Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/eKYPgHibOBXw5UUmgOnaGDQ3Riw.roa
File: eKYPgHibOBXw5UUmgOnaGDQ3Riw.roa (raw, json)
Hash identifier: /iKrGm0BEfjdI2zLiZB8zgs67abRs13P91/kNQxb4m0=
Subject key identifier: 78:A6:0F:80:78:9B:38:15:F0:E5:45:26:80:E9:DA:18:34:37:46:2C
Certificate issuer: /CN=1ab634dc74f6037ba47311d127420e76f296be54
Certificate serial: 0185704BB0BF73ABE6B91133976D325C0E97
Authority key identifier: 1A:B6:34:DC:74:F6:03:7B:A4:73:11:D1:27:42:0E:76:F2:96:BE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/eKYPgHibOBXw5UUmgOnaGDQ3Riw.roa
Signing time: Mon 02 Jan 2023 02:24:46 +0000
ROA not before: Mon 02 Jan 2023 02:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31042
IP address blocks: 185.18.12.0/22 maxlen: 22
185.13.8.0/22 maxlen: 22
5.22.190.0/24 maxlen: 24
94.189.128.0/17 maxlen: 18
95.180.0.0/17 maxlen: 17
178.148.0.0/15 maxlen: 16
82.117.192.0/19 maxlen: 24
217.26.208.0/21 maxlen: 24
82.117.195.0/24 maxlen: 24
188.246.32.0/19 maxlen: 19
87.116.128.0/19 maxlen: 19
24.135.0.0/16 maxlen: 17
87.116.128.0/18 maxlen: 24
87.116.140.0/24 maxlen: 24
188.2.0.0/16 maxlen: 17
87.116.141.0/24 maxlen: 24
176.109.136.0/21 maxlen: 21
94.127.0.0/21 maxlen: 24
46.17.144.0/21 maxlen: 21
5.22.160.0/19 maxlen: 24
87.116.160.0/19 maxlen: 19
89.216.0.0/16 maxlen: 24
213.244.208.0/20 maxlen: 24
2a00:1dd8::/29 maxlen: 29
2a03:87c0::/29 maxlen: 29
2a00:1dd8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:b0:bf:73:ab:e6:b9:11:33:97:6d:32:5c:0e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab634dc74f6037ba47311d127420e76f296be54
Validity
Not Before: Jan 2 02:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78a60f80789b3815f0e5452680e9da183437462c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:93:de:d9:9e:7d:4e:5e:4d:89:56:91:ef:f1:
cd:00:cb:9c:fe:fd:1d:2d:a6:a0:a9:25:7d:ab:58:
5b:26:c8:8f:54:5e:65:08:83:9c:6a:c9:20:5f:ab:
78:10:f4:ea:f2:1a:f8:28:05:14:6e:5e:66:ef:7c:
77:47:4d:e2:18:2b:c0:71:94:62:ea:c6:b0:85:69:
0d:eb:83:91:f5:30:0b:02:32:37:9d:73:18:ff:0d:
db:e7:9c:b3:d4:53:a4:cf:14:13:26:6b:64:50:52:
99:42:58:37:12:1b:6d:47:ac:b8:af:af:11:b5:db:
4b:a7:bc:f4:55:ef:8f:f6:91:9b:7d:58:a2:13:54:
fe:f9:f7:97:c6:7c:8b:71:04:98:98:cc:36:be:69:
2d:3c:2e:3e:44:35:52:74:0d:85:a3:93:b7:45:93:
2e:ca:05:1d:38:95:f6:85:c3:a7:b3:03:61:22:60:
e4:72:fa:1c:d0:ee:c1:ed:1f:5b:dc:75:e1:5a:d4:
d6:e5:c3:17:a4:a6:ce:c3:7c:31:38:2e:25:82:ae:
b3:e0:6c:65:80:99:7d:2d:15:bd:d3:53:7c:22:09:
8c:a5:02:eb:89:c2:75:78:71:e3:f4:dc:45:81:e7:
74:50:7d:fd:6b:ac:51:d2:04:c4:dd:ab:fd:35:d1:
85:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A6:0F:80:78:9B:38:15:F0:E5:45:26:80:E9:DA:18:34:37:46:2C
X509v3 Authority Key Identifier:
keyid:1A:B6:34:DC:74:F6:03:7B:A4:73:11:D1:27:42:0E:76:F2:96:BE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/eKYPgHibOBXw5UUmgOnaGDQ3Riw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.160.0/19
24.135.0.0/16
46.17.144.0/21
