Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/hC1nIH091Re_DVgwNDEhHwLd624.roa
File: hC1nIH091Re_DVgwNDEhHwLd624.roa (raw, json)
Hash identifier: 5X1wOHjeoDbCwlNLdjQEMeScQNeJn6vuYSeQ9VA6Nb8=
Subject key identifier: 84:2D:67:20:7D:3D:D5:17:BF:0D:58:30:34:31:21:1F:02:DD:EB:6E
Certificate issuer: /CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Certificate serial: 0185295688EA832224C272CBD2F611FDD261
Authority key identifier: 55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/hC1nIH091Re_DVgwNDEhHwLd624.roa
Signing time: Mon 19 Dec 2022 07:43:34 +0000
ROA not before: Mon 19 Dec 2022 07:43:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44814
IP address blocks: 93.94.137.0/24 maxlen: 24
185.7.217.0/24 maxlen: 24
46.253.0.0/21 maxlen: 21
46.253.10.0/24 maxlen: 24
46.253.15.0/24 maxlen: 24
95.169.218.0/24 maxlen: 24
2a01:4a40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:56:88:ea:83:22:24:c2:72:cb:d2:f6:11:fd:d2:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Validity
Not Before: Dec 19 07:43:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=842d67207d3dd517bf0d58303431211f02ddeb6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:87:ae:d7:e7:35:5f:db:c5:c4:17:9a:58:41:
80:72:d6:37:e7:7a:99:25:49:08:14:4b:32:d0:0f:
98:fc:4e:16:3c:ea:3c:e3:fb:a1:1b:ae:c9:12:87:
5f:4c:ca:d0:26:5e:a7:44:47:94:df:93:20:95:5c:
27:6a:da:25:c0:d1:86:c9:79:ec:e4:a9:4a:e1:23:
8b:35:4e:f2:2d:bb:bc:b6:55:25:ae:9f:6f:84:d7:
7e:be:1b:92:8a:f6:46:6b:a7:69:2a:98:f6:dd:cc:
93:5c:0d:21:3e:70:43:d7:3a:8b:09:9c:91:d4:be:
e6:5f:12:83:da:98:6c:48:a8:1e:22:53:16:95:a4:
1c:42:8e:c1:e0:8d:d6:c7:93:35:6a:42:72:eb:16:
e8:b5:2c:98:ac:14:19:db:fd:84:57:37:95:54:17:
46:b4:49:47:5c:55:76:7e:04:7a:a3:83:ef:c7:42:
94:35:c0:71:aa:b2:59:66:12:ef:13:4d:25:7e:cd:
14:17:11:39:ad:ad:95:e0:b8:3a:9f:a6:d5:b8:7c:
b8:3a:70:67:6e:72:e5:1f:5a:10:5c:c1:cb:3e:cd:
91:10:17:11:7f:99:cb:69:fb:20:3b:ff:2b:4a:df:
8a:ea:f3:c1:64:74:bb:5d:05:93:7a:37:45:be:c1:
b6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2D:67:20:7D:3D:D5:17:BF:0D:58:30:34:31:21:1F:02:DD:EB:6E
X509v3 Authority Key Identifier:
keyid:55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/hC1nIH091Re_DVgwNDEhHwLd624.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VXsKwQuGQqJ909dO1ste4EXme5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.0.0/21
46.253.10.0/24
46.253.15.0/24
93.94.137.0/24
95.169.218.0/24
185.7.217.0/24
IPv6:
