Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/_aERoJB3asBaV-2ktDEKyLTwGGA.roa
File: _aERoJB3asBaV-2ktDEKyLTwGGA.roa (raw, json)
Hash identifier: iZGRGjVEcdbIUyCXKhaBinvqxmuIcrxGd3L23ybG67k=
Subject key identifier: FD:A1:11:A0:90:77:6A:C0:5A:57:ED:A4:B4:31:0A:C8:B4:F0:18:60
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 0194221F4729BF438E3AC76FCED9EE20C428
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/_aERoJB3asBaV-2ktDEKyLTwGGA.roa
Signing time: Wed 01 Jan 2025 13:47:42 +0000
ROA not before: Wed 01 Jan 2025 13:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1273
IP address blocks: 62.25.64.0/18 maxlen: 18
62.208.0.0/16 maxlen: 16
62.221.0.0/19 maxlen: 19
141.1.0.0/16 maxlen: 16
185.204.4.0/22 maxlen: 22
193.164.160.0/19 maxlen: 19
194.6.0.0/18 maxlen: 18
194.6.64.0/19 maxlen: 19
194.112.64.0/18 maxlen: 18
194.152.64.0/19 maxlen: 19
194.176.128.0/19 maxlen: 19
194.177.160.0/19 maxlen: 19
194.205.0.0/16 maxlen: 16
194.221.0.0/16 maxlen: 16
195.2.0.0/19 maxlen: 19
195.10.0.0/18 maxlen: 18
195.27.0.0/16 maxlen: 16
195.44.0.0/16 maxlen: 16
195.59.0.0/16 maxlen: 16
195.80.64.0/19 maxlen: 19
195.89.0.0/16 maxlen: 16
195.89.13.0/24 maxlen: 24
195.92.0.0/16 maxlen: 16
195.144.128.0/19 maxlen: 19
212.62.0.0/19 maxlen: 19
212.137.0.0/16 maxlen: 16
212.158.0.0/17 maxlen: 17
212.165.0.0/19 maxlen: 19
213.12.0.0/16 maxlen: 16
213.38.0.0/16 maxlen: 16
213.185.192.0/19 maxlen: 19
213.216.128.0/18 maxlen: 18
217.134.0.0/15 maxlen: 15
217.135.0.0/16 maxlen: 16
217.161.0.0/16 maxlen: 16
2001:5000::/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:47:29:bf:43:8e:3a:c7:6f:ce:d9:ee:20:c4:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Jan 1 13:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fda111a090776ac05a57eda4b4310ac8b4f01860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:61:c8:f3:22:7c:6f:e9:50:05:cf:14:5a:3b:
bf:0c:41:5a:01:cc:3a:aa:a8:92:eb:e0:e0:83:45:
db:6f:83:cb:ef:4a:e0:54:8e:f0:bf:2f:a5:ec:35:
22:f9:9f:05:09:39:06:c5:6a:da:60:3c:df:86:c2:
f2:39:6b:c1:1f:09:a7:bf:6e:b1:d2:3b:24:36:72:
7a:48:ef:8f:18:3f:b3:97:60:4a:81:c9:7f:21:59:
e1:9d:f8:48:4a:04:0b:c4:5e:fa:f5:4e:cc:f4:a5:
32:28:3d:0a:c3:7c:ee:ed:05:18:f9:d2:64:91:18:
14:92:89:45:f8:43:22:9f:85:17:eb:43:f9:65:3b:
6e:eb:a6:a1:a1:be:39:b5:70:0d:a3:0e:26:cb:01:
76:6c:b2:14:33:23:ff:f7:b3:15:e7:83:2a:58:28:
94:41:26:42:52:59:56:8a:47:35:d8:9e:4a:b2:aa:
95:92:ee:1f:a5:e9:9c:63:f9:df:71:d6:bb:c6:13:
20:26:af:75:28:8b:87:a7:15:81:be:5a:8c:4d:a6:
e6:72:cd:22:3f:a9:63:c2:be:78:76:a5:5a:8f:45:
31:d1:d9:9f:a3:63:5c:82:6a:40:0b:53:35:f5:3f:
40:d2:a0:38:00:f0:5e:b3:a4:91:56:a2:85:0b:d0:
ba:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A1:11:A0:90:77:6A:C0:5A:57:ED:A4:B4:31:0A:C8:B4:F0:18:60
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/_aERoJB3asBaV-2ktDEKyLTwGGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.25.64.0/18
62.208.0.0/16
62.221.0.0/19
