Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/HMYdqwgg2g4Esdlyf_Lvv2yHKMk.roa
File: HMYdqwgg2g4Esdlyf_Lvv2yHKMk.roa (raw, json)
Hash identifier: sxGBcgA7YwxgOxxdMXMNuLWg7BZCXA2RkCB79XFleXs=
Subject key identifier: 1C:C6:1D:AB:08:20:DA:0E:04:B1:D9:72:7F:F2:EF:BF:6C:87:28:C9
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019417075D2C8F72FF03CC998EC1E4B14098
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/HMYdqwgg2g4Esdlyf_Lvv2yHKMk.roa
Signing time: Mon 30 Dec 2024 10:05:46 +0000
ROA not before: Mon 30 Dec 2024 10:05:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.2.0/24 maxlen: 24
94.131.3.0/24 maxlen: 24
94.131.96.0/24 maxlen: 24
94.131.97.0/24 maxlen: 24
94.131.98.0/24 maxlen: 24
94.131.99.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.103.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
94.131.112.0/24 maxlen: 24
94.131.113.0/24 maxlen: 24
94.131.114.0/24 maxlen: 24
94.131.115.0/24 maxlen: 24
94.131.116.0/24 maxlen: 24
94.131.117.0/24 maxlen: 24
94.131.118.0/24 maxlen: 24
94.131.119.0/24 maxlen: 24
94.131.120.0/22 maxlen: 24
95.164.0.0/22 maxlen: 24
95.164.4.0/22 maxlen: 24
95.164.8.0/22 maxlen: 24
95.164.16.0/22 maxlen: 24
95.164.21.0/24 maxlen: 24
95.164.22.0/24 maxlen: 24
95.164.23.0/24 maxlen: 24
95.164.32.0/21 maxlen: 24
95.164.44.0/22 maxlen: 24
95.164.51.0/24 maxlen: 24
95.164.60.0/22 maxlen: 24
95.164.68.0/24 maxlen: 24
95.164.69.0/24 maxlen: 24
95.164.84.0/22 maxlen: 24
95.164.88.0/24 maxlen: 24
95.164.89.0/24 maxlen: 24
95.164.112.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:07:5d:2c:8f:72:ff:03:cc:99:8e:c1:e4:b1:40:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 30 10:05:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cc61dab0820da0e04b1d9727ff2efbf6c8728c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:3d:38:8d:16:55:37:d0:8b:83:4e:e6:61:
52:86:d3:98:50:c8:97:46:8b:45:c8:6d:ec:6e:4b:
7f:76:e2:db:d1:c6:29:7a:b3:09:5f:5b:9c:46:23:
ce:03:f5:bc:ba:06:9a:4e:66:84:9c:da:f3:e9:f1:
7d:90:40:c6:61:0e:ca:29:db:32:8a:c0:dc:97:1a:
e3:2c:f2:be:43:5b:09:f0:aa:57:be:82:6f:f3:4a:
80:80:fa:4b:d6:15:e0:cb:c1:2a:75:27:0f:09:1a:
aa:2e:38:b6:35:c9:13:f1:15:32:fb:67:bc:da:44:
c3:b6:b1:f7:fb:34:e0:9f:3b:65:4a:cf:00:4a:c4:
99:25:11:0d:6e:7e:b7:44:a9:af:e7:f6:e5:11:f3:
91:7e:c5:c7:c3:64:18:c3:90:cf:9d:79:58:68:e8:
0a:55:36:a6:18:1f:2d:d7:65:cc:55:7a:73:be:2b:
a1:5d:33:5a:58:b6:12:d6:f7:62:b4:cf:56:e3:7e:
7f:64:16:b2:d9:bd:1e:e0:87:42:53:10:50:55:c8:
86:b8:57:73:b4:14:e3:07:a9:4a:6a:3b:1c:d8:80:
e6:e5:b1:4a:1f:02:20:d4:ba:4f:2d:ab:48:b8:7d:
2e:0e:b8:73:d4:e9:b3:a5:5b:93:ce:32:f8:48:bc:
89:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C6:1D:AB:08:20:DA:0E:04:B1:D9:72:7F:F2:EF:BF:6C:87:28:C9
