Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/4QrzkdvxRFKWIyppRPLDBt87BK8.roa
File: 4QrzkdvxRFKWIyppRPLDBt87BK8.roa (raw, json)
Hash identifier: de5/UtL+s0HtmYCf3rHLiTA4SCzk+5Hlp2cgx/FCqsM=
Subject key identifier: E1:0A:F3:91:DB:F1:44:52:96:23:2A:69:44:F2:C3:06:DF:3B:04:AF
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018963512F7767BD90FCF144003D02496355
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/4QrzkdvxRFKWIyppRPLDBt87BK8.roa
Signing time: Mon 17 Jul 2023 10:06:52 +0000
ROA not before: Mon 17 Jul 2023 10:06:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202505
IP address blocks: 185.81.152.0/24 maxlen: 24
213.226.118.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a05:88c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:51:2f:77:67:bd:90:fc:f1:44:00:3d:02:49:63:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jul 17 10:06:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e10af391dbf1445296232a6944f2c306df3b04af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:66:b6:a6:db:d9:b6:8b:e8:ad:38:1d:a7:61:
2d:b6:79:8d:e9:d4:d5:00:e6:7e:f9:c7:3f:3f:6a:
b6:1c:70:64:29:2c:ba:c4:4e:2f:e5:df:8f:c9:b3:
41:3e:f7:78:54:68:69:c0:c9:0f:64:cc:ff:8e:1b:
e5:1f:90:f5:fd:00:36:61:46:0d:26:59:d3:19:3a:
2b:a9:c3:29:bf:8e:db:8c:57:4c:9c:7f:f7:f3:c7:
d7:00:0f:53:73:48:ca:e5:ac:a5:53:7b:0c:02:fc:
c6:ae:f9:23:4c:f8:4a:20:dc:70:12:f1:81:95:7a:
00:53:84:c1:71:13:a1:fa:22:94:59:d2:3d:32:99:
69:76:d8:c6:13:3f:82:0b:41:50:31:d6:ef:4a:e5:
9e:7c:28:d4:83:79:3d:a3:fb:b0:86:d1:5b:1e:3c:
aa:ac:bc:1f:c1:59:f4:0c:44:bd:ee:f8:ab:09:af:
df:ac:72:13:ac:57:5b:42:5b:30:95:31:a8:b8:fb:
15:f2:38:fe:f7:5c:40:6b:cd:b9:00:e6:27:2c:c9:
c5:83:02:02:7c:19:b3:fb:26:46:4e:e9:fe:b3:79:
d2:89:0b:16:9f:50:bc:6b:7c:e7:5c:28:42:85:c1:
19:de:6c:1c:95:61:48:d2:ec:03:87:6a:ad:72:db:
6b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0A:F3:91:DB:F1:44:52:96:23:2A:69:44:F2:C3:06:DF:3B:04:AF
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/4QrzkdvxRFKWIyppRPLDBt87BK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.43.0/24
185.81.152.0/24
213.226.118.0/24
IPv6:
2a05:88c0::/29
2a06:f7c0::/29
2a10:3300::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
b2:66:8e:84:48:38:f0:51:92:ee:79:28:90:e7:b1:ef:54:d0:
f0:ea:d8:2f:ab:08:4e:28:00:9f:0a:2e:81:20:86:6b:ee:03:
f0:0c:d7:f0:b4:22:c9:e1:3a:10:5d:aa:70:f2:84:81:d3:e2:
d3:b5:2d:64:86:4c:a2:6c:55:91:02:eb:e9:e9:90:a6:b9:68:
ed:08:9d:4a:15:b0:ad:1f:12:01:9e:55:5b:cf:e5:70:42:d8:
87:cf:f5:11:b0:57:b1:50:54:ad:06:7e:05:50:07:ab:27:69:
44:3f:d6:43:2c:e0:27:dc:c1:53:fa:ef:ca:1f:27:2f:df:81:
68:b0:8f:2f:e4:e6:1d:f5:17:3e:0d:a6:fb:9e:43:34:03:5b:
d3:3d:49:7a:c5:6d:37:ab:fc:e6:75:c6:d3:92:69:83:6c:9c:
d8:c4:6d:2d:59:cd:db:d0:d8:6e:ca:fe:b3:d5:fc:99:89:dd:
ee:60:58:d0:53:44:95:af:9f:cd:2d:a9:8a:a2:b2:07:e5:80:
85:50:e9:4b:51:9e:2f:7b:5e:63:b8:0a:22:f9:ce:f4:09:23:
2b:d3:bf:cc:40:13:fe:1a:07:4f:79:55:a3:75:f8:1f:09:00:
c3:9d:0f:cd:a1:a6:d5:9b:b4:0e:99:ab:09:2a:e1:cc:71:12:
5e:33:0f:a1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYljUS93Z72Q/PFEAD0CSWNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwNzE3MTAwNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTBhZjM5MWRiZjE0NDUyOTYyMzJhNjk0NGYyYzMwNmRmM2IwNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkma2ptvZtovorTgdp2EttnmN6dTV
AOZ++cc/P2q2HHBkKSy6xE4v5d+PybNBPvd4VGhpwMkPZMz/jhvlH5D1/QA2YUYN
JlnTGTorqcMpv47bjFdMnH/388fXAA9Tc0jK5aylU3sMAvzGrvkjTPhKINxwEvGB
lXoAU4TBcROh+iKUWdI9MplpdtjGEz+CC0FQMdbvSuWefCjUg3k9o/uwhtFbHjyq
rLwfwVn0DES97virCa/frHITrFdbQlswlTGouPsV8jj+91xAa825AOYnLMnFgwIC
fBmz+yZGTun+s3nSiQsWn1C8a3znXChChcEZ3mwclWFI0uwDh2qtcttrRQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOEK85Hb8URSliMqaUTywwbfOwSvMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvNFFyemtkdnhSRktXSXlwcFJQTERCdDg3Qks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAYBAIAATASAwQAsGIrAwQA
uVGYAwQA1eJ2MDAEAgACMCoDBQMqBYjAAwUDKgb3wAMFAyoQMwADBQMqEH9AAwUD
KhB/wAMFAyoR0QAwDQYJKoZIhvcNAQELBQADggEBALJmjoRIOPBRku55KJDnse9U
0PDq2C+rCE4oAJ8KLoEghmvuA/AM1/C0IsnhOhBdqnDyhIHT4tO1LWSGTKJsVZEC
6+npkKa5aO0InUoVsK0fEgGeVVvP5XBC2IfP9RGwV7FQVK0GfgVQB6snaUQ/1kMs
4CfcwVP678ofJy/fgWiwjy/k5h31Fz4NpvueQzQDW9M9SXrFbTer/OZ1xtOSaYNs
nNjEbS1ZzdvQ2G7K/rPV/JmJ3e5gWNBTRJWvn80tqYqisgflgIVQ6UtRni97XmO4
CiL5zvQJIyvTv8xAE/4aB095VaN1+B8JAMOdD82hptWbtA6Zqwkq4cxxEl4zD6E=
-----END CERTIFICATE-----
Generated at Mon May 5 14:16:11 2025 by rpki-client