Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/mF_PGDyO-BfO2_5whIPQ8uPu6x4.roa
File: mF_PGDyO-BfO2_5whIPQ8uPu6x4.roa (raw, json)
Hash identifier: Nx2RsKSKd3yQ5tB9DvHsEw+Q5XB+ANz1mNHNOIJ03T4=
Subject key identifier: 98:5F:CF:18:3C:8E:F8:17:CE:DB:FE:70:84:83:D0:F2:E3:EE:EB:1E
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 01894016505FDDE1E05B5866F52E76103DDE
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/mF_PGDyO-BfO2_5whIPQ8uPu6x4.roa
Signing time: Mon 10 Jul 2023 13:55:51 +0000
ROA not before: Mon 10 Jul 2023 13:55:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 78.137.128.0/18 maxlen: 18
93.92.8.0/21 maxlen: 21
92.51.192.0/18 maxlen: 18
84.203.0.0/16 maxlen: 16
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
83.147.128.0/18 maxlen: 18
212.126.32.0/19 maxlen: 19
46.183.104.0/23 maxlen: 23
212.126.60.0/22 maxlen: 22
185.233.176.0/22 maxlen: 22
94.247.48.0/21 maxlen: 21
92.51.208.0/20 maxlen: 20
185.182.72.0/22 maxlen: 22
185.242.236.0/23 maxlen: 23
89.234.64.0/18 maxlen: 18
176.52.216.0/22 maxlen: 22
176.52.220.0/23 maxlen: 23
80.93.16.0/20 maxlen: 20
185.205.228.0/22 maxlen: 22
217.78.0.0/20 maxlen: 20
37.46.16.0/21 maxlen: 21
2a0a:e780::/29 maxlen: 30
2001:1bb8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a00:15b8::/32 maxlen: 32
2a02:220::/32 maxlen: 32
2a01:258::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:16:50:5f:dd:e1:e0:5b:58:66:f5:2e:76:10:3d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jul 10 13:55:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=985fcf183c8ef817cedbfe708483d0f2e3eeeb1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:17:1b:f6:67:ab:03:e0:4f:b4:c0:49:65:ba:
98:56:7f:bd:01:42:7e:51:c0:23:5f:76:dc:ff:16:
f1:9e:e2:0c:11:be:21:d2:e6:76:8f:1f:d1:5b:dd:
99:49:46:37:c5:1b:aa:d5:30:d9:7a:5a:72:49:2e:
5c:46:74:45:e5:7e:65:f7:f4:5e:a0:54:1a:33:82:
17:82:59:8c:86:48:f8:33:ff:64:e5:20:36:b6:f9:
67:ec:6f:f1:b2:a6:1e:f8:d2:0f:b1:bd:ad:34:27:
37:5d:f2:06:08:09:34:ee:83:cc:cc:55:7f:7f:32:
fc:b5:44:a8:74:ef:f2:34:e8:73:db:87:70:ac:e3:
50:66:b9:b6:49:4b:e8:5f:97:bc:2f:9f:83:ac:02:
1e:f0:70:88:ad:f2:e2:20:71:9e:7e:4d:d9:ab:17:
b6:26:74:c7:0b:1d:94:c0:3a:66:06:07:3d:b4:48:
46:a9:ef:f9:70:b7:e8:b1:65:c7:55:5c:73:67:82:
26:05:5f:20:9a:2d:63:88:b6:57:3a:fc:ec:05:95:
c0:5b:3d:7d:0d:b1:d9:15:a5:01:fe:fb:d5:f9:95:
9c:b2:ac:2d:39:a0:38:23:dd:51:4c:9b:96:76:0f:
23:29:20:64:4c:11:10:66:4f:73:69:b6:30:97:d5:
79:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5F:CF:18:3C:8E:F8:17:CE:DB:FE:70:84:83:D0:F2:E3:EE:EB:1E
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/mF_PGDyO-BfO2_5whIPQ8uPu6x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
46.183.104.0/23