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/HMYdqwgg2g4Esdlyf_Lvv2yHKMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/23
94.131.96.0-94.131.123.255
95.164.0.0-95.164.11.255
95.164.16.0/22
95.164.21.0-95.164.23.255
95.164.32.0/21
95.164.44.0/22
95.164.51.0/24
95.164.60.0/22
95.164.68.0/23
95.164.84.0-95.164.89.255
95.164.112.0/21
Signature Algorithm: sha256WithRSAEncryption
35:9f:f7:b2:ff:87:0d:0b:9f:af:79:52:c0:3f:89:e3:18:6d:
90:29:8d:43:48:c4:a1:92:f2:19:98:46:98:90:9f:41:2c:ed:
17:3f:36:14:14:51:f5:67:41:12:d8:47:2d:fc:93:d5:9a:59:
1f:63:75:5d:e4:38:cc:05:d2:28:ef:6d:07:e3:b5:a7:7b:52:
2c:43:94:e9:9f:c1:5d:d0:ee:e9:a8:5c:77:a9:9c:fe:ca:cc:
bd:b3:23:82:a4:4f:24:d4:2d:68:16:bd:6d:ba:a9:13:c2:70:
2e:2a:0a:58:4d:9b:5a:2f:b5:f6:36:bf:aa:9f:a8:17:f1:59:
f5:ca:7e:23:d4:3c:5c:fe:e7:72:d6:63:31:b5:23:1c:5c:69:
11:2e:9a:8a:7e:b6:83:c4:5a:a7:06:27:27:f9:ee:16:2f:c8:
e2:b7:06:be:90:79:d9:eb:d4:94:3d:f4:51:f4:cf:08:4a:ed:
d5:e4:bc:87:50:e3:4c:78:c3:f7:c8:9b:5f:28:2b:3c:7c:c1:
62:fa:a6:53:7e:91:2a:b3:20:2a:c8:0b:0d:b4:85:3f:5f:e3:
5e:f9:a8:92:08:c1:5d:bb:23:2d:85:56:4d:54:09:78:27:18:
26:3f:d5:eb:6b:4a:20:95:f6:87:b7:32:6b:75:1b:18:28:ff:
dc:de:0b:ed
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZQXB10sj3L/A8yZjsHksUCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMjMwMTAwNTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M2MWRhYjA4MjBkYTBlMDRiMWQ5NzI3ZmYyZWZiZjZjODcyOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5o9OI0WVTfQi4NO5mFShtOYUMiX
RotFyG3sbkt/duLb0cYperMJX1ucRiPOA/W8ugaaTmaEnNrz6fF9kEDGYQ7KKdsy
isDclxrjLPK+Q1sJ8KpXvoJv80qAgPpL1hXgy8EqdScPCRqqLji2NckT8RUy+2e8
2kTDtrH3+zTgnztlSs8ASsSZJRENbn63RKmv5/blEfORfsXHw2QYw5DPnXlYaOgK
VTamGB8t12XMVXpzviuhXTNaWLYS1vditM9W435/ZBay2b0e4IdCUxBQVciGuFdz
tBTjB6lKajsc2IDm5bFKHwIg1LpPLatIuH0uDrhz1OmzpVuTzjL4SLyJXQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFBzGHasIINoOBLHZcn/y779shyjJMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSE1ZZHF3Z2cyZzRFc2RseWZfTHZ2MnlIS01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZwMEAV6DAjAM
AwQFXoNgAwQCXoN4MAsDAwJfpAMEAl+kCAMEAl+kEDAMAwQAX6QVAwQDX6QQAwQD
X6QgAwQCX6QsAwQAX6QzAwQCX6Q8AwQBX6REMAwDBAJfpFQDBAFfpFgDBANfpHAw
DQYJKoZIhvcNAQELBQADggEBADWf97L/hw0Ln695UsA/ieMYbZApjUNIxKGS8hmY
RpiQn0Es7Rc/NhQUUfVnQRLYRy38k9WaWR9jdV3kOMwF0ijvbQfjtad7UixDlOmf
wV3Q7umoXHepnP7KzL2zI4KkTyTULWgWvW26qRPCcC4qClhNm1ovtfY2v6qfqBfx
WfXKfiPUPFz+53LWYzG1IxxcaREumop+toPEWqcGJyf57hYvyOK3Br6Qednr1JQ9
9FH0zwhK7dXkvIdQ40x4w/fIm18oKzx8wWL6plN+kSqzICrICw20hT9f4175qJII
wV27Iy2FVk1UCXgnGCY/1etrSiCV9oe3Mmt1Gxgo/9zeC+0=
-----END CERTIFICATE-----
Generated at Thu Apr 10 09:52:45 2025 by rpki-client