Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VUpyh5JUBrJedzveNBXLB_3SP6I.roa
File: VUpyh5JUBrJedzveNBXLB_3SP6I.roa (raw, json)
Hash identifier: EPch8AEOiT4lp1CGrho45co6VsYxXCnPZoyiabRKjrs=
Subject key identifier: 55:4A:72:87:92:54:06:B2:5E:77:3B:DE:34:15:CB:07:FD:D2:3F:A2
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018B86B9A842EDAF3A7F6B1241FAE7A8AAC0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VUpyh5JUBrJedzveNBXLB_3SP6I.roa
Signing time: Tue 31 Oct 2023 17:13:15 +0000
ROA not before: Tue 31 Oct 2023 17:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.255.99.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
193.30.30.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.149.127.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
193.46.220.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:b9:a8:42:ed:af:3a:7f:6b:12:41:fa:e7:a8:aa:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 31 17:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=554a7287925406b25e773bde3415cb07fdd23fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:43:0b:de:ff:3c:a5:a0:e7:50:dd:3f:c3:5c:
59:a4:08:51:97:10:f0:df:f2:ac:bf:2e:dd:a0:05:
27:14:56:1e:18:07:fe:64:3c:26:c2:06:08:da:40:
61:f4:b7:57:ea:d3:2d:93:64:2b:6f:21:fa:2a:fa:
ed:3d:ca:d1:c3:f2:95:91:c6:72:f6:97:ee:f0:01:
e0:7d:61:3e:4d:dc:63:e5:ac:e9:06:67:d8:ad:ee:
52:de:d0:db:2f:7c:1f:97:0a:5e:b1:33:c5:cd:9c:
86:eb:67:ea:e7:15:f5:be:4f:b0:a8:98:7d:d7:a7:
8b:4d:82:1e:6c:dc:53:65:1b:b1:9d:27:b1:a3:80:
0d:6f:3c:2c:19:f5:8d:2c:6f:bb:71:1f:4e:d5:60:
df:e9:67:23:9c:be:a2:c5:a1:a9:b1:46:a4:3d:fa:
9e:26:19:9b:85:c8:41:67:ff:50:87:57:51:be:6a:
de:ff:b7:92:1d:73:f4:a0:49:1d:c2:bd:93:8f:ab:
84:43:99:a9:65:2f:7d:08:cc:62:6d:a7:0c:a1:3f:
b5:d4:86:b0:05:ed:71:57:44:52:3d:d2:f9:58:bb:
b1:96:79:e1:90:a6:09:44:3b:0f:a3:16:25:2a:a2:
fe:e4:5b:91:01:e7:aa:1f:ce:a5:9e:2d:6d:c8:09:
8d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4A:72:87:92:54:06:B2:5E:77:3B:DE:34:15:CB:07:FD:D2:3F:A2
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VUpyh5JUBrJedzveNBXLB_3SP6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.160.0/22
89.32.126.0/24
92.118.108.0/24
185.15.136.0/23
185.243.140.0/22
185.255.99.0/24
193.30.30.0/24
193.46.220.0/24
194.180.238.0/24
195.138.107.0/24
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.118.0/24
195.138.120.0/24
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:79:ed:d0:6f:f8:53:ce:ee:81:da:6d:94:33:2f:15:5c:de:
14:88:9c:4c:b9:77:eb:a6:88:1c:fe:60:7d:44:b3:c4:c6:09:
5b:6f:f6:53:7b:21:54:e1:94:80:13:74:e7:73:8b:7f:d7:4d:
ec:ac:d6:94:41:a1:85:ec:eb:b7:af:55:67:69:bd:8d:b3:67:
05:f5:73:ae:53:2c:a4:82:c7:da:27:a9:77:1f:fc:9d:bc:47:
d8:b0:61:c8:4d:b7:4f:f9:51:15:c3:f8:dd:f1:3a:73:ce:03:
0f:f1:92:32:bf:57:37:8c:04:82:9e:71:56:5b:c7:5c:80:a0:
0b:84:12:aa:2c:02:08:d3:81:ba:d2:57:d9:c0:52:52:d5:c3:
54:63:83:0b:e9:36:1c:ce:8b:8d:08:54:62:ca:9e:7a:23:cc:
8f:1b:ca:c8:7e:22:36:4f:6f:7e:44:12:ac:13:ee:c3:9e:80:
f8:ff:bc:d1:06:d2:55:0d:d0:1e:28:41:24:e0:e9:db:45:75:
a3:2a:1b:3c:e8:eb:fa:db:a7:3b:d5:8f:01:18:88:97:72:9e:
0d:62:90:d4:bf:7d:ea:39:a4:bb:53:34:0a:e5:53:35:ac:d8:
f2:16:e0:d2:da:44:7e:1c:77:5a:ea:a4:9c:50:91:ec:c8:f8:
cc:01:02:8d
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYuGuahC7a86f2sSQfrnqKrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMDMxMTcxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTRhNzI4NzkyNTQwNmIyNWU3NzNiZGUzNDE1Y2IwN2ZkZDIzZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0ML3v88paDnUN0/w1xZpAhRlxDw
3/Ksvy7doAUnFFYeGAf+ZDwmwgYI2kBh9LdX6tMtk2QrbyH6KvrtPcrRw/KVkcZy
9pfu8AHgfWE+Tdxj5azpBmfYre5S3tDbL3wflwpesTPFzZyG62fq5xX1vk+wqJh9
16eLTYIebNxTZRuxnSexo4ANbzwsGfWNLG+7cR9O1WDf6WcjnL6ixaGpsUakPfqe
JhmbhchBZ/9Qh1dRvmre/7eSHXP0oEkdwr2Tj6uEQ5mpZS99CMxibacMoT+11Iaw
Be1xV0RSPdL5WLuxlnnhkKYJRDsPoxYlKqL+5FuRAeeqH86lni1tyAmNqwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFFVKcoeSVAayXnc73jQVywf90j+iMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvVlVweWg1SlVCckplZHp2ZU5CWExCXzNTUDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCLZWgAwQA
WSB+AwQAXHZsAwQBuQ+IAwQCufOMAwQAuf9jAwQAwR4eAwQAwS7cAwQAwrTuAwQA
w4prMAwDBADDim8DBADDinADBADDinIDBADDinYDBADDingDBADDlX8wDQYJKoZI
hvcNAQELBQADggEBAA957dBv+FPO7oHabZQzLxVc3hSInEy5d+umiBz+YH1Es8TG
CVtv9lN7IVThlIATdOdzi3/XTeys1pRBoYXs67evVWdpvY2zZwX1c65TLKSCx9on
qXcf/J28R9iwYchNt0/5URXD+N3xOnPOAw/xkjK/VzeMBIKecVZbx1yAoAuEEqos
AgjTgbrSV9nAUlLVw1RjgwvpNhzOi40IVGLKnnojzI8bysh+IjZPb35EEqwT7sOe
gPj/vNEG0lUN0B4oQSTg6dtFdaMqGzzo6/rbpzvVjwEYiJdyng1ikNS/feo5pLtT
NArlUzWs2PIW4NLaRH4cd1rqpJxQkezI+MwBAo0=
-----END CERTIFICATE-----
Generated at Mon May 12 11:01:10 2025 by rpki-client