Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/Ewav34NDL_sQlDMlLxbolbEwga8.roa
File: Ewav34NDL_sQlDMlLxbolbEwga8.roa (raw, json)
Hash identifier: UDuXjsI6dtq+JoFI96CfcCdNP+lDOoOXSDk8MD+Ok6I=
Subject key identifier: 13:06:AF:DF:83:43:2F:FB:10:94:33:25:2F:16:E8:95:B1:30:81:AF
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 2A70EA7A
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/Ewav34NDL_sQlDMlLxbolbEwga8.roa
Signing time: Tue 26 Apr 2022 13:43:57 +0000
ROA not before: Tue 26 Apr 2022 13:43:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 79.112.0.0/13 maxlen: 24
213.157.189.0/24 maxlen: 24
185.129.36.0/22 maxlen: 22
188.26.128.0/18 maxlen: 24
212.93.128.0/19 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
212.93.143.0/24 maxlen: 24
31.14.104.0/21 maxlen: 24
79.112.0.0/14 maxlen: 24
213.157.160.0/19 maxlen: 24
188.26.224.0/19 maxlen: 24
194.102.80.0/23 maxlen: 24
194.102.81.0/24 maxlen: 24
31.14.192.0/21 maxlen: 24
81.18.64.0/19 maxlen: 24
31.14.224.0/22 maxlen: 24
82.76.0.0/14 maxlen: 24
5.12.0.0/14 maxlen: 24
93.113.40.0/22 maxlen: 24
84.232.128.0/17 maxlen: 24
188.27.0.0/16 maxlen: 24
79.118.0.0/15 maxlen: 24
86.120.0.0/13 maxlen: 24
82.137.16.0/20 maxlen: 24
81.196.0.0/16 maxlen: 24
82.137.32.0/19 maxlen: 24
188.26.0.0/17 maxlen: 24
193.111.232.0/24 maxlen: 24
5.2.128.0/17 maxlen: 24
79.117.0.0/16 maxlen: 24
188.24.0.0/15 maxlen: 24
212.54.96.0/19 maxlen: 24
62.231.64.0/18 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.54.120.0/24 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.0.0/18 maxlen: 24
89.46.12.0/22 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 712043130 (0x2a70ea7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Apr 26 13:43:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1306afdf83432ffb109433252f16e895b13081af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:47:5a:df:de:dc:4c:04:f7:c2:41:e5:17:2f:
c0:0a:fa:1b:ae:82:80:9d:d2:f2:53:b7:e8:b7:8e:
76:40:98:66:95:a0:7f:9e:2d:32:f3:97:b1:97:2a:
c8:c3:d8:bd:bf:71:eb:88:e7:f5:59:bc:cf:c2:41:
f7:52:ae:d3:b1:c3:f9:64:69:4a:0e:36:7f:46:51:
1c:99:59:a0:07:98:72:16:9a:8c:c4:fd:9f:29:4e:
17:e6:11:c6:55:87:4b:ad:8d:82:1e:c7:17:f5:af:
7d:ef:31:55:d9:f6:d5:20:cb:77:ba:8b:2f:03:97:
21:3e:0d:a6:85:27:91:52:25:4b:29:51:21:8e:64:
fb:89:d8:8e:a4:25:0d:c9:f0:2e:b5:66:a1:c3:f3:
57:ce:45:9b:bd:c6:8d:a4:ab:47:4f:94:84:71:5f:
ef:37:25:12:37:26:18:43:61:5a:6e:dc:f5:1a:31:
e2:54:bd:66:43:a0:18:5a:b3:eb:99:7f:71:07:2c:
2a:72:9f:64:b1:44:a0:1c:fd:db:ba:66:e3:de:32:
b5:4d:b4:d1:5f:3c:2a:d6:d7:7c:c3:fb:ad:c2:26:
58:30:f4:55:d0:32:bd:ab:11:65:d4:ba:21:ec:59:
91:dc:bd:c0:8e:58:01:58:81:e4:11:c6:8f:0c:41:
02:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:06:AF:DF:83:43:2F:FB:10:94:33:25:2F:16:E8:95:B1:30:81:AF
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/Ewav34NDL_sQlDMlLxbolbEwga8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.104.0/21
