Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/jqMIaNtX90rr72PPF8pY1wtnNWQ.roa
File: jqMIaNtX90rr72PPF8pY1wtnNWQ.roa (raw, json)
Hash identifier: Ci9cP1z9bazGU271/bI/23UTMw7hP+8lr1cKthip5AI=
Subject key identifier: 8E:A3:08:68:DB:57:F7:4A:EB:EF:63:CF:17:CA:58:D7:0B:67:35:64
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 0194221F7FF756CDD2C62EABD2B83267D336
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/jqMIaNtX90rr72PPF8pY1wtnNWQ.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 92.246.82.0/24 maxlen: 24
92.246.83.0/24 maxlen: 24
103.226.192.0/24 maxlen: 24
103.229.170.0/24 maxlen: 24
185.145.68.0/22 maxlen: 22
185.145.68.0/24 maxlen: 24
185.145.69.0/24 maxlen: 24
185.223.178.0/24 maxlen: 24
185.237.212.0/22 maxlen: 24
185.237.212.0/24 maxlen: 24
185.237.215.0/24 maxlen: 24
2a07:4640::/29 maxlen: 29
2a0d:c240::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7f:f7:56:cd:d2:c6:2e:ab:d2:b8:32:67:d3:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ea30868db57f74aebef63cf17ca58d70b673564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:27:50:39:e7:9c:86:a6:cb:27:f8:89:fd:8f:
2d:c6:cf:93:2d:cf:8a:04:99:22:15:09:29:2f:7b:
0b:92:97:0c:d5:20:04:cc:f4:9c:6e:68:e1:6a:db:
09:52:77:11:fc:4f:72:4b:85:67:05:9f:57:39:02:
fc:a6:e9:0f:cf:fb:56:d9:6a:83:5d:01:42:24:11:
3b:6c:8f:cd:6a:51:73:10:98:a5:23:10:e1:c4:fd:
f2:c4:82:31:30:fe:b7:26:99:f8:94:4e:d3:03:e4:
eb:a1:d8:cc:9e:82:cd:4e:c5:bd:1f:20:d9:a9:27:
d4:e3:74:7c:3a:d1:76:5b:f2:d7:57:ac:7e:b6:fb:
c7:f6:60:15:46:c4:65:58:38:8b:3f:24:7b:e5:d7:
d7:ce:6a:61:51:55:1e:18:f6:4b:9d:58:47:83:82:
08:b2:94:65:8b:4a:0f:a7:4b:4e:b0:da:7b:6f:71:
25:b2:b0:6d:39:19:4e:4e:d7:11:d7:9d:6c:01:07:
ff:e6:17:7d:5b:97:9c:b0:9f:a6:be:5c:ce:fe:31:
02:57:8c:94:62:6e:44:fb:d3:0e:cb:0a:bf:8b:2f:
e3:c2:24:c1:c2:75:4f:38:75:49:7a:53:82:72:a2:
0f:0a:76:a8:17:34:db:a7:18:22:19:d3:62:9f:0c:
5d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A3:08:68:DB:57:F7:4A:EB:EF:63:CF:17:CA:58:D7:0B:67:35:64
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/jqMIaNtX90rr72PPF8pY1wtnNWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.246.82.0/23
103.226.192.0/24
103.229.170.0/24
185.145.68.0/22
185.223.178.0/24
185.237.212.0/22
IPv6:
2a07:4640::/29
2a0d:c240::/29
Signature Algorithm: sha256WithRSAEncryption
68:a9:40:e9:70:91:67:dc:25:3b:ab:1b:8a:5f:ce:03:f8:a6:
42:22:f5:9e:20:a5:5f:b0:dc:2e:ef:3b:31:08:bb:b8:3d:e3:
78:d5:51:3c:ba:d4:e1:96:b5:dd:b9:e0:29:cb:9e:ee:7c:84:
c3:36:fe:fe:af:cf:81:b5:a0:24:af:e7:65:83:03:62:85:94:
0b:93:ad:89:4a:ad:84:54:41:cf:27:6a:6f:0a:be:d5:04:ea:
db:0d:0a:51:e4:fb:36:4d:9d:6f:fd:70:fe:dc:9b:20:e6:71:
fb:10:a7:d2:c0:26:8d:bc:99:8f:20:13:50:99:c9:2c:57:77:
5f:31:20:d3:21:c5:a1:e6:64:e1:6d:fc:43:dd:9c:3a:32:01:
05:f8:37:53:c0:5f:3a:17:ca:68:1c:dc:bc:59:c9:20:20:d6:
23:b1:5f:b7:94:59:89:70:d2:10:1e:00:28:14:9d:6e:79:f0:
46:ed:0b:66:cf:b8:87:85:c1:bc:4c:85:40:b0:bf:0b:4c:6d:
25:64:43:72:92:8c:6d:2c:09:1e:1d:ab:b9:74:84:60:63:1c:
dc:7a:f7:e9:0e:ae:81:a7:ee:85:e1:d9:e8:c3:12:70:97:76:
4d:f3:8e:17:3e:24:aa:87:d2:a8:22:77:56:07:f3:43:d3:54:
36:68:87:8a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQiH3/3Vs3Sxi6r0rgyZ9M2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWEzMDg2OGRiNTdmNzRhZWJlZjYzY2YxN2NhNThkNzBiNjczNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCdQOeechqbLJ/iJ/Y8txs+TLc+K
BJkiFQkpL3sLkpcM1SAEzPScbmjhatsJUncR/E9yS4VnBZ9XOQL8pukPz/tW2WqD
XQFCJBE7bI/NalFzEJilIxDhxP3yxIIxMP63Jpn4lE7TA+TrodjMnoLNTsW9HyDZ
qSfU43R8OtF2W/LXV6x+tvvH9mAVRsRlWDiLPyR75dfXzmphUVUeGPZLnVhHg4II
spRli0oPp0tOsNp7b3ElsrBtORlOTtcR151sAQf/5hd9W5ecsJ+mvlzO/jECV4yU
Ym5E+9MOywq/iy/jwiTBwnVPOHVJelOCcqIPCnaoFzTbpxgiGdNinwxdwwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFI6jCGjbV/dK6+9jzxfKWNcLZzVkMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvanFNSWFOdFg5MHJyNzJQUEY4cFkxd3RuTldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBXPZSAwQA
Z+LAAwQAZ+WqAwQCuZFEAwQAud+yAwQCue3UMBQEAgACMA4DBQMqB0ZAAwUDKg3C
QDANBgkqhkiG9w0BAQsFAAOCAQEAaKlA6XCRZ9wlO6sbil/OA/imQiL1niClX7Dc
Lu87MQi7uD3jeNVRPLrU4Za13bngKcue7nyEwzb+/q/PgbWgJK/nZYMDYoWUC5Ot
iUqthFRBzydqbwq+1QTq2w0KUeT7Nk2db/1w/tybIOZx+xCn0sAmjbyZjyATUJnJ
LFd3XzEg0yHFoeZk4W38Q92cOjIBBfg3U8BfOhfKaBzcvFnJICDWI7Fft5RZiXDS
EB4AKBSdbnnwRu0LZs+4h4XBvEyFQLC/C0xtJWRDcpKMbSwJHh2ruXSEYGMc3Hr3
6Q6ugafuheHZ6MMScJd2TfOOFz4kqofSqCJ3VgfzQ9NUNmiHig==
-----END CERTIFICATE-----
Generated at Wed May 14 01:17:15 2025 by rpki-client