Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/BoBnYyvw7ft8aS9WRsf3GYXK5wg.roa
File: BoBnYyvw7ft8aS9WRsf3GYXK5wg.roa (raw, json)
Hash identifier: H3snlkH7w+etkpSj7/c/qRkfN/YQ1LZ2dqBamsKtOXk=
Subject key identifier: 06:80:67:63:2B:F0:ED:FB:7C:69:2F:56:46:C7:F7:19:85:CA:E7:08
Certificate issuer: /CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Certificate serial: 11BC71F4
Authority key identifier: 80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/BoBnYyvw7ft8aS9WRsf3GYXK5wg.roa
Signing time: Sat 01 Jan 2022 07:56:41 +0000
ROA not before: Sat 01 Jan 2022 07:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62179
IP address blocks: 185.110.135.0/24 maxlen: 24
78.31.184.0/24 maxlen: 24
78.31.185.0/24 maxlen: 24
78.31.186.0/24 maxlen: 24
78.31.184.0/21 maxlen: 21
78.31.191.0/24 maxlen: 24
78.31.188.0/24 maxlen: 24
78.31.189.0/24 maxlen: 24
78.31.190.0/24 maxlen: 24
78.31.187.0/24 maxlen: 24
88.135.16.0/24 maxlen: 24
88.135.17.0/24 maxlen: 24
88.135.21.0/24 maxlen: 24
88.135.22.0/24 maxlen: 24
88.135.23.0/24 maxlen: 24
88.135.24.0/24 maxlen: 24
88.135.18.0/24 maxlen: 24
88.135.19.0/24 maxlen: 24
88.135.20.0/24 maxlen: 24
88.135.31.0/24 maxlen: 24
88.135.28.0/24 maxlen: 24
88.135.29.0/24 maxlen: 24
88.135.30.0/24 maxlen: 24
88.135.25.0/24 maxlen: 24
88.135.26.0/24 maxlen: 24
88.135.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297562612 (0x11bc71f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Validity
Not Before: Jan 1 07:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=068067632bf0edfb7c692f5646c7f71985cae708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e0:8a:f4:57:9a:ef:07:6c:f8:64:91:f7:5b:
62:77:61:98:43:21:07:8f:5b:a4:18:5f:9a:5f:27:
06:da:95:5f:ed:cf:1d:f3:8a:93:fa:13:98:7c:d2:
80:b3:0a:17:72:37:03:13:0b:3b:01:e4:a8:82:ee:
ae:70:48:7b:3e:ff:78:a6:35:6c:b1:dd:f1:97:14:
90:ad:73:5b:13:6b:0a:54:c4:89:cd:ac:f8:12:8f:
d6:af:f7:42:60:92:b8:2d:10:7f:7f:18:56:1e:a2:
e9:05:6d:69:a5:8e:53:6a:34:43:8e:b2:4e:a9:c8:
9a:17:94:40:42:94:f2:a9:b5:df:ec:00:16:7e:15:
e1:54:75:34:55:eb:4c:68:12:ef:3a:b2:d6:a3:d6:
5a:f0:59:4f:9c:a1:e2:ff:be:9b:3f:d2:94:9a:1a:
21:f2:03:49:52:6c:3f:31:ee:5d:0d:af:04:47:6a:
7e:2c:5d:34:74:a7:34:5a:f6:c4:59:59:b8:ee:6d:
50:82:bf:57:88:dd:f2:52:e7:87:1d:01:7c:57:c6:
ee:00:fd:55:68:ef:76:a5:fd:5c:40:f7:db:11:ad:
62:4b:18:df:49:26:36:b9:6a:5f:80:3f:ab:0c:30:
a4:83:f6:0e:65:cc:c8:58:ae:62:03:62:90:6f:39:
25:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:80:67:63:2B:F0:ED:FB:7C:69:2F:56:46:C7:F7:19:85:CA:E7:08
X509v3 Authority Key Identifier:
keyid:80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/BoBnYyvw7ft8aS9WRsf3GYXK5wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/gL0AgpU21HdF9H2p0ainL23UYtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.184.0/21
