Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/udpWWhySf-gt4CQE0woilpo70rM.roa
File: udpWWhySf-gt4CQE0woilpo70rM.roa (raw, json)
Hash identifier: t6SKZqGWg9oqm5OKSvm0p9NobDo6TSsYggQOekjajdc=
Subject key identifier: B9:DA:56:5A:1C:92:7F:E8:2D:E0:24:04:D3:0A:22:96:9A:3B:D2:B3
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019416DEABAA2B1F18C311792A4F2EBDB861
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/udpWWhySf-gt4CQE0woilpo70rM.roa
Signing time: Mon 30 Dec 2024 09:21:19 +0000
ROA not before: Mon 30 Dec 2024 09:21:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.216.0/24 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:16:de:ab:aa:2b:1f:18:c3:11:79:2a:4f:2e:bd:b8:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Dec 30 09:21:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9da565a1c927fe82de02404d30a22969a3bd2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8e:82:17:c7:4a:b7:e9:e4:cc:33:9f:66:f9:
ae:1f:4f:8f:76:25:22:50:34:9c:02:f2:4c:58:68:
4a:74:b3:e7:04:5f:67:fb:c1:50:3d:49:6a:57:65:
56:ab:6c:e2:a2:4a:0a:61:ec:7a:71:cb:ac:76:08:
77:93:b3:4e:7e:8f:3e:71:bd:65:b4:1b:dd:44:6c:
f0:c5:89:4f:4e:b1:81:08:fd:3b:45:97:00:d2:a7:
cf:53:94:06:35:44:1a:02:d1:aa:cf:9a:f4:6b:53:
62:37:75:15:77:32:19:29:a1:86:f0:ee:28:b8:25:
5c:c8:41:03:24:1b:bd:cf:51:34:73:48:41:01:87:
9f:b1:cc:4b:50:bd:62:68:ce:80:8c:d1:2b:e2:9c:
2a:6b:3f:01:42:56:f6:8f:11:11:6d:ed:22:c6:12:
4f:8f:58:cd:2f:83:e8:da:9a:17:9f:cf:d6:ec:2e:
88:6d:b7:a5:31:9a:da:5c:25:99:56:41:ae:7d:7c:
08:6f:18:e2:30:13:d5:12:99:c6:dd:c1:b7:71:03:
c7:ca:c1:93:cd:03:51:88:d1:2d:f9:e0:44:29:eb:
ca:12:16:cc:1b:22:3e:9d:01:3c:45:d6:f5:a3:66:
16:8b:84:d2:53:cf:6f:42:2c:e7:e5:ae:2e:68:5f:
ba:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DA:56:5A:1C:92:7F:E8:2D:E0:24:04:D3:0A:22:96:9A:3B:D2:B3
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/udpWWhySf-gt4CQE0woilpo70rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/24
83.147.232.0/22
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
85:0d:85:9e:45:ae:2d:e0:4a:c9:77:e1:1b:73:cc:81:da:e7:
c5:8a:17:fa:b7:e9:0e:57:ff:64:c2:14:97:cd:df:ab:67:31:
0b:ac:01:fe:fd:14:8a:ae:13:a6:c3:64:f8:2f:89:1f:46:86:
f1:be:c1:d6:3a:be:38:46:a4:8c:6b:3b:a4:b6:c7:b7:4c:e4:
8f:84:6f:39:91:fa:7a:51:f3:88:c1:37:11:0e:67:c6:9a:61:
92:bb:4a:0e:08:02:a5:a7:64:71:fa:36:14:18:2c:f5:41:2b:
a8:bf:bc:ca:0e:9d:5a:c0:c4:ef:04:a5:76:46:07:3f:59:ce:
d5:6b:e5:6c:c2:fb:b5:c5:75:d3:5e:ad:84:a4:00:4d:dd:f6:
ed:d0:ec:6f:04:90:c1:19:25:82:60:15:25:69:17:9d:82:61:
e0:8d:8e:54:5e:5a:ca:f6:b5:65:2e:76:a4:06:26:40:1a:a3:
ce:fc:33:b3:dc:19:d6:09:96:6a:6e:4a:42:19:0a:1b:65:0e:
b4:8d:ac:ca:b9:03:60:a4:1f:6d:3d:87:c3:b8:df:bb:ae:cf:
81:25:f2:a3:ae:59:95:36:1a:9b:28:b8:62:de:31:76:d5:d2:
12:03:eb:3c:c3:42:40:b6:71:12:17:a0:b5:69:02:e4:ee:5d:
44:f4:7e:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQW3quqKx8YwxF5Kk8uvbhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMjMwMDkyMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWRhNTY1YTFjOTI3ZmU4MmRlMDI0MDRkMzBhMjI5NjlhM2JkMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI6CF8dKt+nkzDOfZvmuH0+PdiUi
UDScAvJMWGhKdLPnBF9n+8FQPUlqV2VWq2ziokoKYex6ccusdgh3k7NOfo8+cb1l
tBvdRGzwxYlPTrGBCP07RZcA0qfPU5QGNUQaAtGqz5r0a1NiN3UVdzIZKaGG8O4o
uCVcyEEDJBu9z1E0c0hBAYefscxLUL1iaM6AjNEr4pwqaz8BQlb2jxERbe0ixhJP
j1jNL4Po2poXn8/W7C6IbbelMZraXCWZVkGufXwIbxjiMBPVEpnG3cG3cQPHysGT
zQNRiNEt+eBEKevKEhbMGyI+nQE8Rdb1o2YWi4TSU89vQizn5a4uaF+6WQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLnaVlockn/oLeAkBNMKIpaaO9KzMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdWRwV1doeVNmLWd0NENRRTB3b2lscG83MHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU5PYAwQC
U5PoAwQCU5P0AwQDW7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQCFDYWeRa4t
4ErJd+Ebc8yB2ufFihf6t+kOV/9kwhSXzd+rZzELrAH+/RSKrhOmw2T4L4kfRobx
vsHWOr44RqSMazuktse3TOSPhG85kfp6UfOIwTcRDmfGmmGSu0oOCAKlp2Rx+jYU
GCz1QSuov7zKDp1awMTvBKV2Rgc/Wc7Va+Vswvu1xXXTXq2EpABN3fbt0OxvBJDB
GSWCYBUlaRedgmHgjY5UXlrK9rVlLnakBiZAGqPO/DOz3BnWCZZqbkpCGQobZQ60
jazKuQNgpB9tPYfDuN+7rs+BJfKjrlmVNhqbKLhi3jF21dISA+s8w0JAtnESF6C1
aQLk7l1E9H4P
-----END CERTIFICATE-----
Generated at Mon May 12 12:52:17 2025 by rpki-client