Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/GDCWHl_Xa9OmW54uAIjaM8hHqAM.roa
File: GDCWHl_Xa9OmW54uAIjaM8hHqAM.roa (raw, json)
Hash identifier: ZTGdSpp2WtUEp0CAiQ3RFb8wKIWk08CGygj17DLRB+w=
Subject key identifier: 18:30:96:1E:5F:D7:6B:D3:A6:5B:9E:2E:00:88:DA:33:C8:47:A8:03
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0194252214786B82BEB9CEF52A0CEDDDD334
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/GDCWHl_Xa9OmW54uAIjaM8hHqAM.roa
Signing time: Thu 02 Jan 2025 03:49:37 +0000
ROA not before: Thu 02 Jan 2025 03:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 82.85.16.0/24 maxlen: 24
82.85.18.0/24 maxlen: 24
82.85.24.0/24 maxlen: 24
82.85.27.0/24 maxlen: 24
82.85.28.0/24 maxlen: 24
82.85.61.0/24 maxlen: 24
82.85.154.0/24 maxlen: 24
94.32.64.0/20 maxlen: 24
94.32.80.0/21 maxlen: 24
94.32.96.0/23 maxlen: 24
94.32.100.0/22 maxlen: 24
94.32.102.0/24 maxlen: 24
94.32.104.0/21 maxlen: 24
94.32.115.0/24 maxlen: 24
195.130.248.0/22 maxlen: 24
212.123.79.0/24 maxlen: 24
212.123.82.0/23 maxlen: 24
212.123.84.0/23 maxlen: 24
212.123.93.0/24 maxlen: 24
213.205.0.0/19 maxlen: 24
213.205.32.0/19 maxlen: 24
213.205.32.0/24 maxlen: 24
213.205.33.0/24 maxlen: 24
213.205.34.0/24 maxlen: 24
213.205.36.0/24 maxlen: 24
213.205.37.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:14:78:6b:82:be:b9:ce:f5:2a:0c:ed:dd:d3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Jan 2 03:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1830961e5fd76bd3a65b9e2e0088da33c847a803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:be:47:7b:45:38:ac:c0:70:50:01:12:63:fe:
cc:cc:ba:0e:46:cb:65:e0:32:81:96:df:e5:0c:d1:
63:1d:54:19:49:6c:47:85:d1:03:ca:f1:d3:34:8a:
3f:61:d7:a0:01:84:2f:0c:45:07:a4:34:c5:73:88:
17:f9:aa:de:be:98:dd:71:9f:97:ad:cd:8d:59:8c:
79:19:53:c9:fd:7c:9f:a8:4c:8f:98:b6:bd:5c:95:
33:e2:cd:1a:60:00:9b:74:1a:63:84:f1:0f:92:de:
d1:0c:38:68:b9:e2:90:30:3d:ad:f5:90:b4:d6:49:
33:95:6f:47:40:eb:ee:5d:57:4e:95:ef:80:7f:80:
bd:47:ae:bb:3e:b1:a9:21:79:08:05:47:7b:ee:f8:
96:b4:ff:04:a7:60:86:bb:e9:66:7a:c9:b8:14:cd:
95:85:20:62:dd:ff:96:91:4c:e4:09:21:c9:db:a5:
73:57:1f:b2:b7:7b:6f:7c:c8:3f:bf:1d:5c:be:40:
ac:79:1a:0b:7d:88:1c:81:30:2b:50:56:63:56:35:
86:2c:cf:f8:75:83:77:4e:3f:23:c0:0b:ef:1d:c6:
ae:af:5b:f9:7d:fa:cb:db:90:e0:79:a2:84:74:84:
bf:46:25:8b:56:cd:c7:04:a8:42:d6:b3:a5:16:f1:
ca:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:30:96:1E:5F:D7:6B:D3:A6:5B:9E:2E:00:88:DA:33:C8:47:A8:03
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/GDCWHl_Xa9OmW54uAIjaM8hHqAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.85.16.0/24
