Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6jyXAieLEeR8RUonn_2DkCNOixk.roa
File: 6jyXAieLEeR8RUonn_2DkCNOixk.roa (raw, json)
Hash identifier: PE+sOKqiwprilRJvV89JW6oMFvp/88rW7Gwzstdu77g=
Subject key identifier: EA:3C:97:02:27:8B:11:E4:7C:45:4A:27:9F:FD:83:90:23:4E:8B:19
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01932CA5E59EDF5D519DFB6435221A0D01C5
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6jyXAieLEeR8RUonn_2DkCNOixk.roa
Signing time: Thu 14 Nov 2024 21:48:09 +0000
ROA not before: Thu 14 Nov 2024 21:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394814
IP address blocks: 94.131.80.0/20 maxlen: 24
94.131.182.0/23 maxlen: 24
94.131.184.0/22 maxlen: 22
94.131.188.0/22 maxlen: 24
95.164.144.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2c:a5:e5:9e:df:5d:51:9d:fb:64:35:22:1a:0d:01:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 14 21:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea3c9702278b11e47c454a279ffd8390234e8b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:02:77:f2:0a:db:0b:17:96:3a:5b:ed:e8:da:
c7:c3:33:19:a7:fd:0d:8a:6b:6a:94:38:a1:af:87:
8b:e7:da:4a:c4:08:9a:3b:6f:b4:5a:ed:5a:08:2c:
cf:a0:ab:d6:31:4d:13:15:8c:04:10:45:19:b0:45:
33:f2:57:b1:a1:d1:58:d8:7a:13:d5:ca:ae:ff:67:
35:cb:a5:17:70:53:2e:23:f7:6f:32:c5:9b:a4:c4:
55:2b:cb:aa:78:c0:f3:5e:8f:79:aa:20:ed:66:bc:
81:fb:10:26:35:4f:19:a4:60:04:31:4f:75:79:16:
06:16:d7:53:bd:bb:4f:82:44:38:ef:f0:15:5f:0c:
b1:4f:df:1a:08:d7:57:41:b8:3b:f9:d0:1f:d6:47:
83:88:23:a3:e7:33:66:ce:c8:95:a8:4d:85:c8:7e:
65:00:8c:6b:01:7f:a4:ea:c8:2c:b7:0c:29:b9:81:
7e:63:5f:ed:33:08:50:50:5b:77:04:7a:64:0f:27:
5f:e8:8a:37:19:67:28:a7:4b:82:dd:c3:e4:c3:c2:
a5:2c:7c:e4:39:1c:93:8c:14:6d:79:11:84:b4:83:
db:0f:b9:92:26:e9:d5:cb:33:71:c0:cd:1f:54:7a:
5e:d2:d5:61:b1:a1:ea:fc:8b:97:6e:d4:d9:8e:70:
bb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3C:97:02:27:8B:11:E4:7C:45:4A:27:9F:FD:83:90:23:4E:8B:19
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6jyXAieLEeR8RUonn_2DkCNOixk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
94.131.182.0-94.131.191.255
95.164.144.0/20
Signature Algorithm: sha256WithRSAEncryption
33:c0:8a:67:a3:b8:dc:6f:fc:30:ae:42:71:70:29:df:ea:a1:
af:45:a0:04:6d:04:88:87:5f:19:53:66:fc:66:ff:37:63:46:
d3:47:5e:0e:98:90:60:85:16:12:05:52:00:7f:d6:c2:05:9e:
26:a5:96:4d:db:47:1a:f1:ab:09:00:33:82:b5:16:4c:c1:02:
3b:fe:b2:5e:c2:05:45:cb:82:c0:66:9c:55:54:f2:68:d9:1b:
bd:82:b4:fa:b4:ac:c3:6c:d7:16:48:9a:8e:64:c0:60:3c:e8:
63:ba:69:0c:58:2f:6b:b7:78:2b:ef:81:eb:2d:85:17:c2:20:
60:33:d3:bf:84:a1:16:6b:6e:7d:d9:ab:3a:a5:34:64:40:ad:
79:c9:07:3f:4a:13:7b:2b:42:4c:71:4e:41:2e:c1:b1:cd:26:
d1:73:48:6a:14:2e:25:72:02:a8:8a:11:eb:f5:e8:a3:69:aa:
83:9f:fd:80:2a:b7:e9:d2:cb:2d:fb:8b:40:ca:f4:03:d8:c9:
1a:7e:ce:64:f3:8b:39:45:e8:37:25:be:10:37:ac:b7:c2:f5:
4d:71:4c:3a:49:bf:10:88:a9:93:ce:45:4c:35:0a:43:7b:4b:
d9:8d:a0:67:1a:23:d4:b8:68:c7:24:f3:0c:e2:6e:e1:a4:e8:
ab:99:3d:d7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZMspeWe311RnftkNSIaDQHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMTE0MjE0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTNjOTcwMjI3OGIxMWU0N2M0NTRhMjc5ZmZkODM5MDIzNGU4YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QJ38grbCxeWOlvt6NrHwzMZp/0N
imtqlDihr4eL59pKxAiaO2+0Wu1aCCzPoKvWMU0TFYwEEEUZsEUz8lexodFY2HoT
1cqu/2c1y6UXcFMuI/dvMsWbpMRVK8uqeMDzXo95qiDtZryB+xAmNU8ZpGAEMU91
eRYGFtdTvbtPgkQ47/AVXwyxT98aCNdXQbg7+dAf1keDiCOj5zNmzsiVqE2FyH5l
AIxrAX+k6sgstwwpuYF+Y1/tMwhQUFt3BHpkDydf6Io3GWcop0uC3cPkw8KlLHzk
ORyTjBRteRGEtIPbD7mSJunVyzNxwM0fVHpe0tVhsaHq/IuXbtTZjnC7NQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOo8lwInixHkfEVKJ5/9g5AjTosZMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvNmp5WEFpZUxFZVI4UlVvbm5fMkRrQ05PaXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEXoNQMAwD
BAFeg7YDBAZeg4ADBARfpJAwDQYJKoZIhvcNAQELBQADggEBADPAimejuNxv/DCu
QnFwKd/qoa9FoARtBIiHXxlTZvxm/zdjRtNHXg6YkGCFFhIFUgB/1sIFniallk3b
RxrxqwkAM4K1FkzBAjv+sl7CBUXLgsBmnFVU8mjZG72CtPq0rMNs1xZImo5kwGA8
6GO6aQxYL2u3eCvvgesthRfCIGAz07+EoRZrbn3ZqzqlNGRArXnJBz9KE3srQkxx
TkEuwbHNJtFzSGoULiVyAqiKEev16KNpqoOf/YAqt+nSyy37i0DK9APYyRp+zmTz
izlF6DclvhA3rLfC9U1xTDpJvxCIqZPORUw1CkN7S9mNoGcaI9S4aMck8wzibuGk
6KuZPdc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:27:00 2025 by rpki-client