Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/wkwSqq4LOC75tsSznUzhFymYpbE.roa
File: wkwSqq4LOC75tsSznUzhFymYpbE.roa (raw, json)
Hash identifier: 22CTPH19AT/23phopMYzuSykhIwrfRl1FNQHacndyhQ=
Subject key identifier: C2:4C:12:AA:AE:0B:38:2E:F9:B6:C4:B3:9D:4C:E1:17:29:98:A5:B1
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 047BF5A4
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/wkwSqq4LOC75tsSznUzhFymYpbE.roa
Signing time: Wed 12 Jan 2022 13:57:37 +0000
ROA not before: Wed 12 Jan 2022 13:57:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209565
IP address blocks: 188.72.52.0/24 maxlen: 24
188.72.56.0/24 maxlen: 24
188.72.53.0/24 maxlen: 24
188.72.3.0/24 maxlen: 24
188.72.1.0/24 maxlen: 24
188.72.0.0/24 maxlen: 24
188.72.10.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75232676 (0x47bf5a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 12 13:57:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c24c12aaae0b382ef9b6c4b39d4ce1172998a5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b9:bd:78:d3:2a:d5:c6:28:5c:95:71:27:1d:
87:57:7f:1e:b6:1c:35:3d:02:93:33:35:32:39:b7:
73:dc:d4:18:c1:29:7d:4d:4c:b9:6e:ef:3e:a7:17:
c1:76:bd:09:b4:3f:3d:62:69:9e:13:5f:f3:85:29:
cf:f3:b9:1e:27:52:b4:29:09:c0:ab:8d:25:e8:1f:
ea:66:32:e0:87:1e:78:fe:c2:c2:b0:15:ef:c0:81:
0d:ef:b1:4e:a8:cc:36:5b:cd:84:3c:3c:ed:9c:e8:
d6:7b:7e:33:97:a2:f6:f2:37:7a:e5:0a:bc:b9:76:
be:82:62:52:78:d6:b7:3e:b0:4d:cb:91:27:cd:e2:
38:d6:91:6a:c4:70:f2:cf:58:3b:c0:50:b2:b1:7f:
02:00:12:15:6e:df:81:b4:48:05:01:6d:f4:06:3f:
6f:f6:0a:21:34:8b:fd:01:15:d9:2a:3c:28:8b:1b:
12:18:8f:51:97:e1:b1:9e:62:7d:ff:de:6d:7c:fd:
b3:fe:66:9a:81:98:80:04:a9:74:6c:9f:5a:d3:d6:
b6:64:f2:55:80:5b:17:15:d6:a0:92:87:b2:f1:6b:
08:f4:5c:00:79:9c:b5:8b:45:8a:aa:d0:66:d5:99:
05:44:6e:9e:a8:e0:09:30:17:4a:d3:50:9e:25:5c:
4e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4C:12:AA:AE:0B:38:2E:F9:B6:C4:B3:9D:4C:E1:17:29:98:A5:B1
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/wkwSqq4LOC75tsSznUzhFymYpbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.0.0/23
188.72.3.0/24
188.72.10.0/24
188.72.52.0/23
188.72.56.0/24
Signature Algorithm: sha256WithRSAEncryption
67:44:19:b1:8b:63:14:59:15:b6:1d:44:76:ac:4f:2f:2e:8c:
76:6b:4e:76:4e:50:fc:1c:f2:fd:f7:94:63:0a:17:96:ed:fd:
bc:cb:13:50:11:b5:95:9c:b3:06:40:a1:0a:b2:15:fe:8f:73:
a1:61:07:89:3d:a9:63:d9:ed:11:60:50:2f:1c:59:20:e8:97:
13:65:e4:93:05:72:ed:ce:de:c0:e5:16:87:55:b4:f1:79:a5:
ed:84:49:ca:03:93:3f:3d:50:01:f8:a1:eb:fa:00:67:76:a9:
20:87:6d:08:31:e0:ed:2f:49:5c:b6:99:67:cd:25:0c:a9:dd:
a4:b9:81:49:89:9c:ae:14:fb:b5:15:a6:47:42:10:4f:7a:79:
a7:92:8a:de:13:a3:d9:12:03:cc:9d:e7:43:bf:76:8f:98:62:
31:b6:fc:08:75:43:ec:36:7d:4e:8e:91:ba:f8:ff:0d:39:e8:
d5:d7:8f:43:ad:84:15:cd:5e:fe:e3:9f:95:5b:c2:c8:5e:51:
30:e5:86:fa:c5:a3:3e:2b:49:bc:f4:27:fd:38:22:d7:c1:52:
67:d3:8e:0e:53:e6:4b:ea:bf:7f:e4:ba:15:56:96:ae:49:a7:
2a:46:e5:4c:22:59:7a:dc:0b:32:cf:89:97:87:90:a1:2f:32:
51:88:9f:bb
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBHv1pDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2IwZGVjMTNkZjIwNWE2NmVjNTIyNzkyNWI4ZjU2YmRiMDlmNDk5MB4XDTIyMDEx
MjEzNTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzI0YzEyYWFhZTBi
MzgyZWY5YjZjNGIzOWQ0Y2UxMTcyOTk4YTViMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALS5vXjTKtXGKFyVcScdh1d/HrYcNT0CkzM1Mjm3c9zUGMEp
fU1MuW7vPqcXwXa9CbQ/PWJpnhNf84Upz/O5HidStCkJwKuNJegf6mYy4IceeP7C
wrAV78CBDe+xTqjMNlvNhDw87Zzo1nt+M5ei9vI3euUKvLl2voJiUnjWtz6wTcuR
J83iONaRasRw8s9YO8BQsrF/AgASFW7fgbRIBQFt9AY/b/YKITSL/QEV2So8KIsb
EhiPUZfhsZ5iff/ebXz9s/5mmoGYgASpdGyfWtPWtmTyVYBbFxXWoJKHsvFrCPRc
AHmctYtFiqrQZtWZBURunqjgCTAXStNQniVcTgcCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTCTBKqrgs4Lvm2xLOdTOEXKZilsTAfBgNVHSMEGDAWgBRssN7BPfIFpm7F
InkluPVr2wn0mTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JMRGV3VDN5QmFadXhTSjVKYmoxYTlzSjlKay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvY2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8x
L3drd1NxcTRMT0M3NXRzU3puVXpoRnltWXBiRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
Y2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8xL2JMRGV3VDN5QmFa
dXhTSjVKYmoxYTlzSjlKay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAbxIAAMEALxIAwMEALxICgMEAbxI
NAMEALxIODANBgkqhkiG9w0BAQsFAAOCAQEAZ0QZsYtjFFkVth1EdqxPLy6MdmtO
dk5Q/Bzy/feUYwoXlu39vMsTUBG1lZyzBkChCrIV/o9zoWEHiT2pY9ntEWBQLxxZ
IOiXE2XkkwVy7c7ewOUWh1W08Xml7YRJygOTPz1QAfih6/oAZ3apIIdtCDHg7S9J
XLaZZ80lDKndpLmBSYmcrhT7tRWmR0IQT3p5p5KK3hOj2RIDzJ3nQ792j5hiMbb8
CHVD7DZ9To6Ruvj/DTno1dePQ62EFc1e/uOflVvCyF5RMOWG+sWjPitJvPQn/Tgi
18FSZ9OODlPmS+q/f+S6FVaWrkmnKkblTCJZetwLMs+Jl4eQoS8yUYifuw==
-----END CERTIFICATE-----
Generated at Thu May 1 11:17:49 2025 by rpki-client