Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xtIa_UIDXKzhXRanEwtOUNJWRfQ.roa
File: xtIa_UIDXKzhXRanEwtOUNJWRfQ.roa (raw, json)
Hash identifier: GlsVBKrtor6gEGOKVhUD8fCFSh4HgpcZ64M0HqNGoIk=
Subject key identifier: C6:D2:1A:FD:42:03:5C:AC:E1:5D:16:A7:13:0B:4E:50:D2:56:45:F4
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 3937849D
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xtIa_UIDXKzhXRanEwtOUNJWRfQ.roa
Signing time: Mon 20 Jun 2022 12:00:44 +0000
ROA not before: Mon 20 Jun 2022 12:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205647
IP address blocks: 151.247.216.0/21 maxlen: 21
94.182.41.0/24 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.224.0/22 maxlen: 22
151.240.80.0/21 maxlen: 21
94.182.72.0/21 maxlen: 21
31.56.116.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.205.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.228.0/22 maxlen: 22
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 959939741 (0x3937849d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 20 12:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6d21afd42035cace15d16a7130b4e50d25645f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:65:a0:ac:04:a8:58:24:f6:55:35:01:46:fc:
c1:e6:94:83:5a:3a:69:ea:ef:11:2b:a1:78:78:57:
6e:80:80:2c:cb:c1:98:0a:d8:0b:68:e6:a9:4d:73:
bd:21:14:b5:09:bd:00:7d:14:da:38:94:c4:10:e3:
1a:d3:94:e3:1f:99:32:a6:67:14:a3:8e:9f:a5:90:
9e:53:47:df:3c:09:94:0f:9c:95:d2:18:1f:1f:90:
11:fe:97:bc:b3:e5:6a:b8:d9:58:90:01:14:83:e4:
6d:47:d8:0f:83:c9:4a:8d:e9:7c:1c:fc:fd:9c:6c:
c3:b6:cc:b1:95:c9:c2:c1:b0:a8:b3:54:12:cf:93:
d7:49:d7:27:19:d1:04:5f:ab:7f:a1:b1:89:ca:e2:
46:de:7a:58:d0:df:6e:77:48:68:14:49:ac:87:26:
88:a8:88:6e:1e:7f:e0:a8:3b:be:cc:f4:8f:95:c9:
b7:4d:c2:35:70:15:cd:ee:5b:80:e2:5d:50:78:83:
7a:00:3b:20:03:23:c7:08:49:52:f4:ab:5c:8c:40:
cc:22:f0:20:46:9f:b3:cd:65:a8:74:cc:86:a4:cc:
ab:63:03:2b:14:16:22:bf:85:78:52:55:4b:de:40:
fb:ec:1d:d8:fc:55:47:fd:26:68:4d:28:9c:aa:e1:
f6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D2:1A:FD:42:03:5C:AC:E1:5D:16:A7:13:0B:4E:50:D2:56:45:F4
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xtIa_UIDXKzhXRanEwtOUNJWRfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
85.15.48.0/23
94.182.8.0/23
94.182.12.0/23
94.182.41.0/24
94.182.72.0/21
94.182.116.0-94.182.127.255
94.182.204.0/22
94.182.217.0/24
94.182.226.0/24
94.182.228.0/22
151.240.80.0/21
151.247.214.0-151.247.227.255
Signature Algorithm: sha256WithRSAEncryption
bd:55:f1:34:af:bc:b0:9e:1a:5a:3b:2e:a6:b4:60:b9:ec:fa:
e8:a5:45:e1:cf:e1:3c:72:9c:52:bf:9f:50:21:c5:f8:72:78:
c8:5b:ac:24:55:92:5a:5f:46:1b:66:05:90:23:fa:48:e6:13:
1f:c1:27:bd:ee:5b:cb:cc:c4:63:ea:75:1e:3e:6b:28:ea:e1:
0d:5a:d9:34:c8:01:b6:9f:e9:a2:11:8f:c3:d7:d3:58:c5:f2:
8c:dc:94:4c:c5:68:89:4c:50:33:a4:4f:47:4f:1a:fd:aa:f4:
f0:dc:23:ad:da:46:00:60:2a:42:bd:65:3f:f8:f3:77:7a:f5:
61:67:4c:29:7e:45:36:bd:1e:22:c3:cc:f8:bc:94:11:26:2e:
dc:d6:91:a2:15:3b:10:fd:83:0b:2d:22:9e:82:23:67:d5:c9:
9c:dc:01:04:14:7b:a7:f0:11:99:9a:87:b4:05:25:6d:5d:2d:
5b:13:75:8f:ae:7f:4e:4d:b5:9e:8a:1f:38:34:ec:66:cc:41:
28:bb:6a:f0:81:0b:70:9d:43:84:1e:fe:b7:43:1d:03:00:04:
7a:af:69:57:7f:e0:64:c6:65:62:76:40:c7:d0:25:08:a4:01:
90:78:56:d8:c3:6a:e0:66:19:c4:9a:08:43:38:28:40:e3:0d:
26:fd:53:a1
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIEOTeEnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDYy
MDEyMDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZkMjFhZmQ0MjAz
NWNhY2UxNWQxNmE3MTMwYjRlNTBkMjU2NDVmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9loKwEqFgk9lU1AUb8weaUg1o6aervESuheHhXboCALMvB
mArYC2jmqU1zvSEUtQm9AH0U2jiUxBDjGtOU4x+ZMqZnFKOOn6WQnlNH3zwJlA+c
ldIYHx+QEf6XvLPlarjZWJABFIPkbUfYD4PJSo3pfBz8/Zxsw7bMsZXJwsGwqLNU
Es+T10nXJxnRBF+rf6GxicriRt56WNDfbndIaBRJrIcmiKiIbh5/4Kg7vsz0j5XJ
t03CNXAVze5bgOJdUHiDegA7IAMjxwhJUvSrXIxAzCLwIEafs81lqHTMhqTMq2MD
KxQWIr+FeFJVS95A++wd2PxVR/0maE0onKrh9n8CAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBTG0hr9QgNcrOFdFqcTC05Q0lZF9DAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
L3h0SWFfVUlEWEt6aFhSYW5Fd3RPVU5KV1JmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMHEEAgABMGswCwMDAx84AwQEHzhgAwQAHzh0AwQB
VQ8wAwQBXrYIAwQBXrYMAwQAXrYpAwQDXrZIMAwDBAJetnQDBAdetgADBAJetswD
BABettkDBABetuIDBAJetuQDBAOX8FAwDAMEAZf31gMEApf34DANBgkqhkiG9w0B
AQsFAAOCAQEAvVXxNK+8sJ4aWjsuprRguez66KVF4c/hPHKcUr+fUCHF+HJ4yFus
JFWSWl9GG2YFkCP6SOYTH8Enve5by8zEY+p1Hj5rKOrhDVrZNMgBtp/pohGPw9fT
WMXyjNyUTMVoiUxQM6RPR08a/ar08NwjrdpGAGAqQr1lP/jzd3r1YWdMKX5FNr0e
IsPM+LyUESYu3NaRohU7EP2DCy0inoIjZ9XJnNwBBBR7p/ARmZqHtAUlbV0tWxN1
j65/Tk21noofODTsZsxBKLtq8IELcJ1DhB7+t0MdAwAEeq9pV3/gZMZlYnZAx9Al
CKQBkHhW2MNq4GYZxJoIQzgoQOMNJv1ToQ==
-----END CERTIFICATE-----
Generated at Sat May 10 23:02:37 2025 by rpki-client