Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/R1ydDEIKcFryeVQK1kkIt_w4qwI.roa
File: R1ydDEIKcFryeVQK1kkIt_w4qwI.roa (raw, json)
Hash identifier: hMIrPKd1LDrc7nt7AljniJsBvGvc5gI0IZVyekhg9Fo=
Subject key identifier: 47:5C:9D:0C:42:0A:70:5A:F2:79:54:0A:D6:49:08:B7:FC:38:AB:02
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 1625C006
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/R1ydDEIKcFryeVQK1kkIt_w4qwI.roa
Signing time: Wed 20 Apr 2022 08:20:30 +0000
ROA not before: Wed 20 Apr 2022 08:20:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47223
IP address blocks: 94.240.52.0/22 maxlen: 22
94.240.63.0/24 maxlen: 24
94.240.60.0/22 maxlen: 22
212.7.223.0/24 maxlen: 24
91.106.30.0/23 maxlen: 23
94.240.0.0/19 maxlen: 19
94.240.0.0/18 maxlen: 18
91.106.26.0/23 maxlen: 23
185.139.16.0/22 maxlen: 22
94.240.32.0/21 maxlen: 21
94.240.40.0/24 maxlen: 24
94.240.42.0/24 maxlen: 24
94.240.44.0/22 maxlen: 22
94.240.46.0/24 maxlen: 24
94.240.48.0/22 maxlen: 22
94.240.48.0/24 maxlen: 24
94.240.48.0/21 maxlen: 21
91.106.24.0/23 maxlen: 23
194.152.46.0/23 maxlen: 23
2a01:6e80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 371572742 (0x1625c006)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Apr 20 08:20:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=475c9d0c420a705af279540ad64908b7fc38ab02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:69:1f:53:69:81:e2:ab:1f:ff:8f:14:78:59:
b2:1d:0d:1b:8e:cf:bb:21:26:a4:8d:f7:4a:4b:a4:
a3:53:91:26:ac:60:52:ee:7e:0a:df:fe:db:b5:73:
6f:e9:a4:1f:1f:65:bf:1b:c9:18:0c:2a:45:21:94:
21:61:b6:a7:65:5b:39:98:91:5d:bc:22:2a:7d:4f:
97:c7:7a:4f:37:a7:fe:62:19:a7:02:b7:0c:bc:e2:
38:b0:13:f1:b4:a6:4b:c5:bb:7f:0a:31:2f:e0:86:
e6:76:d3:3d:b0:3b:3e:28:79:5f:4b:5f:1e:b2:63:
c2:38:04:6e:bc:7d:9a:2b:d0:b9:52:09:52:32:a9:
81:50:1b:8c:19:30:6b:6d:da:3c:f0:5a:95:af:85:
0a:c6:8d:4b:00:2e:41:e4:64:61:c2:f3:da:13:93:
bd:7c:10:d6:6d:a3:cf:5d:c9:c2:43:9e:71:f5:e1:
ee:86:de:5d:98:f7:cc:92:2e:4f:ef:e9:8b:10:3b:
72:6f:cb:dc:ae:83:b6:f1:46:f9:f0:8f:d2:c9:ec:
5d:14:b2:d6:e4:3a:7a:37:2f:d4:b9:5b:31:a6:0b:
64:76:2a:5d:fc:d2:9a:f9:45:c3:95:9f:84:af:8a:
20:4b:fd:59:79:6e:27:40:a8:2d:ae:ef:8d:6e:cd:
91:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5C:9D:0C:42:0A:70:5A:F2:79:54:0A:D6:49:08:B7:FC:38:AB:02
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/R1ydDEIKcFryeVQK1kkIt_w4qwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.24.0/22
91.106.30.0/23
94.240.0.0/18
185.139.16.0/22
194.152.46.0/23
212.7.223.0/24
IPv6:
2a01:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
