Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/HDwg2Jqw6YppwiYV0b1sxveKxwQ.roa
File: HDwg2Jqw6YppwiYV0b1sxveKxwQ.roa (raw, json)
Hash identifier: anTGVlwMJhKHt2GfUKKgcfA2dOiVqjK8nj6z8E7gsro=
Subject key identifier: 1C:3C:20:D8:9A:B0:E9:8A:69:C2:26:15:D1:BD:6C:C6:F7:8A:C7:04
Certificate issuer: /CN=1ab634dc74f6037ba47311d127420e76f296be54
Certificate serial: 018CC2DAB7D5437F9F0B73E0449130E7DCBE
Authority key identifier: 1A:B6:34:DC:74:F6:03:7B:A4:73:11:D1:27:42:0E:76:F2:96:BE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/HDwg2Jqw6YppwiYV0b1sxveKxwQ.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31042
IP address blocks: 185.18.12.0/22 maxlen: 22
185.13.8.0/22 maxlen: 22
5.22.190.0/24 maxlen: 24
94.189.128.0/17 maxlen: 18
95.180.0.0/17 maxlen: 17
178.148.0.0/15 maxlen: 16
82.117.192.0/19 maxlen: 24
217.26.208.0/21 maxlen: 24
82.117.195.0/24 maxlen: 24
188.246.32.0/19 maxlen: 19
87.116.128.0/19 maxlen: 19
24.135.0.0/16 maxlen: 17
87.116.128.0/18 maxlen: 24
87.116.140.0/24 maxlen: 24
188.2.0.0/16 maxlen: 17
87.116.141.0/24 maxlen: 24
176.109.136.0/21 maxlen: 21
94.127.0.0/21 maxlen: 24
46.17.144.0/21 maxlen: 21
5.22.160.0/19 maxlen: 24
87.116.160.0/19 maxlen: 19
89.216.0.0/16 maxlen: 24
213.244.208.0/20 maxlen: 24
2a00:1dd8::/29 maxlen: 29
2a03:87c0::/29 maxlen: 29
2a00:1dd8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b7:d5:43:7f:9f:0b:73:e0:44:91:30:e7:dc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab634dc74f6037ba47311d127420e76f296be54
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c3c20d89ab0e98a69c22615d1bd6cc6f78ac704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2e:eb:fb:25:3d:a9:2a:f2:9a:ef:d9:6b:f6:
51:26:00:37:b3:1a:1f:43:8e:00:b5:5f:6d:cf:42:
d8:5d:96:00:77:00:44:5f:b6:cb:28:68:4d:d7:2a:
25:ea:5c:de:ed:8d:a3:ce:90:e1:d4:fd:27:1a:b6:
d5:5c:ab:ed:ac:fc:6b:b6:9b:52:d2:ce:63:f4:fc:
6b:dd:01:81:ba:24:9a:ba:4c:3f:73:a5:64:2c:4b:
7e:ff:a2:80:b4:da:3d:69:76:f8:ea:11:32:84:77:
d1:b8:3e:5f:4d:bb:11:80:49:36:b5:4d:13:73:21:
48:fc:b7:1d:f7:e6:13:6f:c1:63:c9:77:f0:52:43:
08:da:ca:e9:10:31:64:b9:76:b8:9b:6a:b0:65:3c:
15:74:44:99:71:21:ae:05:23:f2:ba:db:77:6b:55:
72:27:e9:6f:d3:4a:af:4d:68:5e:24:b3:ba:df:ea:
37:89:1e:09:fa:2f:bd:9d:3f:d9:b3:f4:51:4a:1c:
29:39:2b:ac:3b:6a:27:ea:4b:6b:83:9b:c1:cd:8e:
b1:f7:10:d0:3e:9b:8d:7f:81:e0:eb:b7:4b:ec:8f:
35:03:40:71:36:f9:63:0f:59:f8:68:33:84:4a:ee:
fe:b0:f5:91:24:bd:54:ab:f9:14:79:0a:b4:4a:5e:
4a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3C:20:D8:9A:B0:E9:8A:69:C2:26:15:D1:BD:6C:C6:F7:8A:C7:04
X509v3 Authority Key Identifier:
keyid:1A:B6:34:DC:74:F6:03:7B:A4:73:11:D1:27:42:0E:76:F2:96:BE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/HDwg2Jqw6YppwiYV0b1sxveKxwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.160.0/19
24.135.0.0/16
46.17.144.0/21
82.117.192.0/19
87.116.128.0/18
89.216.0.0/16
94.127.0.0/21
