Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/VwF4IrIHetKmO_erwKu0uBQD_9k.roa
File: VwF4IrIHetKmO_erwKu0uBQD_9k.roa (raw, json)
Hash identifier: w/7B4GOluZVeyMgMsxQ519CfoyI4DjowifahTJhYnMQ=
Subject key identifier: 57:01:78:22:B2:07:7A:D2:A6:3B:F7:AB:C0:AB:B4:B8:14:03:FF:D9
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 0583FC57
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/VwF4IrIHetKmO_erwKu0uBQD_9k.roa
Signing time: Thu 16 Jun 2022 12:58:44 +0000
ROA not before: Thu 16 Jun 2022 12:58:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50937
IP address blocks: 185.179.156.0/22 maxlen: 22
185.248.196.0/22 maxlen: 22
194.165.26.0/24 maxlen: 24
45.153.89.0/24 maxlen: 24
2a0a:8880:1::/48 maxlen: 48
2a0a:8880:aaaa::/48 maxlen: 48
2a0a:8880:2::/48 maxlen: 48
2a0f:4440:aaaa::/48 maxlen: 48
2a0f:4440:abcd::/48 maxlen: 48
2a0a:8880::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92535895 (0x583fc57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jun 16 12:58:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57017822b2077ad2a63bf7abc0abb4b81403ffd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:18:60:04:45:cf:40:39:0e:d6:7c:2f:50:
4a:bc:cf:fa:12:22:93:1d:ef:ab:a7:df:4a:39:0d:
94:24:34:47:aa:46:4b:90:ec:42:1b:2a:9e:f7:ab:
8a:f1:e2:72:61:18:eb:9b:ed:b5:1f:31:63:db:af:
3f:52:62:be:5a:ce:80:e1:5e:27:61:4e:3a:e0:51:
ce:9d:0d:d5:9f:37:44:8b:99:75:0b:8d:95:24:01:
31:a2:d7:42:9f:60:93:a5:b4:37:ec:9b:48:e3:6f:
3b:0f:f3:93:98:56:b5:77:e2:b2:9f:cd:ed:dc:c5:
da:b5:cf:27:6b:f3:98:27:4a:f7:8d:dd:ec:1e:c1:
4d:32:ec:07:af:73:38:a8:38:b7:31:ed:5f:54:68:
db:39:90:23:20:7e:0c:a2:56:94:61:18:32:78:7e:
0c:22:9c:02:21:ba:ad:f8:36:97:35:26:06:ea:5e:
f0:df:8d:a4:53:fb:02:7f:d6:01:f0:2b:f3:aa:ef:
86:5a:e5:98:87:e2:d7:a4:4c:73:d0:25:c6:09:19:
f8:43:37:f8:47:d5:6b:07:64:30:65:d9:fb:d2:48:
c3:58:04:8d:7a:ab:4d:b2:f9:1c:3d:4c:49:b7:de:
6d:d0:14:f0:60:4c:28:81:cd:91:83:5e:da:26:5c:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:01:78:22:B2:07:7A:D2:A6:3B:F7:AB:C0:AB:B4:B8:14:03:FF:D9
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/VwF4IrIHetKmO_erwKu0uBQD_9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.89.0/24
185.179.156.0/22
185.248.196.0/22
194.165.26.0/24
IPv6:
2a0a:8880::-2a0a:8880:2:ffff:ffff:ffff:ffff:ffff
2a0a:8880:aaaa::/48
2a0f:4440:aaaa::/48
2a0f:4440:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
