Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/ptcKQmPuynx0oRPAfH09cGSJwKg.roa
File: ptcKQmPuynx0oRPAfH09cGSJwKg.roa (raw, json)
Hash identifier: BUGeISoyJIlErZ3D/sXmEFZnAic80ansQik2oMenTgA=
Subject key identifier: A6:D7:0A:42:63:EE:CA:7C:74:A1:13:C0:7C:7D:3D:70:64:89:C0:A8
Certificate issuer: /CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Certificate serial: 0DF27C13
Authority key identifier: F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/ptcKQmPuynx0oRPAfH09cGSJwKg.roa
Signing time: Wed 30 Mar 2022 07:57:21 +0000
ROA not before: Wed 30 Mar 2022 07:57:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48919
IP address blocks: 31.128.163.0/24 maxlen: 24
95.215.95.0/24 maxlen: 24
95.215.92.0/22 maxlen: 22
95.215.94.0/24 maxlen: 24
95.215.93.0/24 maxlen: 24
31.128.160.0/19 maxlen: 19
31.128.170.0/24 maxlen: 24
31.128.169.0/24 maxlen: 24
31.128.167.0/24 maxlen: 24
31.128.177.0/24 maxlen: 24
31.128.178.0/24 maxlen: 24
31.128.183.0/24 maxlen: 24
31.128.182.0/24 maxlen: 24
31.128.181.0/24 maxlen: 24
31.128.191.0/24 maxlen: 24
31.128.190.0/24 maxlen: 24
31.128.189.0/24 maxlen: 24
2001:67c:19ac::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233995283 (0xdf27c13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Validity
Not Before: Mar 30 07:57:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6d70a4263eeca7c74a113c07c7d3d706489c0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:8f:5b:78:5e:75:54:7a:bf:ae:53:ee:3f:
8c:8a:35:c3:ce:3f:e1:4c:c6:72:c6:d3:c5:e1:e0:
0c:23:be:53:b7:6a:47:b1:92:4d:de:74:43:88:a2:
be:6b:28:c4:c3:86:bb:c4:7d:52:ac:bc:fa:a0:11:
a7:98:f5:d7:c2:e6:7d:d9:66:a9:b1:01:e5:0e:59:
3f:3c:30:17:cc:1d:f4:c1:4b:2b:05:df:3e:9a:8d:
01:fd:15:b5:bb:7d:1e:1a:e6:84:f4:d4:72:68:5f:
68:f6:9c:6d:77:b4:e2:2b:01:02:0d:83:65:e7:37:
c5:1f:5f:a7:9e:30:5c:24:1e:78:b0:10:90:3d:3e:
a9:5d:f7:4f:55:85:b6:d0:86:1e:44:a6:f4:3b:06:
bc:f7:70:b8:d1:6c:02:d1:76:5f:92:85:3c:de:f9:
98:29:fa:0c:0b:09:8e:49:f7:40:27:90:cf:90:1a:
59:79:30:d2:cb:19:49:d1:a3:26:e4:53:b1:da:60:
fb:1c:39:70:6b:18:2b:40:26:74:f1:1a:be:bc:cb:
73:b4:cf:45:76:f8:b2:a9:8e:7b:21:0e:5d:51:9e:
4c:75:64:ed:45:2d:d3:14:85:44:21:e6:7f:c5:43:
1d:5d:b0:26:c0:f3:36:01:6a:34:12:d7:96:ec:80:
ed:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D7:0A:42:63:EE:CA:7C:74:A1:13:C0:7C:7D:3D:70:64:89:C0:A8
X509v3 Authority Key Identifier:
keyid:F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/ptcKQmPuynx0oRPAfH09cGSJwKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.160.0/19
95.215.92.0/22
IPv6:
2001:67c:19ac::/48
