Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/n_Qm6idbjKzURgu6ThXbAjh2kFE.roa
File: n_Qm6idbjKzURgu6ThXbAjh2kFE.roa (raw, json)
Hash identifier: m3B29wQpBW+OQHZm1j8+swF1Bqfa1HBHv80HZixFukg=
Subject key identifier: 9F:F4:26:EA:27:5B:8C:AC:D4:46:0B:BA:4E:15:DB:02:38:76:90:51
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018839C5CF9F8554841D77A9ECF52894DA68
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/n_Qm6idbjKzURgu6ThXbAjh2kFE.roa
Signing time: Sat 20 May 2023 15:27:25 +0000
ROA not before: Sat 20 May 2023 15:27:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 95.164.60.0/22 maxlen: 24
95.164.84.0/22 maxlen: 24
94.131.2.0/24 maxlen: 24
94.131.3.0/24 maxlen: 24
94.131.8.0/21 maxlen: 24
94.131.96.0/24 maxlen: 24
94.131.98.0/24 maxlen: 24
94.131.97.0/24 maxlen: 24
94.131.99.0/24 maxlen: 24
94.131.103.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.112.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
94.131.113.0/24 maxlen: 24
94.131.116.0/24 maxlen: 24
94.131.115.0/24 maxlen: 24
94.131.114.0/24 maxlen: 24
94.131.118.0/24 maxlen: 24
94.131.117.0/24 maxlen: 24
94.131.119.0/24 maxlen: 24
95.164.8.0/22 maxlen: 24
95.164.16.0/22 maxlen: 24
95.164.23.0/24 maxlen: 24
95.164.22.0/24 maxlen: 24
95.164.21.0/24 maxlen: 24
95.164.32.0/21 maxlen: 24
95.164.44.0/22 maxlen: 24
95.164.51.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:39:c5:cf:9f:85:54:84:1d:77:a9:ec:f5:28:94:da:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: May 20 15:27:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ff426ea275b8cacd4460bba4e15db0238769051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:97:c4:a5:00:11:c1:73:8a:1b:bd:2c:17:4e:
39:81:8d:97:3e:32:80:40:a6:7d:dc:8a:16:a1:eb:
ad:ca:c3:47:55:48:97:4b:89:7e:fd:d9:ad:bd:59:
60:9c:79:be:19:4d:e0:bf:b1:0f:be:0e:3e:76:eb:
13:8b:67:a6:ea:da:61:86:4e:0c:2b:0f:93:ad:54:
cc:9c:70:29:e0:06:bb:46:cd:d4:a0:0c:98:53:a6:
6b:8c:a0:24:86:67:6e:60:f7:38:81:c4:dc:98:1c:
5a:6a:08:62:e5:8a:58:13:22:98:75:67:f6:fb:0a:
b7:59:9b:4b:d7:e7:66:09:72:23:22:c2:8f:8e:3c:
63:2f:bc:cf:bc:57:88:be:a6:4d:17:67:aa:cf:b6:
b8:57:24:61:a7:55:20:e5:6f:3b:79:e1:e2:3b:23:
d6:71:e2:76:03:9f:ea:49:56:5f:d6:75:fe:79:c9:
37:eb:1b:29:cc:e7:88:4c:2f:6c:ce:30:7d:40:26:
93:75:4d:ba:c3:c9:67:6d:2a:ed:03:ce:71:8d:bd:
dd:2c:95:77:d4:66:6e:fc:4d:92:42:ea:3e:f3:c7:
72:64:28:4a:56:55:33:20:74:b6:2c:26:06:32:33:
aa:7c:2e:4b:15:f3:d0:99:1c:c9:9e:b4:1c:58:bb:
23:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F4:26:EA:27:5B:8C:AC:D4:46:0B:BA:4E:15:DB:02:38:76:90:51