31.14.192.0/21
31.14.224.0/22
62.231.64.0/18
79.112.0.0/13
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.157.160.0/19
IPv6:
2a02:2f00::/28
Signature Algorithm: sha256WithRSAEncryption
56:ce:74:c7:47:be:e6:76:57:98:d6:1a:fe:cc:37:3b:1f:70:
31:6a:0f:c0:2e:31:3e:a4:c7:ff:99:5b:96:87:7e:e8:eb:d4:
3c:49:1d:d5:0a:a1:a6:6c:18:15:c4:78:68:19:b0:f7:ef:b6:
68:4e:c7:6d:48:e6:d7:94:cf:be:0a:8e:4c:8f:1c:4d:20:f4:
4d:45:cd:43:2c:37:fe:42:99:ca:e9:58:01:25:da:2e:5c:70:
cb:94:fc:b5:00:68:5d:ae:8e:28:f5:f1:47:26:00:56:93:89:
47:28:8a:7a:3a:91:20:f9:e6:47:e2:74:8c:e4:af:34:95:2d:
b1:b8:80:40:fb:17:98:90:24:3c:a9:98:7c:ba:21:18:f9:f5:
3a:7b:08:01:f8:4b:c6:e3:8e:fb:10:ea:e2:05:09:21:e2:8f:
b0:24:71:94:41:9f:40:df:25:bc:bd:37:e5:1b:aa:41:27:08:
5a:0c:52:c2:78:48:35:9c:80:8c:ed:94:50:18:4c:ae:50:07:
1e:ad:55:dd:e1:f4:34:9e:0f:9c:f1:97:cd:c2:2c:62:da:fa:
fe:bb:43:16:98:12:80:08:60:c0:41:7e:bc:9e:28:25:55:f2:
70:09:e7:36:e8:a2:14:2f:dc:43:99:3d:bc:0c:5b:fc:0b:c9:
50:7d:8a:0a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIEKnDqejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjU1NmFjYjVmM2I5NjFiNWNjMjRhMjk5NWYzNGVlOTFmNzlkYzE2MB4XDTIyMDQy
NjEzNDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTMwNmFmZGY4MzQz
MmZmYjEwOTQzMzI1MmYxNmU4OTViMTMwODFhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZHWt/e3EwE98JB5RcvwAr6G66CgJ3S8lO36LeOdkCYZpWg
f54tMvOXsZcqyMPYvb9x64jn9Vm8z8JB91Ku07HD+WRpSg42f0ZRHJlZoAeYchaa
jMT9nylOF+YRxlWHS62Ngh7HF/Wvfe8xVdn21SDLd7qLLwOXIT4NpoUnkVIlSylR
IY5k+4nYjqQlDcnwLrVmocPzV85Fm73GjaSrR0+UhHFf7zclEjcmGENhWm7c9Rox
4lS9ZkOgGFqz65l/cQcsKnKfZLFEoBz927pm494ytU200V88KtbXfMP7rcImWDD0
VdAyvasRZdS6IexZkdy9wI5YAViB5BHGjwxBAkkCAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBQTBq/fg0Mv+xCUMyUvFuiVsTCBrzAfBgNVHSMEGDAWgBQLVWrLXzuWG1zC
SimV807pH3ncFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0MxVnF5MTg3bGh0Y3drb3BsZk5PNlI5NTNCWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvODI5ZmRmLWJhNjMtNGMyMy05MWQxLWQyYmJmMzdkYWJiNC8x
L0V3YXYzNE5ETF9zUWxETWxMeGJvbGJFd2dhOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
ODI5ZmRmLWJhNjMtNGMyMy05MWQxLWQyYmJmMzdkYWJiNC8xL0MxVnF5MTg3bGh0
Y3drb3BsZk5PNlI5NTNCWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgZoEAgABMIGTAwQHBQKAAwMCBQwDBAMfDmgD
BAMfDsADBAIfDuADBAY+50ADAwNPcAMEBVESQAMDAFHEAwMCUkwDBAZSiQADBAdU
6IADAwNWeAMEAlkuDAMEAl1xKAMEArmBJDALAwMDvBgDBAa8GoAwCwMEBbwa4AMD
ArwYAwQAwW/oAwQBwmZQAwQF1DZgAwQF1F2AAwQF1Z2gMA0EAgACMAcDBQQqAi8A
MA0GCSqGSIb3DQEBCwUAA4IBAQBWznTHR77mdleY1hr+zDc7H3Axag/ALjE+pMf/
mVuWh37o69Q8SR3VCqGmbBgVxHhoGbD377ZoTsdtSObXlM++Co5MjxxNIPRNRc1D
LDf+QpnK6VgBJdouXHDLlPy1AGhdro4o9fFHJgBWk4lHKIp6OpEg+eZH4nSM5K80
lS2xuIBA+xeYkCQ8qZh8uiEY+fU6ewgB+EvG4477EOriBQkh4o+wJHGUQZ9A3yW8
vTflG6pBJwhaDFLCeEg1nICM7ZRQGEyuUAcerVXd4fQ0ng+c8ZfNwixi2vr+u0MW
mBKACGDAQX68niglVfJwCec26KIUL9xDmT28DFv8C8lQfYoK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:48 2025 by rpki-client