Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wr1etLtcK_3rCdvuyJpqhsaYLFs.roa
File: wr1etLtcK_3rCdvuyJpqhsaYLFs.roa (raw, json)
Hash identifier: DVFncvrNOWODzIdvzERBTjxRHSCgaRwS/8fHVSrflgk=
Subject key identifier: C2:BD:5E:B4:BB:5C:2B:FD:EB:09:DB:EE:C8:9A:6A:86:C6:98:2C:5B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D77DC347BE10E56403426810FB3585B9E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wr1etLtcK_3rCdvuyJpqhsaYLFs.roa
Signing time: Mon 05 Feb 2024 06:02:16 +0000
ROA not before: Mon 05 Feb 2024 06:02:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 62.76.227.0/24 maxlen: 24
62.76.233.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.4.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.57.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:dc:34:7b:e1:0e:56:40:34:26:81:0f:b3:58:5b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 06:02:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2bd5eb4bb5c2bfdeb09dbeec89a6a86c6982c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:8f:83:19:a5:bc:87:89:ac:0a:fc:cf:92:
9f:df:8d:59:cc:09:59:2b:8f:3d:68:82:e0:6c:97:
50:c0:c4:c2:a9:da:b7:c4:d8:02:2e:30:f8:d9:89:
a5:fe:3c:55:4b:27:3c:18:9a:b1:5a:04:c9:20:29:
fd:14:c0:26:df:d5:c8:1c:bf:c2:6a:dc:7f:62:e1:
6e:f1:76:26:2c:cc:a2:d8:b5:a5:da:32:18:55:c2:
8f:fb:f3:b6:b9:16:34:68:b2:51:19:3f:e7:df:6c:
25:d9:b6:fa:63:29:49:13:42:76:79:23:4c:c3:59:
9c:f6:83:8c:4a:17:de:07:ef:84:89:28:96:2a:a8:
3d:df:00:65:1d:2a:cd:5c:89:53:69:1b:bb:09:ef:
13:ab:ab:87:d0:39:0d:fe:a1:dd:cf:87:21:28:f6:
69:54:2f:b3:7e:b5:20:2b:f4:6a:59:cb:86:f3:00:
34:fd:0c:a0:79:fb:27:4e:92:4e:31:f2:fd:42:47:
19:4d:57:ad:67:0c:59:29:66:b7:38:97:cd:9c:1e:
3e:a8:cd:0c:49:52:77:89:3f:a5:07:23:79:90:69:
72:53:bd:eb:ad:2c:1f:c4:2e:2f:6a:f3:16:73:4e:
0a:14:9d:2b:7a:cc:f8:4c:36:d2:97:b5:0b:49:c2:
7e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BD:5E:B4:BB:5C:2B:FD:EB:09:DB:EE:C8:9A:6A:86:C6:98:2C:5B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wr1etLtcK_3rCdvuyJpqhsaYLFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
62.76.233.0/24
185.72.10.0/24
192.124.180.0/22
192.124.188.0/24
192.124.190.0/24
192.124.209.0/24
193.124.4.0/24
193.124.36.0/24
194.58.41.0/24
194.58.44.0/24
194.58.223.0/24
194.87.24.0/24
194.87.33.0/24
194.87.44.0/24
194.87.52.0/24
194.87.54.0/23
194.87.76.0/24
194.87.83.0-194.87.84.255
194.87.90.0/24
194.87.104.0/24
194.87.115.0/24
194.87.128.0/24
194.87.130.0/24
194.87.138.0/24
194.87.161.0/24
194.87.178.0/24
194.87.187.0/24
194.87.200.0/24
194.87.208.0/24
194.87.220.0/23
194.87.224.0/24
194.87.226.0/24
194.87.229.0/24
194.87.231.0/24
194.87.233.0/24
194.87.250.0/24
194.135.33.0/24
195.58.38.0/24
195.133.18.0/24
195.133.27.0/24