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/n_Qm6idbjKzURgu6ThXbAjh2kFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/23
94.131.8.0/21
94.131.96.0/21
94.131.105.0-94.131.119.255
95.164.8.0/22
95.164.16.0/22
95.164.21.0-95.164.23.255
95.164.32.0/21
95.164.44.0/22
95.164.51.0/24
95.164.60.0/22
95.164.84.0/22
Signature Algorithm: sha256WithRSAEncryption
47:9c:c4:42:99:5e:25:5f:c9:74:15:a6:c0:89:18:eb:1c:f7:
d2:cf:af:d4:2d:4e:ca:0b:ee:e1:40:33:f5:51:af:08:08:91:
87:9a:96:dc:fd:00:e0:d2:ea:c5:d1:8a:ff:e9:aa:ba:87:bd:
77:1f:32:7e:18:78:66:11:ed:84:e9:c6:59:2e:45:cc:11:91:
7b:86:c9:38:86:4d:43:bd:2a:cb:0f:8a:6e:db:ee:15:3d:c4:
a4:86:fc:64:ab:05:3b:ca:96:2a:ae:93:31:62:a3:15:4f:4d:
7a:fb:54:bd:32:4f:fb:5e:f9:16:0e:94:1e:ed:62:44:95:b4:
a8:bd:41:19:bd:ed:db:25:47:84:98:90:52:0e:69:c6:a0:d0:
a8:0d:e3:21:80:45:44:c9:c9:75:00:4c:10:b9:69:e5:d3:ac:
f8:ae:29:47:63:50:59:6d:f2:61:14:a2:ab:51:c8:ed:5d:ca:
2c:16:8a:e3:ee:d6:93:2a:07:5b:92:12:d5:c0:41:27:ab:ae:
e5:2f:e8:1d:35:36:5b:fb:61:6c:6d:aa:c9:7c:74:09:b6:19:
09:95:43:79:d8:9b:8b:b1:a4:53:01:19:6b:c2:ff:cd:0f:70:
d3:cb:75:1f:57:4c:ab:ac:10:c9:a3:46:f9:0d:1d:5b:33:a5:
66:95:4c:c0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYg5xc+fhVSEHXep7PUolNpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNTIwMTUyNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmY0MjZlYTI3NWI4Y2FjZDQ0NjBiYmE0ZTE1ZGIwMjM4NzY5MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJfEpQARwXOKG70sF045gY2XPjKA
QKZ93IoWoeutysNHVUiXS4l+/dmtvVlgnHm+GU3gv7EPvg4+dusTi2em6tphhk4M
Kw+TrVTMnHAp4Aa7Rs3UoAyYU6ZrjKAkhmduYPc4gcTcmBxaaghi5YpYEyKYdWf2
+wq3WZtL1+dmCXIjIsKPjjxjL7zPvFeIvqZNF2eqz7a4VyRhp1Ug5W87eeHiOyPW
ceJ2A5/qSVZf1nX+eck36xspzOeITC9szjB9QCaTdU26w8lnbSrtA85xjb3dLJV3
1GZu/E2SQuo+88dyZChKVlUzIHS2LCYGMjOqfC5LFfPQmRzJnrQcWLsj7QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFJ/0JuonW4ys1EYLuk4V2wI4dpBRMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbl9RbTZpZGJqS3pVUmd1NlRoWGJBamgya0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBXoMCAwQD
XoMIAwQDXoNgMAwDBABeg2kDBANeg3ADBAJfpAgDBAJfpBAwDAMEAF+kFQMEA1+k
EAMEA1+kIAMEAl+kLAMEAF+kMwMEAl+kPAMEAl+kVDANBgkqhkiG9w0BAQsFAAOC
AQEAR5zEQpleJV/JdBWmwIkY6xz30s+v1C1Oygvu4UAz9VGvCAiRh5qW3P0A4NLq
xdGK/+mquoe9dx8yfhh4ZhHthOnGWS5FzBGRe4bJOIZNQ70qyw+KbtvuFT3EpIb8
ZKsFO8qWKq6TMWKjFU9NevtUvTJP+175Fg6UHu1iRJW0qL1BGb3t2yVHhJiQUg5p
xqDQqA3jIYBFRMnJdQBMELlp5dOs+K4pR2NQWW3yYRSiq1HI7V3KLBaK4+7WkyoH
W5IS1cBBJ6uu5S/oHTU2W/thbG2qyXx0CbYZCZVDedibi7GkUwEZa8L/zQ9w08t1
H1dMq6wQyaNG+Q0dWzOlZpVMwA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:21:50 2025 by rpki-client