Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/Ra3V1T_BaSWeUzJJM51eF_OEZjY.roa
File: Ra3V1T_BaSWeUzJJM51eF_OEZjY.roa (raw, json)
Hash identifier: IeLbJoqm9lDviofUQhJpMAOrnxlBmgq9w+nl3OLdq8M=
Subject key identifier: 45:AD:D5:D5:3F:C1:69:25:9E:53:32:49:33:9D:5E:17:F3:84:66:36
Certificate issuer: /CN=40d933e82474650c6aa3e9cbf0574d27286592e7
Certificate serial: 01856BB7DEF89BE88FCD5CE207175645EBAF
Authority key identifier: 40:D9:33:E8:24:74:65:0C:6A:A3:E9:CB:F0:57:4D:27:28:65:92:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/Ra3V1T_BaSWeUzJJM51eF_OEZjY.roa
Signing time: Sun 01 Jan 2023 05:04:50 +0000
ROA not before: Sun 01 Jan 2023 05:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207044
IP address blocks: 94.156.228.0/22 maxlen: 24
91.92.28.0/22 maxlen: 24
94.156.28.0/22 maxlen: 24
88.151.24.0/21 maxlen: 24
94.156.204.0/22 maxlen: 24
213.133.64.0/21 maxlen: 24
185.167.196.0/22 maxlen: 24
89.184.60.0/22 maxlen: 24
46.183.108.0/22 maxlen: 24
87.121.252.0/22 maxlen: 24
37.128.192.0/21 maxlen: 24
94.156.148.0/22 maxlen: 24
87.120.240.0/22 maxlen: 24
89.184.36.0/22 maxlen: 24
87.120.248.0/22 maxlen: 24
87.120.48.0/21 maxlen: 24
2a0b:ae00::/29 maxlen: 29
2a0b:ae00:1000::/38 maxlen: 38
2a0b:ae00:1400::/38 maxlen: 38
2a0b:ae00:1800::/38 maxlen: 38
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:de:f8:9b:e8:8f:cd:5c:e2:07:17:56:45:eb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d933e82474650c6aa3e9cbf0574d27286592e7
Validity
Not Before: Jan 1 05:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45add5d53fc169259e533249339d5e17f3846636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:08:0d:1f:7f:06:b1:d6:02:54:16:f0:a9:77:
77:91:2c:f2:d2:7a:f4:ae:e9:9d:d0:ab:ff:94:1f:
c0:a8:7b:76:de:78:33:e6:24:a6:3e:46:7b:c7:ca:
bd:b7:7e:49:3c:7b:4d:63:b0:bd:c4:5f:6f:ba:9e:
ae:65:70:56:31:38:c9:e0:bd:e8:0d:41:90:36:5c:
bb:ec:18:89:81:67:cf:10:6a:8f:57:4c:b2:8f:07:
05:05:b9:59:a0:92:8e:86:fd:97:87:48:3e:d1:f4:
e0:da:ee:54:87:a2:0c:dc:29:e6:d4:08:23:03:ff:
86:8b:88:06:f1:a4:12:b8:2d:e1:49:5b:25:5a:9a:
b7:a5:2f:b4:4e:38:a7:80:0e:fc:f3:2f:17:0c:87:
3f:d6:1d:b7:7b:ab:e8:5c:30:87:94:75:5a:f4:cb:
66:36:bd:af:b5:95:56:aa:1b:96:0e:eb:98:c5:12:
dc:c1:42:cb:b3:d6:99:20:c9:93:25:93:1c:2d:a0:
04:2e:d4:97:88:d2:3d:0d:c3:36:4b:93:9d:de:aa:
91:a8:fe:26:c7:df:b3:fe:dc:cb:ae:2c:0c:52:0c:
06:12:59:38:bd:a9:eb:a7:b6:cc:29:61:12:2d:1a:
6a:99:8b:c5:25:d4:0a:86:45:c7:5c:c3:f3:f8:56:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AD:D5:D5:3F:C1:69:25:9E:53:32:49:33:9D:5E:17:F3:84:66:36
X509v3 Authority Key Identifier:
keyid:40:D9:33:E8:24:74:65:0C:6A:A3:E9:CB:F0:57:4D:27:28:65:92:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/Ra3V1T_BaSWeUzJJM51eF_OEZjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3879dd-ef95-45e6-8767-e681ebba4a4a/1/QNkz6CR0ZQxqo-nL8FdNJyhlkuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.192.0/21
46.183.108.0/22
