Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qBls02XpsbSqRWIbK7NO0Fa4g_g.roa
File: qBls02XpsbSqRWIbK7NO0Fa4g_g.roa (raw, json)
Hash identifier: 0FQ5nM5RWoKQW/Ukmulxpg1yiXwInvxVdalGXxPiLxM=
Subject key identifier: A8:19:6C:D3:65:E9:B1:B4:AA:45:62:1B:2B:B3:4E:D0:56:B8:83:F8
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018F19FD1286C057B425BC39E41B98FFA523
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qBls02XpsbSqRWIbK7NO0Fa4g_g.roa
Signing time: Fri 26 Apr 2024 10:39:26 +0000
ROA not before: Fri 26 Apr 2024 10:39:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34369
IP address blocks: 84.241.0.0/18 maxlen: 24
94.182.0.0/15 maxlen: 24
94.182.109.0/24 maxlen: 24
94.182.151.0/24 maxlen: 24
151.238.0.0/15 maxlen: 24
151.240.0.0/13 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:fd:12:86:c0:57:b4:25:bc:39:e4:1b:98:ff:a5:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 26 10:39:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8196cd365e9b1b4aa45621b2bb34ed056b883f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:03:75:81:09:dd:13:f2:ee:0c:6e:87:0d:1e:
01:79:be:b6:84:f8:67:06:d0:80:98:6f:d6:02:ee:
0f:3b:08:11:9f:76:03:4a:ef:0a:bb:69:e1:b9:80:
35:5f:07:0a:44:da:fe:f1:f4:f2:8a:e0:58:da:ff:
99:ca:0f:bc:dc:2d:62:26:2a:34:cd:99:de:61:64:
a2:4c:7d:a2:10:69:91:e6:a7:0c:36:78:8a:04:a6:
57:1a:15:d7:4d:c0:ac:53:a2:2d:3e:fa:b5:3a:6c:
ef:59:d5:94:23:1b:70:62:06:25:6f:50:7d:97:17:
7a:1a:fb:d3:05:71:5d:b1:89:ba:af:6d:66:8e:cd:
f0:df:d0:7e:09:f4:16:20:7f:c3:69:05:9f:23:4e:
de:96:96:2c:8a:f0:b0:c7:0b:49:2d:08:09:dd:25:
7c:b9:bc:6b:7c:94:c7:4d:ae:e0:48:2d:dd:75:08:
97:c9:02:24:e6:b3:68:c2:b3:b8:f3:f4:e0:90:4d:
42:a7:32:ab:b4:6b:de:7f:17:5e:02:f7:09:1e:1a:
4e:dc:e0:1c:ef:8b:19:79:1c:5b:28:8b:62:7a:a3:
b0:6b:19:33:f7:ad:ea:21:20:11:2e:2d:0d:dd:ae:
fb:56:91:68:56:a6:2a:ad:74:44:dd:f6:db:e1:cb:
94:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:19:6C:D3:65:E9:B1:B4:AA:45:62:1B:2B:B3:4E:D0:56:B8:83:F8
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qBls02XpsbSqRWIbK7NO0Fa4g_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.241.0.0/18
94.182.0.0/15
151.238.0.0-151.247.255.255
Signature Algorithm: sha256WithRSAEncryption
35:49:7e:0e:4c:1e:54:fd:77:26:aa:92:4b:4f:b0:6a:4c:ca:
d7:59:7f:d4:cd:2f:ea:79:7b:e0:36:f3:1d:60:8c:5c:5b:0c:
0f:23:07:bd:95:01:23:d7:3b:a0:2e:4b:17:a2:37:99:c8:6b:
0a:d6:84:42:aa:12:af:41:66:5e:8d:71:29:62:29:db:83:90:
c5:1c:60:ef:fc:40:e0:9e:0b:3e:44:72:13:b0:ec:46:e2:16:
33:27:78:e6:3b:51:57:0f:4e:2b:82:f4:b1:8b:85:25:72:45:
a4:7e:09:90:5c:a9:58:1a:52:b5:da:fe:27:d8:b0:ab:8d:80:
db:63:5f:50:d3:b0:b2:22:73:1b:7b:de:a3:04:90:a9:4c:75:
63:43:1e:95:9b:45:bd:4f:aa:24:06:ac:8f:f0:c5:23:a9:8a:
cd:0d:a0:e1:dd:1b:13:8c:07:79:fa:3a:bd:bf:3f:f3:f8:47:
5d:bd:38:e8:c2:47:03:95:83:d4:5e:00:74:f3:9f:aa:57:19:
98:3a:ce:47:b2:c2:33:31:76:92:0d:e1:4a:04:3a:a4:52:ee:
d2:16:da:13:7a:bc:3e:d5:65:dd:96:4a:85:28:88:66:f3:c1:
fa:1f:0d:c5:19:41:09:6c:5e:72:65:e1:df:19:12:88:a1:4e:
9e:20:8c:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8Z/RKGwFe0Jbw55BuY/6UjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNDI2MTAzOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE5NmNkMzY1ZTliMWI0YWE0NTYyMWIyYmIzNGVkMDU2Yjg4M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwN1gQndE/LuDG6HDR4Beb62hPhn
BtCAmG/WAu4POwgRn3YDSu8Ku2nhuYA1XwcKRNr+8fTyiuBY2v+Zyg+83C1iJio0
zZneYWSiTH2iEGmR5qcMNniKBKZXGhXXTcCsU6ItPvq1OmzvWdWUIxtwYgYlb1B9
lxd6GvvTBXFdsYm6r21mjs3w39B+CfQWIH/DaQWfI07elpYsivCwxwtJLQgJ3SV8
ubxrfJTHTa7gSC3ddQiXyQIk5rNowrO48/TgkE1CpzKrtGvefxdeAvcJHhpO3OAc
74sZeRxbKItieqOwaxkz963qISARLi0N3a77VpFoVqYqrXRE3fbb4cuUPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKgZbNNl6bG0qkViGyuzTtBWuIP4MB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvcUJsczAyWHBzYlNxUldJYks3Tk8wRmE0Z19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQGVPEAAwMB
XrYwCgMDAZfuAwMDl/AwDQYJKoZIhvcNAQELBQADggEBADVJfg5MHlT9dyaqkktP
sGpMytdZf9TNL+p5e+A28x1gjFxbDA8jB72VASPXO6AuSxeiN5nIawrWhEKqEq9B
Zl6NcSliKduDkMUcYO/8QOCeCz5EchOw7EbiFjMneOY7UVcPTiuC9LGLhSVyRaR+
CZBcqVgaUrXa/ifYsKuNgNtjX1DTsLIicxt73qMEkKlMdWNDHpWbRb1PqiQGrI/w
xSOpis0NoOHdGxOMB3n6Or2/P/P4R129OOjCRwOVg9ReAHTzn6pXGZg6zkeywjMx
dpIN4UoEOqRS7tIW2hN6vD7VZd2WSoUoiGbzwfofDcUZQQlsXnJl4d8ZEoihTp4g
jBM=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:10:06 2025 by rpki-client