Signature Algorithm: sha256WithRSAEncryption
34:06:62:cf:08:d4:b9:a5:09:e5:04:a5:61:3d:b5:d6:89:da:
29:02:e0:e8:f0:64:86:e1:69:cb:30:75:00:11:e5:21:28:00:
9d:6a:9a:59:fb:cc:56:2a:01:41:00:83:a0:55:51:41:c0:36:
40:aa:ce:bd:7a:a8:14:bf:20:9a:0a:e8:66:59:c7:17:50:49:
98:e9:8f:72:9b:63:0f:8c:48:e3:2a:f3:73:ed:75:fe:8d:d5:
82:bf:35:e0:df:08:3e:51:40:8e:fa:e4:cc:72:b4:16:ca:23:
3c:6a:44:36:0b:05:70:3a:9f:07:a8:9d:24:78:c8:ca:a7:96:
55:44:fb:cc:b1:f1:7a:59:10:6f:35:1f:c5:39:8d:e4:39:59:
24:41:e6:b2:07:cf:be:68:c5:e8:bb:69:8c:25:df:2b:82:a5:
9f:99:31:0c:a4:21:f7:b9:e1:11:e4:87:fd:ae:63:41:a5:5c:
1d:6b:43:d7:6d:de:67:9b:34:aa:c7:75:4b:d0:3b:87:d6:66:
6d:16:09:45:56:81:4d:f0:77:53:2a:09:1e:dd:2f:d5:9c:c1:
a5:2c:df:3e:ec:8c:15:94:f2:58:78:2e:7c:38:a7:4f:3a:5f:
ac:8f:fe:0a:c4:7a:46:e9:d5:54:5a:1e:e9:9f:48:b0:b3:ce:
39:dd:60:af
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEDfJ8EzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NmYxOGMwMjQwNTc0MmMyNTM3N2Q2OTZjZDJhNjlkY2M5NzRiZmY4MB4XDTIyMDMz
MDA3NTcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZkNzBhNDI2M2Vl
Y2E3Yzc0YTExM2MwN2M3ZDNkNzA2NDg5YzBhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQZj1t4XnVUer+uU+4/jIo1w84/4UzGcsbTxeHgDCO+U7dq
R7GSTd50Q4iivmsoxMOGu8R9Uqy8+qARp5j118LmfdlmqbEB5Q5ZPzwwF8wd9MFL
KwXfPpqNAf0Vtbt9HhrmhPTUcmhfaPacbXe04isBAg2DZec3xR9fp54wXCQeeLAQ
kD0+qV33T1WFttCGHkSm9DsGvPdwuNFsAtF2X5KFPN75mCn6DAsJjkn3QCeQz5Aa
WXkw0ssZSdGjJuRTsdpg+xw5cGsYK0AmdPEavrzLc7TPRXb4sqmOeyEOXVGeTHVk
7UUt0xSFRCHmf8VDHV2wJsDzNgFqNBLXluyA7fMCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSm1wpCY+7KfHShE8B8fT1wZInAqDAfBgNVHSMEGDAWgBT28YwCQFdCwlN3
1pbNKmncyXS/+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl2R01Ba0JYUXNKVGQ5YVd6U3BwM01sMHZfZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvZGYwNWUxLTY4NjItNGVkNC04NzZkLTE1MGI1ZGI0ZjU2Yi8x
L3B0Y0tRbVB1eW54MG9SUEFmSDA5Y0dTSndLZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
ZGYwNWUxLTY4NjItNGVkNC04NzZkLTE1MGI1ZGI0ZjU2Yi8xLzl2R01Ba0JYUXNK
VGQ5YVd6U3BwM01sMHZfZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEBR+AoAMEAl/XXDAPBAIAAjAJAwcA
IAEGfBmsMA0GCSqGSIb3DQEBCwUAA4IBAQA0BmLPCNS5pQnlBKVhPbXWidopAuDo
8GSG4WnLMHUAEeUhKACdappZ+8xWKgFBAIOgVVFBwDZAqs69eqgUvyCaCuhmWccX
UEmY6Y9ym2MPjEjjKvNz7XX+jdWCvzXg3wg+UUCO+uTMcrQWyiM8akQ2CwVwOp8H
qJ0keMjKp5ZVRPvMsfF6WRBvNR/FOY3kOVkkQeayB8++aMXou2mMJd8rgqWfmTEM
pCH3ueER5If9rmNBpVwda0PXbd5nmzSqx3VL0DuH1mZtFglFVoFN8HdTKgke3S/V
nMGlLN8+7IwVlPJYeC58OKdPOl+sj/4KxHpG6dVUWh7pn0iws8453WCv
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:17 2025 by rpki-client