Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/CgHjBw90lbUFCm8CmLyzN6-hwG8.roa
File: CgHjBw90lbUFCm8CmLyzN6-hwG8.roa (raw, json)
Hash identifier: ThZuSQ1tiY/VWVvvdxQ0z77zXsbYA0A5hBdJZrSSJMY=
Subject key identifier: 0A:01:E3:07:0F:74:95:B5:05:0A:6F:02:98:BC:B3:37:AF:A1:C0:6F
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018962DA26D60935DC8077810CA79148E031
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/CgHjBw90lbUFCm8CmLyzN6-hwG8.roa
Signing time: Mon 17 Jul 2023 07:56:51 +0000
ROA not before: Mon 17 Jul 2023 07:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202505
IP address blocks: 213.226.118.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a05:88c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:62:da:26:d6:09:35:dc:80:77:81:0c:a7:91:48:e0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jul 17 07:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a01e3070f7495b5050a6f0298bcb337afa1c06f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1c:19:c4:7e:75:78:c6:5a:f9:2a:10:91:de:
25:65:b5:c1:1f:91:2d:b5:0d:7d:1d:81:54:4c:6b:
33:60:f4:fd:3c:d0:a9:6e:0b:fb:4d:b1:2d:e7:44:
10:99:53:08:02:d5:43:e8:0f:64:84:06:b0:9d:26:
ca:3d:5b:bb:9a:80:22:eb:5c:52:25:73:99:9c:a8:
d5:ec:9a:53:2c:33:aa:42:ce:a7:1f:3a:a0:2f:38:
eb:8a:e0:6d:7f:97:23:c5:55:cc:8d:a9:5c:ec:54:
44:ba:57:39:14:40:55:64:2d:49:2e:08:fd:f1:66:
e9:a2:c6:b5:a8:f2:d8:38:ed:eb:f1:24:b3:2e:07:
1a:c4:c8:55:04:62:44:ef:13:b5:c6:7b:27:69:f9:
c2:d8:a8:91:3b:69:0b:75:9b:ff:ec:28:7b:13:f1:
7b:52:9a:42:d3:2a:ec:fd:a2:1d:2a:f1:ea:11:6b:
bd:95:b5:36:aa:b5:78:03:6e:87:32:67:e3:db:d1:
7a:ae:9c:82:fa:e5:2e:64:7c:13:a2:03:26:34:93:
71:ca:fe:5b:6d:28:e0:b1:6c:34:cb:a6:4b:27:f1:
17:b9:d3:02:4c:58:69:25:a9:36:f2:52:b6:91:b1:
32:c0:ae:20:46:a0:a7:93:96:fc:09:8c:20:8a:59:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:01:E3:07:0F:74:95:B5:05:0A:6F:02:98:BC:B3:37:AF:A1:C0:6F
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/CgHjBw90lbUFCm8CmLyzN6-hwG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.226.118.0/24
IPv6:
2a05:88c0::/29
2a06:f7c0::/29
2a10:3300::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
1c:e8:82:a1:2a:c1:16:91:cc:b3:8c:95:97:91:3e:bf:6f:7f:
9a:89:0f:71:6d:66:f4:ff:77:8f:7d:7b:2d:02:ed:50:bb:f0:
0a:f0:a8:19:75:ff:0a:34:44:3e:db:e3:8d:65:30:5e:ca:54:
23:56:d9:df:00:44:2b:be:c5:a6:b3:c0:64:33:a9:b9:7c:19:
5e:fc:01:c9:11:08:dd:c3:c1:75:b2:97:95:66:ab:69:a1:86:
c2:eb:a5:e7:c6:b6:50:f0:ab:70:d4:d6:9b:14:98:b4:d9:ad:
5b:87:42:7c:12:46:46:bb:9e:3e:16:5a:77:6c:d9:22:4a:c6:
e1:6e:bf:11:37:4c:60:65:ba:89:2c:58:4b:9f:ca:c9:a7:91:
7b:37:9d:a3:57:64:a3:84:d4:03:63:5f:a3:d8:be:4d:12:72:
3d:a5:43:d8:d5:c1:f7:e6:8d:0b:4c:5e:d4:c4:2e:81:2c:62:
32:81:45:d7:7a:01:21:66:41:57:92:4d:08:0f:05:55:85:49:
ad:3a:c8:c7:21:36:d5:9e:0f:b9:28:99:40:c4:c5:d2:c1:69:
79:64:e0:cd:3e:49:8c:1a:0a:66:1b:25:5f:8d:ff:0c:6e:28:
69:e3:2c:9b:9b:2b:af:63:0d:bd:46:d3:cc:bb:83:41:8e:36:
d6:c2:01:2e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYli2ibWCTXcgHeBDKeRSOAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwNzE3MDc1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAxZTMwNzBmNzQ5NWI1MDUwYTZmMDI5OGJjYjMzN2FmYTFjMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRwZxH51eMZa+SoQkd4lZbXBH5Et
tQ19HYFUTGszYPT9PNCpbgv7TbEt50QQmVMIAtVD6A9khAawnSbKPVu7moAi61xS
JXOZnKjV7JpTLDOqQs6nHzqgLzjriuBtf5cjxVXMjalc7FREulc5FEBVZC1JLgj9
8Wbposa1qPLYOO3r8SSzLgcaxMhVBGJE7xO1xnsnafnC2KiRO2kLdZv/7Ch7E/F7
UppC0yrs/aIdKvHqEWu9lbU2qrV4A26HMmfj29F6rpyC+uUuZHwTogMmNJNxyv5b
bSjgsWw0y6ZLJ/EXudMCTFhpJak28lK2kbEywK4gRqCnk5b8CYwgilnfjwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAoB4wcPdJW1BQpvApi8szevocBvMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvQ2dIakJ3OTBsYlVGQ204Q21MeXpONi1od0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAMBAIAATAGAwQA1eJ2MDAE
AgACMCoDBQMqBYjAAwUDKgb3wAMFAyoQMwADBQMqEH9AAwUDKhB/wAMFAyoR0QAw
DQYJKoZIhvcNAQELBQADggEBABzogqEqwRaRzLOMlZeRPr9vf5qJD3FtZvT/d499
ey0C7VC78ArwqBl1/wo0RD7b441lMF7KVCNW2d8ARCu+xaazwGQzqbl8GV78AckR
CN3DwXWyl5Vmq2mhhsLrpefGtlDwq3DU1psUmLTZrVuHQnwSRka7nj4WWnds2SJK
xuFuvxE3TGBluoksWEufysmnkXs3naNXZKOE1ANjX6PYvk0Scj2lQ9jVwffmjQtM
XtTELoEsYjKBRdd6ASFmQVeSTQgPBVWFSa06yMchNtWeD7komUDExdLBaXlk4M0+
SYwaCmYbJV+N/wxuKGnjLJubK69jDb1G08y7g0GONtbCAS4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:22:31 2025 by rpki-client