Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/Ro10Fu4BPenRbp6sHaoditLtFUc.roa
File: Ro10Fu4BPenRbp6sHaoditLtFUc.roa (raw, json)
Hash identifier: DneoK5rq7pAW3qkbUVvhTBQWRocnRqWAFqetCua1D6U=
Subject key identifier: 46:8D:74:16:EE:01:3D:E9:D1:6E:9E:AC:1D:AA:1D:8A:D2:ED:15:47
Certificate issuer: /CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Certificate serial: 019421558047AD32C767665B6524316ABCA3
Authority key identifier: AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/Ro10Fu4BPenRbp6sHaoditLtFUc.roa
Signing time: Wed 01 Jan 2025 10:07:18 +0000
ROA not before: Wed 01 Jan 2025 10:07:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197882
IP address blocks: 31.25.136.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.138.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
130.255.92.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
159.255.160.0/22 maxlen: 22
159.255.160.0/24 maxlen: 24
159.255.161.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
185.14.250.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.212.33.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
2a13:ef40:1::/48 maxlen: 48
2a13:ef47::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:55:80:47:ad:32:c7:67:66:5b:65:24:31:6a:bc:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Validity
Not Before: Jan 1 10:07:18 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=468d7416ee013de9d16e9eac1daa1d8ad2ed1547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:34:f1:f8:25:27:7b:97:65:51:88:22:4c:
a5:6e:ac:24:8b:6b:04:ad:63:c9:e4:6c:4f:4e:1f:
32:ee:1e:da:0a:b7:17:f2:ef:4e:c0:a9:fb:2e:3b:
b4:5d:ab:4a:c5:06:e6:64:df:10:c1:d5:c0:a8:15:
6d:23:e5:8c:94:5b:1c:8e:44:29:e6:20:05:e3:bc:
ab:34:64:f9:af:75:ab:52:2f:70:dd:82:b3:d0:fa:
f7:dd:77:50:ab:8f:87:ff:93:d4:0e:c9:01:0f:ad:
11:c1:3e:66:52:95:d4:16:2e:3f:eb:60:e3:6c:70:
d4:e4:ac:49:b4:f0:2b:5b:c0:e6:b5:43:02:a7:d7:
4a:d6:cd:5e:3a:1c:71:1d:87:82:95:a8:43:6b:28:
27:53:99:71:75:98:55:a2:55:3e:1c:c4:04:e0:58:
63:54:41:df:f8:63:f2:cb:68:49:60:6c:db:1d:2d:
75:af:03:6e:70:4f:2b:e1:6a:42:d7:ba:c7:86:79:
7c:d5:a1:a5:76:14:12:e6:5d:95:da:d2:6e:6e:2c:
b6:f8:df:d6:c7:74:50:d3:80:b8:10:a7:75:d3:50:
44:46:e2:4b:77:56:1b:d2:60:fb:9f:97:b4:1a:85:
6e:1e:2b:d8:a6:8d:c8:89:53:bf:e7:40:e8:2c:ef:
6f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:8D:74:16:EE:01:3D:E9:D1:6E:9E:AC:1D:AA:1D:8A:D2:ED:15:47
X509v3 Authority Key Identifier:
keyid:AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/Ro10Fu4BPenRbp6sHaoditLtFUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.198.0/23