141.1.0.0/16
185.204.4.0/22
193.164.160.0/19
194.6.0.0-194.6.95.255
194.112.64.0/18
194.152.64.0/19
194.176.128.0/19
194.177.160.0/19
194.205.0.0/16
194.221.0.0/16
195.2.0.0/19
195.10.0.0/18
195.27.0.0/16
195.44.0.0/16
195.59.0.0/16
195.80.64.0/19
195.89.0.0/16
195.92.0.0/16
195.144.128.0/19
212.62.0.0/19
212.137.0.0/16
212.158.0.0/17
212.165.0.0/19
213.12.0.0/16
213.38.0.0/16
213.185.192.0/19
213.216.128.0/18
217.134.0.0/15
217.161.0.0/16
IPv6:
2001:5000::/21
Signature Algorithm: sha256WithRSAEncryption
00:d4:4e:4e:be:26:d5:d2:17:22:c3:39:f6:9b:a4:99:c3:25:
84:81:19:c8:e6:97:67:fd:63:48:0a:e4:81:1f:b2:05:db:43:
51:d2:bc:e7:1f:c8:5c:ee:bc:b0:34:84:ee:52:53:f9:0f:76:
e9:67:fd:f4:b7:71:e8:77:61:00:17:f0:96:4c:de:22:00:1c:
8c:ce:1d:26:95:70:95:e7:70:67:f5:0e:a6:11:2c:af:af:09:
37:81:ed:e3:c6:e4:37:b8:b4:97:aa:e5:66:21:76:26:3a:88:
a6:c7:f8:de:75:e3:13:fc:7f:dd:88:d7:54:1d:88:85:be:b1:
24:1e:27:90:0c:f1:ac:fa:ea:82:02:e3:2f:01:63:18:6c:aa:
f5:c8:fd:9c:ba:1c:5a:7e:28:83:79:aa:71:bf:50:83:fa:81:
2e:9c:cd:7a:b7:6a:13:f7:1e:29:26:44:43:3c:b3:c7:8d:9d:
38:bf:1a:7c:77:db:f2:b5:99:8d:39:03:0a:95:04:95:0a:3b:
05:ee:21:e9:dd:da:5d:d2:73:ad:3c:63:05:d2:77:b7:28:e4:
3f:7a:18:16:55:bb:17:f3:21:4e:35:e4:6c:ae:29:92:6b:f7:
c8:81:ab:ca:09:c7:89:61:a5:fb:24:d9:36:fb:78:a6:1b:15:
20:17:8f:fe
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZQiH0cpv0OOOsdvztnuIMQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjUwMTAxMTM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGExMTFhMDkwNzc2YWMwNWE1N2VkYTRiNDMxMGFjOGI0ZjAxODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGHI8yJ8b+lQBc8UWju/DEFaAcw6
qqiS6+Dgg0Xbb4PL70rgVI7wvy+l7DUi+Z8FCTkGxWraYDzfhsLyOWvBHwmnv26x
0jskNnJ6SO+PGD+zl2BKgcl/IVnhnfhISgQLxF769U7M9KUyKD0Kw3zu7QUY+dJk
kRgUkolF+EMin4UX60P5ZTtu66ahob45tXANow4mywF2bLIUMyP/97MV54MqWCiU
QSZCUllWikc12J5KsqqVku4fpemcY/nfcda7xhMgJq91KIuHpxWBvlqMTabmcs0i
P6ljwr54dqVaj0Ux0dmfo2NcgmpAC1M19T9A0qA4APBes6SRVqKFC9C68wIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFP2hEaCQd2rAWlftpLQxCsi08BhgMB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvX2FFUm9KQjNhc0JhVi0ya3RERUt5TFR3R0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBwAQCAAEwgbkDBAY+
GUADAwA+0AMEBT7dAAMDAI0BAwQCucwEAwQFwaSgMAsDAwHCBgMEBcIGQAMEBsJw
QAMEBcKYQAMEBcKwgAMEBcKxoAMDAMLNAwMAwt0DBAXDAgADBAbDCgADAwDDGwMD
AMMsAwMAwzsDBAXDUEADAwDDWQMDAMNcAwQFw5CAAwQF1D4AAwMA1IkDBAfUngAD
BAXUpQADAwDVDAMDANUmAwQF1bnAAwQG1diAAwMB2YYDAwDZoTAMBAIAAjAGAwQD
IAFQMA0GCSqGSIb3DQEBCwUAA4IBAQAA1E5OvibV0hciwzn2m6SZwyWEgRnI5pdn
/WNICuSBH7IF20NR0rznH8hc7rywNITuUlP5D3bpZ/30t3Hod2EAF/CWTN4iAByM
zh0mlXCV53Bn9Q6mESyvrwk3ge3jxuQ3uLSXquVmIXYmOoimx/jedeMT/H/diNdU
HYiFvrEkHieQDPGs+uqCAuMvAWMYbKr1yP2cuhxafiiDeapxv1CD+oEunM16t2oT
9x4pJkRDPLPHjZ04vxp8d9vytZmNOQMKlQSVCjsF7iHp3dpd0nOtPGMF0ne3KOQ/
ehgWVbsX8yFONeRsrimSa/fIgavKCceJYaX7JNk2+3imGxUgF4/+
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:09:21 2025 by rpki-client