32:c8:f1:76:41:51:43:6b:bf:19:31:6b:f9:b6:21:ff:d5:aa:
10:5a:dc:b2:3a:ff:a0:2c:2c:4d:c7:f8:d7:0d:a5:fd:5c:47:
ea:4a:66:57:6e:f0:39:0d:de:d9:d4:2c:ee:1d:6d:e2:99:e4:
f9:b1:52:b4:69:fd:d1:29:74:bb:84:89:14:3d:01:37:fc:38:
08:9e:1b:1f:e5:cc:10:74:17:4b:49:5d:6b:ce:e9:f6:97:a2:
4d:f0:8b:e1:df:75:d2:49:c6:ea:d1:24:f3:9a:c9:5f:68:d6:
e7:a5:dd:6d:2f:7e:37:67:45:10:18:49:56:0e:04:3e:bb:dc:
c3:ce:ad:ed:d4:77:d8:52:f2:0e:8b:1f:57:8a:38:4e:b7:4a:
fc:a1:e8:27:6a:48:64:e8:20:23:f4:5f:3b:03:42:41:86:af:
c3:60:e5:2f:86:3d:00:61:59:42:f3:90:c1:7f:9b:01:c7:dc:
3d:4b:43:1f:80:2f:18:38:fa:15:7c:ab:55:df:b1:c3:13:8f:
eb:d2:85:04:01:df:99:72:0f:31:7f:15:30:df:0b:c1:6e:bd:
cc:44:9c:5a:02:fc:58:37:61:38:48:d9:4e:1f:97:4a:41:1b:
57:68:da:e5:7d:d1:c9:d8:04:c1:e6:85:34:06:01:61:7a:71:
86:b3:70:45
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEBYP8VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTgyNDdkM2Y4MTQ3MmRiYmEwNmRiZWE5YmQxOWM3ODVkMThiYWJlMB4XDTIyMDYx
NjEyNTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTcwMTc4MjJiMjA3
N2FkMmE2M2JmN2FiYzBhYmI0YjgxNDAzZmZkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrKGGAERc9AOQ7WfC9QSrzP+hIikx3vq6ffSjkNlCQ0R6pG
S5DsQhsqnverivHicmEY65vttR8xY9uvP1JivlrOgOFeJ2FOOuBRzp0N1Z83RIuZ
dQuNlSQBMaLXQp9gk6W0N+ybSONvOw/zk5hWtXfisp/N7dzF2rXPJ2vzmCdK943d
7B7BTTLsB69zOKg4tzHtX1Ro2zmQIyB+DKJWlGEYMnh+DCKcAiG6rfg2lzUmBupe
8N+NpFP7An/WAfAr86rvhlrlmIfi16RMc9AlxgkZ+EM3+EfVawdkMGXZ+9JIw1gE
jXqrTbL5HD1MSbfebdAU8GBMKIHNkYNe2iZcJccCAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBRXAXgisgd60qY796vAq7S4FAP/2TAfBgNVHSMEGDAWgBTZgkfT+BRy27oG
2+qb0Zx4XRi6vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8x
L1Z3RjRJcklIZXRLbU9fZXJ3S3UwdUJRRF85ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8xLzJZSkgwX2dVY3R1
NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwHgQCAAEwGAMEAC2ZWQMEArmznAMEArn4xAMEAMKl
GjAzBAIAAjAtMBADBQcqCoiAAwcAKgqIgAACAwcAKgqIgKqqAwcAKg9EQKqqAwcA
Kg9EQKvNMA0GCSqGSIb3DQEBCwUAA4IBAQAyyPF2QVFDa78ZMWv5tiH/1aoQWtyy
Ov+gLCxNx/jXDaX9XEfqSmZXbvA5Dd7Z1CzuHW3imeT5sVK0af3RKXS7hIkUPQE3
/DgInhsf5cwQdBdLSV1rzun2l6JN8Ivh33XSScbq0STzmslfaNbnpd1tL343Z0UQ
GElWDgQ+u9zDzq3t1HfYUvIOix9XijhOt0r8oegnakhk6CAj9F87A0JBhq/DYOUv
hj0AYVlC85DBf5sBx9w9S0MfgC8YOPoVfKtV37HDE4/r0oUEAd+Zcg8xfxUw3wvB
br3MRJxaAvxYN2E4SNlOH5dKQRtXaNrlfdHJ2ATB5oU0BgFhenGGs3BF
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:23:10 2025 by rpki-client