Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/1-i_ViTq0UjnuNG22-8DY0OkLEAA.roa
File: 1-i_ViTq0UjnuNG22-8DY0OkLEAA.roa (raw, json)
Hash identifier: QuwLxtisIuFzjYHnr6nRQmNAY9rKncuDyicObpPDKEw=
Subject key identifier: FA:2F:D5:89:3A:B4:52:39:EE:34:6D:B6:FB:C0:D8:D0:E9:0B:10:00
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 15BAFE53
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/1-i_ViTq0UjnuNG22-8DY0OkLEAA.roa
Signing time: Tue 01 Mar 2022 13:50:46 +0000
ROA not before: Tue 01 Mar 2022 13:50:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47223
IP address blocks: 94.240.63.0/24 maxlen: 24
94.240.60.0/22 maxlen: 22
212.7.223.0/24 maxlen: 24
91.106.30.0/23 maxlen: 23
94.240.0.0/18 maxlen: 18
91.106.26.0/23 maxlen: 23
185.139.16.0/22 maxlen: 22
94.240.32.0/21 maxlen: 21
94.240.40.0/24 maxlen: 24
94.240.44.0/22 maxlen: 22
94.240.46.0/24 maxlen: 24
94.240.48.0/24 maxlen: 24
94.240.48.0/21 maxlen: 21
91.106.24.0/23 maxlen: 23
194.152.46.0/23 maxlen: 23
2a01:6e80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 364576339 (0x15bafe53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Mar 1 13:50:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa2fd5893ab45239ee346db6fbc0d8d0e90b1000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:90:81:21:3a:12:7e:38:1b:57:88:6c:fd:7c:
8f:6c:c8:b9:52:82:50:5b:a1:de:d0:b4:30:6b:a1:
3b:b3:e1:e3:b6:38:26:10:0b:cc:19:32:75:53:45:
a5:ea:19:a8:c4:02:26:b8:70:d9:a0:70:42:4b:73:
9b:19:ba:9e:88:77:59:b6:97:ad:54:2d:22:ef:09:
04:d2:26:17:55:05:cc:c9:96:31:6d:be:5d:df:e8:
72:9f:8d:0f:50:bc:28:23:5c:5a:eb:19:ef:e2:99:
ff:d9:87:4b:9f:b4:a8:2c:31:64:8b:6b:bd:52:5c:
bd:60:0e:4e:cd:7a:7e:02:57:59:b6:0e:7f:31:14:
5e:64:03:08:62:da:d7:06:1c:2e:ab:46:40:29:a7:
09:72:3c:fe:66:2d:a6:3a:d0:5a:fb:f7:38:f3:8e:
24:aa:43:57:74:65:e7:d9:eb:2f:cf:6d:29:9b:31:
ac:20:b1:47:37:3d:cb:63:31:dc:d6:67:2b:55:ee:
f0:dd:60:c7:d1:f2:d7:c4:ba:cd:31:a1:79:ba:b3:
ee:3a:04:32:02:2c:16:ad:bb:68:1b:58:97:fc:82:
b4:f2:7b:7e:e1:09:e2:7d:c3:ef:44:6d:04:eb:ca:
f2:2a:69:78:e7:7e:01:9d:ce:29:4a:dd:e4:56:1c:
42:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2F:D5:89:3A:B4:52:39:EE:34:6D:B6:FB:C0:D8:D0:E9:0B:10:00
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/1-i_ViTq0UjnuNG22-8DY0OkLEAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.24.0/22
91.106.30.0/23
94.240.0.0/18
185.139.16.0/22
194.152.46.0/23
212.7.223.0/24
IPv6:
2a01:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
50:3c:b5:e6:84:88:ab:0c:14:f8:d9:17:8c:c5:c6:e0:0c:4f:
