Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/rxq3SWZ_MXujAkOm54CUczs8ROY.roa
File: rxq3SWZ_MXujAkOm54CUczs8ROY.roa (raw, json)
Hash identifier: YCnv7wK7YVzsnkhA5LpDqWGUp7TO4kI5V+g92+FEu48=
Subject key identifier: AF:1A:B7:49:66:7F:31:7B:A3:02:43:A6:E7:80:94:73:3B:3C:44:E6
Certificate issuer: /CN=064983d3a4a1c26aa295034869c584f757380b2b
Certificate serial: 0B3328F5
Authority key identifier: 06:49:83:D3:A4:A1:C2:6A:A2:95:03:48:69:C5:84:F7:57:38:0B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkmD06ShwmqilQNIacWE91c4Cys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/rxq3SWZ_MXujAkOm54CUczs8ROY.roa
Signing time: Sat 01 Jan 2022 11:05:08 +0000
ROA not before: Sat 01 Jan 2022 11:05:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50952
IP address blocks: 178.18.231.0/24 maxlen: 24
178.18.233.0/24 maxlen: 24
178.18.230.0/24 maxlen: 24
178.18.235.0/24 maxlen: 24
2a03:5f80:8::/46 maxlen: 46
2a03:5f80:4:1::/64 maxlen: 64
2a03:5f80:7::/64 maxlen: 64
2a03:5f80:4:4::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187902197 (0xb3328f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064983d3a4a1c26aa295034869c584f757380b2b
Validity
Not Before: Jan 1 11:05:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af1ab749667f317ba30243a6e78094733b3c44e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:cb:c8:a5:52:90:39:58:84:b5:c9:45:20:
21:93:bc:86:ee:d0:cd:9b:8e:0b:cf:72:e3:7a:22:
cb:84:59:a9:ad:2a:fa:5e:80:a0:d2:a6:7a:79:0e:
13:12:63:20:dd:ed:aa:68:83:af:64:b1:1b:f4:69:
2f:80:fd:a0:9f:c6:92:8d:7a:43:d0:8f:41:6e:01:
34:03:cf:0f:db:e8:06:f9:65:7d:ec:69:64:73:17:
12:1e:4d:21:8a:1a:b5:73:38:7d:79:ab:72:f4:c8:
d0:a2:49:e5:66:99:38:ad:36:5f:3c:dc:f3:3c:aa:
06:40:f8:b8:04:3e:fc:18:e4:f1:b2:a3:c0:07:5e:
5b:cf:39:c4:05:c6:4e:46:4a:a6:ed:b5:ff:7d:5c:
29:84:29:e8:d4:d6:fd:32:98:25:21:f6:48:5d:80:
17:71:cc:8b:d1:1a:c6:74:8e:95:c9:9b:13:68:75:
9f:be:fe:20:e4:38:a6:32:ec:1c:e4:f9:da:5d:79:
d9:34:9b:3a:ab:1b:f1:71:ab:5c:1c:a2:1a:c9:65:
3e:8b:ba:8f:52:d8:dc:4d:27:30:1c:5d:34:1f:83:
22:bf:8a:f0:11:7a:79:b9:4d:27:2f:2d:cd:73:c3:
9f:c2:91:d3:51:9d:dc:5a:bf:fe:30:93:2b:77:19:
be:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1A:B7:49:66:7F:31:7B:A3:02:43:A6:E7:80:94:73:3B:3C:44:E6
X509v3 Authority Key Identifier:
keyid:06:49:83:D3:A4:A1:C2:6A:A2:95:03:48:69:C5:84:F7:57:38:0B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkmD06ShwmqilQNIacWE91c4Cys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/rxq3SWZ_MXujAkOm54CUczs8ROY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/d37915-6a39-44d1-8e21-4ba3fc3484ce/1/BkmD06ShwmqilQNIacWE91c4Cys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.18.230.0/23
178.18.233.0/24
178.18.235.0/24
