Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/BOcY6ab0jqK8eY6-mBzMVFE13yA.roa
File: BOcY6ab0jqK8eY6-mBzMVFE13yA.roa (raw, json)
Hash identifier: OKvgHWYTg5wf2pork2x3pdHilav7sNRhdjExqRl0doE=
Subject key identifier: 04:E7:18:E9:A6:F4:8E:A2:BC:79:8E:BE:98:1C:CC:54:51:35:DF:20
Certificate issuer: /CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Certificate serial: 01940975983A6C70E46A49F7DA39B0A298EC
Authority key identifier: AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/BOcY6ab0jqK8eY6-mBzMVFE13yA.roa
Signing time: Fri 27 Dec 2024 18:51:29 +0000
ROA not before: Fri 27 Dec 2024 18:51:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197882
IP address blocks: 31.25.136.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.138.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
130.255.92.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
159.255.160.0/22 maxlen: 22
159.255.160.0/24 maxlen: 24
159.255.161.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
185.14.250.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.212.33.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
2a13:ef40:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:09:75:98:3a:6c:70:e4:6a:49:f7:da:39:b0:a2:98:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Validity
Not Before: Dec 27 18:51:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04e718e9a6f48ea2bc798ebe981ccc545135df20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:fb:24:d9:0d:1a:11:71:44:72:9a:78:49:9a:
c4:24:cc:8b:c9:51:75:cc:53:05:ce:bd:d8:cf:ad:
b3:09:21:08:bc:60:04:ac:01:ca:29:4f:b2:6d:52:
09:c8:a3:37:b7:e0:81:01:36:0e:40:35:3b:49:eb:
ef:43:4b:67:18:78:88:c4:d2:8e:3e:98:53:d9:cb:
21:08:dd:49:fd:ea:68:b2:19:24:24:bc:b5:30:18:
8c:48:f9:3a:cc:08:27:2b:92:91:14:2d:d9:14:d2:
7e:92:d6:43:f7:89:da:4a:ab:5f:03:e7:a3:9a:0c:
bd:08:cf:41:bb:b8:e7:45:29:8d:5e:24:af:ae:94:
e5:95:4e:a2:17:c1:de:3f:a8:c6:3b:c5:1d:80:9b:
2e:67:84:02:45:ba:15:a4:18:03:71:36:0d:3a:12:
7d:04:25:38:ac:8c:c3:a8:d0:86:e0:11:fa:c2:c8:
9c:ba:00:7a:d5:d3:48:42:55:82:9d:17:ed:93:ee:
03:f1:e6:a3:6b:03:6d:4f:ae:9e:94:35:76:b8:60:
b0:75:6d:1b:24:cc:81:0f:03:1e:88:21:a7:33:3c:
2f:5c:62:36:31:7b:b3:ac:cc:21:c6:b1:51:18:4f:
44:19:4b:1d:ec:2c:f5:a6:80:69:bc:18:1b:a9:c6:
70:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E7:18:E9:A6:F4:8E:A2:BC:79:8E:BE:98:1C:CC:54:51:35:DF:20
X509v3 Authority Key Identifier:
keyid:AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/BOcY6ab0jqK8eY6-mBzMVFE13yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.198.0/23
