Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0yN_uzLkizs354ZbQPHUWOqpOsk.roa
File: 0yN_uzLkizs354ZbQPHUWOqpOsk.roa (raw, json)
Hash identifier: iyqWjrcy0XZ1ridmYcaEPc08bNdnSIAYhbvvqDivnMQ=
Subject key identifier: D3:23:7F:BB:32:E4:8B:3B:37:E7:86:5B:40:F1:D4:58:EA:A9:3A:C9
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B589D9B82A92CF733E0723916EC21D
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0yN_uzLkizs354ZbQPHUWOqpOsk.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202492
IP address blocks: 83.147.195.0/24 maxlen: 24
83.147.196.0/22 maxlen: 22
83.147.200.0/22 maxlen: 22
83.147.204.0/22 maxlen: 22
83.147.208.0/24 maxlen: 24
83.147.209.0/24 maxlen: 24
83.147.210.0/24 maxlen: 24
83.147.211.0/24 maxlen: 24
83.147.218.0/23 maxlen: 23
83.147.220.0/23 maxlen: 23
83.147.224.0/22 maxlen: 22
83.147.228.0/22 maxlen: 22
83.147.236.0/22 maxlen: 22
94.241.144.0/21 maxlen: 21
94.241.188.0/22 maxlen: 22
178.253.0.0/21 maxlen: 21
178.253.14.0/23 maxlen: 23
178.253.17.0/24 maxlen: 24
178.253.18.0/23 maxlen: 23
178.253.20.0/23 maxlen: 23
178.253.24.0/23 maxlen: 23
178.253.28.0/23 maxlen: 24
178.253.30.0/24 maxlen: 24
178.253.34.0/23 maxlen: 23
178.253.36.0/23 maxlen: 23
178.253.46.0/23 maxlen: 23
178.253.54.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:89:d9:b8:2a:92:cf:73:3e:07:23:91:6e:c2:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3237fbb32e48b3b37e7865b40f1d458eaa93ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:de:f1:b8:76:07:66:ec:83:5e:0d:dc:2b:e8:
31:6f:bf:d7:71:f5:30:7b:4d:5d:c8:2f:64:f2:4e:
03:7a:c1:98:da:21:7f:a8:44:4d:aa:9f:7d:bf:7a:
08:e6:91:bc:3a:6a:fa:64:83:91:bb:70:66:42:45:
2a:a1:44:fa:31:dc:a3:9b:13:fd:76:34:25:81:fc:
ae:a3:cd:53:f9:4a:cc:ea:24:c7:08:06:05:58:56:
34:03:73:cd:31:9f:b8:86:7e:e8:9e:8a:0c:bd:04:
82:25:d1:19:ca:48:de:05:00:70:22:4b:55:ba:99:
4c:0c:8c:00:06:54:d4:53:0d:3e:9a:b3:d3:a9:05:
ed:f1:c5:23:59:4d:03:ad:68:1d:69:74:1f:3a:0d:
fc:fa:b4:6e:27:d8:c0:2a:64:3d:02:0f:02:3e:d0:
99:c4:63:5e:37:3c:2a:e0:54:f0:d8:70:bf:23:35:
58:38:a1:2c:aa:10:87:b0:d7:6b:79:df:ed:3b:b9:
d4:18:db:8e:b3:63:60:49:d3:bd:09:f3:8a:c2:37:
41:ac:c4:3d:73:ce:5c:10:c8:dc:03:0c:a8:57:44:
97:32:ec:2f:db:d4:ff:95:6d:e5:4e:65:21:28:29:
22:cc:1c:f9:6a:3c:91:04:e9:58:df:80:27:f1:f6:
13:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:23:7F:BB:32:E4:8B:3B:37:E7:86:5B:40:F1:D4:58:EA:A9:3A:C9
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0yN_uzLkizs354ZbQPHUWOqpOsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.195.0-83.147.211.255