IPv6:
2a03:5f80:4:1::/64
2a03:5f80:4:4::/64
2a03:5f80:7::/64
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
73:27:05:13:98:a2:28:39:01:41:67:25:86:7b:41:6c:c3:f5:
d9:b2:9a:b1:d4:7a:c5:6c:fd:a9:45:c1:d6:41:34:9e:7f:31:
3d:6a:3f:ee:04:3f:2e:72:9a:bb:0d:d1:d2:aa:80:31:34:8e:
35:01:01:3f:f9:37:5f:5e:ce:bf:37:b6:fa:ec:9e:99:b5:d3:
c4:08:ca:c3:de:cf:2d:cb:ee:40:5d:23:99:f1:d6:f5:ed:56:
6a:0e:6a:c4:8d:09:56:d5:af:0e:41:4f:92:ab:25:a0:81:95:
7e:28:19:dd:90:c3:0f:22:e6:d4:c3:3b:65:b0:32:4c:19:fd:
62:4e:04:9b:51:fc:e6:79:eb:cd:2d:62:e8:5b:bf:1a:14:c4:
fa:0b:52:30:44:de:5a:7a:99:0f:1c:05:2c:83:c7:b6:f3:dc:
79:c6:6d:53:de:ba:67:ed:d6:75:38:d7:1b:f6:03:4c:3d:c6:
e6:8e:09:48:7d:db:61:7f:14:ba:1b:f3:de:1f:6b:4e:e8:76:
ec:28:fe:35:47:1f:cb:fa:d0:a2:7b:19:96:5d:7b:fa:9c:ed:
08:64:58:30:c5:59:37:05:24:7a:c2:76:ca:44:42:db:bb:69:
95:7b:91:61:de:29:11:49:ee:5e:e4:68:df:91:4d:70:c2:95:
e1:51:bb:21
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIECzMo9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjQ5ODNkM2E0YTFjMjZhYTI5NTAzNDg2OWM1ODRmNzU3MzgwYjJiMB4XDTIyMDEw
MTExMDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWYxYWI3NDk2Njdm
MzE3YmEzMDI0M2E2ZTc4MDk0NzMzYjNjNDRlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIncy8ilUpA5WIS1yUUgIZO8hu7QzZuOC89y43oiy4RZqa0q
+l6AoNKmenkOExJjIN3tqmiDr2SxG/RpL4D9oJ/Gko16Q9CPQW4BNAPPD9voBvll
fexpZHMXEh5NIYoatXM4fXmrcvTI0KJJ5WaZOK02Xzzc8zyqBkD4uAQ+/Bjk8bKj
wAdeW885xAXGTkZKpu21/31cKYQp6NTW/TKYJSH2SF2AF3HMi9EaxnSOlcmbE2h1
n77+IOQ4pjLsHOT52l152TSbOqsb8XGrXByiGsllPou6j1LY3E0nMBxdNB+DIr+K
8BF6eblNJy8tzXPDn8KR01Gd3Fq//jCTK3cZvn0CAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBSvGrdJZn8xe6MCQ6bngJRzOzxE5jAfBgNVHSMEGDAWgBQGSYPTpKHCaqKV
A0hpxYT3VzgLKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JrbUQwNlNod21xaWxRTklhY1dFOTFjNEN5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvZDM3OTE1LTZhMzktNDRkMS04ZTIxLTRiYTNmYzM0ODRjZS8x
L3J4cTNTV1pfTVh1akFrT201NENVY3pzOFJPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
ZDM3OTE1LTZhMzktNDRkMS04ZTIxLTRiYTNmYzM0ODRjZS8xL0JrbUQwNlNod21x
aWxRTklhY1dFOTFjNEN5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwGAQCAAEwEgMEAbIS5gMEALIS6QMEALIS6zAwBAIA
AjAqAwkAKgNfgAAEAAEDCQAqA1+AAAQABAMJACoDX4AABwAAAwcCKgNfgAAIMA0G
CSqGSIb3DQEBCwUAA4IBAQBzJwUTmKIoOQFBZyWGe0Fsw/XZspqx1HrFbP2pRcHW
QTSefzE9aj/uBD8ucpq7DdHSqoAxNI41AQE/+TdfXs6/N7b67J6ZtdPECMrD3s8t
y+5AXSOZ8db17VZqDmrEjQlW1a8OQU+SqyWggZV+KBndkMMPIubUwztlsDJMGf1i
TgSbUfzmeevNLWLoW78aFMT6C1IwRN5aepkPHAUsg8e289x5xm1T3rpn7dZ1ONcb
9gNMPcbmjglIfdthfxS6G/PeH2tO6HbsKP41Rx/L+tCiexmWXXv6nO0IZFgwxVk3
BSR6wnbKRELbu2mVe5Fh3ikRSe5e5GjfkU1wwpXhUbsh
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:03 2025 by rpki-client