Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/q188GNtP_suj3jZG0nK_f1mnJlU.roa
File: q188GNtP_suj3jZG0nK_f1mnJlU.roa (raw, json)
Hash identifier: 3BFg6KLej9+uVIUAGkmlE/3YkYw29kRrbZ1l93YZUYc=
Subject key identifier: AB:5F:3C:18:DB:4F:FE:CB:A3:DE:36:46:D2:72:BF:7F:59:A7:26:55
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 01856F0B7C1413C435FC9ED998AB53969720
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/q188GNtP_suj3jZG0nK_f1mnJlU.roa
Signing time: Sun 01 Jan 2023 20:35:01 +0000
ROA not before: Sun 01 Jan 2023 20:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213371
IP address blocks: 37.49.229.0/24 maxlen: 24
185.209.15.0/24 maxlen: 24
37.49.230.0/24 maxlen: 24
37.49.228.0/24 maxlen: 24
77.247.109.0/24 maxlen: 24
185.53.88.0/24 maxlen: 24
185.53.89.0/24 maxlen: 24
45.143.222.0/24 maxlen: 24
37.49.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:7c:14:13:c4:35:fc:9e:d9:98:ab:53:96:97:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Jan 1 20:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab5f3c18db4ffecba3de3646d272bf7f59a72655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:89:86:c8:6f:4b:be:d7:48:e0:24:11:98:df:
cd:f0:b7:ed:2b:de:0b:5e:82:d9:ee:ab:64:73:6f:
b7:5d:57:0e:fb:64:29:7a:3b:2a:fa:81:54:41:7d:
6f:b8:46:28:c2:f2:bb:2d:7a:4f:9b:ce:0d:48:4d:
e6:2a:c9:17:f9:40:27:3f:e2:7e:df:cc:8c:89:79:
56:bf:8a:c4:e9:0f:f4:eb:c5:2f:74:d5:29:da:e9:
8b:b6:a6:f3:6f:44:b8:9d:0f:49:54:63:29:aa:81:
12:40:70:41:be:b7:a4:fd:eb:46:99:c3:39:5f:2a:
f3:27:83:f4:8f:93:c6:fa:b6:cf:e8:e4:ea:1e:e0:
9a:d1:85:26:f1:b4:b0:63:e1:97:02:ed:1c:10:b3:
5d:61:dc:3d:39:88:1e:34:2d:c6:0d:8c:91:1c:d1:
bf:e1:60:bc:87:80:b1:33:27:da:c1:01:4a:6c:05:
d1:22:db:c6:e9:f7:76:25:06:db:ba:a4:19:b0:fa:
de:84:30:a1:ea:28:aa:d3:14:19:95:f4:9d:ba:66:
a1:d0:40:89:a5:41:53:f8:1c:80:b7:f9:60:fd:4f:
6e:69:3e:ad:cc:5f:ca:a2:3c:b9:44:86:47:05:1f:
e2:6d:e2:e5:44:20:f1:93:4d:87:b7:4d:39:63:6d:
59:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5F:3C:18:DB:4F:FE:CB:A3:DE:36:46:D2:72:BF:7F:59:A7:26:55
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/q188GNtP_suj3jZG0nK_f1mnJlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.224.0/24
37.49.228.0-37.49.230.255
45.143.222.0/24
77.247.109.0/24
185.53.88.0/23
185.209.15.0/24
Signature Algorithm: sha256WithRSAEncryption
52:9b:13:cc:6b:ba:7b:35:fc:28:07:09:69:0d:c4:f6:a7:5f:
75:b5:bd:fe:b6:66:ad:59:04:6c:4b:f0:fd:ad:8c:6a:37:02:
f6:ed:5a:d4:9b:54:d7:cb:dd:52:92:58:8a:ee:83:38:c5:36:
2a:a3:19:7b:bd:d7:59:4a:c3:49:a9:3a:8f:c8:7c:74:98:4f:
0d:44:73:7a:bd:6f:e1:45:ab:86:70:14:37:d8:15:11:21:54:
74:fe:6d:31:f3:ff:65:34:45:75:3a:9a:3a:c5:ae:86:57:44:
b7:31:20:2a:3e:56:b7:8b:16:5b:06:96:bf:0c:74:10:ec:bc:
35:2e:e7:31:29:43:fb:07:b3:27:f1:87:53:48:8d:a4:52:2c:
d5:53:13:de:c5:fa:cb:63:fe:e2:d2:87:a8:61:24:b4:73:68:
4b:2b:48:2b:dd:a9:d1:9e:7c:95:f7:51:9d:5d:a5:79:4a:28:
73:88:a1:79:41:ad:85:b0:74:c7:a3:de:5e:af:37:d7:e6:cc:
6d:0f:f6:10:0a:4d:28:9d:f3:48:28:cb:b0:47:27:bf:1c:c1:
01:95:57:1c:52:6f:89:1f:f7:53:c9:79:f2:b4:7d:19:fa:de:
57:69:42:c9:5e:2f:4e:59:56:a6:8b:7c:e1:72:9c:09:dd:6b:
6c:5d:60:01
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvC3wUE8Q1/J7ZmKtTlpcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjMwMTAxMjAzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVmM2MxOGRiNGZmZWNiYTNkZTM2NDZkMjcyYmY3ZjU5YTcyNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1omGyG9LvtdI4CQRmN/N8LftK94L
XoLZ7qtkc2+3XVcO+2Qpejsq+oFUQX1vuEYowvK7LXpPm84NSE3mKskX+UAnP+J+
38yMiXlWv4rE6Q/068UvdNUp2umLtqbzb0S4nQ9JVGMpqoESQHBBvrek/etGmcM5
XyrzJ4P0j5PG+rbP6OTqHuCa0YUm8bSwY+GXAu0cELNdYdw9OYgeNC3GDYyRHNG/
4WC8h4CxMyfawQFKbAXRItvG6fd2JQbbuqQZsPrehDCh6iiq0xQZlfSdumah0ECJ
pUFT+ByAt/lg/U9uaT6tzF/Kojy5RIZHBR/ibeLlRCDxk02Ht005Y21ZRwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKtfPBjbT/7Lo942RtJyv39ZpyZVMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvcTE4OEdOdFBfc3VqM2paRzBuS19mMW1uSmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAJTHgMAwD
BAIlMeQDBAAlMeYDBAAtj94DBABN920DBAG5NVgDBAC50Q8wDQYJKoZIhvcNAQEL
BQADggEBAFKbE8xruns1/CgHCWkNxPanX3W1vf62Zq1ZBGxL8P2tjGo3AvbtWtSb
VNfL3VKSWIrugzjFNiqjGXu911lKw0mpOo/IfHSYTw1Ec3q9b+FFq4ZwFDfYFREh
VHT+bTHz/2U0RXU6mjrFroZXRLcxICo+VreLFlsGlr8MdBDsvDUu5zEpQ/sHsyfx
h1NIjaRSLNVTE97F+stj/uLSh6hhJLRzaEsrSCvdqdGefJX3UZ1dpXlKKHOIoXlB
rYWwdMej3l6vN9fmzG0P9hAKTSid80goy7BHJ78cwQGVVxxSb4kf91PJefK0fRn6
3ldpQsleL05ZVqaLfOFynAnda2xdYAE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:47:25 2025 by rpki-client