Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Wbr6YRvZthZxIS3YcEXKZ3usZtg.roa
File: Wbr6YRvZthZxIS3YcEXKZ3usZtg.roa (raw, json)
Hash identifier: cy0N1iaRlqi1VPMIB7zsyBOdASAUYP7++Nh1mdbvr4U=
Subject key identifier: 59:BA:FA:61:1B:D9:B6:16:71:21:2D:D8:70:45:CA:67:7B:AC:66:D8
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0356EA1A
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Wbr6YRvZthZxIS3YcEXKZ3usZtg.roa
Signing time: Wed 27 Apr 2022 21:03:58 +0000
ROA not before: Wed 27 Apr 2022 21:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6461
IP address blocks: 95.164.0.0/21 maxlen: 24
95.164.24.0/21 maxlen: 24
95.164.32.0/21 maxlen: 24
94.131.112.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56027674 (0x356ea1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Apr 27 21:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59bafa611bd9b61671212dd87045ca677bac66d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e9:d7:96:b0:58:d4:04:09:37:e7:ea:5b:db:
7b:a4:c1:fd:7f:9a:e0:55:e5:5c:6d:0a:44:c0:08:
41:7d:42:29:da:c0:34:b9:b2:a3:63:96:06:4a:b6:
67:af:c3:e4:ee:a6:b0:bd:ef:24:50:6f:81:b3:05:
53:e7:43:7f:46:d3:cd:f2:a0:19:f8:66:34:a6:48:
93:73:6a:16:91:0d:a2:07:08:b6:be:ea:c9:95:36:
43:fd:03:81:9c:27:27:14:a6:59:96:98:d8:54:b6:
da:02:82:af:b3:8c:60:76:04:53:8b:e8:42:27:8f:
66:63:2d:6b:15:0e:1b:7e:d3:df:75:f0:b5:cd:85:
9e:32:6e:4c:13:1e:d3:96:2d:b7:73:c5:b6:9a:a1:
86:88:27:92:e9:e1:66:2d:07:2a:54:f7:ff:77:80:
81:fc:af:ee:97:e9:82:58:c9:53:c3:06:60:3b:af:
16:80:47:70:f3:d8:44:3a:66:3b:cb:41:50:b3:f2:
13:5c:8a:af:f3:e5:ad:30:3b:86:45:09:a3:c7:9c:
78:fb:72:c6:7b:c6:fc:f9:a0:ff:28:b6:51:d1:61:
1c:9d:a9:c2:d2:4f:81:80:ef:4a:21:c2:db:01:68:
a0:e8:d8:34:c1:4e:73:09:a3:48:1a:6f:74:79:61:
01:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BA:FA:61:1B:D9:B6:16:71:21:2D:D8:70:45:CA:67:7B:AC:66:D8
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Wbr6YRvZthZxIS3YcEXKZ3usZtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.112.0/20
95.164.0.0/21
95.164.24.0-95.164.39.255
Signature Algorithm: sha256WithRSAEncryption
a7:c5:e5:6b:7a:4f:83:ee:ba:28:f4:0b:6a:d4:a5:b9:07:34:
37:ad:20:da:55:08:96:43:fb:76:a8:71:01:1d:a8:ed:fd:8b:
ee:de:8b:03:a6:7a:aa:d9:dd:08:be:5c:48:25:c6:20:a2:99:
43:47:c4:60:77:46:0f:72:d5:a2:9a:14:f1:a4:9a:85:b5:a6:
08:0a:c0:07:03:e1:48:db:db:3d:16:fb:f4:e4:77:87:a0:4a:
7a:43:f7:f0:57:45:da:e2:f8:c6:34:25:8c:d3:08:30:2b:40:
2b:7a:30:e2:08:6a:4c:5d:fd:4d:b6:d8:7b:36:8c:49:e5:58:
95:61:b1:43:ee:d1:23:d0:7b:d9:94:7f:ee:fb:64:aa:2c:04:
6e:0f:6d:24:b9:64:d1:b1:39:48:9f:53:3c:00:55:12:67:e7:
bb:cf:24:34:ef:a7:56:78:c5:d0:f1:54:b9:66:8a:cb:de:99:
89:61:94:59:b2:26:96:f4:9f:52:fc:56:40:78:f7:4b:77:a8:
c5:56:45:a4:3b:5c:b3:e2:bb:59:ac:2f:fa:c0:be:23:bb:82:
50:f3:27:a7:32:6b:f7:f6:fd:bb:c8:6c:a6:28:0b:a1:21:f4:
39:63:58:b9:10:cf:e6:e7:e1:46:0c:87:73:2f:84:61:96:74:
8d:01:95:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEA1bqGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDc0M2VkNjNlODY4ZWY1MGY2ZDg0YzAwMDNhODM0ODNmYzYyYTAzMB4XDTIyMDQy
NzIxMDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTliYWZhNjExYmQ5
YjYxNjcxMjEyZGQ4NzA0NWNhNjc3YmFjNjZkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7p15awWNQECTfn6lvbe6TB/X+a4FXlXG0KRMAIQX1CKdrA
NLmyo2OWBkq2Z6/D5O6msL3vJFBvgbMFU+dDf0bTzfKgGfhmNKZIk3NqFpENogcI
tr7qyZU2Q/0DgZwnJxSmWZaY2FS22gKCr7OMYHYEU4voQiePZmMtaxUOG37T33Xw
tc2FnjJuTBMe05Ytt3PFtpqhhognkunhZi0HKlT3/3eAgfyv7pfpgljJU8MGYDuv
FoBHcPPYRDpmO8tBULPyE1yKr/PlrTA7hkUJo8ecePtyxnvG/Pmg/yi2UdFhHJ2p
wtJPgYDvSiHC2wFooOjYNMFOcwmjSBpvdHlhAS8CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRZuvphG9m2FnEhLdhwRcpne6xm2DAfBgNVHSMEGDAWgBRtdD7WPoaO9Q9t
hMAAOoNIP8YqAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JYUS0xajZHanZVUGJZVEFBRHFEU0RfR0tnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8x
L1dicjZZUnZadGhaeElTM1ljRVhLWjN1c1p0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8xL2JYUS0xajZHanZV
UGJZVEFBRHFEU0RfR0tnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEBF6DcAMEA1+kADAMAwQDX6QYAwQD
X6QgMA0GCSqGSIb3DQEBCwUAA4IBAQCnxeVrek+D7roo9Atq1KW5BzQ3rSDaVQiW
Q/t2qHEBHajt/Yvu3osDpnqq2d0IvlxIJcYgoplDR8Rgd0YPctWimhTxpJqFtaYI
CsAHA+FI29s9Fvv05HeHoEp6Q/fwV0Xa4vjGNCWM0wgwK0ArejDiCGpMXf1Ntth7
NoxJ5ViVYbFD7tEj0HvZlH/u+2SqLARuD20kuWTRsTlIn1M8AFUSZ+e7zyQ076dW
eMXQ8VS5ZorL3pmJYZRZsiaW9J9S/FZAePdLd6jFVkWkO1yz4rtZrC/6wL4ju4JQ
8yenMmv39v27yGymKAuhIfQ5Y1i5EM/m5+FGDIdzL4RhlnSNAZUw
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:24 2025 by rpki-client