82.117.192.0/19
87.116.128.0/18
89.216.0.0/16
94.127.0.0/21
94.189.128.0/17
95.180.0.0/17
176.109.136.0/21
178.148.0.0/15
185.13.8.0/22
185.18.12.0/22
188.2.0.0/16
188.246.32.0/19
213.244.208.0/20
217.26.208.0/21
IPv6:
2a00:1dd8::/29
2a03:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:91:7c:b6:26:9d:67:85:8d:e1:b5:2e:f6:fa:c4:a6:de:3e:
53:11:aa:ef:78:06:91:48:f0:63:b5:ef:d4:9f:d5:89:4b:81:
61:09:af:57:30:bc:e5:51:74:93:d8:36:b7:7a:9b:c9:3f:dc:
e9:73:d7:14:27:51:bd:0c:29:d4:9a:f3:d0:9e:6c:90:69:20:
50:26:ce:ea:81:2c:d5:26:ca:7e:b3:73:3c:e5:78:bc:f6:38:
5d:1d:f1:59:a1:ff:26:c4:38:7a:ff:03:94:72:32:7c:e8:51:
de:8e:f4:a2:e6:ae:3b:1f:9d:a0:62:92:4c:bd:9d:0f:73:56:
13:8b:c6:fd:17:52:e1:16:31:a6:06:fe:81:14:89:02:ac:bc:
e1:05:93:0f:ca:e4:45:20:a2:5a:76:20:f8:78:c6:cc:13:0f:
a3:08:ce:73:df:bd:54:21:e1:1d:f0:11:09:25:9f:bd:76:28:
ee:99:6e:a6:9f:00:5b:11:5e:fa:4e:7b:ed:27:d7:69:bf:b7:
fe:eb:21:c9:43:44:69:6f:88:70:67:4c:d7:b1:5c:40:88:bd:
46:39:9a:02:53:24:04:79:1a:fb:f7:51:37:0e:98:4b:72:a2:
85:eb:29:dc:ce:e2:8a:cf:78:1c:ac:59:55:72:a4:d9:84:ec:
ef:d9:c3:59
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYVwS7C/c6vmuREzl20yXA6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjYzNGRjNzRmNjAzN2JhNDczMTFkMTI3NDIwZTc2ZjI5
NmJlNTQwHhcNMjMwMTAyMDIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE2MGY4MDc4OWIzODE1ZjBlNTQ1MjY4MGU5ZGExODM0Mzc0NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJPe2Z59Tl5NiVaR7/HNAMuc/v0d
LaagqSV9q1hbJsiPVF5lCIOcaskgX6t4EPTq8hr4KAUUbl5m73x3R03iGCvAcZRi
6sawhWkN64OR9TALAjI3nXMY/w3b55yz1FOkzxQTJmtkUFKZQlg3EhttR6y4r68R
tdtLp7z0Ve+P9pGbfViiE1T++feXxnyLcQSYmMw2vmktPC4+RDVSdA2Fo5O3RZMu
ygUdOJX2hcOnswNhImDkcvoc0O7B7R9b3HXhWtTW5cMXpKbOw3wxOC4lgq6z4Gxl
gJl9LRW901N8IgmMpQLricJ1eHHj9NxFged0UH39a6xR0gTE3av9NdGFAwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHimD4B4mzgV8OVFJoDp2hg0N0YsMB8GA1UdIwQY
MBaAFBq2NNx09gN7pHMR0SdCDnbylr5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JZMDNIVDJBM3VrY3hIUkowSU9kdktXdmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83YTI2ZTYtZjdhZS00ZGYwLTllY2It
ZDg3OWY3ZTcwOWQ2LzEvZUtZUGdIaWJPQlh3NVVVbWdPbmFHRFEzUml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83YTI2ZTYtZjdhZS00ZGYwLTllY2ItZDg3OWY3ZTcwOWQ2
LzEvR3JZMDNIVDJBM3VrY3hIUkowSU9kdktXdmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiAwQFBRag
AwMAGIcDBAMuEZADBAVSdcADBAZXdIADAwBZ2AMEA15/AAMEB169gAMEB1+0AAME
A7BtiAMDAbKUAwQCuQ0IAwQCuRIMAwMAvAIDBAW89iADBATV9NADBAPZGtAwFAQC
AAIwDgMFAyoAHdgDBQMqA4fAMA0GCSqGSIb3DQEBCwUAA4IBAQASkXy2Jp1nhY3h
tS72+sSm3j5TEarveAaRSPBjte/Un9WJS4FhCa9XMLzlUXST2Da3epvJP9zpc9cU
J1G9DCnUmvPQnmyQaSBQJs7qgSzVJsp+s3M85Xi89jhdHfFZof8mxDh6/wOUcjJ8
6FHejvSi5q47H52gYpJMvZ0Pc1YTi8b9F1LhFjGmBv6BFIkCrLzhBZMPyuRFIKJa
diD4eMbMEw+jCM5z371UIeEd8BEJJZ+9dijumW6mnwBbEV76TnvtJ9dpv7f+6yHJ
Q0Rpb4hwZ0zXsVxAiL1GOZoCUyQEeRr791E3DphLcqKF6ynczuKKz3gcrFlVcqTZ
hOzv2cNZ
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:08:22 2025 by rpki-client