78.137.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.234.64.0/18
92.51.192.0/18
93.92.8.0/21
94.247.48.0/21
176.52.216.0-176.52.221.255
185.53.32.0/24
185.53.35.0/24
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2001:1bb8::/32
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
2a0a:e780::/29
Signature Algorithm: sha256WithRSAEncryption
65:2e:ae:ab:48:8a:28:0d:ab:5e:07:1a:38:97:e1:7b:ff:40:
35:7f:05:83:b7:bd:e0:db:87:41:38:9e:fb:d8:c6:df:a3:94:
f5:8e:44:07:5b:ad:a3:cd:a6:95:7b:ea:37:57:5a:ff:52:3f:
f1:8b:97:0b:fa:39:88:12:d2:eb:5d:0f:bd:51:54:bc:19:0e:
cb:31:3a:b3:5d:1d:d8:b2:d5:2f:c1:82:c2:42:c3:83:cb:5a:
5e:e3:7b:dd:e6:79:0a:a4:51:9f:7a:88:b3:45:6f:77:16:ca:
01:24:88:d2:f3:28:fe:8f:7d:92:6c:a7:55:14:dc:d4:13:3c:
16:6d:5b:aa:68:2b:fd:d2:01:7b:16:c5:62:e0:3f:74:a3:25:
53:99:68:74:61:b7:d6:7d:04:e9:b1:b6:1d:8e:13:b0:d9:fd:
cd:4d:af:e4:48:10:8f:61:1d:20:cc:24:7b:83:11:b5:6e:51:
f9:f3:11:2c:ae:0a:e3:91:5d:b1:31:b7:f9:5d:71:5f:aa:c6:
e0:ad:63:33:3c:3c:28:7e:ac:2f:c3:7f:05:12:29:40:6a:52:
6e:ab:8b:fa:d6:dc:f8:ac:ed:1f:5f:63:e8:f2:8b:f7:3f:ac:
8d:7c:d8:9c:8e:7c:84:45:78:50:ab:64:2c:06:ed:7e:8b:1e:
44:3b:2c:90
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYlAFlBf3eHgW1hm9S52ED3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwNzEwMTM1NTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVmY2YxODNjOGVmODE3Y2VkYmZlNzA4NDgzZDBmMmUzZWVlYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcb9merA+BPtMBJZbqYVn+9AUJ+
UcAjX3bc/xbxnuIMEb4h0uZ2jx/RW92ZSUY3xRuq1TDZelpySS5cRnRF5X5l9/Re
oFQaM4IXglmMhkj4M/9k5SA2tvln7G/xsqYe+NIPsb2tNCc3XfIGCAk07oPMzFV/
fzL8tUSodO/yNOhz24dwrONQZrm2SUvoX5e8L5+DrAIe8HCIrfLiIHGefk3Zqxe2
JnTHCx2UwDpmBgc9tEhGqe/5cLfosWXHVVxzZ4ImBV8gmi1jiLZXOvzsBZXAWz19
DbHZFaUB/vvV+ZWcsqwtOaA4I91RTJuWdg8jKSBkTBEQZk9zabYwl9V5pQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFJhfzxg8jvgXztv+cISD0PLj7useMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvbUZfUEdEeU8tQmZPMl81d2hJUFE4dVB1Nng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszB/BAIAATB5AwQDJS4Q
AwQBLrdoAwQGTomAAwQEUF0QAwQGU5OAAwMAVMsDBAZZ6kADBAZcM8ADBANdXAgD
BANe9zAwDAMEA7A02AMEAbA03AMEALk1IAMEALk1IwMEArm2SAMEArnN5AMEArnp
sAMEAbny7AMEBdR+IAMEBNlOADAwBAIAAjAqAwUAIAEbuAMFACoAFbgDBQAqAQJY
AwUAKgGKoAMFACoCAiADBQMqCueAMA0GCSqGSIb3DQEBCwUAA4IBAQBlLq6rSIoo
DateBxo4l+F7/0A1fwWDt73g24dBOJ772Mbfo5T1jkQHW62jzaaVe+o3V1r/Uj/x
i5cL+jmIEtLrXQ+9UVS8GQ7LMTqzXR3YstUvwYLCQsODy1pe43vd5nkKpFGfeoiz
RW93FsoBJIjS8yj+j32SbKdVFNzUEzwWbVuqaCv90gF7FsVi4D90oyVTmWh0YbfW
fQTpsbYdjhOw2f3NTa/kSBCPYR0gzCR7gxG1blH58xEsrgrjkV2xMbf5XXFfqsbg
rWMzPDwofqwvw38FEilAalJuq4v61tz4rO0fX2Po8ov3P6yNfNicjnyERXhQq2Qs
Bu1+ix5EOyyQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:11:41 2025 by rpki-client