Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/WiFB0NVTDo06rzjj_Wu2HN4N8_w.roa
File: WiFB0NVTDo06rzjj_Wu2HN4N8_w.roa (raw, json)
Hash identifier: 7hDtbDT9Tk6jk40kXCqNqgPkYM/xdV3WVK5XlzMntjc=
Subject key identifier: 5A:21:41:D0:D5:53:0E:8D:3A:AF:38:E3:FD:6B:B6:1C:DE:0D:F3:FC
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 2A412E2F
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/WiFB0NVTDo06rzjj_Wu2HN4N8_w.roa
Signing time: Wed 06 Apr 2022 15:02:55 +0000
ROA not before: Wed 06 Apr 2022 15:02:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 79.112.0.0/13 maxlen: 24
213.157.189.0/24 maxlen: 24
185.129.36.0/22 maxlen: 22
188.26.128.0/18 maxlen: 24
212.93.128.0/19 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
212.93.143.0/24 maxlen: 24
79.112.0.0/14 maxlen: 24
213.157.160.0/19 maxlen: 24
188.26.224.0/19 maxlen: 24
194.102.81.0/24 maxlen: 24
31.14.192.0/21 maxlen: 21
81.18.64.0/19 maxlen: 24
31.14.224.0/22 maxlen: 24
82.76.0.0/14 maxlen: 24
5.12.0.0/14 maxlen: 24
93.113.40.0/22 maxlen: 24
84.232.128.0/17 maxlen: 24
188.27.0.0/16 maxlen: 24
79.118.0.0/15 maxlen: 24
86.120.0.0/13 maxlen: 24
82.137.16.0/20 maxlen: 24
81.196.0.0/16 maxlen: 24
82.137.32.0/19 maxlen: 24
188.26.0.0/17 maxlen: 24
5.2.128.0/17 maxlen: 24
79.117.0.0/16 maxlen: 24
188.24.0.0/15 maxlen: 24
212.54.96.0/19 maxlen: 24
62.231.64.0/18 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.54.120.0/24 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.0.0/18 maxlen: 24
89.46.12.0/22 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 708914735 (0x2a412e2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Apr 6 15:02:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a2141d0d5530e8d3aaf38e3fd6bb61cde0df3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d4:e3:62:15:a3:15:b6:02:27:7a:cd:79:79:
13:ac:f8:fa:5c:0a:fb:1a:9b:e2:0f:61:5f:a3:7a:
fc:3b:71:29:55:a0:2f:c7:1a:8f:a0:d6:44:d6:6c:
99:41:c3:4d:c7:cb:6a:85:85:77:6c:84:89:7a:2f:
34:eb:d3:e9:65:88:6d:61:5a:a3:f3:f5:6e:34:9b:
9e:20:0b:43:00:3f:d5:f4:13:46:81:4f:6e:56:3c:
07:c8:d7:87:7c:80:e0:f1:e5:68:0a:dd:4c:24:bc:
3b:c7:06:fa:eb:db:e7:9e:e2:66:28:4a:3a:3f:0b:
d0:df:05:dd:db:21:3f:e8:5e:95:b8:ef:99:d7:e0:
03:2f:36:45:10:d4:03:c1:c5:fd:13:31:55:c9:c2:
d1:b6:6f:e8:5b:87:73:cb:7c:b6:19:7c:43:cf:5d:
0c:b6:66:cb:0b:90:fd:01:8d:62:dd:dc:4b:e5:a3:
f9:6b:97:00:c1:45:c0:5b:e0:6d:c3:86:b2:29:19:
91:af:28:ff:c9:88:ef:38:70:1a:46:61:2f:28:08:
dd:99:a4:98:85:42:ce:40:a9:e3:17:ec:70:ba:fc:
28:c5:f2:0d:64:4e:e6:e0:82:78:7a:4d:66:de:5a:
df:2b:74:83:42:92:f6:5d:9f:3d:69:33:b4:77:e5:
d5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:21:41:D0:D5:53:0E:8D:3A:AF:38:E3:FD:6B:B6:1C:DE:0D:F3:FC
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/WiFB0NVTDo06rzjj_Wu2HN4N8_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.192.0/21
31.14.224.0/22
62.231.64.0/18
79.112.0.0/13