88.135.16.0/20
185.110.135.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:e2:ed:ba:db:ba:70:38:bb:03:ca:35:8d:76:e4:b2:3d:64:
1c:18:26:25:eb:32:c6:ff:f0:66:3c:66:01:86:87:66:c5:a1:
4d:1e:2d:f0:21:90:fe:5c:17:39:65:0c:25:6d:da:63:98:ee:
4b:a5:a6:92:7c:01:3b:36:a0:a5:67:75:d9:70:e6:04:1e:4f:
21:99:bb:6b:04:c5:87:96:81:8c:40:43:85:05:3c:c9:79:a8:
d4:03:b0:7c:ab:a0:98:14:16:5e:06:ae:2e:a0:e1:d6:22:ec:
51:19:53:a2:ef:2e:6c:d6:d2:3b:65:d8:f5:e6:b7:bd:64:24:
a7:f6:75:fb:29:91:ac:a2:57:ab:3b:7f:4f:a7:93:5d:a7:ca:
f0:65:53:02:2b:8b:25:97:4e:d3:4c:74:03:ea:8d:e0:73:4c:
3c:fc:40:3e:66:ef:c0:11:cd:42:ce:3f:f5:e1:8c:de:a1:99:
cc:ed:cf:ef:a7:40:e3:df:79:08:f2:77:2d:77:61:3e:39:dc:
90:b2:43:83:bb:2e:75:91:a4:60:95:3f:2a:ae:43:3f:ed:19:
c6:a0:9d:bd:43:4c:79:94:7a:2d:05:55:e0:fd:c5:8f:5d:9c:
bd:b3:4a:4b:0d:4c:88:83:1d:f9:29:ff:91:fc:d1:e8:97:53:
31:f6:86:65
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEbxx9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGJkMDA4Mjk1MzZkNDc3NDVmNDdkYTlkMWE4YTcyZjZkZDQ2MmQ0MB4XDTIyMDEw
MTA3NTY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY4MDY3NjMyYmYw
ZWRmYjdjNjkyZjU2NDZjN2Y3MTk4NWNhZTcwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO7givRXmu8HbPhkkfdbYndhmEMhB49bpBhfml8nBtqVX+3P
HfOKk/oTmHzSgLMKF3I3AxMLOwHkqILurnBIez7/eKY1bLHd8ZcUkK1zWxNrClTE
ic2s+BKP1q/3QmCSuC0Qf38YVh6i6QVtaaWOU2o0Q46yTqnImheUQEKU8qm13+wA
Fn4V4VR1NFXrTGgS7zqy1qPWWvBZT5yh4v++mz/SlJoaIfIDSVJsPzHuXQ2vBEdq
fixdNHSnNFr2xFlZuO5tUIK/V4jd8lLnhx0BfFfG7gD9VWjvdqX9XED32xGtYksY
30kmNrlqX4A/qwwwpIP2DmXMyFiuYgNikG85JfMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQGgGdjK/Dt+3xpL1ZGx/cZhcrnCDAfBgNVHSMEGDAWgBSAvQCClTbUd0X0
fanRqKcvbdRi1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dMMEFncFUyMUhkRjlIMnAwYWluTDIzVVl0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvNjRlMTlmLWZlNTQtNDJjZC04OTIzLTA5Yjk5MjBmZTAwZi8x
L0JvQm5ZeXZ3N2Z0OGFTOVdSc2YzR1lYSzV3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
NjRlMTlmLWZlNTQtNDJjZC04OTIzLTA5Yjk5MjBmZTAwZi8xL2dMMEFncFUyMUhk
RjlIMnAwYWluTDIzVVl0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA04fuAMEBFiHEAMEALluhzANBgkq
hkiG9w0BAQsFAAOCAQEAseLtutu6cDi7A8o1jXbksj1kHBgmJesyxv/wZjxmAYaH
ZsWhTR4t8CGQ/lwXOWUMJW3aY5juS6WmknwBOzagpWd12XDmBB5PIZm7awTFh5aB
jEBDhQU8yXmo1AOwfKugmBQWXgauLqDh1iLsURlTou8ubNbSO2XY9ea3vWQkp/Z1
+ymRrKJXqzt/T6eTXafK8GVTAiuLJZdO00x0A+qN4HNMPPxAPmbvwBHNQs4/9eGM
3qGZzO3P76dA4995CPJ3LXdhPjnckLJDg7sudZGkYJU/Kq5DP+0ZxqCdvUNMeZR6
LQVV4P3Fj12cvbNKSw1MiIMd+Sn/kfzR6JdTMfaGZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 08:07:17 2025 by rpki-client