94.189.128.0/17
95.180.0.0/17
176.109.136.0/21
178.148.0.0/15
185.13.8.0/22
185.18.12.0/22
188.2.0.0/16
188.246.32.0/19
213.244.208.0/20
217.26.208.0/21
IPv6:
2a00:1dd8::/29
2a03:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:ae:06:8a:9a:5b:7b:05:50:fd:b7:fa:30:9e:42:6f:9c:ff:
cd:b9:08:32:39:15:c3:69:7d:63:23:13:e6:71:90:e0:47:77:
d5:b8:5b:67:bf:aa:3c:80:a7:88:3a:2d:2c:91:8e:b8:70:3c:
8e:e0:71:e5:e3:eb:d3:5c:dd:d4:40:88:0c:b7:0b:44:d6:df:
f2:4d:24:99:5d:ec:ba:64:2f:36:76:47:7c:2e:29:13:f6:3e:
1a:7c:78:6e:6c:df:5c:da:56:2e:cd:87:d1:ad:6f:97:e2:af:
39:c6:4f:7b:90:5b:d0:5c:a5:55:4b:37:f3:33:e4:69:f1:8b:
bd:71:4c:f0:e7:8f:51:32:bb:d1:02:2c:52:7d:ff:0c:db:90:
f7:11:43:07:25:93:e5:51:1a:66:e4:7b:ff:36:fe:27:a7:33:
bc:e4:83:4d:68:96:55:f1:3f:8c:88:6b:53:d4:aa:b8:c4:8e:
9b:87:ac:fe:6e:54:23:95:ba:24:8e:66:3c:a3:97:77:77:2a:
1a:b1:22:de:8f:96:e7:15:88:63:f2:5b:1d:36:df:0f:34:61:
ac:8f:92:de:44:2b:e4:95:01:36:37:b5:ed:5a:c2:e6:85:c6:
87:3b:94:33:1b:85:6f:2a:f9:37:c2:23:3a:42:73:e2:77:b5:
47:5a:73:73
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzC2rfVQ3+fC3PgRJEw59y+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjYzNGRjNzRmNjAzN2JhNDczMTFkMTI3NDIwZTc2ZjI5
NmJlNTQwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzNjMjBkODlhYjBlOThhNjljMjI2MTVkMWJkNmNjNmY3OGFjNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy7r+yU9qSrymu/Za/ZRJgA3sxof
Q44AtV9tz0LYXZYAdwBEX7bLKGhN1yol6lze7Y2jzpDh1P0nGrbVXKvtrPxrtptS
0s5j9Pxr3QGBuiSaukw/c6VkLEt+/6KAtNo9aXb46hEyhHfRuD5fTbsRgEk2tU0T
cyFI/Lcd9+YTb8FjyXfwUkMI2srpEDFkuXa4m2qwZTwVdESZcSGuBSPyutt3a1Vy
J+lv00qvTWheJLO63+o3iR4J+i+9nT/Zs/RRShwpOSusO2on6ktrg5vBzY6x9xDQ
PpuNf4Hg67dL7I81A0BxNvljD1n4aDOESu7+sPWRJL1Uq/kUeQq0Sl5KYQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFBw8INiasOmKacImFdG9bMb3iscEMB8GA1UdIwQY
MBaAFBq2NNx09gN7pHMR0SdCDnbylr5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JZMDNIVDJBM3VrY3hIUkowSU9kdktXdmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83YTI2ZTYtZjdhZS00ZGYwLTllY2It
ZDg3OWY3ZTcwOWQ2LzEvSER3ZzJKcXc2WXBwd2lZVjBiMXN4dmVLeHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83YTI2ZTYtZjdhZS00ZGYwLTllY2ItZDg3OWY3ZTcwOWQ2
LzEvR3JZMDNIVDJBM3VrY3hIUkowSU9kdktXdmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiAwQFBRag
AwMAGIcDBAMuEZADBAVSdcADBAZXdIADAwBZ2AMEA15/AAMEB169gAMEB1+0AAME
A7BtiAMDAbKUAwQCuQ0IAwQCuRIMAwMAvAIDBAW89iADBATV9NADBAPZGtAwFAQC
AAIwDgMFAyoAHdgDBQMqA4fAMA0GCSqGSIb3DQEBCwUAA4IBAQAKrgaKmlt7BVD9
t/ownkJvnP/NuQgyORXDaX1jIxPmcZDgR3fVuFtnv6o8gKeIOi0skY64cDyO4HHl
4+vTXN3UQIgMtwtE1t/yTSSZXey6ZC82dkd8LikT9j4afHhubN9c2lYuzYfRrW+X
4q85xk97kFvQXKVVSzfzM+Rp8Yu9cUzw549RMrvRAixSff8M25D3EUMHJZPlURpm
5Hv/Nv4npzO85INNaJZV8T+MiGtT1Kq4xI6bh6z+blQjlbokjmY8o5d3dyoasSLe
j5bnFYhj8lsdNt8PNGGsj5LeRCvklQE2N7XtWsLmhcaHO5QzG4VvKvk3wiM6QnPi
d7VHWnNz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:22 2025 by rpki-client