Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/C1DnUwjgTlunYR5jDybAY7YQwd4.roa
File: C1DnUwjgTlunYR5jDybAY7YQwd4.roa (raw, json)
Hash identifier: JTsJgaw12hQd8iJMprQmPqmvXXwX207WG/bL3HD1d14=
Subject key identifier: 0B:50:E7:53:08:E0:4E:5B:A7:61:1E:63:0F:26:C0:63:B6:10:C1:DE
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018ED6F6DEA68CF45F0516584CE5FDCFFCC2
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/C1DnUwjgTlunYR5jDybAY7YQwd4.roa
Signing time: Sat 13 Apr 2024 10:18:06 +0000
ROA not before: Sat 13 Apr 2024 10:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43212
IP address blocks: 94.182.14.0/24 maxlen: 24
151.247.180.0/22 maxlen: 22
151.247.184.0/22 maxlen: 22
151.247.188.0/22 maxlen: 22
151.247.192.0/22 maxlen: 22
217.60.188.0/22 maxlen: 22
217.60.192.0/22 maxlen: 22
217.60.196.0/22 maxlen: 22
217.60.200.0/22 maxlen: 22
217.60.200.0/24 maxlen: 24
217.60.201.0/24 maxlen: 24
217.60.202.0/24 maxlen: 24
217.60.203.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:f6:de:a6:8c:f4:5f:05:16:58:4c:e5:fd:cf:fc:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 13 10:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b50e75308e04e5ba7611e630f26c063b610c1de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:55:e9:ab:82:ef:cd:4a:b6:51:ad:c9:bc:27:
7c:9a:ba:1b:ac:f2:9b:95:60:0a:cb:de:fe:7d:6d:
4f:46:b8:39:f4:56:13:56:fd:55:5e:5b:f2:3c:7c:
d8:b3:86:a5:5a:20:3a:2f:d9:9e:3e:39:2f:80:e6:
7a:bb:de:bd:61:49:94:8c:6e:09:8c:6a:aa:e3:07:
c4:24:d8:03:f3:da:26:14:c9:16:b1:69:f1:bc:fa:
74:35:5c:cd:85:14:65:ca:d7:7d:d3:30:d0:fb:06:
91:21:d6:9c:95:10:07:e9:d3:fb:ca:6d:05:10:ca:
8e:29:b8:2d:29:72:05:83:ca:91:bf:80:69:f8:de:
11:9b:62:ae:b7:f3:6a:c8:0e:33:87:a0:94:ab:d4:
7a:58:b2:92:3f:7b:c5:9c:07:34:df:55:51:6e:bf:
a2:88:5f:14:f1:f7:99:03:b9:6a:13:7d:96:72:88:
33:f8:ba:aa:01:5f:f9:7a:72:96:4f:54:72:47:59:
c2:92:6d:09:11:6f:82:98:a6:41:e2:26:e4:fe:b0:
7d:07:39:b5:23:33:7f:e8:0f:15:1f:76:9f:f2:dd:
49:10:ea:94:12:4f:66:f2:b5:c2:b8:23:fd:e7:4c:
97:5a:0e:bb:80:35:5d:99:57:85:62:59:cd:84:29:
e7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:50:E7:53:08:E0:4E:5B:A7:61:1E:63:0F:26:C0:63:B6:10:C1:DE
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/C1DnUwjgTlunYR5jDybAY7YQwd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.182.14.0/24
151.247.180.0-151.247.195.255
217.60.188.0-217.60.203.255
Signature Algorithm: sha256WithRSAEncryption
85:cb:e5:32:4e:b5:54:a6:c3:08:3e:85:5f:6a:bd:6e:41:15:
8d:06:55:a4:09:92:1d:b2:87:04:5e:05:99:91:7f:7f:7c:c7:
3e:a7:38:7b:9d:7d:4d:78:02:c0:3f:57:e2:ff:34:10:15:6e:
f6:f8:9a:83:6c:47:73:2d:a3:d7:de:1e:e1:db:32:8c:d1:f0:
49:bb:47:88:f1:6c:2d:c6:90:4d:97:c8:0a:7f:8c:f3:80:51:
66:8a:81:18:26:48:69:f7:17:9e:6b:d5:bb:f8:07:bc:9e:4a:
74:54:2f:d2:39:6b:c4:8e:7e:d3:d7:d9:61:ff:ce:ab:a1:6b:
85:2d:67:a8:cd:5f:22:7b:ce:13:12:18:6f:fd:16:a8:e2:a5:
23:29:45:28:55:54:ab:b6:95:2e:23:8e:57:4e:bd:1c:fb:62:
37:a3:0f:58:58:ab:07:88:41:7a:52:65:5c:1e:0f:10:99:be:
2b:ff:4d:d5:e6:48:c5:b8:20:2d:15:c7:2e:58:59:50:75:91:
1d:c1:f3:06:8c:32:64:5d:65:a1:5b:a7:12:60:80:c3:7e:e0:
de:09:4d:e1:54:88:32:63:93:60:23:99:15:95:40:30:66:67:
1a:1d:b0:82:67:19:c8:f0:fc:e8:72:94:29:b4:c2:90:b3:85:
5a:84:c3:f2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY7W9t6mjPRfBRZYTOX9z/zCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNDEzMTAxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjUwZTc1MzA4ZTA0ZTViYTc2MTFlNjMwZjI2YzA2M2I2MTBjMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVXpq4LvzUq2Ua3JvCd8mrobrPKb
lWAKy97+fW1PRrg59FYTVv1VXlvyPHzYs4alWiA6L9mePjkvgOZ6u969YUmUjG4J
jGqq4wfEJNgD89omFMkWsWnxvPp0NVzNhRRlytd90zDQ+waRIdaclRAH6dP7ym0F
EMqOKbgtKXIFg8qRv4Bp+N4Rm2Kut/NqyA4zh6CUq9R6WLKSP3vFnAc031VRbr+i
iF8U8feZA7lqE32Wcogz+LqqAV/5enKWT1RyR1nCkm0JEW+CmKZB4ibk/rB9Bzm1
IzN/6A8VH3af8t1JEOqUEk9m8rXCuCP950yXWg67gDVdmVeFYlnNhCnn+wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAtQ51MI4E5bp2EeYw8mwGO2EMHeMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvQzFEblV3amdUbHVuWVI1akR5YkFZN1lRd2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAXrYOMAwD
BAKX97QDBAKX98AwDAMEAtk8vAMEAtk8yDANBgkqhkiG9w0BAQsFAAOCAQEAhcvl
Mk61VKbDCD6FX2q9bkEVjQZVpAmSHbKHBF4FmZF/f3zHPqc4e519TXgCwD9X4v80
EBVu9viag2xHcy2j194e4dsyjNHwSbtHiPFsLcaQTZfICn+M84BRZoqBGCZIafcX
nmvVu/gHvJ5KdFQv0jlrxI5+09fZYf/Oq6FrhS1nqM1fInvOExIYb/0WqOKlIylF
KFVUq7aVLiOOV069HPtiN6MPWFirB4hBelJlXB4PEJm+K/9N1eZIxbggLRXHLlhZ
UHWRHcHzBowyZF1loVunEmCAw37g3glN4VSIMmOTYCOZFZVAMGZnGh2wgmcZyPD8
6HKUKbTCkLOFWoTD8g==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:08:23 2025 by rpki-client