Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VL_lCxH2qAT4S0LDuRPW3QEz6wE.roa
File: VL_lCxH2qAT4S0LDuRPW3QEz6wE.roa (raw, json)
Hash identifier: Y0opaM64sqJkfy/lBBtzSV1E3zGBlSao/5AGcDahwr8=
Subject key identifier: 54:BF:E5:0B:11:F6:A8:04:F8:4B:42:C3:B9:13:D6:DD:01:33:EB:01
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189C0981266D2377A997CEE6E6B690CCF5B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VL_lCxH2qAT4S0LDuRPW3QEz6wE.roa
Signing time: Fri 04 Aug 2023 12:48:58 +0000
ROA not before: Fri 04 Aug 2023 12:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 193.124.227.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.249.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:98:12:66:d2:37:7a:99:7c:ee:6e:6b:69:0c:cf:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 4 12:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54bfe50b11f6a804f84b42c3b913d6dd0133eb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:eb:46:1c:54:49:7a:8f:7f:c0:ae:8d:5e:b1:
73:06:a0:15:54:20:e0:bd:fe:f1:23:f5:10:9f:3f:
5c:a3:42:b1:8a:0d:a8:71:0f:1f:d6:9a:dc:11:17:
84:91:6c:c5:3a:81:f1:6b:11:8e:69:d2:11:fd:a8:
63:a4:e3:1a:4e:44:b6:f5:50:15:a4:cb:c1:91:2a:
21:1f:56:af:19:88:61:a4:f9:6a:25:bb:08:70:8f:
e0:6c:34:00:9a:f1:55:dd:0c:bd:4b:57:94:60:e4:
d1:88:dd:54:a4:86:84:96:32:d2:2d:33:c8:ab:c2:
09:40:e4:e6:55:c9:25:4c:e6:60:af:04:72:06:69:
18:d2:67:97:f3:87:bf:35:db:a2:16:d6:0d:12:1b:
d7:8b:25:57:8b:fd:ed:35:0d:02:ce:69:d0:04:37:
d9:5c:a1:ba:8a:49:00:e8:f3:cb:2b:2b:15:b4:95:
5f:7d:a2:51:32:21:75:e6:89:67:4f:12:4a:0b:1c:
5d:37:af:53:9c:73:f7:f7:a0:d6:f4:b1:a6:f1:9a:
39:bc:e2:5c:77:cd:04:4e:e1:9d:f5:65:91:ee:0e:
01:6f:6e:64:ee:c6:91:05:4f:90:2c:d9:a2:94:99:
2e:7a:16:77:94:ca:54:29:6a:3b:74:5a:3c:cc:e8:
ea:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BF:E5:0B:11:F6:A8:04:F8:4B:42:C3:B9:13:D6:DD:01:33:EB:01
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VL_lCxH2qAT4S0LDuRPW3QEz6wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
193.124.18.0/24
193.124.49.0/24
193.124.227.0/24
194.87.23.0/24
194.87.53.0/24
194.87.85.0/24
194.87.160.0/24
194.87.230.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0/24
195.133.37.0/24
212.192.10.0/24
212.192.249.0/24
Signature Algorithm: sha256WithRSAEncryption
77:30:ba:68:59:35:a2:17:0d:1b:2c:53:cf:3d:2d:11:6e:e3:
9a:d4:d0:c6:f5:a7:ce:aa:8b:67:70:b7:d3:52:cd:b0:6c:c0:
06:14:05:8a:6d:39:b1:14:cd:7f:cc:6e:cf:f6:de:7f:52:d9:
ea:72:fc:75:31:0b:20:56:7a:33:e8:61:15:27:34:2d:23:b4:
53:18:89:ca:88:42:17:e2:a6:d0:2f:ce:75:70:dc:c6:0a:a7:
85:6a:87:d4:57:70:4e:ce:34:6f:78:b9:f4:6c:ad:7b:f3:13:
39:2a:93:85:75:da:bf:03:f9:0a:2d:00:6f:b7:84:aa:f1:a3:
c4:f8:9a:19:50:d3:e2:61:ff:eb:91:9d:87:58:97:a0:95:7f:
3b:25:97:92:45:a9:0f:62:60:57:5c:63:59:df:f7:0b:72:3e:
b6:9f:a9:7b:fd:75:b3:de:a2:9a:50:95:6f:e8:29:f0:19:d6:
cd:11:fe:3a:c4:7a:a3:4b:95:1d:56:ac:99:1f:21:29:b1:f2:
95:79:ef:43:3a:3e:73:e9:ca:a0:8c:cb:b0:26:b7:5b:76:d5:
6d:4e:2c:f8:d9:7e:b2:c4:da:36:a5:f9:42:b3:fc:f1:fa:38:
9d:08:9b:dd:37:a3:b9:61:f0:e9:36:b6:71:61:ed:24:4d:4d:
da:5f:99:87
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYnAmBJm0jd6mXzubmtpDM9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA0MTI0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJmZTUwYjExZjZhODA0Zjg0YjQyYzNiOTEzZDZkZDAxMzNlYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjetGHFRJeo9/wK6NXrFzBqAVVCDg
vf7xI/UQnz9co0Kxig2ocQ8f1prcEReEkWzFOoHxaxGOadIR/ahjpOMaTkS29VAV
pMvBkSohH1avGYhhpPlqJbsIcI/gbDQAmvFV3Qy9S1eUYOTRiN1UpIaEljLSLTPI
q8IJQOTmVcklTOZgrwRyBmkY0meX84e/NduiFtYNEhvXiyVXi/3tNQ0CzmnQBDfZ
XKG6ikkA6PPLKysVtJVffaJRMiF15olnTxJKCxxdN69TnHP396DW9LGm8Zo5vOJc
d80ETuGd9WWR7g4Bb25k7saRBU+QLNmilJkuehZ3lMpUKWo7dFo8zOjq+wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFFS/5QsR9qgE+EtCw7kT1t0BM+sBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVkxfbEN4SDJxQVQ0UzBMRHVSUFczUUV6NndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwldVAwQAwlegAwQAwlfmAwQA
wlfwAwQAwlfzAwQAwocXAwQAw4UlAwQA1MAKAwQA1MD5MA0GCSqGSIb3DQEBCwUA
A4IBAQB3MLpoWTWiFw0bLFPPPS0RbuOa1NDG9afOqotncLfTUs2wbMAGFAWKbTmx
FM1/zG7P9t5/Utnqcvx1MQsgVnoz6GEVJzQtI7RTGInKiEIX4qbQL851cNzGCqeF
aofUV3BOzjRveLn0bK178xM5KpOFddq/A/kKLQBvt4Sq8aPE+JoZUNPiYf/rkZ2H
WJeglX87JZeSRakPYmBXXGNZ3/cLcj62n6l7/XWz3qKaUJVv6CnwGdbNEf46xHqj
S5UdVqyZHyEpsfKVee9DOj5z6cqgjMuwJrdbdtVtTiz42X6yxNo2pflCs/zx+jid
CJvdN6O5YfDpNrZxYe0kTU3aX5mH
-----END CERTIFICATE-----
Generated at Tue Jun 17 00:25:21 2025 by rpki-client