Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/7CgqRhtR2qtRdXFIjMT5Q8W929k.roa
File: 7CgqRhtR2qtRdXFIjMT5Q8W929k.roa (raw, json)
Hash identifier: IuiA5NcXfifx68btJFAQnjeLZcAWDeTNmwyfE3Zs13I=
Subject key identifier: EC:28:2A:46:1B:51:DA:AB:51:75:71:48:8C:C4:F9:43:C5:BD:DB:D9
Certificate issuer: /CN=2e0a2316f4e9b58aa52deee5c7d1f4b84476ec86
Certificate serial: 01900428167C8212147BDC75945C3A7B282C
Authority key identifier: 2E:0A:23:16:F4:E9:B5:8A:A5:2D:EE:E5:C7:D1:F4:B8:44:76:EC:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgojFvTptYqlLe7lx9H0uER27IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/7CgqRhtR2qtRdXFIjMT5Q8W929k.roa
Signing time: Mon 10 Jun 2024 21:57:34 +0000
ROA not before: Mon 10 Jun 2024 21:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29545
IP address blocks: 86.111.32.0/21 maxlen: 21
86.111.36.0/24 maxlen: 24
86.111.37.0/24 maxlen: 24
86.111.38.0/24 maxlen: 24
86.111.39.0/24 maxlen: 24
86.111.40.0/22 maxlen: 22
86.111.40.0/24 maxlen: 24
86.111.41.0/24 maxlen: 24
86.111.50.0/23 maxlen: 23
86.111.50.0/24 maxlen: 24
213.163.229.0/24 maxlen: 24
213.163.232.0/24 maxlen: 24
213.163.233.0/24 maxlen: 24
213.163.236.0/23 maxlen: 23
213.163.238.0/24 maxlen: 24
213.163.242.0/23 maxlen: 23
213.163.244.0/23 maxlen: 23
213.163.248.0/23 maxlen: 23
213.163.249.0/24 maxlen: 24
213.163.254.0/24 maxlen: 24
2a00:1f88::/32 maxlen: 32
2a00:1f88:a402::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:04:28:16:7c:82:12:14:7b:dc:75:94:5c:3a:7b:28:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a2316f4e9b58aa52deee5c7d1f4b84476ec86
Validity
Not Before: Jun 10 21:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec282a461b51daab517571488cc4f943c5bddbd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0b:85:f1:8b:94:31:70:f4:d6:79:fd:25:b5:
7a:9f:dc:ab:77:da:97:ae:ee:b8:5b:4a:d3:40:1d:
3e:38:76:9b:7d:e0:a6:6a:e2:87:c1:c6:e4:f3:66:
bd:08:1d:53:1c:8d:20:10:23:fb:58:2d:b0:54:7b:
c1:a7:a5:33:7e:1e:9e:fc:0d:7c:32:eb:53:b9:b5:
29:85:fe:a4:92:46:aa:5e:50:01:67:20:6b:09:9c:
e3:6c:4c:4b:f4:be:9f:18:04:6d:93:d0:35:43:48:
7e:27:bc:6d:6c:3a:8d:79:15:1a:93:62:0f:c5:eb:
49:11:af:ae:6a:26:92:a5:14:e2:c4:fa:bd:e0:d1:
ed:04:e4:04:69:72:94:4d:68:37:2d:93:db:93:42:
bc:a9:1b:e6:05:f1:2e:84:19:48:e2:62:9c:01:96:
8a:8f:fe:0e:5d:97:22:66:a6:d5:17:a6:1e:db:da:
13:47:12:7c:e1:a3:37:7a:3a:f8:70:36:d9:e9:8d:
02:cf:d9:31:0b:b2:ce:ae:7e:b7:20:4d:a2:a4:55:
af:df:75:d2:a9:b5:b0:f9:7b:55:57:78:58:38:95:
c6:96:ec:94:1b:7f:40:b0:38:09:71:10:70:0b:ff:
ad:9e:0b:38:4c:a3:91:9a:3c:fe:2b:c7:6c:0f:16:
bc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:28:2A:46:1B:51:DA:AB:51:75:71:48:8C:C4:F9:43:C5:BD:DB:D9
X509v3 Authority Key Identifier:
keyid:2E:0A:23:16:F4:E9:B5:8A:A5:2D:EE:E5:C7:D1:F4:B8:44:76:EC:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgojFvTptYqlLe7lx9H0uER27IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/7CgqRhtR2qtRdXFIjMT5Q8W929k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/LgojFvTptYqlLe7lx9H0uER27IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.32.0-86.111.43.255
