Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/SLF2d2-3OLnZwSiqiraIss3A1JY.roa
File: SLF2d2-3OLnZwSiqiraIss3A1JY.roa (raw, json)
Hash identifier: ZRMKhXVfHfLFq2gohjGWScjYBoFKidnPbM20jJzOAvY=
Subject key identifier: 48:B1:76:77:6F:B7:38:B9:D9:C1:28:AA:8A:B6:88:B2:CD:C0:D4:96
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0189A7B9EBB8A3B9244C1B8849FE735C7418
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/SLF2d2-3OLnZwSiqiraIss3A1JY.roa
Signing time: Sun 30 Jul 2023 16:55:26 +0000
ROA not before: Sun 30 Jul 2023 16:55:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29632
IP address blocks: 95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.70.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.72.0/22 maxlen: 22
95.164.80.0/22 maxlen: 22
95.164.92.0/22 maxlen: 22
95.164.172.0/22 maxlen: 22
95.164.170.0/23 maxlen: 23
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.128.0/19 maxlen: 20
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.50.0/24 maxlen: 24
95.164.49.0/24 maxlen: 24
2a01:d0:8000::/33 maxlen: 33
2a01:d0::/32 maxlen: 32
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:ffff::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a7:b9:eb:b8:a3:b9:24:4c:1b:88:49:fe:73:5c:74:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 30 16:55:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48b176776fb738b9d9c128aa8ab688b2cdc0d496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:70:4e:8c:34:64:dc:1a:8a:e7:11:7c:76:22:
ee:6c:0e:b1:6b:bf:46:e6:37:a0:c8:fc:83:19:47:
bb:4d:e3:04:f1:cb:62:8e:55:b1:1e:fe:a1:48:dd:
4d:92:20:0a:5d:79:fa:fa:88:34:fc:23:f5:2e:35:
06:1c:8c:bf:0c:20:63:a8:14:b5:5a:e5:68:4b:d0:
29:f8:9a:8e:1d:56:64:1d:12:b7:13:c8:c1:6e:16:
3c:b0:e2:52:24:1e:e0:10:c6:62:0e:a9:74:53:82:
69:cc:1c:6d:11:a1:6e:9e:6b:dc:1d:95:ea:57:a0:
0d:af:bc:a4:fb:fe:0a:43:ab:5e:f9:9b:97:8f:b4:
1c:9f:01:76:db:0e:ce:32:50:de:13:31:53:2d:1b:
0a:0d:0b:4c:82:f5:69:e8:7e:76:34:04:81:56:4c:
bc:33:76:61:c1:25:20:a0:c3:ce:6f:09:09:f7:5b:
7a:f5:47:9e:e0:26:fb:97:b4:21:61:95:34:9d:9b:
bb:72:b5:21:76:4c:6e:f5:48:d1:e3:af:c3:66:e7:
30:6b:1d:f2:9d:f0:9b:6a:6c:ea:a0:b9:14:c6:60:
27:17:12:6a:b5:a1:6a:e0:4a:46:28:9f:3c:d0:79:
d5:b3:ed:a9:43:4d:9d:d2:4c:17:13:bb:05:6a:16:
da:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B1:76:77:6F:B7:38:B9:D9:C1:28:AA:8A:B6:88:B2:CD:C0:D4:96
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/SLF2d2-3OLnZwSiqiraIss3A1JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.70.0/24
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.92.0/22
95.164.170.0-95.164.175.255
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
14:4e:86:1c:b2:2a:71:3d:73:df:56:25:2b:c0:e6:dc:80:8c:
c3:c3:66:cc:9a:8b:b1:70:87:e9:66:69:df:a8:c7:bc:fc:c8:
f4:6b:31:1c:ad:22:7c:39:ce:8c:4d:c5:aa:bc:23:63:df:31:
26:41:30:99:c3:82:5d:d8:6a:c3:24:16:2c:42:0e:00:bd:c7:
ab:d2:93:d4:d4:d7:66:fa:e0:9a:03:9d:e2:13:2d:a6:89:71:
29:9f:28:3d:19:27:50:fa:34:c0:9e:4b:d8:b4:c6:96:95:07:
15:fe:67:64:f2:ae:7f:2e:6d:8c:85:b7:59:42:21:db:e8:c9:
bc:42:1c:b9:da:30:e5:74:96:24:03:7e:88:fc:78:03:32:78:
1a:8b:51:17:fa:17:95:56:a6:61:78:01:ef:e8:af:61:85:f9:
ea:23:86:e5:a0:39:b4:a5:13:1f:6a:42:1e:9a:05:4d:54:0d:
9c:4e:01:de:ad:a7:2f:98:2d:d7:08:62:37:cd:30:5f:dc:ef:
b7:c6:26:32:4b:5b:53:54:a1:c2:c6:d1:47:8a:e6:ab:ee:cd:
df:67:c9:98:ac:ba:d8:7c:1a:f5:6d:70:fb:90:77:70:60:85:
19:3a:85:fe:20:cd:69:76:f4:ad:8f:46:88:8d:df:18:08:18:
80:30:fc:53
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYmnueu4o7kkTBuISf5zXHQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNzMwMTY1NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGIxNzY3NzZmYjczOGI5ZDljMTI4YWE4YWI2ODhiMmNkYzBkNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXBOjDRk3BqK5xF8diLubA6xa79G
5jegyPyDGUe7TeME8ctijlWxHv6hSN1NkiAKXXn6+og0/CP1LjUGHIy/DCBjqBS1
WuVoS9Ap+JqOHVZkHRK3E8jBbhY8sOJSJB7gEMZiDql0U4JpzBxtEaFunmvcHZXq
V6ANr7yk+/4KQ6te+ZuXj7QcnwF22w7OMlDeEzFTLRsKDQtMgvVp6H52NASBVky8
M3ZhwSUgoMPObwkJ91t69Uee4Cb7l7QhYZU0nZu7crUhdkxu9UjR46/DZucwax3y
nfCbamzqoLkUxmAnFxJqtaFq4EpGKJ880HnVs+2pQ02d0kwXE7sFahbasQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFEixdndvtzi52cEoqoq2iLLNwNSWMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvU0xGMmQyLTNPTG5ad1NpcWlyYUlzczNBMUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQFPs2A
AwQBXoMAAwQAXoMEAwQBXoMGAwQAX6QUAwQCX6QoMAwDBABfpDEDBABfpDIwDAME
Al+kNAMEAl+kOAMEAF+kRjAMAwQDX6RIAwQAX6RMAwQCX6RQAwQCX6RcMAwDBAFf
pKoDBARfpKADBAPD1tAwDQQCAAIwBwMFACoBANAwDQYJKoZIhvcNAQELBQADggEB
ABROhhyyKnE9c99WJSvA5tyAjMPDZsyai7Fwh+lmad+ox7z8yPRrMRytInw5zoxN
xaq8I2PfMSZBMJnDgl3YasMkFixCDgC9x6vSk9TU12b64JoDneITLaaJcSmfKD0Z
J1D6NMCeS9i0xpaVBxX+Z2Tyrn8ubYyFt1lCIdvoybxCHLnaMOV0liQDfoj8eAMy
eBqLURf6F5VWpmF4Ae/or2GF+eojhuWgObSlEx9qQh6aBU1UDZxOAd6tpy+YLdcI
YjfNMF/c77fGJjJLW1NUocLG0UeK5qvuzd9nyZisuth8GvVtcPuQd3BghRk6hf4g
zWl29K2PRoiN3xgIGIAw/FM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:04:29 2025 by rpki-client