Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/Yw7VKCAzgwSkYH8xCofuaohyZ_Y.roa
File: Yw7VKCAzgwSkYH8xCofuaohyZ_Y.roa (raw, json)
Hash identifier: kYsllCJvNX4S/Tc5/Z2gKKd5NHWtGPXKvi0g3MxN/BQ=
Subject key identifier: 63:0E:D5:28:20:33:83:04:A4:60:7F:31:0A:87:EE:6A:88:72:67:F6
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 381AD707
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/Yw7VKCAzgwSkYH8xCofuaohyZ_Y.roa
Signing time: Thu 20 Jan 2022 10:01:01 +0000
ROA not before: Thu 20 Jan 2022 10:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8455
IP address blocks: 95.142.96.0/20 maxlen: 24
185.223.85.0/24 maxlen: 24
185.223.86.0/23 maxlen: 24
89.255.203.0/24 maxlen: 24
89.255.205.0/24 maxlen: 24
89.255.204.0/24 maxlen: 24
89.255.200.0/21 maxlen: 24
89.255.200.0/24 maxlen: 24
89.255.202.0/24 maxlen: 24
89.255.201.0/24 maxlen: 24
89.255.206.0/24 maxlen: 24
195.43.158.0/24 maxlen: 24
89.255.207.0/24 maxlen: 24
195.137.242.0/24 maxlen: 24
178.237.32.0/20 maxlen: 24
193.202.88.0/23 maxlen: 24
185.234.96.0/22 maxlen: 24
185.242.220.0/22 maxlen: 22
185.27.16.0/22 maxlen: 24
185.27.19.0/24 maxlen: 24
193.202.74.0/23 maxlen: 24
31.22.84.0/24 maxlen: 24
31.22.80.0/21 maxlen: 24
45.148.184.0/22 maxlen: 24
85.222.237.0/24 maxlen: 24
85.222.236.0/24 maxlen: 24
85.222.239.0/24 maxlen: 24
85.222.238.0/24 maxlen: 24
2a00:1188:11::/48 maxlen: 64
2a00:1188:c::/48 maxlen: 64
2a00:1188:a::/48 maxlen: 64
2a00:1188:5::/48 maxlen: 64
2a00:1188::/32 maxlen: 64
2a00:1188:14::/48 maxlen: 64
2a00:1188:12::/48 maxlen: 64
2a00:1188:d::/48 maxlen: 64
2a00:1188:8::/48 maxlen: 64
2a00:1188:b::/48 maxlen: 64
2a00:1188::/29 maxlen: 64
2a00:1188:e::/48 maxlen: 64
2a00:1188:9::/48 maxlen: 64
2a00:1188:7::/48 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941283079 (0x381ad707)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 20 10:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=630ed52820338304a4607f310a87ee6a887267f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:34:06:c6:97:ac:c8:8a:a8:b3:b3:2d:a0:d6:
87:56:16:7c:5b:dc:49:f5:0d:cb:e3:55:d3:51:08:
d1:5a:f8:c6:2f:c8:af:1a:e3:2b:2b:41:9a:3d:b4:
eb:aa:0a:fb:41:12:a2:a0:d0:b0:2f:cf:49:da:7e:
f3:10:3d:eb:1f:0c:c4:4c:21:b4:aa:da:2b:e3:1b:
7c:f3:57:7d:3c:55:94:b2:14:df:07:7e:14:1f:b1:
95:10:64:8e:40:35:ef:b2:22:3d:a1:2b:3f:df:5a:
e1:77:32:04:a9:35:5c:2e:bb:d3:bb:21:0d:a4:62:
b6:ba:af:83:39:d5:1e:6e:a2:7f:2d:b7:ea:e2:ab:
56:ad:43:43:3a:82:ce:cb:2c:80:b1:3b:c7:67:f3:
6a:25:3d:67:dc:44:20:eb:84:39:18:49:0e:39:21:
43:b6:02:d3:74:58:e6:30:6c:dd:9e:60:67:2a:7f:
92:a5:3b:60:4b:f7:5e:47:de:63:12:b3:a6:e4:c9:
c7:ff:72:ee:a7:6d:a6:fa:cf:ef:f3:75:a3:8b:e6:
0b:62:b8:0d:fb:bb:77:24:18:cc:75:cd:16:a2:d7:
75:e3:d2:16:02:f3:79:af:37:d1:61:7f:ec:4d:0b:
e1:6b:2c:8d:ae:c5:41:2b:f8:5a:5c:4b:a4:50:e1:
31:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0E:D5:28:20:33:83:04:A4:60:7F:31:0A:87:EE:6A:88:72:67:F6
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/Yw7VKCAzgwSkYH8xCofuaohyZ_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.80.0/21
