Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JgwqAwsp6oNoeAEB8bCiOiBJuyo.roa
File: JgwqAwsp6oNoeAEB8bCiOiBJuyo.roa (raw, json)
Hash identifier: if2SXZJZCvVxXPrWvGvugZl9lE7XqYc3kx7mvgtKRNw=
Subject key identifier: 26:0C:2A:03:0B:29:EA:83:68:78:01:01:F1:B0:A2:3A:20:49:BB:2A
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01936520D34A5982F007F958771D61A7B1B9
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JgwqAwsp6oNoeAEB8bCiOiBJuyo.roa
Signing time: Mon 25 Nov 2024 21:01:10 +0000
ROA not before: Mon 25 Nov 2024 21:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394814
IP address blocks: 94.131.80.0/20 maxlen: 24
94.131.182.0/23 maxlen: 24
94.131.184.0/22 maxlen: 22
95.164.144.0/20 maxlen: 24
95.164.200.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:65:20:d3:4a:59:82:f0:07:f9:58:77:1d:61:a7:b1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 25 21:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=260c2a030b29ea8368780101f1b0a23a2049bb2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7c:95:67:c5:e5:3b:9e:b7:40:44:1e:88:3d:
74:94:1e:8a:ed:6d:1d:34:27:21:f3:66:69:73:4d:
44:dc:ab:ee:f2:9b:b2:e4:c8:ca:72:7d:e7:cd:82:
49:f7:05:c7:89:87:b3:ee:01:4f:cc:fd:d7:10:e4:
2e:d9:8f:ab:82:05:57:16:b4:3c:35:87:07:d8:eb:
46:db:e0:a6:be:b9:6c:27:cd:76:c6:13:72:94:83:
b0:99:1d:3d:b9:8b:b3:63:eb:cb:b9:ee:f2:64:6d:
27:52:b1:87:77:fe:f0:6c:5b:af:09:6a:35:82:24:
53:2d:62:a8:dd:61:9f:30:ca:6f:14:b4:99:cf:f8:
21:bc:b3:2e:53:2b:00:d2:41:13:08:75:80:8f:a6:
cc:95:85:9a:88:d6:45:52:dc:45:67:b2:dd:fd:6a:
ae:ef:cc:6d:52:9d:00:1e:27:27:ba:82:a0:d3:eb:
2c:ba:ff:96:57:36:a6:b4:32:a1:cf:17:ec:97:bc:
b3:8f:84:be:e0:ac:07:35:19:43:0a:0e:70:2b:c4:
41:e7:f0:d7:aa:7d:f2:6d:94:6e:ad:55:f2:a4:75:
43:aa:9b:12:70:d1:77:b0:32:67:05:01:cc:5e:9e:
d0:cd:ab:52:cb:02:3b:c2:d5:22:69:c4:8d:e2:87:
7b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:0C:2A:03:0B:29:EA:83:68:78:01:01:F1:B0:A2:3A:20:49:BB:2A
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JgwqAwsp6oNoeAEB8bCiOiBJuyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
94.131.182.0-94.131.187.255
95.164.144.0/20
95.164.200.0/22
Signature Algorithm: sha256WithRSAEncryption
13:5a:e5:fe:92:c0:b5:1d:3c:be:b8:ed:10:5c:5b:7b:f0:80:
e5:5a:c6:fd:e2:88:17:fb:81:90:69:3b:3f:43:a8:29:d9:19:
6f:75:0b:9e:ee:ed:e9:9d:0b:d6:e8:2d:b7:ae:ec:e9:0c:6f:
71:d5:9b:ae:c4:7b:5b:13:32:a9:1e:3f:f5:29:a3:a1:61:2e:
d9:37:62:bb:b0:11:11:cb:d6:91:86:d8:70:24:b1:13:de:e9:
63:0f:f8:3d:a3:9b:fd:4e:5e:fa:3d:e2:2f:92:24:9f:6f:77:
47:a0:bf:f7:bf:ae:82:8a:40:16:5c:6d:f4:cd:4e:66:4c:e8:
f3:b5:93:d2:7b:12:48:4f:55:8b:5c:cc:ae:ca:7f:53:f9:8b:
b9:ba:79:f3:fa:c4:43:34:86:cf:e4:06:d4:f4:7e:88:4d:84:
99:2f:36:0d:3d:82:f8:6f:59:35:ea:09:f5:51:22:37:59:dd:
f3:95:8f:be:e0:ce:99:31:59:8d:5c:68:fd:0e:55:4c:04:a4:
70:ae:42:48:78:e6:c8:51:d4:81:04:43:e2:f5:3f:1c:03:f1:
f4:c2:82:9b:61:84:3d:15:0f:22:af:0f:85:d1:a2:d4:8f:fd:
13:44:14:f1:d0:54:e5:32:88:b1:5d:9e:5c:7c:d4:ef:39:42:
3e:3f:c3:f7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNlINNKWYLwB/lYdx1hp7G5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMTI1MjEwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjBjMmEwMzBiMjllYTgzNjg3ODAxMDFmMWIwYTIzYTIwNDliYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3yVZ8XlO563QEQeiD10lB6K7W0d
NCch82Zpc01E3Kvu8puy5MjKcn3nzYJJ9wXHiYez7gFPzP3XEOQu2Y+rggVXFrQ8
NYcH2OtG2+CmvrlsJ812xhNylIOwmR09uYuzY+vLue7yZG0nUrGHd/7wbFuvCWo1
giRTLWKo3WGfMMpvFLSZz/ghvLMuUysA0kETCHWAj6bMlYWaiNZFUtxFZ7Ld/Wqu
78xtUp0AHicnuoKg0+ssuv+WVzamtDKhzxfsl7yzj4S+4KwHNRlDCg5wK8RB5/DX
qn3ybZRurVXypHVDqpsScNF3sDJnBQHMXp7QzatSywI7wtUiacSN4od7pQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCYMKgMLKeqDaHgBAfGwojogSbsqMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSmd3cUF3c3A2b05vZUFFQjhiQ2lPaUJKdXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEXoNQMAwD
BAFeg7YDBAJeg7gDBARfpJADBAJfpMgwDQYJKoZIhvcNAQELBQADggEBABNa5f6S
wLUdPL647RBcW3vwgOVaxv3iiBf7gZBpOz9DqCnZGW91C57u7emdC9boLbeu7OkM
b3HVm67Ee1sTMqkeP/Upo6FhLtk3YruwERHL1pGG2HAksRPe6WMP+D2jm/1OXvo9
4i+SJJ9vd0egv/e/roKKQBZcbfTNTmZM6PO1k9J7EkhPVYtczK7Kf1P5i7m6efP6
xEM0hs/kBtT0fohNhJkvNg09gvhvWTXqCfVRIjdZ3fOVj77gzpkxWY1caP0OVUwE
pHCuQkh45shR1IEEQ+L1PxwD8fTCgpthhD0VDyKvD4XRotSP/RNEFPHQVOUyiLFd
nlx81O85Qj4/w/c=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:17 2025 by rpki-client