32:0f:da:2d:24:bc:1f:83:ed:d6:dd:8b:ec:38:3d:48:ab:9c:
f1:05:56:33:c8:b4:7c:9c:4b:0c:f1:76:6b:f6:f8:f7:5e:72:
69:ab:61:c4:cb:f9:44:80:0b:40:43:97:74:42:b2:56:4c:96:
eb:5b:85:01:39:5a:ea:ea:06:f9:82:98:22:5e:18:ea:27:f9:
d4:b9:85:97:29:ee:00:c7:59:65:7c:2c:e4:ac:b2:20:86:bf:
ee:13:4f:bf:a6:b8:c8:44:bc:77:f6:de:e9:f7:57:97:d5:3b:
59:7a:56:53:cc:ad:ad:c9:5c:85:19:49:7c:58:c8:ac:eb:f3:
d3:f8:e4:c3:ba:94:14:be:7c:b2:37:63:e1:77:01:95:6f:7d:
e9:dd:3c:42:d8:93:e0:87:1a:c9:cf:49:fd:46:dc:ba:90:01:
18:37:b5:02:37:f8:06:16:b4:4a:84:d8:2a:16:b5:16:3e:dd:
80:34:a1:f0:78:93:84:30:7a:a2:81:8e:a3:70:fb:c8:a8:a7:
e0:ea:a2:09:77:be:fc:01:b3:ca:19:71:b5:c4:4a:3b:d7:7b:
55:36:75:b2:9d:e1:54:e6:cb:5d:c3:ea:f4:f5:30:99:a9:0a:
e1:35:d2:b0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEFbr+UzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTFhMmZkNmY1ZTVhZjg3ZDVjZWEwOTUwNjZmYmNjM2QzZTU0NmE0MB4XDTIyMDMw
MTEzNTA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEyZmQ1ODkzYWI0
NTIzOWVlMzQ2ZGI2ZmJjMGQ4ZDBlOTBiMTAwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOiQgSE6En44G1eIbP18j2zIuVKCUFuh3tC0MGuhO7Ph47Y4
JhALzBkydVNFpeoZqMQCJrhw2aBwQktzmxm6noh3WbaXrVQtIu8JBNImF1UFzMmW
MW2+Xd/ocp+ND1C8KCNcWusZ7+KZ/9mHS5+0qCwxZItrvVJcvWAOTs16fgJXWbYO
fzEUXmQDCGLa1wYcLqtGQCmnCXI8/mYtpjrQWvv3OPOOJKpDV3Rl59nrL89tKZsx
rCCxRzc9y2Mx3NZnK1Xu8N1gx9Hy18S6zTGhebqz7joEMgIsFq27aBtYl/yCtPJ7
fuEJ4n3D70RtBOvK8ippeOd+AZ3OKUrd5FYcQkcCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBT6L9WJOrRSOe40bbb7wNjQ6QsQADAfBgNVHSMEGDAWgBQ1Gi/W9eWvh9XO
oJUGb7zD0+VGpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Sb3YxdlhscjRmVnpxQ1ZCbS04dzlQbFJxUS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvY2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8x
LzEtaV9WaVRxMFVqbnVORzIyLThEWTBPa0xFQUEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Ix
L2NkZGRkNS04MTdhLTQxMTMtOGI4Mi0yMzA0OWU0ZDJmMTIvMS9OUm92MXZYbHI0
ZlZ6cUNWQm0tOHc5UGxScVEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
TAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQDBAJbahgDBAFbah4DBAZe8AADBAK5
ixADBAHCmC4DBADUB98wDQQCAAIwBwMFACoBboAwDQYJKoZIhvcNAQELBQADggEB
AFA8teaEiKsMFPjZF4zFxuAMTzIP2i0kvB+D7dbdi+w4PUirnPEFVjPItHycSwzx
dmv2+PdecmmrYcTL+USAC0BDl3RCslZMlutbhQE5WurqBvmCmCJeGOon+dS5hZcp
7gDHWWV8LOSssiCGv+4TT7+muMhEvHf23un3V5fVO1l6VlPMra3JXIUZSXxYyKzr
89P45MO6lBS+fLI3Y+F3AZVvfendPELYk+CHGsnPSf1G3LqQARg3tQI3+AYWtEqE
2CoWtRY+3YA0ofB4k4QweqKBjqNw+8iop+Dqogl3vvwBs8oZcbXESjvXe1U2dbKd
4VTmy13D6vT1MJmpCuE10rA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:46 2025 by rpki-client