Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/b8EBR74382gL9rZTKD0C68VFeT8.roa
File: b8EBR74382gL9rZTKD0C68VFeT8.roa (raw, json)
Hash identifier: HjtgTAkOqQsRPajol4AxYkiRabzx1MpxdkVKtfKZE9M=
Subject key identifier: 6F:C1:01:47:BE:37:F3:68:0B:F6:B6:53:28:3D:02:EB:C5:45:79:3F
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 018BDE11FB7586A929A03BBC410A77F08D72
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/b8EBR74382gL9rZTKD0C68VFeT8.roa
Signing time: Fri 17 Nov 2023 16:16:42 +0000
ROA not before: Fri 17 Nov 2023 16:16:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 195.92.0.0/16 maxlen: 16
195.80.64.0/19 maxlen: 19
194.112.64.0/18 maxlen: 18
194.6.64.0/19 maxlen: 19
194.205.0.0/16 maxlen: 16
62.208.0.0/16 maxlen: 16
213.216.128.0/18 maxlen: 18
194.6.0.0/18 maxlen: 18
213.38.0.0/16 maxlen: 16
217.134.0.0/15 maxlen: 15
217.161.0.0/16 maxlen: 16
141.1.0.0/16 maxlen: 16
195.89.13.0/24 maxlen: 24
195.10.0.0/18 maxlen: 18
212.165.0.0/19 maxlen: 19
193.164.160.0/19 maxlen: 19
194.176.128.0/19 maxlen: 19
195.144.128.0/19 maxlen: 19
212.62.0.0/19 maxlen: 19
212.158.0.0/17 maxlen: 17
195.89.0.0/16 maxlen: 16
185.204.4.0/22 maxlen: 22
213.12.0.0/16 maxlen: 16
195.44.0.0/16 maxlen: 16
217.135.0.0/16 maxlen: 16
195.2.0.0/19 maxlen: 19
62.221.0.0/19 maxlen: 19
194.221.0.0/16 maxlen: 16
62.25.64.0/18 maxlen: 18
195.59.0.0/16 maxlen: 16
195.27.0.0/16 maxlen: 16
194.152.64.0/19 maxlen: 19
194.177.160.0/19 maxlen: 19
213.185.192.0/19 maxlen: 19
212.137.0.0/16 maxlen: 16
2001:5000::/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:11:fb:75:86:a9:29:a0:3b:bc:41:0a:77:f0:8d:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Nov 17 16:16:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fc10147be37f3680bf6b653283d02ebc545793f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8b:2a:50:a9:de:1c:6b:39:e7:4d:db:35:43:
3f:b2:5b:2e:84:c5:8f:40:77:2c:71:3a:f6:b9:87:
6b:75:c6:33:b5:89:09:e7:9b:4f:53:c5:43:d9:6b:
1b:e9:61:8c:22:2b:1b:32:81:ed:05:80:d7:70:8a:
6e:28:13:cc:0a:dc:6e:a1:43:d7:fb:b3:e2:11:d7:
14:0c:f8:8b:13:45:55:4b:48:cd:b4:5b:21:dc:35:
4c:de:70:49:21:e9:ab:52:49:f2:5b:be:85:ba:41:
85:4c:92:28:df:ae:c4:fd:9a:ba:d7:8b:0d:dc:e2:
6f:29:65:3d:e6:f3:88:45:65:5a:65:df:c3:8c:75:
9d:04:75:92:eb:47:91:9f:6d:32:31:35:89:f7:cd:
c4:ea:82:c1:8f:91:c9:d2:ac:0b:59:a8:c2:ad:1a:
e1:42:8b:94:c4:25:db:60:09:3c:d4:d4:87:d3:0f:
04:6f:88:4c:ef:80:39:7f:03:bc:b5:f7:77:2f:85:
30:db:59:ed:d5:5d:63:4b:cf:0c:ea:74:2a:ec:f9:
ef:30:3a:86:6e:29:b0:b9:64:6c:bb:dd:c7:20:81:
25:6b:01:9c:b3:32:53:24:b2:20:5a:e5:7a:b6:b6:
db:9c:6e:8e:4f:d5:b5:94:b7:2d:bf:6e:d5:70:89:
c1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C1:01:47:BE:37:F3:68:0B:F6:B6:53:28:3D:02:EB:C5:45:79:3F
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/b8EBR74382gL9rZTKD0C68VFeT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.25.64.0/18
62.208.0.0/16
62.221.0.0/19
