Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/SAKnFFFDWQH1JOebt2MMzuFMd2E.roa
File: SAKnFFFDWQH1JOebt2MMzuFMd2E.roa (raw, json)
Hash identifier: 8B7gEwTnAftRfhEqmtVXPzA0OfJ1X664h64Keldomyk=
Subject key identifier: 48:02:A7:14:51:43:59:01:F5:24:E7:9B:B7:63:0C:CE:E1:4C:77:61
Certificate issuer: /CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Certificate serial: 111357C3
Authority key identifier: 07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/SAKnFFFDWQH1JOebt2MMzuFMd2E.roa
Signing time: Sat 01 Jan 2022 16:02:49 +0000
ROA not before: Sat 01 Jan 2022 16:02:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208425
IP address blocks: 185.114.23.0/24 maxlen: 24
185.114.21.0/24 maxlen: 24
185.114.22.0/24 maxlen: 24
185.114.20.0/24 maxlen: 24
185.114.20.0/22 maxlen: 22
194.61.119.0/24 maxlen: 24
185.146.91.0/24 maxlen: 24
185.1.132.0/24 maxlen: 24
185.146.89.0/24 maxlen: 24
185.146.90.0/24 maxlen: 24
185.146.88.0/24 maxlen: 24
185.50.70.0/24 maxlen: 24
185.50.71.0/24 maxlen: 24
185.50.68.0/24 maxlen: 24
185.50.69.0/24 maxlen: 24
185.169.55.0/24 maxlen: 24
185.169.53.0/24 maxlen: 24
185.169.54.0/24 maxlen: 24
185.169.52.0/24 maxlen: 24
194.61.117.0/24 maxlen: 24
194.61.118.0/24 maxlen: 24
194.61.116.0/24 maxlen: 24
2a0a:3900::/29 maxlen: 29
2a01:a420::/29 maxlen: 29
2001:7f8:ec::/48 maxlen: 48
2a0f:d500::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286480323 (0x111357c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Validity
Not Before: Jan 1 16:02:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4802a71451435901f524e79bb7630ccee14c7761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7f:91:5c:db:df:7d:8b:f7:de:c0:f5:35:8f:
40:0c:fe:8b:5c:c8:fb:17:db:8e:6f:35:34:9c:ad:
c8:1d:21:95:9b:d1:7d:e6:5a:18:54:5c:f7:a0:68:
6d:9c:8e:61:c4:b5:8b:0a:05:d1:2d:27:ef:94:24:
36:83:21:be:9f:9c:83:38:58:1d:7a:0e:ab:0f:71:
b1:2b:4f:ec:be:72:66:a3:aa:85:0b:4f:48:b1:59:
bf:df:b7:da:36:c5:80:cd:cd:6f:a4:9e:f1:bc:85:
9a:ff:c7:7a:ad:09:0a:02:d1:d2:d1:93:39:35:bd:
b3:a1:67:0d:98:65:8f:2b:40:79:c6:98:62:4d:be:
11:a5:36:a3:e0:7a:91:f2:b0:77:93:17:fe:78:29:
f9:3f:26:1c:5f:19:61:64:4b:53:50:a2:80:f4:db:
2b:6e:db:91:10:b0:bb:9d:9f:63:9f:58:0f:78:d6:
6e:38:ea:25:ef:db:b1:5a:66:ba:db:dc:20:54:ed:
11:15:42:48:71:0e:0e:d5:8a:6f:7f:9d:8b:88:1a:
ab:f1:1d:f1:ca:4a:78:93:24:13:32:74:52:85:f2:
e3:17:58:8b:53:52:14:31:e5:f2:38:db:9a:b1:1f:
3c:ad:37:48:6f:ee:42:9b:24:31:7c:87:3c:6f:16:
43:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:02:A7:14:51:43:59:01:F5:24:E7:9B:B7:63:0C:CE:E1:4C:77:61
X509v3 Authority Key Identifier:
keyid:07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/SAKnFFFDWQH1JOebt2MMzuFMd2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.132.0/24
185.50.68.0/22