86.111.50.0/23
213.163.229.0/24
213.163.232.0/23
213.163.236.0-213.163.238.255
213.163.242.0-213.163.245.255
213.163.248.0/23
213.163.254.0/24
IPv6:
2a00:1f88::/32
Signature Algorithm: sha256WithRSAEncryption
68:b1:0d:18:7a:95:2c:56:1b:c8:85:de:78:39:4c:88:24:de:
db:52:a8:51:8d:0f:7d:ac:f6:60:67:6f:9e:b4:74:ef:9e:eb:
d4:26:a2:fa:f6:51:74:57:37:a4:a8:f4:6e:23:ab:71:b2:e3:
d3:e6:52:f2:a7:45:df:df:ec:d8:d0:52:53:dd:65:22:e1:a1:
48:a1:0b:00:f8:23:71:77:02:e5:df:85:67:ce:2c:a3:b1:e5:
c6:f9:05:8a:7f:2d:52:c8:a0:be:fc:27:08:f9:c2:d3:40:8b:
dc:59:83:03:e7:03:05:05:00:6d:a2:ce:37:78:1a:5b:6f:f4:
ee:58:6d:ac:8a:00:b6:77:46:c9:04:b3:f5:b7:67:7e:cd:88:
ee:ae:93:0d:73:a9:bc:fc:e2:a8:d6:28:4c:ed:b4:5f:d7:40:
5b:b3:87:11:92:0d:9d:34:90:c9:c1:6d:01:55:e8:a1:ae:a4:
ac:00:e0:00:18:4e:b6:9f:e4:d6:6a:4e:32:b1:1c:a2:f0:b5:
e2:f1:9a:57:a3:42:1a:a7:ca:90:17:a0:32:50:02:bf:09:08:
bd:28:30:d5:57:1a:b2:9e:18:09:00:67:cb:49:24:05:26:eb:
54:50:43:f5:7f:2a:3f:73:09:30:de:4e:42:d7:e4:4e:16:23:
00:72:a0:ad
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZAEKBZ8ghIUe9x1lFw6eygsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGEyMzE2ZjRlOWI1OGFhNTJkZWVlNWM3ZDFmNGI4NDQ3
NmVjODYwHhcNMjQwNjEwMjE1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzI4MmE0NjFiNTFkYWFiNTE3NTcxNDg4Y2M0Zjk0M2M1YmRkYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQuF8YuUMXD01nn9JbV6n9yrd9qX
ru64W0rTQB0+OHabfeCmauKHwcbk82a9CB1THI0gECP7WC2wVHvBp6Uzfh6e/A18
MutTubUphf6kkkaqXlABZyBrCZzjbExL9L6fGARtk9A1Q0h+J7xtbDqNeRUak2IP
xetJEa+uaiaSpRTixPq94NHtBOQEaXKUTWg3LZPbk0K8qRvmBfEuhBlI4mKcAZaK
j/4OXZciZqbVF6Ye29oTRxJ84aM3ejr4cDbZ6Y0Cz9kxC7LOrn63IE2ipFWv33XS
qbWw+XtVV3hYOJXGluyUG39AsDgJcRBwC/+tngs4TKORmjz+K8dsDxa8oQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFOwoKkYbUdqrUXVxSIzE+UPFvdvZMB8GA1UdIwQY
MBaAFC4KIxb06bWKpS3u5cfR9LhEduyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdvakZ2VHB0WXFsTGU3bHg5SDB1RVIyN0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jNDU4MTEtNzViYS00ZGQ3LWE0MjEt
ZjM2ZDllZTM0NmQ0LzEvN0NncVJodFIycXRSZFhGSWpNVDVROFc5MjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jNDU4MTEtNzViYS00ZGQ3LWE0MjEtZjM2ZDllZTM0NmQ0
LzEvTGdvakZ2VHB0WXFsTGU3bHg5SDB1RVIyN0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIMAwDBAVWbyAD
BAJWbygDBAFWbzIDBADVo+UDBAHVo+gwDAMEAtWj7AMEANWj7jAMAwQB1aPyAwQB
1aP0AwQB1aP4AwQA1aP+MA0EAgACMAcDBQAqAB+IMA0GCSqGSIb3DQEBCwUAA4IB
AQBosQ0YepUsVhvIhd54OUyIJN7bUqhRjQ99rPZgZ2+etHTvnuvUJqL69lF0Vzek
qPRuI6txsuPT5lLyp0Xf3+zY0FJT3WUi4aFIoQsA+CNxdwLl34VnziyjseXG+QWK
fy1SyKC+/CcI+cLTQIvcWYMD5wMFBQBtos43eBpbb/TuWG2sigC2d0bJBLP1t2d+
zYjurpMNc6m8/OKo1ihM7bRf10Bbs4cRkg2dNJDJwW0BVeihrqSsAOAAGE62n+TW
ak4ysRyi8LXi8ZpXo0Iap8qQF6AyUAK/CQi9KDDVVxqynhgJAGfLSSQFJutUUEP1
fyo/cwkw3k5C1+ROFiMAcqCt
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:59:24 2025 by rpki-client