74:14:86:9e:ef:87:b0:d5:a0:77:34:70:7d:c0:ae:ef:69:29:
cf:d9:f8:2f:bf:95:b6:17:d0:66:9f:3a:de:ce:0f:4a:ea:37:
60:f1:2e:fa:54:64:ac:54:e8:c6:1d:b3:ae:dc:7d:35:85:55:
50:1c:a3:ec:9b:93:7c:39:dd:16:32:a4:69:5f:e5:92:3c:74:
23:01:db:61:70:0f:30:af:fe:d5:52:2d:0b:d8:57:93:cd:06:
f2:41:80:9c:d6:28:b5:b1:df:3b:25:b0:24:bf:b9:52:99:bd:
6c:df:88:f1:01:e8:3f:3e:d2:35:6c:1d:1f:73:d5:56:52:38:
79:1e:b9:6e:66:5c:f3:23:dd:eb:01:fa:63:2c:f4:47:bb:b3:
96:fe:93:38:4e:3c:7e:9f:26:32:6d:b7:07:bc:ed:93:42:ae:
1c:85:9e:c5:51:c7:63:26:d6:22:c0:2b:90:0f:6e:29:8e:16:
d8:d8:af:08:94:5c:cc:73:ab:8c:82:74:0a:67:ca:51:85:ae:
dc:bc:b8:af:6c:7d:32:8c:c9:03:ef:8c:1c:f5:60:47:c6:4f:
02:cf:c1:7f:a0:1c:a2:6c:b3:db:96:8b:83:8a:08:6d:81:c6:
41:b6:77:8a:30:53:f1:c1:d3:ae:d7:33:fd:eb:80:01:1d:81:
4f:1c:a8:f2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEFiXABjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTFhMmZkNmY1ZTVhZjg3ZDVjZWEwOTUwNjZmYmNjM2QzZTU0NmE0MB4XDTIyMDQy
MDA4MjAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc1YzlkMGM0MjBh
NzA1YWYyNzk1NDBhZDY0OTA4YjdmYzM4YWIwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlpH1NpgeKrH/+PFHhZsh0NG47PuyEmpI33Skuko1ORJqxg
Uu5+Ct/+27Vzb+mkHx9lvxvJGAwqRSGUIWG2p2VbOZiRXbwiKn1Pl8d6Tzen/mIZ
pwK3DLziOLAT8bSmS8W7fwoxL+CG5nbTPbA7Pih5X0tfHrJjwjgEbrx9mivQuVIJ
UjKpgVAbjBkwa23aPPBala+FCsaNSwAuQeRkYcLz2hOTvXwQ1m2jz13JwkOecfXh
7obeXZj3zJIuT+/pixA7cm/L3K6DtvFG+fCP0snsXRSy1uQ6ejcv1LlbMaYLZHYq
XfzSmvlFw5WfhK+KIEv9WXluJ0CoLa7vjW7NkWMCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRHXJ0MQgpwWvJ5VArWSQi3/DirAjAfBgNVHSMEGDAWgBQ1Gi/W9eWvh9XO
oJUGb7zD0+VGpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Sb3YxdlhscjRmVnpxQ1ZCbS04dzlQbFJxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvY2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8x
L1IxeWRERUlLY0ZyeWVWUUsxa2tJdF93NHF3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
Y2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8xL05Sb3YxdlhscjRm
VnpxQ1ZCbS04dzlQbFJxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAltqGAMEAVtqHgMEBl7wAAMEArmL
EAMEAcKYLgMEANQH3zANBAIAAjAHAwUAKgFugDANBgkqhkiG9w0BAQsFAAOCAQEA
dBSGnu+HsNWgdzRwfcCu72kpz9n4L7+VthfQZp863s4PSuo3YPEu+lRkrFToxh2z
rtx9NYVVUByj7JuTfDndFjKkaV/lkjx0IwHbYXAPMK/+1VItC9hXk80G8kGAnNYo
tbHfOyWwJL+5Upm9bN+I8QHoPz7SNWwdH3PVVlI4eR65bmZc8yPd6wH6Yyz0R7uz
lv6TOE48fp8mMm23B7ztk0KuHIWexVHHYybWIsArkA9uKY4W2NivCJRczHOrjIJ0
CmfKUYWu3Ly4r2x9MozJA++MHPVgR8ZPAs/Bf6Acomyz25aLg4oIbYHGQbZ3ijBT
8cHTrtcz/euAAR2BTxyo8g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:14 2025 by rpki-client