45.148.184.0/22
85.222.236.0/22
89.255.200.0/21
95.142.96.0/20
178.237.32.0/20
185.27.16.0/22
185.223.85.0-185.223.87.255
185.234.96.0/22
185.242.220.0/22
193.202.74.0/23
193.202.88.0/23
195.43.158.0/24
195.137.242.0/24
IPv6:
2a00:1188::/29
Signature Algorithm: sha256WithRSAEncryption
12:1d:87:fe:b1:8c:dc:d3:f9:2c:e5:fe:8c:f5:ef:b4:bd:7c:
0d:31:14:6d:72:c4:ff:88:05:93:52:d5:22:f7:39:86:10:59:
61:3f:ac:a9:5c:4b:60:fd:6e:6b:61:a6:4c:24:20:43:cb:8b:
9f:a7:c4:4f:17:3b:45:1b:58:0f:cb:bd:04:0e:00:ec:1a:f1:
83:33:cb:3e:a9:1b:6c:f6:dd:db:19:93:18:2d:b2:fd:f0:85:
89:a8:1e:f6:10:a5:71:2f:93:5c:5b:65:bc:4e:67:14:67:cf:
3b:fd:c3:0b:90:41:ff:46:22:6d:24:da:4c:eb:fd:6f:4a:31:
b2:dd:c3:15:f8:f0:c1:21:00:b3:02:8c:bc:32:0e:a9:f8:4c:
00:1f:1a:7f:44:e3:06:b9:9a:b9:07:20:c8:e1:d9:56:a5:ad:
c9:5d:6d:f6:e4:05:ff:36:bb:e7:cc:33:ea:cb:63:2b:3b:e4:
d8:73:60:96:31:1a:0d:4e:6d:33:fd:25:09:75:29:6d:69:25:
bc:79:d4:00:31:4c:1c:52:ae:f1:e2:98:2f:e1:cd:ac:44:bc:
5a:80:49:aa:ab:85:78:61:03:38:a3:8b:37:e9:37:c3:0c:1a:
95:46:ca:98:9e:f6:ba:da:3b:33:89:d2:f3:20:f9:e1:77:da:
bb:c2:13:7d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIEOBrXBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Yzk2OTQ2YzUwMWRkZjQ4Njk2ZGEyY2YxMTBmZGNlYjI4NmZhYzk4MB4XDTIyMDEy
MDEwMDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjMwZWQ1MjgyMDMz
ODMwNGE0NjA3ZjMxMGE4N2VlNmE4ODcyNjdmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALY0BsaXrMiKqLOzLaDWh1YWfFvcSfUNy+NV01EI0Vr4xi/I
rxrjKytBmj2066oK+0ESoqDQsC/PSdp+8xA96x8MxEwhtKraK+MbfPNXfTxVlLIU
3wd+FB+xlRBkjkA177IiPaErP99a4XcyBKk1XC6707shDaRitrqvgznVHm6ify23
6uKrVq1DQzqCzsssgLE7x2fzaiU9Z9xEIOuEORhJDjkhQ7YC03RY5jBs3Z5gZyp/
kqU7YEv3XkfeYxKzpuTJx/9y7qdtpvrP7/N1o4vmC2K4Dfu7dyQYzHXNFqLXdePS
FgLzea830WF/7E0L4Wssja7FQSv4WlxLpFDhMRcCAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBRjDtUoIDODBKRgfzEKh+5qiHJn9jAfBgNVHSMEGDAWgBQslpRsUB3fSGlt
os8RD9zrKG+smDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xKYVViRkFkMzBocGJhTFBFUV9jNnlodnJKZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMDRmZWY4LWQyZGYtNGY3YS05MmI0LTdmOTcwYTNhZjljZC8x
L1l3N1ZLQ0F6Z3dTa1lIOHhDb2Z1YW9oeVpfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MDRmZWY4LWQyZGYtNGY3YS05MmI0LTdmOTcwYTNhZjljZC8xL0xKYVViRkFkMzBo
cGJhTFBFUV9jNnlodnJKZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDBAMfFlADBAItlLgDBAJV3uwDBANZ
/8gDBARfjmADBASy7SADBAK5GxAwDAMEALnfVQMEA7nfUAMEArnqYAMEArny3AME
AcHKSgMEAcHKWAMEAMMrngMEAMOJ8jANBAIAAjAHAwUDKgARiDANBgkqhkiG9w0B
AQsFAAOCAQEAEh2H/rGM3NP5LOX+jPXvtL18DTEUbXLE/4gFk1LVIvc5hhBZYT+s
qVxLYP1ua2GmTCQgQ8uLn6fETxc7RRtYD8u9BA4A7BrxgzPLPqkbbPbd2xmTGC2y
/fCFiage9hClcS+TXFtlvE5nFGfPO/3DC5BB/0YibSTaTOv9b0oxst3DFfjwwSEA
swKMvDIOqfhMAB8af0TjBrmauQcgyOHZVqWtyV1t9uQF/za758wz6stjKzvk2HNg
ljEaDU5tM/0lCXUpbWklvHnUADFMHFKu8eKYL+HNrES8WoBJqquFeGEDOKOLN+k3
wwwalUbKmJ72uto7M4nS8yD54Xfau8ITfQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:50:44 2025 by rpki-client