83.147.218.0-83.147.221.255
83.147.224.0/21
83.147.236.0/22
94.241.144.0/21
94.241.188.0/22
178.253.0.0/21
178.253.14.0/23
178.253.17.0-178.253.21.255
178.253.24.0/23
178.253.28.0-178.253.30.255
178.253.34.0-178.253.37.255
178.253.46.0/23
178.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:28:58:92:d8:ad:d8:d3:2d:bd:de:4f:64:56:21:ba:c8:01:
03:ed:0d:f1:14:50:dc:7b:5f:52:4a:ae:33:de:7e:cb:c1:0d:
68:b3:de:4c:36:93:6f:8d:36:89:03:0c:bc:50:83:ad:56:43:
c9:41:8b:90:4e:15:75:5e:e5:94:6f:aa:2e:75:f6:1a:38:1c:
65:e1:ae:8a:6d:58:6a:b2:ec:6f:c2:3f:7a:6c:50:24:55:32:
5c:9d:59:bf:a9:b7:a9:41:39:0a:ec:79:88:eb:48:4d:a0:7f:
1c:24:ed:c1:4f:4f:ae:bd:0f:54:e9:c6:c4:a2:46:43:84:a3:
c6:02:0f:99:57:62:0a:0d:80:34:2c:ef:7d:dc:d4:e8:67:50:
5e:d0:9d:86:fc:10:01:01:af:9a:f7:f0:dc:1b:fa:0f:99:a5:
3f:e1:f4:d7:ca:b9:e1:16:38:6e:64:6d:10:50:e7:cc:72:3a:
a1:26:bf:08:11:c2:7b:75:8e:26:e9:5e:b6:5d:14:08:38:b9:
5e:55:64:30:39:1d:58:38:5c:b7:15:fc:7c:da:be:6c:00:d2:
7b:61:12:59:5e:5b:7a:40:e2:8a:a0:95:19:fc:84:5b:53:34:
84:9a:7a:c8:c1:0c:f7:3b:7c:a2:38:c7:3f:14:45:db:34:49:
3c:00:bc:9b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZQntYnZuCqSz3M+ByORbsIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzIzN2ZiYjMyZTQ4YjNiMzdlNzg2NWI0MGYxZDQ1OGVhYTkzYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs97xuHYHZuyDXg3cK+gxb7/XcfUw
e01dyC9k8k4DesGY2iF/qERNqp99v3oI5pG8Omr6ZIORu3BmQkUqoUT6MdyjmxP9
djQlgfyuo81T+UrM6iTHCAYFWFY0A3PNMZ+4hn7onooMvQSCJdEZykjeBQBwIktV
uplMDIwABlTUUw0+mrPTqQXt8cUjWU0DrWgdaXQfOg38+rRuJ9jAKmQ9Ag8CPtCZ
xGNeNzwq4FTw2HC/IzVYOKEsqhCHsNdred/tO7nUGNuOs2NgSdO9CfOKwjdBrMQ9
c85cEMjcAwyoV0SXMuwv29T/lW3lTmUhKCkizBz5ajyRBOlY34An8fYTjwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFNMjf7sy5Is7N+eGW0Dx1FjqqTrJMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMHlOX3V6TGtpenMzNTRaYlFQSFVXT3FwT3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfDAMAwQA
U5PDAwQCU5PQMAwDBAFTk9oDBAFTk9wDBANTk+ADBAJTk+wDBANe8ZADBAJe8bwD
BAOy/QADBAGy/Q4wDAMEALL9EQMEAbL9FAMEAbL9GDAMAwQCsv0cAwQAsv0eMAwD
BAGy/SIDBAGy/SQDBAGy/S4DBACy/TYwDQYJKoZIhvcNAQELBQADggEBACwoWJLY
rdjTLb3eT2RWIbrIAQPtDfEUUNx7X1JKrjPefsvBDWiz3kw2k2+NNokDDLxQg61W
Q8lBi5BOFXVe5ZRvqi519ho4HGXhroptWGqy7G/CP3psUCRVMlydWb+pt6lBOQrs
eYjrSE2gfxwk7cFPT669D1TpxsSiRkOEo8YCD5lXYgoNgDQs733c1OhnUF7QnYb8
EAEBr5r38Nwb+g+ZpT/h9NfKueEWOG5kbRBQ58xyOqEmvwgRwnt1jibpXrZdFAg4
uV5VZDA5HVg4XLcV/HzavmwA0nthElleW3pA4oqglRn8hFtTNISaesjBDPc7fKI4
xz8URds0STwAvJs=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:52:20 2025 by rpki-client