Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/Zi8hW2CJ7rxh4Ih5eEKeEcR5L5A.roa
File: Zi8hW2CJ7rxh4Ih5eEKeEcR5L5A.roa (raw, json)
Hash identifier: OPaOPSv8g+QXNlba21/BCxyWEAOTLKy/H+hKfAAGfs8=
Subject key identifier: 66:2F:21:5B:60:89:EE:BC:61:E0:88:79:78:42:9E:11:C4:79:2F:90
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0196D4165FD80615AFA5B4508D51DC99A969
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/Zi8hW2CJ7rxh4Ih5eEKeEcR5L5A.roa
Signing time: Thu 15 May 2025 13:15:58 +0000
ROA not before: Thu 15 May 2025 13:15:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8612
IP address blocks: 82.84.0.0/15 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.85.53.64/26 maxlen: 26
84.220.0.0/15 maxlen: 15
84.220.0.0/16 maxlen: 24
84.221.0.0/16 maxlen: 24
94.32.0.0/19 maxlen: 24
94.32.64.0/18 maxlen: 24
94.32.115.0/24 maxlen: 24
94.32.128.0/17 maxlen: 24
94.34.0.0/16 maxlen: 24
94.35.0.0/16 maxlen: 24
193.207.24.0/23 maxlen: 23
193.207.26.0/24 maxlen: 24
193.207.48.0/20 maxlen: 24
193.207.64.0/18 maxlen: 24
193.207.96.0/20 maxlen: 21
193.207.128.0/17 maxlen: 22
195.130.224.0/19 maxlen: 19
212.123.64.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
213.205.0.251/32 maxlen: 32
2a01:7d0::/32 maxlen: 32
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:16:5f:d8:06:15:af:a5:b4:50:8d:51:dc:99:a9:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: May 15 13:15:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=662f215b6089eebc61e0887978429e11c4792f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:d3:3a:1c:e8:52:29:40:44:13:f4:ca:8e:
73:a3:f9:5f:0f:e6:05:87:c8:4f:19:47:8a:33:2d:
d1:c0:3b:be:1d:79:bd:e2:bd:1c:73:d5:d4:1c:b6:
77:21:6b:d5:a4:4c:9a:f6:33:11:ca:1f:65:a1:fd:
67:3f:f6:4d:c2:67:96:6e:97:35:14:52:7d:32:f8:
68:c5:f0:e6:51:5a:fc:dc:0a:d1:05:85:bb:7c:d8:
4d:bd:0a:ff:c2:07:67:b0:49:6e:90:c3:c7:49:3d:
73:97:89:e3:47:8f:32:83:14:f4:06:e7:5c:69:b6:
34:fa:79:36:bb:22:ac:23:4c:af:33:28:aa:cd:69:
62:61:93:c1:b4:f4:9a:dd:cf:d3:49:ad:a4:ca:f3:
3d:17:b0:0c:81:8e:e6:a7:fd:b8:62:37:e5:8d:33:
6b:c7:1c:c6:9d:a6:90:77:b7:a5:83:5e:be:14:cd:
95:b2:15:f6:6c:5c:09:3f:fd:67:6a:fa:f1:6c:94:
66:1e:aa:4d:c1:d8:d1:5e:a1:62:28:75:90:34:64:
fa:52:30:0f:d2:a7:c5:a1:f0:4d:87:d1:77:47:d1:
47:48:f8:aa:ea:8a:cc:d2:d0:4c:9e:69:2e:7b:f0:
15:69:db:d6:a5:43:b4:71:c7:60:c3:44:84:32:9c:
b4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2F:21:5B:60:89:EE:BC:61:E0:88:79:78:42:9E:11:C4:79:2F:90
