Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uVs8YYBKj3EcXRnxRSu1PpcBYis.roa
File: uVs8YYBKj3EcXRnxRSu1PpcBYis.roa (raw, json)
Hash identifier: Cs9/amriv5PSbfgajVbBdL0evtNvaKUXD17CmtHPFVY=
Subject key identifier: B9:5B:3C:61:80:4A:8F:71:1C:5D:19:F1:45:2B:B5:3E:97:01:62:2B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D77B4D8147BA550041E1D9CA38F8908DD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uVs8YYBKj3EcXRnxRSu1PpcBYis.roa
Signing time: Mon 05 Feb 2024 05:19:16 +0000
ROA not before: Mon 05 Feb 2024 05:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 62.76.227.0/24 maxlen: 24
62.76.233.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.4.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:b4:d8:14:7b:a5:50:04:1e:1d:9c:a3:8f:89:08:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 05:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b95b3c61804a8f711c5d19f1452bb53e9701622b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b7:61:88:6d:61:32:f2:21:b1:46:b4:5f:f6:
c8:3b:d9:3c:49:fb:77:5e:e3:67:b3:ef:fc:8f:64:
2f:84:2f:33:7f:62:db:0b:cb:87:41:41:0a:89:16:
a3:8b:99:83:b3:a4:dc:1f:0c:15:65:59:11:1c:eb:
21:e8:a9:03:a4:e9:a6:dc:fa:ed:48:03:f9:c0:49:
b7:25:f1:ac:64:f0:46:16:47:f6:b6:31:2e:59:1d:
09:59:62:ef:a0:61:44:e8:76:18:fb:9c:aa:e4:9a:
14:03:20:4d:55:56:62:c0:19:93:6f:a7:db:71:79:
7f:4d:68:79:19:3f:59:c4:fd:9e:30:91:34:02:3e:
29:fd:76:73:6a:d1:44:a4:8e:24:b4:ac:a4:db:e2:
52:bf:60:59:d3:10:1c:b3:b9:3d:2b:3d:f6:bb:44:
7d:2a:81:eb:fe:62:b1:60:67:78:84:25:21:e3:b9:
0c:27:40:d1:43:8b:77:df:e9:a2:43:7a:8d:42:1c:
eb:25:24:33:ea:33:4f:39:ac:72:89:a5:ad:b7:ab:
80:ef:c9:df:41:3a:a6:f5:be:57:e8:a8:c6:fe:ae:
36:92:f7:ad:9f:15:d9:f2:ee:21:03:76:91:a9:11:
cb:78:05:fc:a4:0d:ae:ba:fb:fa:f8:5b:ac:b7:ed:
25:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5B:3C:61:80:4A:8F:71:1C:5D:19:F1:45:2B:B5:3E:97:01:62:2B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uVs8YYBKj3EcXRnxRSu1PpcBYis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
62.76.233.0/24
185.72.10.0/24
192.124.188.0/24
192.124.209.0/24
193.124.4.0/24
194.58.41.0/24
194.58.44.0/24
194.58.223.0/24
194.87.33.0/24
194.87.44.0/24
194.87.76.0/24
194.87.83.0/24
194.87.90.0/24
194.87.104.0/24
194.87.115.0/24
194.87.128.0/24
194.87.130.0/24
194.87.138.0/24
194.87.161.0/24
194.87.178.0/24
194.87.187.0/24
194.87.200.0/24
194.87.208.0/24
194.87.226.0/24
194.87.229.0/24
194.87.231.0/24
194.87.233.0/24
194.87.250.0/24
195.58.38.0/24
195.133.27.0/24
195.133.31.0/24
195.133.35.0/24
