Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sdYzRAfEjrnHOlfvqAPJ8N4Ki0g.roa
File: sdYzRAfEjrnHOlfvqAPJ8N4Ki0g.roa (raw, json)
Hash identifier: j2hBu8xpbwyLZKN4AA4sy9wmif32Yjmc0JIjjmyU8Fs=
Subject key identifier: B1:D6:33:44:07:C4:8E:B9:C7:3A:57:EF:A8:03:C9:F0:DE:0A:8B:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6F46EF7EE6AFA4F910667F42AF5F6058
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sdYzRAfEjrnHOlfvqAPJ8N4Ki0g.roa
Signing time: Thu 07 Sep 2023 10:53:54 +0000
ROA not before: Thu 07 Sep 2023 10:53:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 195.58.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:46:ef:7e:e6:af:a4:f9:10:66:7f:42:af:5f:60:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 7 10:53:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1d6334407c48eb9c73a57efa803c9f0de0a8b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7e:6a:f8:b2:26:c8:57:4e:7a:d7:5b:98:8f:
38:be:24:f5:8e:24:4b:eb:83:52:3e:e0:8c:33:d3:
3f:e4:31:af:6f:07:a8:59:2e:f5:56:81:9e:79:e6:
c6:5b:9d:9f:8e:06:54:bc:fd:f2:79:0e:7d:6e:fa:
f8:3d:84:58:87:a3:45:b9:d2:87:db:03:a9:c1:50:
ee:d3:e5:94:a2:00:27:f5:65:60:b2:16:62:c5:42:
7f:77:08:d8:0a:b9:f2:b5:25:a9:92:55:58:24:20:
d5:34:7c:9a:0b:92:23:81:db:7e:a5:73:51:7e:99:
a9:98:6e:b9:ec:d7:ef:f5:21:e5:b4:ec:1e:8c:e5:
53:01:cd:cb:b6:42:e1:3d:e1:1e:6c:4f:f2:40:d5:
d2:da:a7:8a:3e:23:15:0d:b4:7b:c4:1e:e6:4e:45:
31:a6:b7:e9:d5:7c:33:10:81:07:d1:8d:fa:b0:1a:
74:b9:20:0e:f1:a8:d6:e9:40:f8:86:e1:0c:b7:93:
a1:b9:61:fe:0c:c2:d8:51:1d:6c:be:a1:30:fa:e2:
22:44:dd:e0:86:2a:b1:7f:75:59:3b:1e:32:b3:94:
a5:f7:7a:11:2a:1a:6e:c1:8a:6e:7b:76:52:01:8a:
0d:dc:a1:c1:a5:0e:5b:bb:5f:3a:30:72:b2:8c:54:
b7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D6:33:44:07:C4:8E:B9:C7:3A:57:EF:A8:03:C9:F0:DE:0A:8B:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sdYzRAfEjrnHOlfvqAPJ8N4Ki0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.44.0/24
194.87.51.0/24
194.87.54.0/23
195.58.35.0/24
195.58.38.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:5f:cc:5f:42:c5:55:15:fa:33:f4:d7:23:6c:00:9d:ea:a0:
6a:8c:c2:47:ab:b3:7b:23:6e:23:14:4e:63:6c:eb:c3:5e:43:
2a:d6:79:79:4d:7a:78:f9:84:03:4d:65:ee:be:ad:40:ec:84:
a9:d4:83:20:45:27:65:14:55:8c:f8:a0:02:31:5e:21:5b:38:
59:75:09:45:3b:e2:56:ab:5d:0b:8c:52:b9:c1:b0:52:fd:2d:
2d:91:11:21:07:6c:7e:82:22:26:72:39:eb:b4:43:a4:77:61:
e2:16:5d:53:4a:b7:7c:2f:37:ed:05:9e:37:80:33:5c:c4:e7:
ea:f6:00:df:45:a1:d6:c8:33:5e:4a:6d:12:17:3a:8c:c5:a7:
32:1b:1f:ce:43:28:47:30:f1:43:0f:a7:fb:fd:e1:57:d2:ab:
7f:1d:72:98:f3:fb:d9:67:73:e8:41:0a:2a:67:bc:a7:18:25:
eb:1a:07:aa:8a:86:c4:49:4e:80:73:02:34:27:d9:06:cb:10:
91:e2:38:89:60:9d:cd:8d:52:ba:27:31:1a:a1:1b:c9:3a:e3:
c3:d6:12:e0:38:f0:86:60:81:68:ef:e2:22:39:3b:f3:49:29:
81:e7:bd:2a:d9:ab:48:85:70:2f:b4:12:bd:09:47:e4:db:cb:
67:4a:a7:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpvRu9+5q+k+RBmf0KvX2BYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA3MTA1MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ2MzM0NDA3YzQ4ZWI5YzczYTU3ZWZhODAzYzlmMGRlMGE4YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH5q+LImyFdOetdbmI84viT1jiRL
64NSPuCMM9M/5DGvbweoWS71VoGeeebGW52fjgZUvP3yeQ59bvr4PYRYh6NFudKH
2wOpwVDu0+WUogAn9WVgshZixUJ/dwjYCrnytSWpklVYJCDVNHyaC5Ijgdt+pXNR
fpmpmG657Nfv9SHltOwejOVTAc3LtkLhPeEebE/yQNXS2qeKPiMVDbR7xB7mTkUx
prfp1XwzEIEH0Y36sBp0uSAO8ajW6UD4huEMt5OhuWH+DMLYUR1svqEw+uIiRN3g
hiqxf3VZOx4ys5Sl93oRKhpuwYpue3ZSAYoN3KHBpQ5bu186MHKyjFS3SQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLHWM0QHxI65xzpX76gDyfDeCotIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc2RZelJBZkVqcm5IT2xmdnFBUEo4TjRLaTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwjosAwQA
wlczAwQBwlc2AwQAwzojAwQAwzomMA0GCSqGSIb3DQEBCwUAA4IBAQA+X8xfQsVV
Ffoz9NcjbACd6qBqjMJHq7N7I24jFE5jbOvDXkMq1nl5TXp4+YQDTWXuvq1A7ISp
1IMgRSdlFFWM+KACMV4hWzhZdQlFO+JWq10LjFK5wbBS/S0tkREhB2x+giImcjnr
tEOkd2HiFl1TSrd8LzftBZ43gDNcxOfq9gDfRaHWyDNeSm0SFzqMxacyGx/OQyhH
MPFDD6f7/eFX0qt/HXKY8/vZZ3PoQQoqZ7ynGCXrGgeqiobESU6AcwI0J9kGyxCR
4jiJYJ3NjVK6JzEaoRvJOuPD1hLgOPCGYIFo7+IiOTvzSSmB570q2atIhXAvtBK9
CUfk28tnSqes
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:31:55 2025 by rpki-client