Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/eYCqdUVNE-c5oBxB1-JeG2a70tY.roa
File: eYCqdUVNE-c5oBxB1-JeG2a70tY.roa (raw, json)
Hash identifier: bi8a0NTGWl0L090ZVVYWIlJ/xxYdHr5/BM/LHhAzudc=
Subject key identifier: 79:80:AA:75:45:4D:13:E7:39:A0:1C:41:D7:E2:5E:1B:66:BB:D2:D6
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018F2DE87EF08273BCD0B309AD48B7F3FEDE
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/eYCqdUVNE-c5oBxB1-JeG2a70tY.roa
Signing time: Tue 30 Apr 2024 07:29:22 +0000
ROA not before: Tue 30 Apr 2024 07:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.194.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
109.122.196.0/24 maxlen: 24
109.122.197.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
109.122.208.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.214.0/24 maxlen: 24
109.122.215.0/24 maxlen: 24
109.122.216.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
109.122.218.0/24 maxlen: 24
109.122.219.0/24 maxlen: 24
109.122.220.0/24 maxlen: 24
109.122.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:e8:7e:f0:82:73:bc:d0:b3:09:ad:48:b7:f3:fe:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Apr 30 07:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7980aa75454d13e739a01c41d7e25e1b66bbd2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f2:9f:03:33:5d:69:18:14:9b:bb:d6:03:8a:
9b:9b:d2:0d:d1:5b:7c:fd:4a:da:8c:17:88:58:51:
80:a1:2c:39:99:44:c0:3d:bb:c2:27:e6:a5:da:aa:
fc:8d:40:4f:02:09:3c:75:fc:b7:26:af:40:d9:44:
74:3a:3c:2b:2c:fc:b7:b9:48:cb:81:ed:49:48:82:
ac:81:99:fb:38:c7:1a:bd:90:bc:e8:2e:4a:b5:4b:
9b:5c:b4:e3:91:ff:79:1e:3d:a7:8c:ec:2d:7f:fb:
2f:03:0b:14:2a:09:18:c7:0a:1e:7b:c6:c1:9d:54:
c1:f4:17:e2:c6:b7:33:1d:16:71:28:75:51:75:4a:
da:e3:8b:db:0d:7e:97:05:99:58:24:95:ea:12:06:
27:f0:c5:ca:3f:8b:ee:c6:17:7b:46:59:87:20:77:
ad:dd:3e:ca:50:91:87:9a:9c:9f:68:c0:d6:40:f0:
ea:26:cc:c9:ce:11:11:24:28:a0:03:67:0d:36:2d:
62:45:ce:10:02:3c:91:04:2a:2e:02:3d:11:cc:e8:
f6:c2:aa:d3:07:2b:52:26:6a:ed:37:2f:59:55:b0:
cb:f3:43:6f:69:45:64:3f:48:bb:b6:4e:25:5d:6f:
4c:0f:2a:a9:69:3d:ff:1a:d4:7f:da:e4:0f:2a:bb:
bc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:80:AA:75:45:4D:13:E7:39:A0:1C:41:D7:E2:5E:1B:66:BB:D2:D6
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/eYCqdUVNE-c5oBxB1-JeG2a70tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0-109.122.197.255
109.122.201.0/24
109.122.203.0/24
109.122.205.0/24
109.122.207.0-109.122.208.255
109.122.210.0-109.122.221.255
Signature Algorithm: sha256WithRSAEncryption
94:94:b7:bc:86:f9:5a:42:3b:de:13:81:14:12:32:6c:e9:c0:
fd:70:1b:5d:4b:02:8e:a8:60:6e:55:60:76:d1:5d:cb:6f:8c:
2d:43:f3:bc:cd:36:20:7a:e2:97:da:bb:e0:59:fc:1f:ac:c9:
70:de:f1:87:3f:31:1d:ac:0b:d8:59:b5:7c:c0:c4:7a:cc:1d:
27:db:7b:fb:0a:55:61:2f:37:da:96:39:cd:c1:76:a1:2a:a6:
06:63:f0:95:ea:5b:0e:bf:6e:67:32:72:56:4b:d6:38:28:89:
a1:6a:cc:d1:e4:c7:a7:c1:91:06:6a:55:42:53:66:14:8d:f8:
94:3c:ec:ed:f8:50:af:8e:9f:4f:e2:e5:d8:d5:61:0e:5c:9c:
99:73:bf:22:58:7d:b6:d9:ba:ef:7a:9e:21:1a:9a:20:71:f3:
3a:98:2e:99:8d:4b:da:b2:8c:b7:ca:33:7c:76:08:da:27:46:
95:f6:78:ad:21:60:56:43:07:c8:0b:88:82:d3:77:b9:1b:68:
4c:31:57:22:e3:06:06:42:82:b2:19:fe:e3:d1:82:f9:02:d1:
e4:ef:d9:99:29:cf:06:e8:1d:73:db:cb:0c:58:4c:ae:94:8c:
c8:8a:5a:e3:e6:78:1b:c3:4c:63:ea:02:c6:27:96:72:87:b4:
69:02:8c:e2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY8t6H7wgnO80LMJrUi38/7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwNDMwMDcyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTgwYWE3NTQ1NGQxM2U3MzlhMDFjNDFkN2UyNWUxYjY2YmJkMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPKfAzNdaRgUm7vWA4qbm9IN0Vt8
/UrajBeIWFGAoSw5mUTAPbvCJ+al2qr8jUBPAgk8dfy3Jq9A2UR0OjwrLPy3uUjL
ge1JSIKsgZn7OMcavZC86C5KtUubXLTjkf95Hj2njOwtf/svAwsUKgkYxwoee8bB
nVTB9BfixrczHRZxKHVRdUra44vbDX6XBZlYJJXqEgYn8MXKP4vuxhd7RlmHIHet
3T7KUJGHmpyfaMDWQPDqJszJzhERJCigA2cNNi1iRc4QAjyRBCouAj0RzOj2wqrT
BytSJmrtNy9ZVbDL80NvaUVkP0i7tk4lXW9MDyqpaT3/GtR/2uQPKru8NwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHmAqnVFTRPnOaAcQdfiXhtmu9LWMB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvZVlDcWRVVk5FLWM1b0J4QjEtSmVHMmE3MHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAZtesAD
BAFtesQDBABteskDBABtessDBABtes0wDAMEAG16zwMEAG160DAMAwQBbXrSAwQB
bXrcMA0GCSqGSIb3DQEBCwUAA4IBAQCUlLe8hvlaQjveE4EUEjJs6cD9cBtdSwKO
qGBuVWB20V3Lb4wtQ/O8zTYgeuKX2rvgWfwfrMlw3vGHPzEdrAvYWbV8wMR6zB0n
23v7ClVhLzfaljnNwXahKqYGY/CV6lsOv25nMnJWS9Y4KImhaszR5MenwZEGalVC
U2YUjfiUPOzt+FCvjp9P4uXY1WEOXJyZc78iWH222brvep4hGpogcfM6mC6ZjUva
soy3yjN8dgjaJ0aV9nitIWBWQwfIC4iC03e5G2hMMVci4wYGQoKyGf7j0YL5AtHk
79mZKc8G6B1z28sMWEyulIzIilrj5ngbw0xj6gLGJ5Zyh7RpAozi
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:33:01 2025 by rpki-client