141.1.0.0/16
185.204.4.0/22
193.164.160.0/19
194.6.0.0-194.6.95.255
194.112.64.0/18
194.152.64.0/19
194.176.128.0/19
194.177.160.0/19
194.205.0.0/16
194.221.0.0/16
195.2.0.0/19
195.10.0.0/18
195.27.0.0/16
195.44.0.0/16
195.59.0.0/16
195.80.64.0/19
195.89.0.0/16
195.92.0.0/16
195.144.128.0/19
212.62.0.0/19
212.137.0.0/16
212.158.0.0/17
212.165.0.0/19
213.12.0.0/16
213.38.0.0/16
213.185.192.0/19
213.216.128.0/18
217.134.0.0/15
217.161.0.0/16
IPv6:
2001:5000::/21
Signature Algorithm: sha256WithRSAEncryption
59:17:2f:98:60:32:35:1a:a7:77:56:ff:b7:e4:fc:29:71:23:
ff:a3:9f:42:dc:68:d4:1a:90:7f:00:6c:a9:ca:7c:7c:fe:36:
b9:67:9d:a5:24:61:f0:10:27:0d:6d:aa:b9:ec:39:b6:96:9c:
a4:30:6b:f6:ad:32:5e:1b:dd:89:62:e5:bd:d7:ca:d1:6d:e8:
f6:6b:4e:c1:87:82:64:cd:8d:b9:c2:72:65:32:66:a0:d4:7e:
5d:d0:8e:4c:30:05:e7:33:64:90:56:61:ec:67:99:45:fd:26:
dd:31:9a:f1:00:61:6c:25:7c:3a:61:26:92:d9:43:c4:4f:42:
e6:61:db:94:74:3b:9e:36:ec:6c:36:7c:86:c4:9a:31:d3:3d:
51:f1:e6:ea:e3:fe:71:21:a5:55:e2:da:ce:8e:63:a9:b8:7e:
15:7c:c0:7c:57:cf:6c:85:4f:7c:b0:69:78:ff:5d:bc:0c:74:
01:b8:dd:3b:8a:2c:c1:7b:a7:5f:f4:83:5e:07:1a:c8:bb:d9:
03:4b:af:a3:cd:9e:6f:6b:5d:b3:d8:24:45:45:38:76:fb:7a:
ec:f6:09:31:0f:f0:be:61:ef:89:25:90:e5:85:c1:3e:a0:c0:
74:f9:c7:71:35:ef:b6:7d:98:88:8b:4d:5d:82:d5:7f:30:29:
ff:40:7f:94
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYveEft1hqkpoDu8QQp38I1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjMxMTE3MTYxNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmMxMDE0N2JlMzdmMzY4MGJmNmI2NTMyODNkMDJlYmM1NDU3OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4sqUKneHGs5503bNUM/slsuhMWP
QHcscTr2uYdrdcYztYkJ55tPU8VD2Wsb6WGMIisbMoHtBYDXcIpuKBPMCtxuoUPX
+7PiEdcUDPiLE0VVS0jNtFsh3DVM3nBJIemrUknyW76FukGFTJIo367E/Zq614sN
3OJvKWU95vOIRWVaZd/DjHWdBHWS60eRn20yMTWJ983E6oLBj5HJ0qwLWajCrRrh
QouUxCXbYAk81NSH0w8Eb4hM74A5fwO8tfd3L4Uw21nt1V1jS88M6nQq7PnvMDqG
bimwuWRsu93HIIElawGcszJTJLIgWuV6trbbnG6OT9W1lLctv27VcInBxQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFG/BAUe+N/NoC/a2Uyg9AuvFRXk/MB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvYjhFQlI3NDM4MmdMOXJaVEtEMEM2OFZGZVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBwAQCAAEwgbkDBAY+
GUADAwA+0AMEBT7dAAMDAI0BAwQCucwEAwQFwaSgMAsDAwHCBgMEBcIGQAMEBsJw
QAMEBcKYQAMEBcKwgAMEBcKxoAMDAMLNAwMAwt0DBAXDAgADBAbDCgADAwDDGwMD
AMMsAwMAwzsDBAXDUEADAwDDWQMDAMNcAwQFw5CAAwQF1D4AAwMA1IkDBAfUngAD
BAXUpQADAwDVDAMDANUmAwQF1bnAAwQG1diAAwMB2YYDAwDZoTAMBAIAAjAGAwQD
IAFQMA0GCSqGSIb3DQEBCwUAA4IBAQBZFy+YYDI1Gqd3Vv+35PwpcSP/o59C3GjU
GpB/AGypynx8/ja5Z52lJGHwECcNbaq57Dm2lpykMGv2rTJeG92JYuW918rRbej2
a07Bh4JkzY25wnJlMmag1H5d0I5MMAXnM2SQVmHsZ5lF/SbdMZrxAGFsJXw6YSaS
2UPET0LmYduUdDueNuxsNnyGxJox0z1R8ebq4/5xIaVV4trOjmOpuH4VfMB8V89s
hU98sGl4/128DHQBuN07iizBe6df9INeBxrIu9kDS6+jzZ5va12z2CRFRTh2+3rs
9gkxD/C+Ye+JJZDlhcE+oMB0+cdxNe+2fZiIi01dgtV/MCn/QH+U
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:03:40 2025 by rpki-client