2a01:4a40::/32
Signature Algorithm: sha256WithRSAEncryption
7c:f4:21:d7:24:aa:7a:c0:bb:85:66:23:2b:27:cc:fc:19:c0:
45:df:fb:ed:05:a2:b2:a2:d6:d9:45:3d:a5:9d:f5:74:b5:ac:
eb:15:47:2e:6f:26:56:15:f8:81:d4:ac:99:9a:d9:6a:a7:d7:
5d:08:8c:9d:c3:4f:f4:b2:85:e1:f2:1d:1c:e7:b1:8a:ab:d8:
5e:61:39:44:24:a2:8a:5b:cc:57:97:83:3e:a6:ec:24:22:88:
7a:02:08:99:da:77:2d:48:84:30:00:9f:3a:b3:01:70:34:5c:
3b:99:64:f6:7d:9a:37:be:40:d1:6e:72:b3:eb:b8:2e:ea:26:
18:03:85:b2:68:55:39:da:f7:60:c4:8f:2c:1c:51:37:80:f3:
d6:8f:1a:f8:29:f2:17:ea:9c:46:b3:d4:2b:3b:1c:68:4e:a0:
cb:0e:64:af:64:eb:1a:7e:d1:4a:1e:3e:67:b4:0d:37:91:2d:
34:70:c7:7f:50:96:9a:5a:2c:3f:b2:f4:6c:98:84:60:75:7f:
35:5b:b6:24:cb:3e:51:31:f4:b6:d0:b8:97:e2:54:68:52:71:
6c:18:ec:97:70:b1:e7:b6:1c:e0:0a:cd:29:ef:54:c5:6f:ce:
8c:81:ab:4e:ed:a4:64:1b:7a:89:c5:a3:37:df:70:26:7b:6f:
8c:71:11:7f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYUpVojqgyIkwnLL0vYR/dJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1N2IwYWMxMGI4NjQyYTI3ZGQzZDc0ZWQ2Y2I1ZWUwNDVl
NjdiOTcwHhcNMjIxMjE5MDc0MzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJkNjcyMDdkM2RkNTE3YmYwZDU4MzAzNDMxMjExZjAyZGRlYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4eu1+c1X9vFxBeaWEGActY353qZ
JUkIFEsy0A+Y/E4WPOo84/uhG67JEodfTMrQJl6nREeU35MglVwnatolwNGGyXns
5KlK4SOLNU7yLbu8tlUlrp9vhNd+vhuSivZGa6dpKpj23cyTXA0hPnBD1zqLCZyR
1L7mXxKD2phsSKgeIlMWlaQcQo7B4I3Wx5M1akJy6xbotSyYrBQZ2/2EVzeVVBdG
tElHXFV2fgR6o4Pvx0KUNcBxqrJZZhLvE00lfs0UFxE5ra2V4Lg6n6bVuHy4OnBn
bnLlH1oQXMHLPs2REBcRf5nLafsgO/8rSt+K6vPBZHS7XQWTejdFvsG2HwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIQtZyB9PdUXvw1YMDQxIR8C3etuMB8GA1UdIwQY
MBaAFFV7CsELhkKifdPXTtbLXuBF5nuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYt
ZmJlMWEwZDBhYTk4LzEvaEMxbklIMDkxUmVfRFZnd05ERWhId0xkNjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYtZmJlMWEwZDBhYTk4
LzEvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLv0AAwQA
Lv0KAwQALv0PAwQAXV6JAwQAX6naAwQAuQfZMA0EAgACMAcDBQAqAUpAMA0GCSqG
SIb3DQEBCwUAA4IBAQB89CHXJKp6wLuFZiMrJ8z8GcBF3/vtBaKyotbZRT2lnfV0
tazrFUcubyZWFfiB1KyZmtlqp9ddCIydw0/0soXh8h0c57GKq9heYTlEJKKKW8xX
l4M+puwkIoh6AgiZ2nctSIQwAJ86swFwNFw7mWT2fZo3vkDRbnKz67gu6iYYA4Wy
aFU52vdgxI8sHFE3gPPWjxr4KfIX6pxGs9QrOxxoTqDLDmSvZOsaftFKHj5ntA03
kS00cMd/UJaaWiw/svRsmIRgdX81W7Ykyz5RMfS20LiX4lRoUnFsGOyXcLHnthzg
Cs0p71TFb86MgatO7aRkG3qJxaM333Ame2+McRF/
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:58:18 2025 by rpki-client