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/Zi8hW2CJ7rxh4Ih5eEKeEcR5L5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/19
94.32.64.0-94.32.255.255
94.34.0.0/15
193.207.24.0-193.207.26.255
193.207.48.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
21:64:58:ac:57:f2:df:1e:96:d6:13:7b:31:d8:4f:65:1a:20:
ef:54:bf:46:f3:a3:30:e6:dd:25:ba:f2:3a:da:12:90:f8:89:
4a:30:7b:35:8d:23:09:4c:cc:dd:84:49:45:b7:54:86:69:b1:
d8:d0:2b:7b:ba:a2:00:7e:79:15:f9:64:6e:8a:da:45:c9:40:
83:13:78:a8:41:56:85:a5:a7:6f:ea:41:cd:51:c4:79:de:74:
13:c4:2e:85:f1:87:d6:76:11:68:99:1d:77:8b:77:88:af:a4:
f3:02:04:12:f8:1f:52:22:fa:06:e5:46:13:78:11:92:e2:b0:
9c:38:b0:28:2f:ac:07:ff:67:41:f4:8c:3d:cf:36:4a:31:14:
e5:5c:1f:da:85:20:c9:b6:59:07:c4:c4:b6:c9:83:eb:5d:d1:
70:87:b1:c1:1e:4b:dc:a0:c2:3b:af:0c:3b:60:cf:25:1c:72:
e7:86:e3:07:8d:a9:1c:bd:e2:22:40:b2:7b:2c:4b:fb:88:97:
81:0a:72:4f:84:37:d7:14:b0:ba:a1:33:67:56:f6:6e:6b:2b:
b1:4e:70:4e:0a:93:0d:44:75:8d:c6:ea:23:75:d5:ce:a7:76:
ef:67:b0:8a:3d:6e:8a:4d:ef:00:31:e7:2b:90:31:8f:2a:ec:
87:2e:d6:ec
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZbUFl/YBhWvpbRQjVHcmalpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwNTE1MTMxNTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJmMjE1YjYwODllZWJjNjFlMDg4Nzk3ODQyOWUxMWM0NzkyZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCXTOhzoUilARBP0yo5zo/lfD+YF
h8hPGUeKMy3RwDu+HXm94r0cc9XUHLZ3IWvVpEya9jMRyh9lof1nP/ZNwmeWbpc1
FFJ9MvhoxfDmUVr83ArRBYW7fNhNvQr/wgdnsElukMPHST1zl4njR48ygxT0Budc
abY0+nk2uyKsI0yvMyiqzWliYZPBtPSa3c/TSa2kyvM9F7AMgY7mp/24YjfljTNr
xxzGnaaQd7elg16+FM2VshX2bFwJP/1navrxbJRmHqpNwdjRXqFiKHWQNGT6UjAP
0qfFofBNh9F3R9FHSPiq6orM0tBMnmkue/AVadvWpUO0ccdgw0SEMpy0SQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFGYvIVtgie68YeCIeXhCnhHEeS+QMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvWmk4aFcyQ0o3cnhoNEloNWVFS2VFY1I1TDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBVBAIAATBPAwMBUlQDAwFU
3AMEBV4gADALAwQGXiBAAwMAXiADAwFeIjAMAwQDwc8YAwQAwc8aMAsDBATBzzAD
AwTBwAMEBcOC4AMEBdR7QAMEBtXNADANBAIAAjAHAwUAKgEH0DANBgkqhkiG9w0B
AQsFAAOCAQEAIWRYrFfy3x6W1hN7MdhPZRog71S/RvOjMObdJbryOtoSkPiJSjB7
NY0jCUzM3YRJRbdUhmmx2NAre7qiAH55FflkboraRclAgxN4qEFWhaWnb+pBzVHE
ed50E8QuhfGH1nYRaJkdd4t3iK+k8wIEEvgfUiL6BuVGE3gRkuKwnDiwKC+sB/9n
QfSMPc82SjEU5Vwf2oUgybZZB8TEtsmD613RcIexwR5L3KDCO68MO2DPJRxy54bj
B42pHL3iIkCyeyxL+4iXgQpyT4Q31xSwuqEzZ1b2bmsrsU5wTgqTDUR1jcbqI3XV
zqd272ewij1uik3vADHnK5Axjyrshy7W7A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:14:17 2025 by rpki-client