82.85.18.0/24
82.85.24.0/24
82.85.27.0-82.85.28.255
82.85.61.0/24
82.85.154.0/24
94.32.64.0-94.32.87.255
94.32.96.0/23
94.32.100.0-94.32.111.255
94.32.115.0/24
195.130.248.0/22
212.123.79.0/24
212.123.82.0-212.123.85.255
212.123.93.0/24
213.205.0.0/18
217.133.170.0/24
Signature Algorithm: sha256WithRSAEncryption
10:70:6a:c7:fa:c5:18:93:ed:6f:48:ad:77:3a:89:b5:5f:c2:
0a:e3:1f:98:e4:79:99:be:17:8f:01:00:08:dd:cb:bb:0f:3d:
95:f7:0a:c0:86:df:b6:0b:1d:96:b6:92:ff:4f:b0:b3:26:0e:
42:a9:ef:5c:35:f5:94:de:af:83:1f:16:73:c9:0f:a5:01:af:
ad:bc:0c:df:8e:e7:e9:fb:a2:1c:96:31:4d:3f:69:06:93:a8:
2b:4a:01:59:63:ff:e9:44:28:af:5a:fb:2b:7c:17:93:71:14:
1b:78:99:1c:38:d3:3b:6f:ea:54:5b:b5:aa:24:6b:bb:07:2b:
7a:75:76:d1:e4:35:9c:73:e6:f4:70:1c:f5:ef:7e:0f:85:16:
e8:d3:e1:1f:4b:35:68:cb:ea:29:ed:b7:91:82:4e:d5:13:98:
df:b1:a8:86:bf:02:43:b6:f0:ff:80:9e:69:d6:84:5d:a2:09:
ed:5c:cb:5f:48:9f:14:5a:95:a5:76:41:1a:55:24:da:15:94:
2a:4a:db:19:a4:a0:f6:cb:9d:35:c7:12:40:a0:84:84:c8:23:
18:57:c9:59:9a:99:93:b0:37:44:16:d0:f0:78:09:3f:4f:6e:
29:fa:98:5e:8b:cd:13:32:a4:0b:db:8f:af:e1:15:c2:4e:63:
e9:c3:11:1c
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZQlIhR4a4K+uc71Kgzt3dM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwMTAyMDM0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODMwOTYxZTVmZDc2YmQzYTY1YjllMmUwMDg4ZGEzM2M4NDdhODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL5He0U4rMBwUAESY/7MzLoORstl
4DKBlt/lDNFjHVQZSWxHhdEDyvHTNIo/YdegAYQvDEUHpDTFc4gX+arevpjdcZ+X
rc2NWYx5GVPJ/XyfqEyPmLa9XJUz4s0aYACbdBpjhPEPkt7RDDhoueKQMD2t9ZC0
1kkzlW9HQOvuXVdOle+Af4C9R667PrGpIXkIBUd77viWtP8Ep2CGu+lmesm4FM2V
hSBi3f+WkUzkCSHJ26VzVx+yt3tvfMg/vx1cvkCseRoLfYgcgTArUFZjVjWGLM/4
dYN3Tj8jwAvvHcaur1v5ffrL25DgeaKEdIS/RiWLVs3HBKhC1rOlFvHKJQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFBgwlh5f12vTplueLgCI2jPIR6gDMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvR0RDV0hsX1hhOU9tVzU0dUFJamFNOGhIcUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABS
VRADBABSVRIDBABSVRgwDAMEAFJVGwMEAFJVHAMEAFJVPQMEAFJVmjAMAwQGXiBA
AwQDXiBQAwQBXiBgMAwDBAJeIGQDBAReIGADBABeIHMDBALDgvgDBADUe08wDAME
AdR7UgMEAdR7VAMEANR7XQMEBtXNAAMEANmFqjANBgkqhkiG9w0BAQsFAAOCAQEA
EHBqx/rFGJPtb0itdzqJtV/CCuMfmOR5mb4XjwEACN3Luw89lfcKwIbftgsdlraS
/0+wsyYOQqnvXDX1lN6vgx8Wc8kPpQGvrbwM347n6fuiHJYxTT9pBpOoK0oBWWP/
6UQor1r7K3wXk3EUG3iZHDjTO2/qVFu1qiRruwcrenV20eQ1nHPm9HAc9e9+D4UW
6NPhH0s1aMvqKe23kYJO1ROY37Gohr8CQ7bw/4CeadaEXaIJ7VzLX0ifFFqVpXZB
GlUk2hWUKkrbGaSg9sudNccSQKCEhMgjGFfJWZqZk7A3RBbQ8HgJP09uKfqYXovN
EzKkC9uPr+EVwk5j6cMRHA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:35:51 2025 by rpki-client