Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/pec5JbWRSuOELkNkr6ISvv-CLQI.roa
File: pec5JbWRSuOELkNkr6ISvv-CLQI.roa (raw, json)
Hash identifier: 6gP9mrglQNkgg+rGpJ6/vYVwWGmOy5DEPwhSOF5U6xU=
Subject key identifier: A5:E7:39:25:B5:91:4A:E3:84:2E:43:64:AF:A2:12:BE:FF:82:2D:02
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 023D62FE
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/pec5JbWRSuOELkNkr6ISvv-CLQI.roa
Signing time: Sat 01 Jan 2022 05:56:43 +0000
ROA not before: Sat 01 Jan 2022 05:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 94.131.80.0/20 maxlen: 20
176.56.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37577470 (0x23d62fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 05:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5e73925b5914ae3842e4364afa212beff822d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:9e:d6:07:6f:03:81:1a:a5:52:f9:cc:de:eb:
d4:30:6a:c2:f6:f6:29:f2:71:75:a8:22:b5:e4:bc:
78:b1:d6:e0:ed:62:a9:4f:a6:41:b4:e3:7d:5f:f5:
08:73:85:1f:d1:57:77:a6:f5:dc:1b:e1:29:f4:45:
99:bd:6c:69:00:92:a1:eb:5c:bc:83:c7:1b:d1:93:
8f:cd:a1:b7:1c:74:99:2e:7b:48:e4:6c:3c:7c:f1:
26:6f:c2:0e:5d:f7:ba:26:ed:1d:59:a1:02:43:03:
d3:25:89:4d:46:1f:2b:30:6c:3f:d0:c3:95:37:e6:
19:07:c7:fa:e5:20:1e:55:36:ce:ef:ad:25:28:ea:
fa:57:65:02:7b:7c:b2:52:00:43:7d:f0:7d:61:2b:
12:e6:88:b4:a9:cf:74:71:e3:32:78:c6:b0:4e:1f:
65:1c:f8:ff:09:1a:95:0e:79:e5:27:46:27:91:8f:
a9:e7:33:f7:2a:b0:4b:17:8b:c7:57:ca:49:49:4d:
98:03:9e:30:1d:fa:d6:0f:a0:ff:76:bb:66:34:36:
32:38:2f:88:22:e5:45:a9:0c:64:d7:71:b5:42:0e:
53:52:27:6d:4b:4c:0a:27:0d:fc:16:c6:c9:3b:55:
02:ed:7e:d8:c3:69:02:40:0f:2c:52:40:f8:05:be:
88:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E7:39:25:B5:91:4A:E3:84:2E:43:64:AF:A2:12:BE:FF:82:2D:02
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/pec5JbWRSuOELkNkr6ISvv-CLQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
176.56.40.0/22
Signature Algorithm: sha256WithRSAEncryption
01:32:7c:c1:af:64:b2:c7:1a:e8:67:48:8c:b4:38:e0:fa:22:
1b:40:8e:21:ca:d0:94:46:f8:0f:f2:44:49:14:e7:9f:8c:e5:
0d:e8:67:6b:cd:9e:71:ff:b8:56:09:9e:f5:df:94:c3:35:98:
d8:5d:d4:87:df:7b:f6:fe:4d:19:99:87:75:99:e2:6e:b1:35:
e8:e3:bb:69:82:60:eb:f2:51:75:ec:9c:f0:b6:ba:d1:9b:e0:
d3:7c:36:92:f5:1f:73:cc:a1:a0:0b:db:23:71:e8:3f:a5:e5:
4c:e5:eb:66:d8:89:e9:97:92:9b:60:92:65:95:c0:f9:b5:b2:
37:c1:ea:04:bb:0d:30:5c:ff:f9:43:50:1f:88:3a:5b:9c:57:
7d:27:1a:74:ed:1e:df:43:57:1d:96:2e:0a:79:62:45:9d:f5:
9b:b5:ab:07:ae:ec:b9:07:70:43:1b:f8:e2:39:00:b8:a2:44:
24:43:79:27:aa:ec:4c:ce:a7:78:e5:e5:d3:49:4f:49:28:64:
c8:e3:fd:d1:24:09:d8:bf:79:2b:60:28:29:45:1e:5b:bf:03:
22:a5:9b:c7:ff:2d:01:6f:67:75:6c:41:a8:3c:27:93:da:e6:
df:40:99:d6:27:61:5a:b2:24:01:71:a7:e8:f2:ca:23:b3:f4:
14:ea:5c:50
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAj1i/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDc0M2VkNjNlODY4ZWY1MGY2ZDg0YzAwMDNhODM0ODNmYzYyYTAzMB4XDTIyMDEw
MTA1NTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVlNzM5MjViNTkx
NGFlMzg0MmU0MzY0YWZhMjEyYmVmZjgyMmQwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO6e1gdvA4EapVL5zN7r1DBqwvb2KfJxdagiteS8eLHW4O1i
qU+mQbTjfV/1CHOFH9FXd6b13BvhKfRFmb1saQCSoetcvIPHG9GTj82htxx0mS57
SORsPHzxJm/CDl33uibtHVmhAkMD0yWJTUYfKzBsP9DDlTfmGQfH+uUgHlU2zu+t
JSjq+ldlAnt8slIAQ33wfWErEuaItKnPdHHjMnjGsE4fZRz4/wkalQ555SdGJ5GP
qecz9yqwSxeLx1fKSUlNmAOeMB361g+g/3a7ZjQ2MjgviCLlRakMZNdxtUIOU1In
bUtMCicN/BbGyTtVAu1+2MNpAkAPLFJA+AW+iNsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSl5zkltZFK44QuQ2SvohK+/4ItAjAfBgNVHSMEGDAWgBRtdD7WPoaO9Q9t
hMAAOoNIP8YqAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JYUS0xajZHanZVUGJZVEFBRHFEU0RfR0tnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8x
L3BlYzVKYldSU3VPRUxrTmtyNklTdnYtQ0xRSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8xL2JYUS0xajZHanZV
UGJZVEFBRHFEU0RfR0tnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBF6DUAMEArA4KDANBgkqhkiG9w0B
AQsFAAOCAQEAATJ8wa9kssca6GdIjLQ44PoiG0COIcrQlEb4D/JESRTnn4zlDehn
a82ecf+4Vgme9d+UwzWY2F3Uh9979v5NGZmHdZnibrE16OO7aYJg6/JRdeyc8La6
0Zvg03w2kvUfc8yhoAvbI3HoP6XlTOXrZtiJ6ZeSm2CSZZXA+bWyN8HqBLsNMFz/
+UNQH4g6W5xXfScadO0e30NXHZYuCnliRZ31m7WrB67suQdwQxv44jkAuKJEJEN5
J6rsTM6neOXl00lPSShkyOP90SQJ2L95K2AoKUUeW78DIqWbx/8tAW9ndWxBqDwn
k9rm30CZ1idhWrIkAXGn6PLKI7P0FOpcUA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:18:30 2025 by rpki-client