Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/ueQbkAdkvL1aCfuBeLZxLDDdBTA.roa
File: ueQbkAdkvL1aCfuBeLZxLDDdBTA.roa (raw, json)
Hash identifier: r5K9Agop2zmv+IArfjf4YANuAy//K8WjEIqQ4TvyouY=
Subject key identifier: B9:E4:1B:90:07:64:BC:BD:5A:09:FB:81:78:B6:71:2C:30:DD:05:30
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 018CC348C0CCF06E906857407CBD60BDE49D
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/ueQbkAdkvL1aCfuBeLZxLDDdBTA.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44600
IP address blocks: 185.46.148.0/22 maxlen: 22
185.128.232.0/22 maxlen: 22
185.128.235.0/24 maxlen: 24
91.202.72.0/22 maxlen: 22
94.131.255.0/24 maxlen: 24
94.131.254.0/24 maxlen: 24
194.42.200.0/22 maxlen: 24
185.41.248.0/22 maxlen: 22
46.182.80.0/22 maxlen: 22
46.182.84.0/22 maxlen: 22
185.156.53.0/24 maxlen: 24
185.156.52.0/24 maxlen: 24
185.156.55.0/24 maxlen: 24
185.156.54.0/24 maxlen: 24
94.131.245.0/24 maxlen: 24
94.131.244.0/24 maxlen: 24
94.131.248.0/24 maxlen: 24
94.131.250.0/23 maxlen: 23
94.131.250.0/24 maxlen: 24
94.131.249.0/24 maxlen: 24
94.131.252.0/24 maxlen: 24
94.131.253.0/24 maxlen: 24
2a03:a600::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c0:cc:f0:6e:90:68:57:40:7c:bd:60:bd:e4:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9e41b900764bcbd5a09fb8178b6712c30dd0530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:38:b9:6b:8e:32:ec:58:57:8e:c3:73:91:b7:
b1:12:0d:db:d6:bd:65:13:21:7b:74:42:e8:97:c9:
01:f0:83:12:b1:98:6c:cf:31:03:4a:47:e7:4f:4d:
76:a0:35:88:ea:2b:0d:72:ca:9a:8f:4d:c0:d0:74:
16:fe:e9:ba:63:c3:3e:ac:08:af:bb:16:7e:de:15:
0c:9f:de:f8:05:d4:31:da:ca:54:14:62:a5:c5:82:
c1:75:04:77:8e:ba:3f:d6:21:5d:5f:73:4a:c0:3b:
ed:4a:97:d1:fb:bf:3a:cb:9f:42:49:5d:e4:48:23:
74:5d:0a:ad:21:3b:f3:0d:01:db:68:a9:7b:ae:06:
b0:48:2c:e9:86:47:c6:c4:39:ed:3b:1e:4d:8f:d3:
f8:e6:e3:2e:5f:66:cd:10:0e:31:5c:aa:f5:09:dd:
08:d9:2b:c2:bb:0f:a9:b9:8c:2a:f7:3b:09:1c:64:
13:9c:be:af:21:7d:16:24:e2:a2:40:a1:fc:27:48:
5c:85:76:cd:c0:2b:2a:f2:56:0d:10:32:97:d2:3a:
7e:57:74:df:c3:67:a7:43:94:4e:6f:55:41:cf:30:
0b:1c:ae:d3:84:1e:46:02:2d:a7:cc:b0:fe:8c:1a:
36:3f:69:bd:a1:a4:24:26:93:05:12:0d:71:28:53:
dc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E4:1B:90:07:64:BC:BD:5A:09:FB:81:78:B6:71:2C:30:DD:05:30
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/ueQbkAdkvL1aCfuBeLZxLDDdBTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.80.0/21
