Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rdPQOFR4a4svGDH6okDBJnLiqZk.roa
File: rdPQOFR4a4svGDH6okDBJnLiqZk.roa (raw, json)
Hash identifier: qgPMZvOA9SzYbOApcUGo5Lv1UtX1dOzIjfU7Qre9x+U=
Subject key identifier: AD:D3:D0:38:54:78:6B:8B:2F:18:31:FA:A2:40:C1:26:72:E2:A9:99
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019073596CD5BC7876A11F51ECC5D38A74A3
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rdPQOFR4a4svGDH6okDBJnLiqZk.roa
Signing time: Tue 02 Jul 2024 12:09:18 +0000
ROA not before: Tue 02 Jul 2024 12:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.92.0/23 maxlen: 24
95.164.120.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:59:6c:d5:bc:78:76:a1:1f:51:ec:c5:d3:8a:74:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 2 12:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=add3d03854786b8b2f1831faa240c12672e2a999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:34:ae:01:77:c1:d4:d3:b5:e2:8d:af:8a:77:
a3:ff:de:b3:d1:48:cf:1b:02:7e:eb:de:ff:ed:a3:
96:ea:dd:6f:ed:d9:7f:9a:af:3d:bd:e1:ef:88:09:
4c:a6:7e:1e:20:0a:2a:23:77:39:8b:26:34:6c:0d:
cf:4e:88:bd:ee:43:3d:58:e8:17:43:7b:68:90:03:
3c:a0:86:34:ed:4e:8f:ef:92:d5:64:87:cd:08:48:
8a:6b:91:d1:cc:4b:26:c2:21:b1:6d:51:56:73:69:
e2:87:3f:63:28:68:19:cb:7e:ea:c1:b5:76:b6:98:
1c:8f:5e:cb:cd:a3:88:72:4f:52:3d:03:ff:fa:2c:
e3:03:96:1a:45:af:43:8b:f9:19:57:1a:51:74:67:
c6:cb:c4:04:68:4a:82:53:1c:a3:66:d3:6d:00:6b:
4c:98:31:92:36:9a:6c:e5:e4:5f:91:96:53:0b:d4:
35:1d:b6:06:54:58:f5:3b:b5:5b:2b:33:9c:35:7c:
70:8e:d1:58:fa:5d:e8:ea:37:d1:ec:e2:db:7c:e6:
d4:f1:cd:5b:07:59:b3:58:10:47:ad:0c:76:a0:5b:
cc:93:96:46:a9:c0:e0:3d:a2:a0:bc:99:e1:21:0a:
f3:83:76:1c:0b:25:77:dd:35:be:54:90:bd:aa:0d:
eb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D3:D0:38:54:78:6B:8B:2F:18:31:FA:A2:40:C1:26:72:E2:A9:99
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rdPQOFR4a4svGDH6okDBJnLiqZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.124.0/24
94.131.127.0/24
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.92.0/23
95.164.120.0/24
95.164.123.0/24
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:f5:8f:c8:cd:8b:e2:67:20:9c:07:f5:d6:e3:6d:23:ff:9a:
f9:df:62:ea:bb:0a:fe:e9:5d:97:d0:af:a3:98:fb:a7:27:bb:
5d:43:b7:68:79:39:00:30:e9:e7:8e:bb:3b:3b:34:18:36:4f:
c7:a0:2b:23:23:f5:84:07:f8:1d:17:1b:b1:f2:4f:a3:fa:22:
ae:35:ca:0b:d7:80:a5:0c:28:e2:fe:43:9d:b8:6a:1a:97:ce:
e0:f0:48:40:5a:e8:4a:33:67:1e:08:87:66:00:c9:9e:f9:dc:
f1:5a:15:e2:c9:e6:b6:94:b0:d2:37:dd:b2:07:b1:02:28:49:
e7:96:f5:b3:57:70:1f:98:e6:5d:f1:84:37:af:d5:fa:47:b6:
90:1d:12:df:21:2b:60:38:9e:f5:64:fe:77:21:ce:94:ca:ba:
ab:a5:c0:8b:36:9e:56:fd:83:a9:a0:8d:bd:7d:f8:c2:e8:0e:
70:51:8e:b6:f9:d4:02:65:50:d3:22:43:dd:c8:99:33:2f:1a:
28:cf:8c:af:ad:65:f8:5a:46:21:15:30:5e:63:6e:5a:a4:77:
42:51:17:8f:ce:c5:43:d5:72:70:74:88:22:73:08:ad:ff:0b:
e9:d7:e8:8d:00:ef:9d:49:bd:d7:f5:c4:e2:0e:2b:77:7e:10:
58:7e:23:6f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZBzWWzVvHh2oR9R7MXTinSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwNzAyMTIwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQzZDAzODU0Nzg2YjhiMmYxODMxZmFhMjQwYzEyNjcyZTJhOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTSuAXfB1NO14o2vinej/96z0UjP
GwJ+697/7aOW6t1v7dl/mq89veHviAlMpn4eIAoqI3c5iyY0bA3PToi97kM9WOgX
Q3tokAM8oIY07U6P75LVZIfNCEiKa5HRzEsmwiGxbVFWc2nihz9jKGgZy37qwbV2
tpgcj17LzaOIck9SPQP/+izjA5YaRa9Di/kZVxpRdGfGy8QEaEqCUxyjZtNtAGtM
mDGSNpps5eRfkZZTC9Q1HbYGVFj1O7VbKzOcNXxwjtFY+l3o6jfR7OLbfObU8c1b
B1mzWBBHrQx2oFvMk5ZGqcDgPaKgvJnhIQrzg3YcCyV33TW+VJC9qg3rZQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFK3T0DhUeGuLLxgx+qJAwSZy4qmZMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvcmRQUU9GUjRhNHN2R0RINm9rREJKbkxpcVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAU+
zYADBAFegwADBABegwQDBAFegwYDBABeg3wDBABeg38DBABfpA8DBABfpBQDBAJf
pCgwDAMEAF+kMQMEAF+kMjAMAwQCX6Q0AwQCX6Q4MAwDBANfpEgDBABfpEwDBAJf
pFADBAFfpFwDBABfpHgDBABfpHswDAMEAV+kqgMEBF+koAMEAV+k+AMEAF+k+wME
A8PW0DANBAIAAjAHAwUAKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAW/WPyM2L4mcg
nAf11uNtI/+a+d9i6rsK/uldl9Cvo5j7pye7XUO3aHk5ADDp5467Ozs0GDZPx6Ar
IyP1hAf4HRcbsfJPo/oirjXKC9eApQwo4v5DnbhqGpfO4PBIQFroSjNnHgiHZgDJ
nvnc8VoV4snmtpSw0jfdsgexAihJ55b1s1dwH5jmXfGEN6/V+ke2kB0S3yErYDie
9WT+dyHOlMq6q6XAizaeVv2DqaCNvX34wugOcFGOtvnUAmVQ0yJD3ciZMy8aKM+M
r61l+FpGIRUwXmNuWqR3QlEXj87FQ9VycHSIInMIrf8L6dfojQDvnUm91/XE4g4r
d34QWH4jbw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:14:37 2025 by rpki-client