185.212.33.0/24
IPv6:
2a03:bcc0:1::/48
2a13:ef40:1::/48
Signature Algorithm: sha256WithRSAEncryption
a5:aa:5b:5e:f7:d3:9d:24:d1:8a:59:30:84:6c:c9:62:60:1c:
5b:4f:18:e3:7a:e7:a7:c1:23:07:48:af:40:94:77:d2:88:66:
ed:66:17:7b:4f:6b:9c:80:eb:04:2a:d4:39:38:d8:38:db:e3:
09:b6:23:8e:27:d4:2c:b8:ea:f1:3f:8c:25:86:cf:d1:d4:22:
74:05:d2:61:6a:d6:49:fc:92:f9:99:60:f8:68:bf:a7:dc:42:
bb:84:e6:0f:7c:a0:7e:2d:04:2d:ff:1a:af:e9:a2:e5:ff:0d:
6a:a8:50:cb:dc:97:d2:fe:ba:66:bd:5b:06:61:45:be:e9:43:
c8:2d:84:a9:10:be:28:74:da:e3:5a:aa:00:6c:98:2c:c1:4f:
dd:a0:d4:a2:fd:f1:a4:07:0f:23:7d:40:49:e8:83:83:fa:c7:
29:8f:98:47:31:aa:09:5d:49:66:96:02:59:ce:e2:11:2c:c8:
b9:79:be:d4:c3:e8:36:47:32:48:4d:5c:39:8d:c7:d0:f6:c0:
d6:eb:7a:a3:0d:2f:d3:0e:e1:a0:84:97:81:bd:c7:5e:ab:ea:
7a:60:00:2c:c2:99:c3:15:ed:58:09:8d:36:c8:b0:45:11:24:
b9:55:a0:b7:6a:ab:b4:c3:b3:f6:f4:0d:da:75:a3:f9:0e:dc:
7f:24:aa:30
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQJdZg6bHDkakn32jmwopjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmY2YTM2ZWMyOTYwZDRkMDVmM2Q5ZGNiMTg3YjliOTA0
ZWE1OWIwHhcNMjQxMjI3MTg1MTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU3MThlOWE2ZjQ4ZWEyYmM3OThlYmU5ODFjY2M1NDUxMzVkZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/sk2Q0aEXFEcpp4SZrEJMyLyVF1
zFMFzr3Yz62zCSEIvGAErAHKKU+ybVIJyKM3t+CBATYOQDU7SevvQ0tnGHiIxNKO
PphT2cshCN1J/eposhkkJLy1MBiMSPk6zAgnK5KRFC3ZFNJ+ktZD94naSqtfA+ej
mgy9CM9Bu7jnRSmNXiSvrpTllU6iF8HeP6jGO8UdgJsuZ4QCRboVpBgDcTYNOhJ9
BCU4rIzDqNCG4BH6wsicugB61dNIQlWCnRftk+4D8eajawNtT66elDV2uGCwdW0b
JMyBDwMeiCGnMzwvXGI2MXuzrMwhxrFRGE9EGUsd7Cz1poBpvBgbqcZwPwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFATnGOmm9I6ivHmOvpgczFRRNd8gMB8GA1UdIwQY
MBaAFKtvajbsKWDU0F89ncsYe5uQTqWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUt
OTRiYjgzYTIwMDI5LzEvQk9jWTZhYjBqcUs4ZVk2LW1Cek1WRkUxM3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUtOTRiYjgzYTIwMDI5
LzEvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBIBAIAATBCMAwDBAMfGYgD
BAEfGYwDBAKC/1wwDAMEBZ//oAMEAJ//pDAMAwQDuQ74AwQAuQ76AwQCuWXsAwQB
ubjGAwQAudQhMBgEAgACMBIDBwAqA7zAAAEDBwAqE+9AAAEwDQYJKoZIhvcNAQEL
BQADggEBAKWqW173050k0YpZMIRsyWJgHFtPGON656fBIwdIr0CUd9KIZu1mF3tP
a5yA6wQq1Dk42Djb4wm2I44n1Cy46vE/jCWGz9HUInQF0mFq1kn8kvmZYPhov6fc
QruE5g98oH4tBC3/Gq/pouX/DWqoUMvcl9L+uma9WwZhRb7pQ8gthKkQvih02uNa
qgBsmCzBT92g1KL98aQHDyN9QEnog4P6xymPmEcxqgldSWaWAlnO4hEsyLl5vtTD
6DZHMkhNXDmNx9D2wNbreqMNL9MO4aCEl4G9x16r6npgACzCmcMV7VgJjTbIsEUR
JLlVoLdqq7TDs/b0Ddp1o/kO3H8kqjA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:47 2025 by rpki-client