Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/vQ41wQEUt-04ps_RYmLjTQAVd50.roa
File: vQ41wQEUt-04ps_RYmLjTQAVd50.roa (raw, json)
Hash identifier: WkD2Xy9iwyhtbQAV9P+LXIaRi9ZvpLFnNd6yI20nivo=
Subject key identifier: BD:0E:35:C1:01:14:B7:ED:38:A6:CF:D1:62:62:E3:4D:00:15:77:9D
Certificate issuer: /CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
Certificate serial: 019420D62AD7814229FEAD8B1FF1AFE9DFEE
Authority key identifier: 7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/vQ41wQEUt-04ps_RYmLjTQAVd50.roa
Signing time: Wed 01 Jan 2025 07:48:14 +0000
ROA not before: Wed 01 Jan 2025 07:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201966
IP address blocks: 94.229.83.0/24 maxlen: 24
94.229.84.0/23 maxlen: 23
185.92.216.0/24 maxlen: 24
185.92.217.0/24 maxlen: 24
185.92.218.0/24 maxlen: 24
185.92.219.0/24 maxlen: 24
2a05:2c7:c000::/34 maxlen: 34
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2a:d7:81:42:29:fe:ad:8b:1f:f1:af:e9:df:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
Validity
Not Before: Jan 1 07:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd0e35c10114b7ed38a6cfd16262e34d0015779d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:c7:27:93:f9:dc:97:2d:bb:5c:12:e4:22:
61:6c:59:91:62:1e:a2:83:dc:10:40:dc:4e:3e:f7:
ec:91:e0:b9:44:f4:83:59:f3:06:f8:c9:04:58:a5:
a9:66:50:41:1b:8e:ea:ae:b0:a1:75:b7:af:aa:b3:
7d:c2:c2:85:e4:12:18:9d:2f:c2:4b:a9:17:58:1d:
2f:0f:74:26:4e:85:4e:5d:bf:36:78:f8:d9:b3:36:
09:42:46:b0:af:56:62:ba:dc:b0:23:66:93:fc:33:
38:8c:6c:6a:d9:85:2e:24:68:72:58:87:18:4e:7e:
41:cb:6a:8d:e0:9f:2b:3c:cd:9f:de:30:8d:2a:52:
73:8a:01:f3:a1:45:ac:46:3e:9b:af:05:53:9a:02:
fb:68:f7:c6:9e:56:17:e6:06:06:91:d5:5f:6f:70:
71:1a:55:3d:d7:0d:96:21:ab:49:fb:96:23:d3:07:
e3:0a:60:b7:6e:99:c7:16:5a:a3:0a:93:87:6e:2b:
49:35:fd:8a:7f:ff:d2:3d:07:e1:08:0f:ab:08:ca:
2f:a5:83:77:81:34:b1:df:ee:3e:ec:c8:b4:2f:f0:
34:08:ae:f3:d6:a1:61:c7:f3:f9:c3:d5:22:81:9a:
2b:3f:87:d9:41:a5:69:3b:c6:4c:3d:bb:ed:e8:b2:
6d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0E:35:C1:01:14:B7:ED:38:A6:CF:D1:62:62:E3:4D:00:15:77:9D
X509v3 Authority Key Identifier:
keyid:7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/vQ41wQEUt-04ps_RYmLjTQAVd50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/fPySsKdbia0uPFf3y6DkeGhCGc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.83.0-94.229.85.255
185.92.216.0/22
IPv6:
2a05:2c7:c000::/34
Signature Algorithm: sha256WithRSAEncryption
25:e1:96:da:2d:4b:c4:2d:04:c4:40:ea:cb:80:be:a8:73:2c:
8e:83:e0:1b:2d:89:97:5e:09:a9:5d:a4:d1:1d:3f:16:cd:e9:
79:f8:0b:0f:1e:44:6f:3f:63:07:c6:3e:7a:a6:7d:0a:55:a2:
78:01:99:6e:33:7a:18:c6:58:41:10:7e:18:3a:3f:55:60:53:
7f:39:32:57:e1:89:c7:5d:36:d2:d7:08:2a:01:08:fa:a1:c7:
46:44:3b:15:fb:83:b9:1e:88:63:d4:aa:6f:48:bd:20:cb:21:
75:3c:0d:4e:e8:8f:f7:f7:42:a9:ae:cc:61:63:34:38:94:0f:
46:8c:55:1f:3e:b9:a8:28:97:f1:67:64:35:e4:ca:34:3b:78:
78:05:5a:cf:b4:e4:c1:d9:1d:d0:fe:5a:6c:37:4a:aa:63:12:
34:ef:f9:9d:35:bb:97:56:9c:1d:e2:0b:4e:e7:66:98:49:ec:
b1:65:a0:e7:a1:e2:94:18:3e:1d:e9:1c:43:01:bd:17:ef:fd:
c7:c6:60:07:d3:2b:b6:ef:f7:a6:b4:1e:62:b7:e3:bc:df:23:
93:38:59:5c:ec:e0:ec:24:aa:28:ff:ab:b3:de:45:bb:26:af:
be:e1:58:e2:2a:33:0d:dc:c3:28:74:53:09:20:49:91:7d:3b:
05:18:39:36
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQg1irXgUIp/q2LH/Gv6d/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZmM5MmIwYTc1Yjg5YWQyZTNjNTdmN2NiYTBlNDc4Njg0
MjE5Y2UwHhcNMjUwMTAxMDc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBlMzVjMTAxMTRiN2VkMzhhNmNmZDE2MjYyZTM0ZDAwMTU3NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/PHJ5P53Jctu1wS5CJhbFmRYh6i
g9wQQNxOPvfskeC5RPSDWfMG+MkEWKWpZlBBG47qrrChdbevqrN9wsKF5BIYnS/C
S6kXWB0vD3QmToVOXb82ePjZszYJQkawr1ZiutywI2aT/DM4jGxq2YUuJGhyWIcY
Tn5By2qN4J8rPM2f3jCNKlJzigHzoUWsRj6brwVTmgL7aPfGnlYX5gYGkdVfb3Bx
GlU91w2WIatJ+5Yj0wfjCmC3bpnHFlqjCpOHbitJNf2Kf//SPQfhCA+rCMovpYN3
gTSx3+4+7Mi0L/A0CK7z1qFhx/P5w9UigZorP4fZQaVpO8ZMPbvt6LJtRQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL0ONcEBFLftOKbP0WJi400AFXedMB8GA1UdIwQY
MBaAFHz8krCnW4mtLjxX98ug5HhoQhnOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlB5U3NLZGJpYTB1UEZmM3k2RGtlR2hDR2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xNzc2Y2ItMWM3OC00ZGNjLWI0M2It
MzZkN2I0Zjg0ZTVjLzEvdlE0MXdRRVV0LTA0cHNfUlltTGpUUUFWZDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xNzc2Y2ItMWM3OC00ZGNjLWI0M2ItMzZkN2I0Zjg0ZTVj
LzEvZlB5U3NLZGJpYTB1UEZmM3k2RGtlR2hDR2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBABe5VMD
BAFe5VQDBAK5XNgwDgQCAAIwCAMGBioFAsfAMA0GCSqGSIb3DQEBCwUAA4IBAQAl
4ZbaLUvELQTEQOrLgL6ocyyOg+AbLYmXXgmpXaTRHT8Wzel5+AsPHkRvP2MHxj56
pn0KVaJ4AZluM3oYxlhBEH4YOj9VYFN/OTJX4YnHXTbS1wgqAQj6ocdGRDsV+4O5
Hohj1KpvSL0gyyF1PA1O6I/390KprsxhYzQ4lA9GjFUfPrmoKJfxZ2Q15Mo0O3h4
BVrPtOTB2R3Q/lpsN0qqYxI07/mdNbuXVpwd4gtO52aYSeyxZaDnoeKUGD4d6RxD
Ab0X7/3HxmAH0yu27/emtB5it+O83yOTOFlc7ODsJKoo/6uz3kW7Jq++4VjiKjMN
3MModFMJIEmRfTsFGDk2
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:14:25 2025 by rpki-client