4aCcLcdaLAIvFAslI0dXx/r6RwCyrQ+6AhNJHMtjNASY5Hbt6XXsz
xigalfVUhYhjHTZSPUng+itdGVqCV35xjE8uFeHE6bR75VeGWJueYzqHZyGErytl
KfJ53l47uGjx9jlakSSFfdXh6Xot824lQRV/EKk4zDlV9aH4BHyKXaeTh7Hh/H+l
8+rMapkWV4V/o+qtyWZsk56ohEUGXI6JHqbmB2vogtIvAZVgstgZKr+T1+mGf2LC
xkfUsGYA97X64tbA5i/qwPS+WWbee2JSwLf/tSHmQK44jxMELqUNbaWv30pc+tlK
IxP7cWbv/T6OgDAPjQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:45 2025 by rpki-client