87.120.48.0/21
87.120.240.0/22
87.120.248.0/22
87.121.252.0/22
88.151.24.0/21
89.184.36.0/22
89.184.60.0/22
91.92.28.0/22
94.156.28.0/22
94.156.148.0/22
94.156.204.0/22
94.156.228.0/22
185.167.196.0/22
213.133.64.0/21
IPv6:
2a0b:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
64:7f:08:43:6c:98:96:e3:17:88:67:bb:39:f8:34:b8:60:4f:
8f:92:11:86:c6:13:47:91:86:a1:c2:5e:2f:32:1d:95:83:77:
3c:08:ad:ec:2e:51:7b:87:ec:e9:0c:e8:16:a5:d9:ee:59:83:
b2:4b:9b:68:fe:8a:76:08:7e:c2:72:ee:ac:15:89:a0:59:a4:
20:07:48:92:fd:5e:51:f4:c3:43:83:b8:eb:34:1f:8c:f1:80:
7d:46:27:bd:78:16:93:28:82:9f:28:16:c0:61:52:9c:ec:ce:
54:e1:b3:17:e1:8e:10:19:87:0a:66:04:55:ea:1d:ce:57:4e:
56:1e:a0:88:e5:c3:a0:7f:2c:41:46:70:4d:89:c5:24:ce:4b:
f9:e8:90:c2:89:fa:f0:d3:b0:e9:08:31:f5:5f:33:28:d6:35:
d9:e6:62:f6:f5:cb:dc:89:7f:67:d8:ea:d5:95:42:a8:76:c0:
41:43:60:c2:f5:5a:98:04:3e:a7:6d:a4:09:11:1c:5c:c1:b7:
59:82:ca:03:8f:34:2e:1c:7d:a4:b1:fe:91:0f:b6:fb:09:f9:
36:9b:d9:ff:1e:41:23:4c:23:74:6a:f5:47:41:76:3b:3e:57:
f2:dd:f4:28:a1:c5:ef:c1:b2:00:eb:af:60:3d:2e:84:72:d8:
f1:58:df:17
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYVrt974m+iPzVziBxdWReuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDkzM2U4MjQ3NDY1MGM2YWEzZTljYmYwNTc0ZDI3Mjg2
NTkyZTcwHhcNMjMwMTAxMDUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWFkZDVkNTNmYzE2OTI1OWU1MzMyNDkzMzlkNWUxN2YzODQ2NjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQgNH38GsdYCVBbwqXd3kSzy0nr0
rumd0Kv/lB/AqHt23ngz5iSmPkZ7x8q9t35JPHtNY7C9xF9vup6uZXBWMTjJ4L3o
DUGQNly77BiJgWfPEGqPV0yyjwcFBblZoJKOhv2Xh0g+0fTg2u5Uh6IM3Cnm1Agj
A/+Gi4gG8aQSuC3hSVslWpq3pS+0TjingA788y8XDIc/1h23e6voXDCHlHVa9Mtm
Nr2vtZVWqhuWDuuYxRLcwULLs9aZIMmTJZMcLaAELtSXiNI9DcM2S5Od3qqRqP4m
x9+z/tzLriwMUgwGElk4vanrp7bMKWESLRpqmYvFJdQKhkXHXMPz+FbUqwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFEWt1dU/wWklnlMySTOdXhfzhGY2MB8GA1UdIwQY
MBaAFEDZM+gkdGUMaqPpy/BXTScoZZLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5rejZDUjBaUXhxby1uTDhGZE5KeWhsa3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zODc5ZGQtZWY5NS00NWU2LTg3Njct
ZTY4MWViYmE0YTRhLzEvUmEzVjFUX0JhU1dlVXpKSk01MWVGX09FWmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zODc5ZGQtZWY5NS00NWU2LTg3NjctZTY4MWViYmE0YTRh
LzEvUU5rejZDUjBaUXhxby1uTDhGZE5KeWhsa3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAyWAwAME
Ai63bAMEA1d4MAMEAld48AMEAld4+AMEAld5/AMEA1iXGAMEAlm4JAMEAlm4PAME
AltcHAMEAl6cHAMEAl6clAMEAl6czAMEAl6c5AMEArmnxAMEA9WFQDANBAIAAjAH
AwUDKguuADANBgkqhkiG9w0BAQsFAAOCAQEAZH8IQ2yYluMXiGe7Ofg0uGBPj5IR
hsYTR5GGocJeLzIdlYN3PAit7C5Re4fs6QzoFqXZ7lmDskubaP6Kdgh+wnLurBWJ
oFmkIAdIkv1eUfTDQ4O46zQfjPGAfUYnvXgWkyiCnygWwGFSnOzOVOGzF+GOEBmH
CmYEVeodzldOVh6giOXDoH8sQUZwTYnFJM5L+eiQwon68NOw6Qgx9V8zKNY12eZi
9vXL3Il/Z9jq1ZVCqHbAQUNgwvVamAQ+p22kCREcXMG3WYLKA480Lhx9pLH+kQ+2
+wn5NpvZ/x5BI0wjdGr1R0F2Oz5X8t30KKHF78GyAOuvYD0uhHLY8VjfFw==
-----END CERTIFICATE-----
Generated at Thu May 15 09:00:44 2025 by rpki-client