91.202.72.0/22
94.131.244.0/23
94.131.248.0/21
185.41.248.0/22
185.46.148.0/22
185.128.232.0/22
185.156.52.0/22
194.42.200.0/22
IPv6:
2a03:a600::/29
Signature Algorithm: sha256WithRSAEncryption
a3:b9:cf:d7:9d:27:bd:21:d7:68:56:50:f6:56:b2:2c:2f:d7:
9d:dd:c5:48:16:dd:d9:a2:ca:95:0d:38:22:f4:2a:40:c6:d5:
62:fd:3f:2d:7f:f5:cf:ff:59:3c:85:c1:82:6a:06:83:fe:ae:
dc:02:6e:98:13:13:8c:21:9f:a8:d9:70:00:98:5d:e1:7f:1d:
88:68:58:f8:eb:cf:7b:86:15:09:50:0b:de:89:f8:f9:53:7c:
ee:4d:b0:6f:78:57:12:ed:71:8e:b0:ec:05:54:68:74:62:65:
3c:88:cb:fd:dc:bd:ae:be:a9:0b:fb:94:fe:e5:81:85:61:7c:
33:ea:95:c9:4d:d2:71:a5:43:e7:7c:15:2e:26:1b:db:04:2f:
77:5d:8a:fb:95:9f:a1:33:63:6d:ea:84:27:b6:20:b8:f6:4c:
9e:bf:c9:94:f2:22:e3:61:a7:a4:46:70:51:d7:dd:30:df:d5:
b3:3f:b0:a0:f8:0d:37:29:b2:39:7c:c1:90:65:f9:8f:c3:39:
23:ea:4f:5c:4b:1f:08:4f:7f:5e:ac:12:3a:31:82:6e:64:38:
5c:9a:b5:06:f3:b6:b2:17:45:16:f3:a9:b1:6a:0b:de:f5:4b:
1d:f0:1c:69:5c:dd:b2:c3:fb:29:16:cd:60:b7:f8:da:68:7d:
92:fa:1f:35
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzDSMDM8G6QaFdAfL1gveSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWU0MWI5MDA3NjRiY2JkNWEwOWZiODE3OGI2NzEyYzMwZGQwNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ti5a44y7FhXjsNzkbexEg3b1r1l
EyF7dELol8kB8IMSsZhszzEDSkfnT012oDWI6isNcsqaj03A0HQW/um6Y8M+rAiv
uxZ+3hUMn974BdQx2spUFGKlxYLBdQR3jro/1iFdX3NKwDvtSpfR+786y59CSV3k
SCN0XQqtITvzDQHbaKl7rgawSCzphkfGxDntOx5Nj9P45uMuX2bNEA4xXKr1Cd0I
2SvCuw+puYwq9zsJHGQTnL6vIX0WJOKiQKH8J0hchXbNwCsq8lYNEDKX0jp+V3Tf
w2enQ5ROb1VBzzALHK7ThB5GAi2nzLD+jBo2P2m9oaQkJpMFEg1xKFPcLQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLnkG5AHZLy9Wgn7gXi2cSww3QUwMB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvdWVRYmtBZGt2TDFhQ2Z1QmVMWnhMRERkQlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLrZQAwQC
W8pIAwQBXoP0AwQDXoP4AwQCuSn4AwQCuS6UAwQCuYDoAwQCuZw0AwQCwirIMA0E
AgACMAcDBQMqA6YAMA0GCSqGSIb3DQEBCwUAA4IBAQCjuc/XnSe9IddoVlD2VrIs
L9ed3cVIFt3ZosqVDTgi9CpAxtVi/T8tf/XP/1k8hcGCagaD/q7cAm6YExOMIZ+o
2XAAmF3hfx2IaFj46897hhUJUAveifj5U3zuTbBveFcS7XGOsOwFVGh0YmU8iMv9
3L2uvqkL+5T+5YGFYXwz6pXJTdJxpUPnfBUuJhvbBC93XYr7lZ+hM2Nt6oQntiC4
9kyev8mU8iLjYaekRnBR190w39WzP7Cg+A03KbI5fMGQZfmPwzkj6k9cSx8IT39e
rBI6MYJuZDhcmrUG87ayF0UW86mxagve9Usd8BxpXN2yw/spFs1gt/jaaH2S+h81
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:44:07 2025 by rpki-client