Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/oE_HSIzESIV8r6hXogsb4ZRc_tU.roa
File: oE_HSIzESIV8r6hXogsb4ZRc_tU.roa (raw, json)
Hash identifier: 04TsBma54rTS+PItkHOsn0M2JfIx5P5iiITnoR1eqDM=
Subject key identifier: A0:4F:C7:48:8C:C4:48:85:7C:AF:A8:57:A2:0B:1B:E1:94:5C:FE:D5
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0193D9F35812EF10604EFDFF1AB3B33ACD7F
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/oE_HSIzESIV8r6hXogsb4ZRc_tU.roa
Signing time: Wed 18 Dec 2024 13:27:03 +0000
ROA not before: Wed 18 Dec 2024 13:27:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8612
IP address blocks: 82.84.0.0/15 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.85.53.64/26 maxlen: 26
84.220.0.0/15 maxlen: 15
84.220.0.0/16 maxlen: 24
84.221.0.0/16 maxlen: 24
94.32.0.0/19 maxlen: 24
94.32.64.0/18 maxlen: 24
94.32.115.0/24 maxlen: 24
94.32.128.0/17 maxlen: 24
94.34.0.0/16 maxlen: 24
94.35.0.0/16 maxlen: 24
193.43.2.0/24 maxlen: 24
193.207.24.0/23 maxlen: 23
193.207.26.0/24 maxlen: 24
193.207.48.0/20 maxlen: 24
193.207.64.0/18 maxlen: 24
193.207.96.0/20 maxlen: 21
193.207.128.0/17 maxlen: 22
195.130.224.0/19 maxlen: 19
212.123.64.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
213.205.0.251/32 maxlen: 32
217.133.0.0/16 maxlen: 16
217.133.170.0/24 maxlen: 24
2a01:7d0::/32 maxlen: 32
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:f3:58:12:ef:10:60:4e:fd:ff:1a:b3:b3:3a:cd:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Dec 18 13:27:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a04fc7488cc448857cafa857a20b1be1945cfed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3d:57:15:01:a9:cb:10:bb:d9:04:2c:37:3f:
ac:6e:08:ac:9b:de:6a:a7:6a:4b:49:e8:2f:3c:a8:
40:e9:2b:91:58:68:ee:38:d8:16:9f:e8:6b:99:d7:
5a:29:75:87:83:9d:ab:57:53:6a:71:e7:2d:4a:10:
a9:69:aa:52:18:07:6f:e3:b4:c1:22:b1:b9:97:47:
dd:e8:f8:76:96:20:e3:97:45:0c:22:33:e1:cc:bc:
f3:87:a9:ba:bf:a8:23:65:15:3e:33:11:e0:a0:2f:
5e:0c:30:8d:47:3d:c4:be:86:5e:ce:ef:11:08:25:
5a:85:c5:c9:73:a3:c5:2b:a6:7e:77:25:b0:81:8e:
15:1c:82:3a:5a:02:fa:e8:cd:05:cc:eb:15:b3:8a:
fc:80:8b:fc:cf:ec:d3:c9:40:c3:eb:9e:76:f8:ba:
0c:b7:99:03:b8:54:d3:38:33:1c:4c:19:6f:6f:f8:
9c:f9:20:8a:0c:50:f0:0a:f2:76:02:2f:05:5d:a6:
d9:01:21:2a:55:ba:90:12:3a:1a:e2:00:76:36:ef:
ed:6a:24:c8:e7:82:8e:a6:8a:36:9f:62:86:bd:a9:
de:dd:c4:d4:f0:66:1c:1b:59:8a:96:2c:fa:4c:68:
82:0d:3f:c0:64:6c:e5:75:33:36:00:84:19:05:3b:
02:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4F:C7:48:8C:C4:48:85:7C:AF:A8:57:A2:0B:1B:E1:94:5C:FE:D5
