Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/Oj2oBSEYN0AxEtpzgynfA1O2tKc.roa
File: Oj2oBSEYN0AxEtpzgynfA1O2tKc.roa (raw, json)
Hash identifier: AW70m8C+StzKiKQ9sbHrpA1Ayz6gbRh9F8OZoj5Nh6Y=
Subject key identifier: 3A:3D:A8:05:21:18:37:40:31:12:DA:73:83:29:DF:03:53:B6:B4:A7
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 01869CFCF79DE623D0DAD6467C7D15044179
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/Oj2oBSEYN0AxEtpzgynfA1O2tKc.roa
Signing time: Wed 01 Mar 2023 11:44:29 +0000
ROA not before: Wed 01 Mar 2023 11:44:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44600
IP address blocks: 185.46.148.0/22 maxlen: 22
185.128.232.0/22 maxlen: 22
185.128.235.0/24 maxlen: 24
91.202.72.0/22 maxlen: 22
94.131.254.0/24 maxlen: 24
194.42.200.0/22 maxlen: 24
185.41.248.0/22 maxlen: 22
46.182.80.0/22 maxlen: 22
46.182.84.0/22 maxlen: 22
185.156.52.0/24 maxlen: 24
185.156.54.0/24 maxlen: 24
94.131.245.0/24 maxlen: 24
94.131.244.0/24 maxlen: 24
94.131.248.0/24 maxlen: 24
94.131.250.0/23 maxlen: 23
94.131.250.0/24 maxlen: 24
94.131.249.0/24 maxlen: 24
94.131.252.0/24 maxlen: 24
94.131.253.0/24 maxlen: 24
2a03:a600::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:fc:f7:9d:e6:23:d0:da:d6:46:7c:7d:15:04:41:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Mar 1 11:44:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a3da805211837403112da738329df0353b6b4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ac:0e:08:a8:08:2b:6b:6b:10:31:ee:1f:5d:
08:cf:4a:65:ac:6a:19:28:28:95:66:e4:06:23:2a:
d4:8c:07:94:54:fe:42:f3:94:87:5f:6d:07:40:27:
fb:46:1f:78:09:31:28:01:0f:b6:49:49:cb:c0:b0:
9b:ef:4c:4e:88:5e:a2:c8:1e:97:b1:70:41:e5:1a:
e7:48:92:b8:1f:36:37:96:7e:85:10:fc:ba:6f:e1:
64:bc:af:5d:95:d4:64:20:dd:e9:9a:5b:f1:34:19:
b6:b6:3b:93:79:ff:ab:03:1f:f4:4d:15:27:63:eb:
38:90:c1:5d:34:c4:df:ab:33:a0:93:18:1f:32:b4:
53:26:77:89:13:ff:3b:77:a3:08:de:d1:f3:0f:ec:
91:b5:39:df:14:19:45:be:25:a3:20:33:dc:d0:f6:
40:39:49:70:e6:19:1a:90:70:2c:2a:fb:40:13:c1:
ba:40:e4:04:f5:6b:b9:1f:bd:83:29:6f:a3:4d:ea:
b1:b6:b2:59:2e:23:87:af:86:61:ad:18:ce:50:97:
50:dc:3e:0a:0d:b7:3d:d1:81:62:43:ae:95:bc:0e:
c2:42:7b:c4:4d:41:ec:28:39:1a:0a:61:80:49:d1:
dd:0e:d6:a1:94:1f:21:37:24:34:09:b5:8f:9d:ee:
8a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3D:A8:05:21:18:37:40:31:12:DA:73:83:29:DF:03:53:B6:B4:A7
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/Oj2oBSEYN0AxEtpzgynfA1O2tKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.80.0/21
