Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65X6wGEYQDG-BA_paOlQQKb49lk.roa
File: 65X6wGEYQDG-BA_paOlQQKb49lk.roa (raw, json)
Hash identifier: XdbtZcTh8Yph1C4iHZt3L2MYnzM6wqqF0Cbud7kXSPs=
Subject key identifier: EB:95:FA:C0:61:18:40:31:BE:04:0F:E9:68:E9:50:40:A6:F8:F6:59
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01892FA10E0BCAB9158A767A318B927D43CD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65X6wGEYQDG-BA_paOlQQKb49lk.roa
Signing time: Fri 07 Jul 2023 09:13:51 +0000
ROA not before: Fri 07 Jul 2023 09:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 91.92.24.0/24 maxlen: 24
91.92.24.0/23 maxlen: 23
91.92.25.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2f:a1:0e:0b:ca:b9:15:8a:76:7a:31:8b:92:7d:43:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 7 09:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb95fac061184031be040fe968e95040a6f8f659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:93:09:3c:65:d2:4f:ee:8e:7a:56:5a:f4:0d:
4c:7e:59:e8:a6:18:9a:31:f9:f6:7f:36:24:d5:2e:
d1:c3:d4:4f:4d:68:b8:aa:76:51:1a:bc:74:d4:f0:
3a:97:5d:7e:ed:01:dc:1a:68:c1:5a:c5:f4:1a:ae:
2e:59:8d:56:ff:40:72:11:fa:dc:f0:e1:d0:42:86:
68:f8:11:68:8c:3a:43:c7:45:74:5a:70:70:ba:6b:
cf:30:ad:33:fa:d6:48:63:fa:90:9c:2f:76:82:65:
7a:40:49:b9:a6:2e:00:1e:9f:54:ef:a9:1a:9f:84:
16:9e:b4:d2:2f:c8:6c:13:16:0f:7c:79:8e:db:ce:
24:66:b5:4d:2e:cb:a9:6b:c0:b8:57:38:62:a0:91:
92:44:e9:58:71:69:98:1b:f4:12:63:02:17:08:42:
95:15:6e:11:d6:33:c5:8b:be:a8:be:6d:db:be:2d:
57:bc:b3:90:b5:53:90:ae:9c:78:b6:12:aa:e2:c6:
b1:e2:3c:9d:28:88:37:2d:bb:b8:4e:9e:c9:65:00:
28:68:eb:7e:80:ca:78:2b:15:12:0b:b5:e3:bc:bc:
99:92:66:4d:01:12:49:27:99:5a:b3:f1:55:71:8f:
d8:06:58:49:86:79:2e:5a:55:52:0c:79:15:67:79:
0a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:95:FA:C0:61:18:40:31:BE:04:0F:E9:68:E9:50:40:A6:F8:F6:59
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65X6wGEYQDG-BA_paOlQQKb49lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.87.0/24
87.121.59.0/24
91.92.24.0/23
93.123.116.0/24
94.154.163.0/24
171.22.19.0/24
176.125.255.0/24
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:1c:23:3e:a0:fe:81:71:c4:8f:40:a8:fb:9c:3e:dc:71:8e:
58:8e:1f:46:e1:0d:1d:e0:06:ee:81:85:71:15:40:bd:0c:ab:
9b:49:62:9e:b9:fa:49:2b:b3:ac:1a:8f:bd:f1:ff:32:50:3d:
a8:bf:96:5f:3b:19:8a:59:fc:9d:ae:3a:51:6c:80:73:22:35:
01:d0:19:d3:30:7c:6e:e7:c8:8a:05:54:0f:40:b8:5d:13:ca:
04:b1:94:51:f4:e4:29:a2:0d:79:c9:c5:a9:81:d5:79:44:38:
6b:32:20:f9:69:c9:66:b2:b7:96:3f:70:f0:b8:68:c7:3f:74:
85:2c:4d:76:29:46:8b:05:3a:66:1b:3a:1f:b2:48:96:a9:2f:
71:f1:29:86:b7:dc:37:81:30:7e:4f:e2:32:b7:8a:f1:43:9f:
50:08:a1:7e:26:9a:75:e2:07:44:81:e4:8f:8e:2f:01:6a:df:
95:99:c0:98:92:5a:1e:20:0b:c4:21:85:2a:c3:1d:d9:d9:53:
9e:89:e4:80:cb:32:4a:a0:c4:87:58:94:5b:6d:bc:9b:03:39:
4c:8a:cf:ef:55:6f:c2:5d:15:8c:10:45:87:b9:87:dc:34:31:
6d:b7:54:d3:b8:c8:13:4c:ca:c0:13:8b:47:e3:02:74:f6:60:
80:d1:db:2d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYkvoQ4LyrkVinZ6MYuSfUPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzA3MDkxMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk1ZmFjMDYxMTg0MDMxYmUwNDBmZTk2OGU5NTA0MGE2ZjhmNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JMJPGXST+6OelZa9A1Mflnophia
Mfn2fzYk1S7Rw9RPTWi4qnZRGrx01PA6l11+7QHcGmjBWsX0Gq4uWY1W/0ByEfrc
8OHQQoZo+BFojDpDx0V0WnBwumvPMK0z+tZIY/qQnC92gmV6QEm5pi4AHp9U76ka
n4QWnrTSL8hsExYPfHmO284kZrVNLsupa8C4VzhioJGSROlYcWmYG/QSYwIXCEKV
FW4R1jPFi76ovm3bvi1XvLOQtVOQrpx4thKq4sax4jydKIg3Lbu4Tp7JZQAoaOt+
gMp4KxUSC7XjvLyZkmZNARJJJ5las/FVcY/YBlhJhnkuWlVSDHkVZ3kKnwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOuV+sBhGEAxvgQP6WjpUECm+PZZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNjVYNndHRVlRREctQkFfcGFPbFFRS2I0OWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAV3hXAwQA
V3k7AwQBW1wYAwQAXXt0AwQAXpqjAwQAqxYTAwQAsH3/AwQCwZUcMA0GCSqGSIb3
DQEBCwUAA4IBAQCcHCM+oP6BccSPQKj7nD7ccY5Yjh9G4Q0d4AbugYVxFUC9DKub
SWKeufpJK7OsGo+98f8yUD2ov5ZfOxmKWfydrjpRbIBzIjUB0BnTMHxu58iKBVQP
QLhdE8oEsZRR9OQpog15ycWpgdV5RDhrMiD5aclmsreWP3DwuGjHP3SFLE12KUaL
BTpmGzofskiWqS9x8SmGt9w3gTB+T+Iyt4rxQ59QCKF+Jpp14gdEgeSPji8Bat+V
mcCYkloeIAvEIYUqwx3Z2VOeieSAyzJKoMSHWJRbbbybAzlMis/vVW/CXRWMEEWH
uYfcNDFtt1TTuMgTTMrAE4tH4wJ09mCA0dst
-----END CERTIFICATE-----
Generated at Tue May 13 18:06:49 2025 by rpki-client