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/oE_HSIzESIV8r6hXogsb4ZRc_tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/19
94.32.64.0-94.32.255.255
94.34.0.0/15
193.43.2.0/24
193.207.24.0-193.207.26.255
193.207.48.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:90:47:c0:ac:c7:19:22:ee:2e:c5:5c:4b:6c:e7:20:ee:ea:
97:5c:70:a0:42:f9:bb:17:13:da:d4:e5:ae:35:00:ca:e8:58:
4d:fc:5a:d6:e2:64:3f:c6:81:a9:91:74:5f:95:93:c6:de:b1:
96:a6:ee:1c:95:a3:dd:a4:ad:87:8e:03:9d:98:b2:05:3b:41:
16:bb:a9:40:36:62:ea:20:d1:7f:f5:aa:f1:bf:f6:e8:e1:aa:
88:a8:66:3e:40:53:df:2c:a6:c2:c5:2b:84:03:eb:c5:4f:63:
8d:de:56:3d:6f:74:42:7d:b5:84:35:f5:bb:dd:5b:11:72:0b:
81:d1:ff:a3:e2:d3:3f:ea:e4:22:e4:0b:d4:3c:63:b0:c4:b3:
3a:cb:56:16:4e:24:99:88:29:9e:35:bd:2b:34:23:36:93:8d:
ea:cf:06:92:bb:d4:93:31:23:1b:a1:fd:50:cf:c6:ee:d6:a0:
c5:17:a4:bb:9e:bd:8d:ad:20:4d:c0:d0:cb:6e:7f:af:00:b4:
89:7d:3d:01:26:4b:54:2a:41:2f:48:3f:92:2b:17:c5:d6:1f:
f8:c1:15:d1:2b:99:f3:94:a0:11:b5:3c:6c:91:af:7f:a9:fd:
e5:b4:f2:bd:4c:be:0b:97:07:87:70:3c:7b:0a:d4:24:13:08:
77:99:e5:32
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZPZ81gS7xBgTv3/GrOzOs1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjQxMjE4MTMyNzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDRmYzc0ODhjYzQ0ODg1N2NhZmE4NTdhMjBiMWJlMTk0NWNmZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz1XFQGpyxC72QQsNz+sbgism95q
p2pLSegvPKhA6SuRWGjuONgWn+hrmddaKXWHg52rV1NqcectShCpaapSGAdv47TB
IrG5l0fd6Ph2liDjl0UMIjPhzLzzh6m6v6gjZRU+MxHgoC9eDDCNRz3EvoZezu8R
CCVahcXJc6PFK6Z+dyWwgY4VHII6WgL66M0FzOsVs4r8gIv8z+zTyUDD6552+LoM
t5kDuFTTODMcTBlvb/ic+SCKDFDwCvJ2Ai8FXabZASEqVbqQEjoa4gB2Nu/taiTI
54KOpoo2n2KGvane3cTU8GYcG1mKliz6TGiCDT/AZGzldTM2AIQZBTsCdwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFKBPx0iMxEiFfK+oV6ILG+GUXP7VMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvb0VfSFNJekVTSVY4cjZoWG9nc2I0WlJjX3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMDAVJUAwMB
VNwDBAVeIAAwCwMEBl4gQAMDAF4gAwMBXiIDBADBKwIwDAMEA8HPGAMEAMHPGjAL
AwQEwc8wAwMEwcADBAXDguADBAXUe0ADBAbVzQADAwDZhTANBAIAAjAHAwUAKgEH
0DANBgkqhkiG9w0BAQsFAAOCAQEAX5BHwKzHGSLuLsVcS2znIO7ql1xwoEL5uxcT
2tTlrjUAyuhYTfxa1uJkP8aBqZF0X5WTxt6xlqbuHJWj3aSth44DnZiyBTtBFrup
QDZi6iDRf/Wq8b/26OGqiKhmPkBT3yymwsUrhAPrxU9jjd5WPW90Qn21hDX1u91b
EXILgdH/o+LTP+rkIuQL1DxjsMSzOstWFk4kmYgpnjW9KzQjNpON6s8GkrvUkzEj
G6H9UM/G7tagxReku569ja0gTcDQy25/rwC0iX09ASZLVCpBL0g/kisXxdYf+MEV
0SuZ85SgEbU8bJGvf6n95bTyvUy+C5cHh3A8ewrUJBMId5nlMg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:38:11 2025 by rpki-client