Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/mYwsF62Uj9DlfX2pwmsy3jKw2Lk.roa
File: mYwsF62Uj9DlfX2pwmsy3jKw2Lk.roa (raw, json)
Hash identifier: BQn3g6dhJzeW4hrgJ/CHzJtf5+r0SiWQfYHzaA/7wB8=
Subject key identifier: 99:8C:2C:17:AD:94:8F:D0:E5:7D:7D:A9:C2:6B:32:DE:32:B0:D8:B9
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 01828D048D0F7E94D8C3564492573886EB6D
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/mYwsF62Uj9DlfX2pwmsy3jKw2Lk.roa
Signing time: Thu 11 Aug 2022 13:07:41 +0000
ROA not before: Thu 11 Aug 2022 13:07:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
185.24.140.0/22 maxlen: 22
88.213.224.0/19 maxlen: 19
37.97.69.0/24 maxlen: 24
37.97.70.0/24 maxlen: 24
217.181.128.0/17 maxlen: 17
37.97.80.0/23 maxlen: 23
185.6.92.0/22 maxlen: 22
178.255.160.0/21 maxlen: 21
37.97.96.0/20 maxlen: 20
195.135.0.0/17 maxlen: 17
217.74.96.0/20 maxlen: 20
195.135.0.0/18 maxlen: 18
185.65.248.0/22 maxlen: 22
157.143.128.0/17 maxlen: 17
81.93.0.0/19 maxlen: 19
217.181.250.0/23 maxlen: 23
109.235.232.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
185.32.208.0/22 maxlen: 22
80.251.96.0/20 maxlen: 20
178.157.16.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
178.157.32.0/20 maxlen: 20
65.39.64.0/19 maxlen: 19
185.8.252.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
2a0c:600::/29 maxlen: 29
2a02:c440::/29 maxlen: 29
2a02:6e8::/32 maxlen: 32
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:04:8d:0f:7e:94:d8:c3:56:44:92:57:38:86:eb:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Aug 11 13:07:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=998c2c17ad948fd0e57d7da9c26b32de32b0d8b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:83:af:85:c0:4b:d7:83:1b:73:d8:8d:c6:78:
03:c3:c5:cc:cd:2a:8a:c5:9e:28:95:b4:6a:db:47:
0d:9a:55:8c:c3:01:1b:2c:79:fc:25:77:23:b3:e9:
27:b9:f9:6f:d3:81:40:14:06:9c:f8:a8:e0:eb:e3:
f2:da:64:d7:ac:5e:a4:24:00:33:8f:1b:97:7e:e3:
b2:ee:17:f2:82:ec:ea:25:b5:1b:e7:77:ea:e2:a1:
d3:d4:5e:69:f1:83:84:10:11:1c:75:ca:98:a8:fe:
10:f6:8c:af:35:bd:ab:9a:28:32:d5:3e:3e:de:3f:
77:93:43:77:f8:e6:64:21:5b:1e:5c:9e:83:72:e0:
d1:dd:98:22:52:13:da:23:63:fe:ba:4a:b7:7f:02:
0f:4e:d0:5b:66:43:bb:23:7f:43:dd:f4:c5:b9:ce:
1e:01:1f:8f:9e:b2:32:c5:ef:15:7d:3f:8f:57:8b:
06:66:05:9b:9f:2f:fe:ef:0f:e9:ac:cc:ee:3f:9a:
8f:2a:05:53:a4:fb:49:5e:52:74:92:df:fd:cb:7f:
97:1d:f5:b6:5e:15:60:48:0a:0b:c0:4e:8a:68:d1:
87:28:55:45:a0:e4:f2:52:41:aa:0b:95:14:0d:79:
95:76:ef:2b:ce:67:3d:b3:69:0d:49:52:c0:39:36:
bd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:8C:2C:17:AD:94:8F:D0:E5:7D:7D:A9:C2:6B:32:DE:32:B0:D8:B9
