Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/5ODWtu-242cKe4JrvxD2ZU8y6Hg.roa
File: 5ODWtu-242cKe4JrvxD2ZU8y6Hg.roa (raw, json)
Hash identifier: V22WBNgLtNJ2DsBM1sb4/mbCcZtzkHWCpeCNq9MSR8Y=
Subject key identifier: E4:E0:D6:B6:EF:B6:E3:67:0A:7B:82:6B:BF:10:F6:65:4F:32:E8:78
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0182E4F444DB20D451E27B625E2322719B15
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/5ODWtu-242cKe4JrvxD2ZU8y6Hg.roa
Signing time: Sun 28 Aug 2022 14:56:29 +0000
ROA not before: Sun 28 Aug 2022 14:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394814
IP address blocks: 95.164.112.0/20 maxlen: 24
95.164.248.0/22 maxlen: 24
95.164.144.0/20 maxlen: 24
94.131.80.0/20 maxlen: 24
95.164.60.0/22 maxlen: 24
95.164.176.0/20 maxlen: 24
95.164.84.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e4:f4:44:db:20:d4:51:e2:7b:62:5e:23:22:71:9b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Aug 28 14:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4e0d6b6efb6e3670a7b826bbf10f6654f32e878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:52:78:96:89:55:f0:a5:4f:0d:82:34:88:8b:
e7:a3:cb:18:4b:ac:99:02:b2:a8:f4:34:aa:2d:42:
03:d1:a8:26:0e:5e:ea:3c:5b:30:e7:7c:cd:82:7e:
1e:63:34:6c:64:d1:6b:74:5b:fa:99:35:bc:f1:a6:
d5:7a:cf:76:4f:d2:f3:38:aa:f1:89:e0:8a:1d:86:
82:88:aa:2d:94:4d:8d:62:6a:03:f3:60:26:8f:41:
0a:1e:95:e3:13:50:67:43:09:22:fb:ca:56:5c:ec:
51:5e:26:fa:9b:e9:03:1e:4e:73:00:1c:59:45:a9:
39:4d:9a:d9:0b:0c:f8:78:59:3d:58:72:e9:1e:82:
c4:0f:4a:40:db:7e:0b:dc:d3:eb:1e:41:c7:9b:f4:
07:eb:2f:50:78:5c:5b:5a:9c:40:ec:e4:4e:30:9f:
e2:73:13:d9:db:b6:f0:58:01:ae:5a:aa:1e:3b:37:
90:1d:d6:c1:8d:5f:c7:3e:c4:b9:b3:97:ad:f4:70:
b0:bf:92:93:c9:df:72:b8:50:e1:1f:53:dc:fd:bb:
4d:7a:02:f7:fd:1b:83:58:0d:65:45:4a:74:e5:17:
15:f2:65:f9:5e:fb:b5:0a:ce:71:c5:e2:cc:75:77:
e8:f5:ca:13:e5:6a:28:b3:26:4b:14:dd:10:82:aa:
1b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E0:D6:B6:EF:B6:E3:67:0A:7B:82:6B:BF:10:F6:65:4F:32:E8:78
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/5ODWtu-242cKe4JrvxD2ZU8y6Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
95.164.60.0/22
95.164.84.0/22
95.164.112.0/20
95.164.144.0/20
95.164.176.0/20
95.164.248.0/22
Signature Algorithm: sha256WithRSAEncryption
52:3b:57:b7:26:a7:02:25:cb:dd:7e:e1:44:4d:68:c0:f1:da:
53:59:87:f6:79:49:1e:04:3b:e9:bf:c4:76:e4:e3:5a:f1:24:
24:18:a3:30:7a:61:53:d4:81:54:d2:bc:55:92:cf:32:6f:63:
b7:ba:2c:11:15:b9:47:dc:f1:44:52:c8:36:17:44:e0:aa:93:
de:9f:2f:ea:ff:af:cf:53:56:a3:b2:1e:9e:ee:30:33:bd:2f:
93:93:2f:a4:01:49:6e:1d:0c:62:b9:99:a3:43:62:ad:62:98:
66:fb:6c:d0:6b:5e:7b:fb:44:30:7b:6d:bc:99:2e:b6:73:9f:
6e:bd:33:1d:71:21:86:b5:03:8c:93:b4:37:63:0d:0d:fa:af:
c2:66:3c:9b:90:20:38:ca:25:27:3c:4b:5f:f9:01:44:31:4a:
05:33:c1:08:67:12:ba:46:d2:d5:d5:34:6c:71:1d:6d:9d:2f:
00:5e:93:e1:fc:79:67:31:bd:da:0e:50:00:48:30:f6:b2:68:
fd:fe:e9:45:d4:8c:d9:e9:1d:80:ac:5e:fc:be:4f:4c:f0:ff:
45:70:76:a7:dd:87:b7:f2:e1:dd:44:85:e2:a1:db:ea:fa:e3:
85:fb:cb:51:45:5d:06:da:d6:63:e4:2e:3d:c5:45:f1:a0:67:
4d:77:f9:55
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYLk9ETbINRR4ntiXiMicZsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIwODI4MTQ1NjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUwZDZiNmVmYjZlMzY3MGE3YjgyNmJiZjEwZjY2NTRmMzJlODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFJ4lolV8KVPDYI0iIvno8sYS6yZ
ArKo9DSqLUID0agmDl7qPFsw53zNgn4eYzRsZNFrdFv6mTW88abVes92T9LzOKrx
ieCKHYaCiKotlE2NYmoD82Amj0EKHpXjE1BnQwki+8pWXOxRXib6m+kDHk5zABxZ
Rak5TZrZCwz4eFk9WHLpHoLED0pA234L3NPrHkHHm/QH6y9QeFxbWpxA7OROMJ/i
cxPZ27bwWAGuWqoeOzeQHdbBjV/HPsS5s5et9HCwv5KTyd9yuFDhH1Pc/btNegL3
/RuDWA1lRUp05RcV8mX5Xvu1Cs5xxeLMdXfo9coT5WoosyZLFN0QgqobMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOTg1rbvtuNnCnuCa78Q9mVPMuh4MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvNU9EV3R1LTI0MmNLZTRKcnZ4RDJaVTh5NkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEXoNQAwQC
X6Q8AwQCX6RUAwQEX6RwAwQEX6SQAwQEX6SwAwQCX6T4MA0GCSqGSIb3DQEBCwUA
A4IBAQBSO1e3JqcCJcvdfuFETWjA8dpTWYf2eUkeBDvpv8R25ONa8SQkGKMwemFT
1IFU0rxVks8yb2O3uiwRFblH3PFEUsg2F0TgqpPeny/q/6/PU1ajsh6e7jAzvS+T
ky+kAUluHQxiuZmjQ2KtYphm+2zQa157+0Qwe228mS62c59uvTMdcSGGtQOMk7Q3
Yw0N+q/CZjybkCA4yiUnPEtf+QFEMUoFM8EIZxK6RtLV1TRscR1tnS8AXpPh/Hln
Mb3aDlAASDD2smj9/ulF1IzZ6R2ArF78vk9M8P9FcHan3Ye38uHdRIXiodvq+uOF
+8tRRV0G2tZj5C49xUXxoGdNd/lV
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:22:38 2025 by rpki-client