195.133.73.0/24
212.192.8.0/24
212.192.248.0/24
212.193.1.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:ef:46:da:8b:a4:9b:11:0f:89:b1:b5:3f:28:14:6f:da:70:
76:82:62:84:32:fd:47:8e:9b:9d:00:53:f0:be:5f:71:dd:28:
29:42:de:21:82:a2:f8:5a:7b:d9:67:f7:ca:d3:00:f0:89:9a:
d9:24:d7:34:5f:a0:57:69:8a:f1:ef:a3:65:f1:f2:ad:f8:0a:
00:bc:4a:27:d8:c9:d8:3f:06:f5:af:3c:41:31:d6:93:27:3f:
41:5e:8d:55:50:b0:05:86:74:8f:54:2c:2f:73:d9:e5:69:4a:
e6:24:3c:f4:dc:6f:ee:b5:fa:4c:fe:13:65:c8:a9:34:11:d9:
65:b7:5a:ad:ba:e2:e5:d2:71:c1:65:6a:65:b7:73:80:63:b7:
9e:30:96:07:8d:c6:8a:5a:50:4b:52:d7:1e:f4:29:c3:58:f7:
54:e9:33:d4:3e:35:20:b1:7d:da:66:01:c7:5a:fb:ab:81:64:
c6:21:14:af:f7:f4:ff:30:6a:23:eb:54:62:b0:81:1d:b5:20:
51:3b:7d:d0:57:89:c6:53:52:d9:ad:a3:df:cf:bf:18:e7:67:
6e:84:d1:5f:e1:d5:6d:a2:db:41:5f:25:b0:ba:bc:4e:e5:a6:
3c:84:5e:69:54:13:ec:c9:41:72:0a:06:bb:c5:86:e3:fb:68:
81:b2:ca:c4
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAY13tNgUe6VQBB4dnKOPiQjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA1MDUxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTViM2M2MTgwNGE4ZjcxMWM1ZDE5ZjE0NTJiYjUzZTk3MDE2MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLdhiG1hMvIhsUa0X/bIO9k8Sft3
XuNns+/8j2QvhC8zf2LbC8uHQUEKiRaji5mDs6TcHwwVZVkRHOsh6KkDpOmm3Prt
SAP5wEm3JfGsZPBGFkf2tjEuWR0JWWLvoGFE6HYY+5yq5JoUAyBNVVZiwBmTb6fb
cXl/TWh5GT9ZxP2eMJE0Aj4p/XZzatFEpI4ktKyk2+JSv2BZ0xAcs7k9Kz32u0R9
KoHr/mKxYGd4hCUh47kMJ0DRQ4t33+miQ3qNQhzrJSQz6jNPOaxyiaWtt6uA78nf
QTqm9b5X6KjG/q42kvetnxXZ8u4hA3aRqRHLeAX8pA2uuvv6+Fust+0lAwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFLlbPGGASo9xHF0Z8UUrtT6XAWIrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdVZzOFlZQktqM0VjWFJueFJTdTFQcGNCWWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
PkzjAwQAPkzpAwQAuUgKAwQAwHy8AwQAwHzRAwQAwXwEAwQAwjopAwQAwjosAwQA
wjrfAwQAwlchAwQAwlcsAwQAwldMAwQAwldTAwQAwldaAwQAwldoAwQAwldzAwQA
wleAAwQAwleCAwQAwleKAwQAwlehAwQAwleyAwQAwle7AwQAwlfIAwQAwlfQAwQA
wlfiAwQAwlflAwQAwlfnAwQAwlfpAwQAwlf6AwQAwzomAwQAw4UbAwQAw4UfAwQA
w4UjAwQAw4VJAwQA1MAIAwQA1MD4AwQA1MEBAwQA1MEFMA0GCSqGSIb3DQEBCwUA
A4IBAQCP70bai6SbEQ+JsbU/KBRv2nB2gmKEMv1HjpudAFPwvl9x3SgpQt4hgqL4
WnvZZ/fK0wDwiZrZJNc0X6BXaYrx76Nl8fKt+AoAvEon2MnYPwb1rzxBMdaTJz9B
Xo1VULAFhnSPVCwvc9nlaUrmJDz03G/utfpM/hNlyKk0Edllt1qtuuLl0nHBZWpl
t3OAY7eeMJYHjcaKWlBLUtce9CnDWPdU6TPUPjUgsX3aZgHHWvurgWTGIRSv9/T/
MGoj61RisIEdtSBRO33QV4nGU1LZraPfz78Y52duhNFf4dVtottBXyWwurxO5aY8
hF5pVBPsyUFyCga7xYbj+2iBssrE
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:31:59 2025 by rpki-client