Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Lp8xr0mCMqQaJs4YZlSDuc8Ag0Q.roa
File: Lp8xr0mCMqQaJs4YZlSDuc8Ag0Q.roa (raw, json)
Hash identifier: SY/XSipgQdAsclKCmaJ4Z36hQfAuVFNGO46LcnOUt5w=
Subject key identifier: 2E:9F:31:AF:49:82:32:A4:1A:26:CE:18:66:54:83:B9:CF:00:83:44
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 145D1EE0
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Lp8xr0mCMqQaJs4YZlSDuc8Ag0Q.roa
Signing time: Sun 08 May 2022 07:04:14 +0000
ROA not before: Sun 08 May 2022 07:04:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.216.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
185.181.60.0/22 maxlen: 24
185.125.168.0/22 maxlen: 24
2a03:94e3::/32 maxlen: 32
2a03:94e1::/32 maxlen: 32
2a0a:cd80::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 341647072 (0x145d1ee0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: May 8 07:04:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e9f31af498232a41a26ce18665483b9cf008344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:63:e1:4a:1a:14:da:db:eb:52:84:f3:4b:da:
65:7d:98:6b:bb:76:c0:29:f6:fa:d7:48:63:c8:70:
83:d8:48:90:75:79:1e:7f:60:7b:c3:58:78:a8:52:
d8:4c:39:12:28:77:eb:6d:c7:5b:2e:e9:ff:88:44:
5a:d0:2d:2a:42:ea:26:01:41:c5:4b:a5:4e:a1:32:
5a:30:8a:5f:34:c3:e2:3b:bb:64:db:5e:98:91:ec:
44:67:5f:e7:c5:8b:5a:8b:c4:f9:09:8f:bc:d5:e4:
3c:5f:67:84:e0:6a:77:7f:12:94:9d:22:19:71:66:
9c:c3:99:17:32:9b:ad:af:a7:7c:f8:09:46:74:51:
2b:82:d1:a3:f7:fe:54:92:17:ce:11:2a:ba:a3:44:
48:6f:fc:29:81:d4:2e:88:38:9c:a4:f4:0c:49:f3:
b5:c4:38:15:18:90:95:db:15:58:d0:04:04:0e:dd:
30:7b:ce:9c:51:d8:e1:72:27:b1:ee:9c:11:8b:f0:
5e:bc:7e:84:d8:cb:61:c2:d5:e8:29:19:22:52:72:
0d:93:fa:b9:6f:c9:3c:09:2f:d8:e1:1c:38:5d:df:
8c:8f:f4:5f:be:72:16:fa:8d:a5:22:c1:f7:d2:c2:
23:c1:77:31:ff:c4:33:98:4a:16:36:6a:f5:26:6b:
07:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9F:31:AF:49:82:32:A4:1A:26:CE:18:66:54:83:B9:CF:00:83:44
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Lp8xr0mCMqQaJs4YZlSDuc8Ag0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
IPv6:
2a03:94e0::/30
2a0a:cd80::/32
Signature Algorithm: sha256WithRSAEncryption
0d:5d:fa:9f:9e:94:8a:27:31:44:ee:41:21:3b:fd:30:b1:69:
34:9c:1b:bd:dd:7c:17:69:64:87:54:df:6e:ec:df:e1:fb:a0:
7c:0e:ec:d1:9f:c7:44:a6:a2:e2:56:70:66:26:6e:11:f3:21:
fa:77:62:41:73:f4:65:ad:a2:78:ae:41:26:e8:05:2e:d9:0b:
73:10:63:a4:92:5d:7c:43:5b:cc:f8:3b:69:4f:36:24:32:3e:
06:c6:de:5c:67:2a:6e:a7:f3:1b:bf:0d:0e:ef:0f:76:72:1a:
e1:01:6e:f8:9a:1f:e4:f9:1e:b9:1b:91:c8:a4:9c:16:df:02:
cb:7d:fc:8a:42:38:8e:a8:12:fb:fc:7c:95:dc:47:e7:3d:4a:
2f:9d:20:18:71:54:1e:c2:e1:cf:d0:57:2a:75:e1:bb:5f:25:
de:c4:a3:4d:3d:f7:0a:a7:b8:03:65:7e:79:5f:0d:47:b9:70:
bb:9b:ca:4a:71:02:4a:df:0b:32:3b:f5:27:15:91:f2:c9:58:
3e:d2:a6:5a:1b:8f:5f:8b:59:8f:ea:d1:ff:92:04:f2:25:57:
2e:45:75:63:25:d0:d7:c7:14:e0:e9:4a:d9:2a:fb:e3:9c:a9:
74:43:5d:cf:bf:d5:5f:08:8f:94:60:cb:00:d3:44:2d:f6:08:
9f:d0:bc:de
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEFF0e4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2EyMjllMjY2YjI1NTg4OTlmMzU0N2VlNjNkODRlZDY1OTQ3NjhiMB4XDTIyMDUw
ODA3MDQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU5ZjMxYWY0OTgy
MzJhNDFhMjZjZTE4NjY1NDgzYjljZjAwODM0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhj4UoaFNrb61KE80vaZX2Ya7t2wCn2+tdIY8hwg9hIkHV5
Hn9ge8NYeKhS2Ew5Eih3623HWy7p/4hEWtAtKkLqJgFBxUulTqEyWjCKXzTD4ju7
ZNtemJHsRGdf58WLWovE+QmPvNXkPF9nhOBqd38SlJ0iGXFmnMOZFzKbra+nfPgJ
RnRRK4LRo/f+VJIXzhEquqNESG/8KYHULog4nKT0DEnztcQ4FRiQldsVWNAEBA7d
MHvOnFHY4XInse6cEYvwXrx+hNjLYcLV6CkZIlJyDZP6uW/JPAkv2OEcOF3fjI/0
X75yFvqNpSLB99LCI8F3Mf/EM5hKFjZq9SZrBy8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQunzGvSYIypBomzhhmVIO5zwCDRDAfBgNVHSMEGDAWgBSToiniZrJViJnz
VH7mPYTtZZR2izAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2s2SXA0bWF5VllpWjgxUi01ajJFN1dXVWRvcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzQwNzNhLTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8x
L0xwOHhyMG1DTXFRYUpzNFlabFNEdWM4QWcwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YzQwNzNhLTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8xL2s2SXA0bWF5Vllp
WjgxUi01ajJFN1dXVWRvcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJgQCAAEwIAMEAC1YyAMEArl9qAMEArm1PDAMAwQD
ufPYAwQAufPaMBQEAgACMA4DBQIqA5TgAwUAKgrNgDANBgkqhkiG9w0BAQsFAAOC
AQEADV36n56UiicxRO5BITv9MLFpNJwbvd18F2lkh1Tfbuzf4fugfA7s0Z/HRKai
4lZwZiZuEfMh+ndiQXP0Za2ieK5BJugFLtkLcxBjpJJdfENbzPg7aU82JDI+Bsbe
XGcqbqfzG78NDu8PdnIa4QFu+Jof5PkeuRuRyKScFt8Cy338ikI4jqgS+/x8ldxH
5z1KL50gGHFUHsLhz9BXKnXhu18l3sSjTT33Cqe4A2V+eV8NR7lwu5vKSnECSt8L
Mjv1JxWR8slYPtKmWhuPX4tZj+rR/5IE8iVXLkV1YyXQ18cU4OlK2Sr745ypdENd
z7/VXwiPlGDLANNELfYIn9C83g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:32 2025 by rpki-client