185.212.33.0/24
IPv6:
2a03:bcc0:1::/48
2a13:ef40:1::/48
2a13:ef47::/32
Signature Algorithm: sha256WithRSAEncryption
6c:74:7a:9e:d7:bf:f7:1b:84:98:7b:a1:e8:2a:d4:2c:37:ce:
be:8f:25:d6:7d:88:60:55:00:97:22:b3:2a:09:a0:46:4a:e5:
fb:ce:61:2d:21:85:cb:dc:c7:87:aa:4e:cd:c6:bf:78:37:3f:
30:73:f6:b8:1a:d3:b8:74:3f:1e:ff:a7:af:b5:c5:1f:19:a2:
20:57:6a:50:27:32:8c:82:ec:2b:80:e0:56:68:56:7a:9e:b9:
aa:6d:c8:f3:d5:af:58:c8:66:b4:68:68:89:03:c4:f5:1c:ec:
c7:69:dd:12:fb:13:f6:96:b1:c6:51:00:1f:f3:6c:22:94:fe:
16:73:99:a5:50:07:86:36:bf:43:26:a9:77:9b:fa:a6:93:94:
02:3c:30:6f:a2:4b:93:20:21:26:65:3e:62:48:04:82:61:f7:
69:f0:4d:e0:80:62:27:c0:10:1a:71:c1:da:32:7b:20:ed:b4:
4c:96:39:a2:a9:0c:da:3d:2d:82:69:02:a6:51:26:f0:1a:f2:
dd:d5:c7:ed:40:aa:a9:9e:4f:79:75:bc:bf:3f:57:f3:22:73:
99:36:5e:89:01:d4:e7:8c:d1:30:fc:79:a9:72:86:44:b7:20:
3c:1b:e6:c4:46:5d:d3:02:ec:53:82:48:c5:08:04:31:c6:b5:
12:15:7a:bd
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQhVYBHrTLHZ2ZbZSQxaryjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmY2YTM2ZWMyOTYwZDRkMDVmM2Q5ZGNiMTg3YjliOTA0
ZWE1OWIwHhcNMjUwMTAxMTAwNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjhkNzQxNmVlMDEzZGU5ZDE2ZTllYWMxZGFhMWQ4YWQyZWQxNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsE08fglJ3uXZVGIIkylbqwki2sE
rWPJ5GxPTh8y7h7aCrcX8u9OwKn7Lju0XatKxQbmZN8QwdXAqBVtI+WMlFscjkQp
5iAF47yrNGT5r3WrUi9w3YKz0Pr33XdQq4+H/5PUDskBD60RwT5mUpXUFi4/62Dj
bHDU5KxJtPArW8DmtUMCp9dK1s1eOhxxHYeClahDaygnU5lxdZhVolU+HMQE4Fhj
VEHf+GPyy2hJYGzbHS11rwNucE8r4WpC17rHhnl81aGldhQS5l2V2tJubiy2+N/W
x3RQ04C4EKd101BERuJLd1Yb0mD7n5e0GoVuHivYpo3IiVO/50DoLO9v+QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFEaNdBbuAT3p0W6erB2qHYrS7RVHMB8GA1UdIwQY
MBaAFKtvajbsKWDU0F89ncsYe5uQTqWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUt
OTRiYjgzYTIwMDI5LzEvUm8xMEZ1NEJQZW5SYnA2c0hhb2RpdEx0RlVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUtOTRiYjgzYTIwMDI5
LzEvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBIBAIAATBCMAwDBAMfGYgD
BAEfGYwDBAKC/1wwDAMEBZ//oAMEAJ//pDAMAwQDuQ74AwQAuQ76AwQCuWXsAwQB
ubjGAwQAudQhMB8EAgACMBkDBwAqA7zAAAEDBwAqE+9AAAEDBQAqE+9HMA0GCSqG
SIb3DQEBCwUAA4IBAQBsdHqe17/3G4SYe6HoKtQsN86+jyXWfYhgVQCXIrMqCaBG
SuX7zmEtIYXL3MeHqk7Nxr94Nz8wc/a4GtO4dD8e/6evtcUfGaIgV2pQJzKMguwr
gOBWaFZ6nrmqbcjz1a9YyGa0aGiJA8T1HOzHad0S+xP2lrHGUQAf82wilP4Wc5ml
UAeGNr9DJql3m/qmk5QCPDBvokuTICEmZT5iSASCYfdp8E3ggGInwBAaccHaMnsg
7bRMljmiqQzaPS2CaQKmUSbwGvLd1cftQKqpnk95dby/P1fzInOZNl6JAdTnjNEw
/HmpcoZEtyA8G+bERl3TAuxTgkjFCAQxxrUSFXq9
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:19:40 2025 by rpki-client