195.133.31.0/24
195.133.35.0/24
195.133.56.0/23
195.133.73.0/24
212.192.8.0/24
212.192.242.0/24
212.192.248.0/24
212.193.1.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:bb:0e:ec:3c:89:08:7d:a3:c5:4c:ce:21:73:42:40:c5:6b:
70:f3:a8:09:dd:e6:32:16:61:1d:c0:90:87:f9:4e:8c:a1:74:
73:19:fb:60:a5:c6:85:b0:5c:1b:27:a1:ca:71:56:e0:80:c0:
95:9f:09:d6:04:45:09:c2:e2:a2:b4:ff:34:6d:66:c2:8d:87:
37:37:84:f4:f8:bf:af:a9:ae:96:eb:9b:26:6f:e5:3e:e9:29:
d6:a4:a8:3e:3e:55:2c:68:ea:65:84:10:c3:15:06:2a:ac:a3:
3c:9c:bc:df:bd:81:ab:52:f0:53:d3:aa:9a:f7:63:b2:96:b3:
c5:32:c0:16:d6:57:e3:a0:62:d7:6b:60:54:93:0e:61:b2:9b:
08:1e:c7:33:6d:bf:6b:fa:47:ef:4f:04:df:21:99:c1:5e:f6:
d5:98:40:6c:d6:70:cb:bc:c1:e1:d5:43:4d:e5:c9:98:d9:7e:
bb:1a:38:2f:19:fc:f7:96:47:d1:56:8c:73:53:d2:18:85:7d:
09:02:02:34:ad:38:bd:83:09:71:38:8e:70:2f:54:fb:dd:03:
6d:f9:9f:03:5e:1c:9c:76:e9:1a:ce:85:67:e1:ee:ca:60:d5:
bc:fe:07:e3:21:7c:d3:72:09:38:c9:2b:19:43:d1:8c:08:b8:
cb:89:49:5f
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAY133DR74Q5WQDQmgQ+zWFueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA1MDYwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJkNWViNGJiNWMyYmZkZWIwOWRiZWVjODlhNmE4NmM2OTgyYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF6PgxmlvIeJrAr8z5Kf341ZzAlZ
K489aILgbJdQwMTCqdq3xNgCLjD42Yml/jxVSyc8GJqxWgTJICn9FMAm39XIHL/C
atx/YuFu8XYmLMyi2LWl2jIYVcKP+/O2uRY0aLJRGT/n32wl2bb6YylJE0J2eSNM
w1mc9oOMShfeB++EiSiWKqg93wBlHSrNXIlTaRu7Ce8Tq6uH0DkN/qHdz4chKPZp
VC+zfrUgK/RqWcuG8wA0/QygefsnTpJOMfL9QkcZTVetZwxZKWa3OJfNnB4+qM0M
SVJ3iT+lByN5kGlyU73rrSwfxC4vavMWc04KFJ0resz4TDbSl7ULScJ+iwIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFMK9XrS7XCv96wnb7siaaobGmCxbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd3IxZXRMdGNLXzNyQ2R2dXlKcHFoc2FZTEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NAMEAD5M4wMEAD5M6QMEALlICgMEAsB8tAMEAMB8vAMEAMB8vgMEAMB80QMEAMF8
BAMEAMF8JAMEAMI6KQMEAMI6LAMEAMI63wMEAMJXGAMEAMJXIQMEAMJXLAMEAMJX
NAMEAcJXNgMEAMJXTDAMAwQAwldTAwQAwldUAwQAwldaAwQAwldoAwQAwldzAwQA
wleAAwQAwleCAwQAwleKAwQAwlehAwQAwleyAwQAwle7AwQAwlfIAwQAwlfQAwQB
wlfcAwQAwlfgAwQAwlfiAwQAwlflAwQAwlfnAwQAwlfpAwQAwlf6AwQAwochAwQA
wzomAwQAw4USAwQAw4UbAwQAw4UfAwQAw4UjAwQBw4U4AwQAw4VJAwQA1MAIAwQA
1MDyAwQA1MD4AwQA1MEBAwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQAKuw7sPIkI
faPFTM4hc0JAxWtw86gJ3eYyFmEdwJCH+U6MoXRzGftgpcaFsFwbJ6HKcVbggMCV
nwnWBEUJwuKitP80bWbCjYc3N4T0+L+vqa6W65smb+U+6SnWpKg+PlUsaOplhBDD
FQYqrKM8nLzfvYGrUvBT06qa92OylrPFMsAW1lfjoGLXa2BUkw5hspsIHsczbb9r
+kfvTwTfIZnBXvbVmEBs1nDLvMHh1UNN5cmY2X67GjgvGfz3lkfRVoxzU9IYhX0J
AgI0rTi9gwlxOI5wL1T73QNt+Z8DXhycdukazoVn4e7KYNW8/gfjIXzTcgk4ySsZ
Q9GMCLjLiUlf
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:24:16 2025 by rpki-client