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
194.102.81.0/24
212.54.96.0/19
212.93.128.0/19
213.157.160.0/19
IPv6:
2a02:2f00::/28
Signature Algorithm: sha256WithRSAEncryption
6e:c3:89:fc:94:a2:95:98:d1:67:68:8b:68:7c:6d:56:ad:a7:
71:42:69:ff:97:81:b3:9a:4f:8c:9c:d6:6e:49:83:ad:3c:55:
95:f0:82:85:d8:fa:a7:13:3c:c4:e8:02:af:1c:ac:88:0d:48:
76:07:fe:f6:d4:47:48:54:72:39:b6:8f:63:f8:80:f6:75:50:
4e:70:e7:1d:03:6e:22:68:ac:2e:5a:e6:ae:b1:5a:76:01:ca:
18:c6:24:14:44:7c:f4:2c:11:d3:2d:80:6e:33:07:3b:3b:a3:
65:8e:9f:16:59:91:96:10:0f:66:3a:0a:51:79:f2:02:36:4d:
14:e2:1a:ee:8d:5c:2a:ac:62:e7:df:1a:04:97:89:e9:c7:55:
7a:54:d1:31:85:f9:0e:aa:d4:a7:83:bc:9e:a1:df:74:81:c9:
30:ce:b4:f2:86:2a:77:33:6c:da:21:ba:a3:ae:22:41:60:7e:
96:3e:a2:3a:d6:46:3d:ca:7f:af:62:01:cd:fe:29:6c:b3:51:
1a:a9:65:21:be:80:25:a9:00:42:df:4e:ef:cc:8b:b5:19:eb:
c7:38:f6:31:6c:20:8d:50:cc:85:bf:8d:d7:ec:01:a1:7b:bb:
80:4a:12:01:e1:f8:8b:91:f4:21:a2:c3:fe:80:9d:e3:6a:7c:
c0:73:86:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIEKkEuLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjU1NmFjYjVmM2I5NjFiNWNjMjRhMjk5NWYzNGVlOTFmNzlkYzE2MB4XDTIyMDQw
NjE1MDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWEyMTQxZDBkNTUz
MGU4ZDNhYWYzOGUzZmQ2YmI2MWNkZTBkZjNmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3U42IVoxW2Aid6zXl5E6z4+lwK+xqb4g9hX6N6/DtxKVWg
L8caj6DWRNZsmUHDTcfLaoWFd2yEiXovNOvT6WWIbWFao/P1bjSbniALQwA/1fQT
RoFPblY8B8jXh3yA4PHlaArdTCS8O8cG+uvb557iZihKOj8L0N8F3dshP+helbjv
mdfgAy82RRDUA8HF/RMxVcnC0bZv6FuHc8t8thl8Q89dDLZmywuQ/QGNYt3cS+Wj
+WuXAMFFwFvgbcOGsikZka8o/8mI7zhwGkZhLygI3ZmkmIVCzkCp4xfscLr8KMXy
DWRO5uCCeHpNZt5a3yt0g0KS9l2fPWkztHfl1akCAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBRaIUHQ1VMOjTqvOOP9a7Yc3g3z/DAfBgNVHSMEGDAWgBQLVWrLXzuWG1zC
SimV807pH3ncFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0MxVnF5MTg3bGh0Y3drb3BsZk5PNlI5NTNCWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvODI5ZmRmLWJhNjMtNGMyMy05MWQxLWQyYmJmMzdkYWJiNC8x
L1dpRkIwTlZURG8wNnJ6ampfV3UySE40Tjhfdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
ODI5ZmRmLWJhNjMtNGMyMy05MWQxLWQyYmJmMzdkYWJiNC8xL0MxVnF5MTg3bGh0
Y3drb3BsZk5PNlI5NTNCWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgY4EAgABMIGHAwQHBQKAAwMCBQwDBAMfDsAD
BAIfDuADBAY+50ADAwNPcAMEBVESQAMDAFHEAwMCUkwDBAZSiQADBAdU6IADAwNW
eAMEAlkuDAMEAl1xKAMEArmBJDALAwMDvBgDBAa8GoAwCwMEBbwa4AMDArwYAwQA
wmZRAwQF1DZgAwQF1F2AAwQF1Z2gMA0EAgACMAcDBQQqAi8AMA0GCSqGSIb3DQEB
CwUAA4IBAQBuw4n8lKKVmNFnaItofG1WradxQmn/l4Gzmk+MnNZuSYOtPFWV8IKF
2PqnEzzE6AKvHKyIDUh2B/721EdIVHI5to9j+ID2dVBOcOcdA24iaKwuWuausVp2
AcoYxiQURHz0LBHTLYBuMwc7O6Nljp8WWZGWEA9mOgpRefICNk0U4hrujVwqrGLn
3xoEl4npx1V6VNExhfkOqtSng7yeod90gckwzrTyhip3M2zaIbqjriJBYH6WPqI6
1kY9yn+vYgHN/ilss1EaqWUhvoAlqQBC307vzIu1GevHOPYxbCCNUMyFv43X7AGh
e7uAShIB4fiLkfQhosP+gJ3janzAc4Zw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:48 2025 by rpki-client