Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2METixHp2euy7vIDdADc5vppJHE.roa
File: 2METixHp2euy7vIDdADc5vppJHE.roa (raw, json)
Hash identifier: keT06YD9KnJCRZnefPqdNMFVkY+n9gWBfI/Yat04zRY=
Subject key identifier: D8:C1:13:8B:11:E9:D9:EB:B2:EE:F2:03:74:00:DC:E6:FA:69:24:71
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A60065EE7E63B75A20964206086656D5E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2METixHp2euy7vIDdADc5vppJHE.roa
Signing time: Mon 04 Sep 2023 11:49:04 +0000
ROA not before: Mon 04 Sep 2023 11:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:06:5e:e7:e6:3b:75:a2:09:64:20:60:86:65:6d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 11:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8c1138b11e9d9ebb2eef2037400dce6fa692471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ac:a2:70:e8:cd:c3:3c:1a:eb:2b:65:61:71:
60:97:c1:89:5c:50:58:af:bb:17:39:e1:be:1a:08:
76:b7:ba:ab:cc:0d:9c:b8:d5:c9:51:c8:69:1a:ad:
31:1d:3a:ed:38:68:14:85:3f:15:c9:ad:37:f4:b7:
b8:e5:24:d0:9d:a3:fb:d3:f2:b6:e5:d7:cf:f7:e3:
0e:02:e6:54:7f:25:c3:27:fa:9e:05:e6:5e:e7:5c:
90:a9:85:04:9e:b5:97:5c:80:16:4b:68:33:b0:3a:
3f:37:ef:65:f5:47:38:99:c3:eb:e8:2d:48:8a:f9:
0f:89:3e:ca:04:e3:9c:cf:14:cf:48:96:c8:27:cb:
be:89:a1:3d:cd:ac:d5:33:a6:2a:7c:e3:f1:09:86:
6b:90:38:13:9b:3c:41:fc:14:64:52:1e:11:14:5f:
67:ba:68:9e:cf:d8:e7:1d:ee:70:57:cc:2b:a8:50:
c3:d6:6d:18:0d:e5:58:ad:68:c2:8d:d0:ac:c2:dc:
2f:fb:bf:37:33:ca:2f:5f:57:2c:87:48:f2:db:f6:
e4:32:d4:54:b4:51:46:07:76:78:90:33:1e:66:33:
69:df:f7:85:a5:7c:39:ad:a1:94:fa:82:5e:1f:a7:
7f:b4:a3:83:1e:17:47:ec:dd:61:a4:91:71:e2:46:
02:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C1:13:8B:11:E9:D9:EB:B2:EE:F2:03:74:00:DC:E6:FA:69:24:71
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2METixHp2euy7vIDdADc5vppJHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
194.58.43.0/24
194.87.3.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/24
194.87.116.0/22
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.230.0/24
195.58.56.0/24
195.58.59.0/24
195.58.62.0/24
195.133.80.0/24
212.192.7.0/24
212.192.30.0/24
212.192.210.0/23
Signature Algorithm: sha256WithRSAEncryption
67:b0:9a:31:8c:29:9c:d4:c7:9d:25:e8:9c:7d:3f:71:61:86:
35:8e:e7:6e:6f:1a:7e:02:70:ce:eb:38:02:b9:e3:53:67:f3:
6d:03:d9:62:75:06:ee:f6:45:8b:17:d9:ea:53:b5:9a:04:6a:
a9:c3:4c:25:7b:4a:b6:39:77:91:f5:46:48:ac:84:cd:5c:9b:
0d:a3:25:68:35:52:8a:e7:2c:50:13:b9:46:df:a6:3c:58:fa:
b3:ce:e5:9d:e4:64:47:59:13:da:31:b4:c2:a7:66:c0:91:f0:
46:e8:00:ac:21:37:c0:92:58:6d:ab:fa:f9:bd:c3:29:f4:2b:
95:eb:3e:89:fa:4d:6d:65:f9:69:90:e2:c4:63:11:94:9c:a3:
d3:ab:e4:95:87:4a:ef:a6:34:8a:dd:b6:38:ea:e0:a9:81:bf:
26:df:35:d3:06:c8:a7:cc:89:85:1c:de:15:e1:a1:24:61:17:
2c:ba:9b:54:57:48:22:dc:c0:36:cd:39:7f:1b:10:9e:b9:1a:
a6:e4:6d:ae:52:0d:61:3e:58:3e:c8:48:70:f9:ba:92:dd:c5:
7a:98:80:1d:27:50:5f:90:3b:1d:0c:64:0c:4c:f4:0b:3a:fb:
59:d5:d6:e6:95:b3:f2:71:b5:5e:0d:24:33:9c:d3:a6:f6:17:
cc:cf:75:9d
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYpgBl7n5jt1oglkIGCGZW1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTE0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGMxMTM4YjExZTlkOWViYjJlZWYyMDM3NDAwZGNlNmZhNjkyNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmayicOjNwzwa6ytlYXFgl8GJXFBY
r7sXOeG+Ggh2t7qrzA2cuNXJUchpGq0xHTrtOGgUhT8Vya039Le45STQnaP70/K2
5dfP9+MOAuZUfyXDJ/qeBeZe51yQqYUEnrWXXIAWS2gzsDo/N+9l9Uc4mcPr6C1I
ivkPiT7KBOOczxTPSJbIJ8u+iaE9zazVM6YqfOPxCYZrkDgTmzxB/BRkUh4RFF9n
umiez9jnHe5wV8wrqFDD1m0YDeVYrWjCjdCswtwv+783M8ovX1csh0jy2/bkMtRU
tFFGB3Z4kDMeZjNp3/eFpXw5raGU+oJeH6d/tKODHhdH7N1hpJFx4kYCOwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFNjBE4sR6dnrsu7yA3QA3Ob6aSRxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMk1FVGl4SHAyZXV5N3ZJRGRBRGM1dnBwSkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAD5M4gME
AMI6KwMEAMJXAwMEAMJXIgMEAMJXJAMEAMJXKgMEAsJXdDAMAwQAwlelAwQAwlem
AwQBwlewAwQAwlfmAwQAwzo4AwQAwzo7AwQAwzo+AwQAw4VQAwQA1MAHAwQA1MAe
AwQB1MDSMA0GCSqGSIb3DQEBCwUAA4IBAQBnsJoxjCmc1MedJeicfT9xYYY1judu
bxp+AnDO6zgCueNTZ/NtA9lidQbu9kWLF9nqU7WaBGqpw0wle0q2OXeR9UZIrITN
XJsNoyVoNVKK5yxQE7lG36Y8WPqzzuWd5GRHWRPaMbTCp2bAkfBG6ACsITfAklht
q/r5vcMp9CuV6z6J+k1tZflpkOLEYxGUnKPTq+SVh0rvpjSK3bY46uCpgb8m3zXT
BsinzImFHN4V4aEkYRcsuptUV0gi3MA2zTl/GxCeuRqm5G2uUg1hPlg+yEhw+bqS
3cV6mIAdJ1BfkDsdDGQMTPQLOvtZ1dbmlbPycbVeDSQznNOm9hfMz3Wd
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:20:42 2025 by rpki-client