Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/oc7UFt4U4QtxRmPyhV00_4f_m_w.roa
File: oc7UFt4U4QtxRmPyhV00_4f_m_w.roa (raw, json)
Hash identifier: 5Z5dWuC0dgcmfyUXsPTjVtsTb7dq3Ojd7uEmJW1p5FE=
Subject key identifier: A1:CE:D4:16:DE:14:E1:0B:71:46:63:F2:85:5D:34:FF:87:FF:9B:FC
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018DEFF99731E0018BE15BAD98BCBD470549
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/oc7UFt4U4QtxRmPyhV00_4f_m_w.roa
Signing time: Wed 28 Feb 2024 13:48:48 +0000
ROA not before: Wed 28 Feb 2024 13:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8374
IP address blocks: 5.172.224.0/19 maxlen: 19
31.0.0.0/15 maxlen: 15
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
37.152.16.0/20 maxlen: 20
37.209.128.0/19 maxlen: 19
37.247.128.0/17 maxlen: 17
37.247.241.0/28 maxlen: 28
37.248.0.0/15 maxlen: 15
46.76.0.0/15 maxlen: 15
78.30.64.0/18 maxlen: 18
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
92.60.128.0/20 maxlen: 20
93.154.128.0/17 maxlen: 17
151.248.32.0/20 maxlen: 20
185.4.212.0/22 maxlen: 22
188.125.32.0/19 maxlen: 19
193.41.112.0/23 maxlen: 23
212.2.96.0/19 maxlen: 19
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:f9:97:31:e0:01:8b:e1:5b:ad:98:bc:bd:47:05:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Feb 28 13:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1ced416de14e10b714663f2855d34ff87ff9bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a9:a8:6c:10:74:90:8a:85:01:57:97:79:92:
94:fd:22:0c:5d:ef:56:dd:89:52:71:ae:d8:d1:1e:
a7:63:a8:18:29:1b:d1:0c:8c:ef:e9:68:9f:0a:3d:
e9:1e:f9:c3:38:1a:03:d1:30:b4:f4:e1:f9:6a:ab:
a6:07:cf:c7:3c:1d:80:51:a5:66:64:1b:22:6b:10:
30:e3:1e:aa:13:1c:d6:61:f3:eb:fd:9c:06:45:55:
7a:5a:9c:c0:ee:62:80:49:e4:a5:63:bf:5c:5f:ef:
2a:f5:16:e1:38:d0:99:4a:dd:64:a9:e5:94:e8:4e:
d0:74:c1:6f:9b:c8:e1:3c:70:76:25:79:62:19:f2:
45:79:5c:ac:9d:af:11:d5:53:c2:51:d5:62:60:79:
a2:81:b0:5d:17:8b:48:ef:93:e1:bc:6e:01:8a:ba:
cf:2b:ce:e3:79:73:2d:3d:7b:2f:a4:25:e4:67:7c:
c6:5b:72:5f:90:89:03:28:13:45:c9:07:bf:1b:3e:
2b:d7:f7:43:de:0c:7a:ef:5e:99:b6:be:c0:c8:c9:
ae:ae:d9:84:af:1d:dc:10:b2:65:6d:7e:98:76:1b:
e7:3d:fd:96:76:2b:e6:4c:f0:ad:ff:51:81:93:b0:
4e:64:eb:b5:d7:2e:00:50:7e:e0:d4:2f:ac:66:3c:
e4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CE:D4:16:DE:14:E1:0B:71:46:63:F2:85:5D:34:FF:87:FF:9B:FC
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/oc7UFt4U4QtxRmPyhV00_4f_m_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.224.0/19