185.114.20.0/22
185.146.88.0/22
185.169.52.0/22
194.61.116.0/22
IPv6:
2001:7f8:ec::/48
2a01:a420::/29
2a0a:3900::/29
2a0f:d500::/29
Signature Algorithm: sha256WithRSAEncryption
33:d5:74:05:f2:b6:d7:55:3a:9a:1e:4c:fb:54:c9:e6:bc:7b:
91:14:45:a3:45:6d:d7:fa:06:f3:ec:c4:60:0a:52:26:66:9b:
1c:5d:1d:46:9a:ae:da:9b:88:7e:3a:c5:1f:5e:e7:20:b7:7f:
0b:71:7c:52:c6:8a:e2:e2:0d:2a:4d:cc:4f:8f:3e:b6:89:9e:
82:7d:5f:b2:5b:d1:51:cd:ae:1d:e7:d8:93:45:12:3a:87:a1:
ec:af:8e:32:cc:9b:a9:4d:fe:13:6a:be:31:08:79:8b:33:7d:
3c:33:33:51:ce:c9:19:90:4a:e7:35:b2:41:ec:67:1d:e0:9b:
24:62:fa:24:d2:1d:99:15:2c:b5:01:4e:cb:6f:99:47:7d:75:
e3:42:ac:52:ff:fc:f1:12:87:15:4d:41:1a:86:13:7a:0b:e9:
fa:65:ff:82:57:5e:44:32:cf:6f:bc:90:05:7c:66:4d:56:d7:
28:33:b9:3b:e4:1d:90:80:7e:cd:65:29:bc:81:cd:86:64:5c:
c5:6a:68:af:80:95:9f:29:7f:92:61:ec:0d:b7:3e:4b:55:1f:
84:8d:7a:56:92:e1:65:51:51:eb:0a:1e:3b:64:2b:71:b0:b4:
3e:17:92:da:1d:78:bd:9a:ef:f5:d6:93:3d:cc:9e:86:5e:ac:
24:7e:0c:34
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEERNXwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Nzg2MjlmNWY2MWZiMjU1NjQyODRmYmZlZmZiOTNjM2VkNDRiZmUyMB4XDTIyMDEw
MTE2MDI0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDgwMmE3MTQ1MTQz
NTkwMWY1MjRlNzliYjc2MzBjY2VlMTRjNzc2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN/kVzb332L997A9TWPQAz+i1zI+xfbjm81NJytyB0hlZvR
feZaGFRc96BobZyOYcS1iwoF0S0n75QkNoMhvp+cgzhYHXoOqw9xsStP7L5yZqOq
hQtPSLFZv9+32jbFgM3Nb6Se8byFmv/Heq0JCgLR0tGTOTW9s6FnDZhljytAecaY
Yk2+EaU2o+B6kfKwd5MX/ngp+T8mHF8ZYWRLU1CigPTbK27bkRCwu52fY59YD3jW
bjjqJe/bsVpmutvcIFTtERVCSHEODtWKb3+di4gaq/Ed8cpKeJMkEzJ0UoXy4xdY
i1NSFDHl8jjbmrEfPK03SG/uQpskMXyHPG8WQ3ECAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBRIAqcUUUNZAfUk55u3YwzO4Ux3YTAfBgNVHSMEGDAWgBQHhin19h+yVWQo
T7/v+5PD7US/4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I0WXA5Zllmc2xWa0tFLV83X3VUdy0xRXYtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMDYxOGU0LTdhNjQtNDYwYy1hYWY5LTYzYWYyYzRmNDAyMC8x
L1NBS25GRkZEV1FIMUpPZWJ0Mk1NenVGTWQyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MDYxOGU0LTdhNjQtNDYwYy1hYWY5LTYzYWYyYzRmNDAyMC8xL0I0WXA5Zllmc2xW
a0tFLV83X3VUdy0xRXYtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwKgQCAAEwJAMEALkBhAMEArkyRAMEArlyFAMEArmS
WAMEArmpNAMEAsI9dDAkBAIAAjAeAwcAIAEH+ADsAwUDKgGkIAMFAyoKOQADBQMq
D9UAMA0GCSqGSIb3DQEBCwUAA4IBAQAz1XQF8rbXVTqaHkz7VMnmvHuRFEWjRW3X
+gbz7MRgClImZpscXR1Gmq7am4h+OsUfXucgt38LcXxSxori4g0qTcxPjz62iZ6C
fV+yW9FRza4d59iTRRI6h6Hsr44yzJupTf4Tar4xCHmLM308MzNRzskZkErnNbJB
7Gcd4JskYvok0h2ZFSy1AU7Lb5lHfXXjQqxS//zxEocVTUEahhN6C+n6Zf+CV15E
Ms9vvJAFfGZNVtcoM7k75B2QgH7NZSm8gc2GZFzFamivgJWfKX+SYewNtz5LVR+E
jXpWkuFlUVHrCh47ZCtxsLQ+F5LaHXi9mu/11pM9zJ6GXqwkfgw0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:14 2025 by rpki-client