91.202.72.0/22
94.131.244.0/23
94.131.248.0-94.131.254.255
185.41.248.0/22
185.46.148.0/22
185.128.232.0/22
185.156.52.0/24
185.156.54.0/24
194.42.200.0/22
IPv6:
2a03:a600::/29
Signature Algorithm: sha256WithRSAEncryption
19:1f:ed:cd:25:ac:ab:ea:fe:b6:a6:bc:51:03:51:e0:a6:60:
aa:cb:7d:52:ad:d9:2f:33:7d:2e:54:e3:e5:c4:2d:33:96:c0:
05:3b:e7:4e:d1:7e:64:3d:dc:22:66:b5:0b:ec:57:df:ae:d9:
b7:32:21:09:20:a4:ae:56:a1:73:ed:eb:35:c8:5f:de:17:99:
8e:55:60:97:aa:a5:e0:24:bd:f3:54:a3:12:58:a9:1b:90:34:
09:90:a0:d6:34:6c:13:ed:74:8e:20:24:98:21:44:18:52:a2:
aa:30:7e:74:cf:a3:12:79:ce:c1:8d:f9:4d:e1:f1:99:2f:61:
53:e3:21:a9:be:f3:6c:39:d0:35:40:a9:84:60:c3:21:2c:29:
6e:0e:33:99:50:d1:0b:6b:b3:fd:85:fd:47:3d:24:3f:cb:0a:
64:f8:f9:65:0e:8f:8b:57:33:bb:50:ac:eb:39:2e:9c:68:68:
d4:99:c0:3d:2e:f6:45:6c:49:c7:57:af:fc:c6:e2:f1:f2:eb:
e3:aa:34:7a:0e:a0:99:f7:fd:9a:68:d5:d1:c0:2c:0d:c3:90:
fc:d8:04:ff:40:b0:5a:37:b6:86:c3:fd:af:f8:4c:55:da:e0:
2d:ef:5e:b7:74:47:fe:c0:2d:07:2f:32:1f:c3:0b:24:4a:59:
9c:e8:19:e6
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYac/Ped5iPQ2tZGfH0VBEF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjMwMzAxMTE0NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTNkYTgwNTIxMTgzNzQwMzExMmRhNzM4MzI5ZGYwMzUzYjZiNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqwOCKgIK2trEDHuH10Iz0plrGoZ
KCiVZuQGIyrUjAeUVP5C85SHX20HQCf7Rh94CTEoAQ+2SUnLwLCb70xOiF6iyB6X
sXBB5RrnSJK4HzY3ln6FEPy6b+FkvK9dldRkIN3pmlvxNBm2tjuTef+rAx/0TRUn
Y+s4kMFdNMTfqzOgkxgfMrRTJneJE/87d6MI3tHzD+yRtTnfFBlFviWjIDPc0PZA
OUlw5hkakHAsKvtAE8G6QOQE9Wu5H72DKW+jTeqxtrJZLiOHr4ZhrRjOUJdQ3D4K
Dbc90YFiQ66VvA7CQnvETUHsKDkaCmGASdHdDtahlB8hNyQ0CbWPne6KNQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFDo9qAUhGDdAMRLac4Mp3wNTtrSnMB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvT2oyb0JTRVlOMEF4RXRwemd5bmZBMU8ydEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQDLrZQAwQC
W8pIAwQBXoP0MAwDBANeg/gDBABeg/4DBAK5KfgDBAK5LpQDBAK5gOgDBAC5nDQD
BAC5nDYDBALCKsgwDQQCAAIwBwMFAyoDpgAwDQYJKoZIhvcNAQELBQADggEBABkf
7c0lrKvq/ramvFEDUeCmYKrLfVKt2S8zfS5U4+XELTOWwAU7507RfmQ93CJmtQvs
V9+u2bcyIQkgpK5WoXPt6zXIX94XmY5VYJeqpeAkvfNUoxJYqRuQNAmQoNY0bBPt
dI4gJJghRBhSoqowfnTPoxJ5zsGN+U3h8ZkvYVPjIam+82w50DVAqYRgwyEsKW4O
M5lQ0Qtrs/2F/Uc9JD/LCmT4+WUOj4tXM7tQrOs5LpxoaNSZwD0u9kVsScdXr/zG
4vHy6+OqNHoOoJn3/Zpo1dHALA3DkPzYBP9AsFo3tobD/a/4TFXa4C3vXrd0R/7A
LQcvMh/DCyRKWZzoGeY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:02:38 2025 by rpki-client