31.0.0.0/15
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.249.255.255
46.76.0.0/15
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
8c:26:7e:70:6c:94:b4:5f:5a:25:18:aa:f4:02:c2:39:f3:da:
1a:2f:07:e2:2a:3f:0c:43:09:2b:0e:c6:e1:da:5b:2a:6a:2b:
50:f1:c4:ae:73:a2:ae:cf:d2:ef:9f:14:d3:6b:04:b7:21:ac:
a4:ce:91:b6:dd:f4:1c:2e:86:dc:f7:0c:f4:ca:cc:ed:34:43:
49:89:ff:1d:9c:e9:3f:d6:b9:f3:bb:aa:0c:e8:08:2f:2a:d2:
0e:f3:32:97:f9:e2:6e:e0:6f:bc:60:ff:a1:4a:6c:f8:fe:5a:
43:c9:3e:8a:d2:66:d3:7e:c9:e2:c8:39:20:12:25:23:ca:64:
21:e9:dd:fa:a4:91:99:40:52:1e:f5:23:0b:88:ba:81:32:e6:
4c:7f:20:17:77:82:80:7d:8e:a4:00:fb:c6:ea:0b:ef:bd:4f:
73:b4:8b:e3:cc:35:f4:35:e5:d4:2b:dd:92:7d:c5:3f:06:1e:
82:d1:22:85:98:4a:cc:5e:d0:94:80:ad:56:07:98:5a:ae:5f:
d4:ea:87:b3:a6:98:e0:15:4b:4d:50:97:5b:f7:f6:63:5b:5d:
45:0d:72:2a:78:07:d7:4a:19:6b:67:1a:64:e3:0f:76:78:7d:
32:65:64:03:15:ee:95:f0:6c:fd:53:34:d5:29:b4:95:66:7b:
0a:9d:f1:be
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY3v+Zcx4AGL4VutmLy9RwVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwMjI4MTM0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWNlZDQxNmRlMTRlMTBiNzE0NjYzZjI4NTVkMzRmZjg3ZmY5YmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKmobBB0kIqFAVeXeZKU/SIMXe9W
3YlSca7Y0R6nY6gYKRvRDIzv6WifCj3pHvnDOBoD0TC09OH5aqumB8/HPB2AUaVm
ZBsiaxAw4x6qExzWYfPr/ZwGRVV6WpzA7mKASeSlY79cX+8q9RbhONCZSt1kqeWU
6E7QdMFvm8jhPHB2JXliGfJFeVysna8R1VPCUdViYHmigbBdF4tI75PhvG4BirrP
K87jeXMtPXsvpCXkZ3zGW3JfkIkDKBNFyQe/Gz4r1/dD3gx6716Ztr7AyMmurtmE
rx3cELJlbX6YdhvnPf2WdivmTPCt/1GBk7BOZOu11y4AUH7g1C+sZjzkvQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFKHO1BbeFOELcUZj8oVdNP+H/5v8MB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvb2M3VUZ0NFU0UXR4Um1QeWhWMDBfNGZfbV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwAwQFBazg
AwMBHwADBAQlYtADAwAlbQMEBCWYEAMEBSXRgDALAwQHJfeAAwMBJfgDAwEuTAME
Bk4eQAMEBFQnoAMEBVf74AMEBFw8gAMEB12agAMEBJf4IAMEArkE1AMEBbx9IAME
AcEpcAMEBdQCYDAUBAIAAjAOAwUEKgEC4AMFACoBu4AwDQYJKoZIhvcNAQELBQAD
ggEBAIwmfnBslLRfWiUYqvQCwjnz2hovB+IqPwxDCSsOxuHaWypqK1DxxK5zoq7P
0u+fFNNrBLchrKTOkbbd9Bwuhtz3DPTKzO00Q0mJ/x2c6T/WufO7qgzoCC8q0g7z
Mpf54m7gb7xg/6FKbPj+WkPJPorSZtN+yeLIOSASJSPKZCHp3fqkkZlAUh71IwuI
uoEy5kx/IBd3goB9jqQA+8bqC++9T3O0i+PMNfQ15dQr3ZJ9xT8GHoLRIoWYSsxe
0JSArVYHmFquX9Tqh7OmmOAVS01Ql1v39mNbXUUNcip4B9dKGWtnGmTjD3Z4fTJl
ZAMV7pXwbP1TNNUptJVmewqd8b4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:53 2025 by rpki-client