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/mYwsF62Uj9DlfX2pwmsy3jKw2Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
109.235.232.0/24
109.235.239.0/24
157.143.128.0/17
178.157.16.0-178.157.47.255
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a0b:e3c0::/29
2a0c:600::/29
Signature Algorithm: sha256WithRSAEncryption
4f:33:32:ee:27:40:0b:fa:38:8d:ba:ea:98:5c:82:37:64:1c:
a6:21:da:6f:32:66:f4:ad:f6:6d:d2:76:66:28:e7:d0:c7:56:
61:c8:42:ad:ac:cc:4a:24:be:58:7b:32:38:30:6f:d5:1f:bd:
cb:91:56:57:6f:23:0e:21:3e:ac:55:6d:08:7f:55:f3:ff:25:
0a:7b:99:82:2a:c0:91:bf:ce:f4:82:56:71:33:ef:e9:48:15:
a4:2b:04:15:0c:ca:1a:7e:15:9c:d6:49:6b:17:00:bc:bf:d2:
cc:fb:87:5e:ae:a6:d9:08:a1:ed:9b:73:2f:91:7c:47:79:1f:
d4:fa:ee:f7:af:75:fd:12:23:8a:4d:47:b0:96:7c:5c:35:cd:
e0:8f:7d:a7:a5:01:91:7b:49:7a:92:f4:02:69:9f:ee:1c:c1:
9d:b7:d1:77:bf:db:b9:39:e1:e0:69:de:b9:7f:ce:15:a3:66:
79:fb:b9:dd:cc:8d:6d:51:54:2d:5e:6c:7b:84:6e:d1:8a:8e:
54:a1:83:96:56:79:34:4b:97:fb:10:25:88:b9:1b:e8:cf:df:
20:dd:df:af:2c:d3:5f:7f:e7:a4:a2:bf:10:f6:b3:c9:20:4e:
06:4c:08:83:26:46:0d:c8:23:44:6e:19:00:18:54:8c:15:7e:
dc:92:34:ca
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYKNBI0PfpTYw1ZEklc4huttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjIwODExMTMwNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OThjMmMxN2FkOTQ4ZmQwZTU3ZDdkYTljMjZiMzJkZTMyYjBkOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYOvhcBL14Mbc9iNxngDw8XMzSqK
xZ4olbRq20cNmlWMwwEbLHn8JXcjs+knuflv04FAFAac+Kjg6+Py2mTXrF6kJAAz
jxuXfuOy7hfyguzqJbUb53fq4qHT1F5p8YOEEBEcdcqYqP4Q9oyvNb2rmigy1T4+
3j93k0N3+OZkIVseXJ6DcuDR3ZgiUhPaI2P+ukq3fwIPTtBbZkO7I39D3fTFuc4e
AR+PnrIyxe8VfT+PV4sGZgWbny/+7w/prMzuP5qPKgVTpPtJXlJ0kt/9y3+XHfW2
XhVgSAoLwE6KaNGHKFVFoOTyUkGqC5UUDXmVdu8rzmc9s2kNSVLAOTa99wIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFJmMLBetlI/Q5X19qcJrMt4ysNi5MB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvbVl3c0Y2MlVqOURsZlgycHdtc3kzakt3MkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBiQQCAAEwgYIwDAME
BiVhQAMEBCVhYAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEAG3r6AMEAG3r7wME
B52PgDAMAwQEsp0QAwQEsp0gAwQDsv+gAwQCuQZcAwQCuQj8AwQCuRiMAwQCuSDQ
AwQCuSqwAwQCuUH4AwQHw4cAAwQE2UpgAwQH2bWAMCIEAgACMBwDBQAqAgboAwUD
KgLEQAMFAyoL48ADBQMqDAYAMA0GCSqGSIb3DQEBCwUAA4IBAQBPMzLuJ0AL+jiN
uuqYXII3ZBymIdpvMmb0rfZt0nZmKOfQx1ZhyEKtrMxKJL5YezI4MG/VH73LkVZX
byMOIT6sVW0If1Xz/yUKe5mCKsCRv870glZxM+/pSBWkKwQVDMoafhWc1klrFwC8
v9LM+4derqbZCKHtm3MvkXxHeR/U+u73r3X9EiOKTUewlnxcNc3gj32npQGRe0l6
kvQCaZ/uHMGdt9F3v9u5OeHgad65f84Vo2Z5+7ndzI1tUVQtXmx7hG7Rio5UoYOW
Vnk0S5f7ECWIuRvoz98g3d+vLNNff+ekor8Q9rPJIE4GTAiDJkYNyCNEbhkAGFSM
FX7ckjTK
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:12:05 2025 by rpki-client