Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WDen5JMrparxO6Ns8QBb0Rz-w-s.roa
File: WDen5JMrparxO6Ns8QBb0Rz-w-s.roa (raw, json)
Hash identifier: OqYH+HubpQMpDrRLjSQ9GoFjVJZluVFY21UrAyzB5BU=
Subject key identifier: 58:37:A7:E4:93:2B:A5:AA:F1:3B:A3:6C:F1:00:5B:D1:1C:FE:C3:EB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187EC52DA4F37AC926121E2D2785A1328CB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WDen5JMrparxO6Ns8QBb0Rz-w-s.roa
Signing time: Fri 05 May 2023 14:31:05 +0000
ROA not before: Fri 05 May 2023 14:31:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.148.116.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c3:110::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:52:da:4f:37:ac:92:61:21:e2:d2:78:5a:13:28:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 5 14:31:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5837a7e4932ba5aaf13ba36cf1005bd11cfec3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:db:3d:d0:16:8c:31:f8:06:17:b8:e6:d8:78:
56:0f:6f:c2:fe:ff:ad:16:0e:2e:8f:d8:a4:bc:c3:
dc:6a:8b:4b:58:a6:53:b6:84:8a:fd:c3:d0:50:58:
b0:5a:19:d3:ef:9d:44:7c:f8:f0:a5:97:5b:39:79:
9d:b2:a8:d3:ee:5d:90:71:a0:2a:c2:1f:ba:00:1d:
c7:ea:11:0a:83:ff:b0:a7:ff:1d:52:e7:cf:38:73:
fc:0e:84:9c:63:9d:74:61:b7:6a:bc:e1:18:b5:e9:
82:e5:dc:db:82:00:fb:e1:d8:ca:7f:de:d9:9c:ef:
e3:0c:e6:4a:2b:50:4f:0a:ff:5c:75:3f:a2:24:6c:
46:8a:33:92:19:3c:fc:f2:d4:59:9d:1c:b0:cf:42:
71:f1:b7:9a:a0:55:cb:2c:d5:2d:23:3b:e6:3e:1d:
2d:1c:74:73:c9:dc:ef:f4:e3:f8:de:f9:4d:74:5b:
a4:f7:a0:9e:ec:6a:f2:47:70:2e:7c:81:14:4a:bf:
cd:05:76:3e:8a:28:03:b5:e7:e6:6e:2a:ee:a6:3f:
cf:0b:5b:70:d8:05:ed:83:90:4a:6d:d4:a1:1e:01:
ba:50:e8:2c:88:33:26:28:ff:98:a8:0a:d6:9a:83:
1c:f6:27:ad:cf:a1:aa:4f:7a:d3:f5:c3:74:25:d8:
17:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:37:A7:E4:93:2B:A5:AA:F1:3B:A3:6C:F1:00:5B:D1:1C:FE:C3:EB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WDen5JMrparxO6Ns8QBb0Rz-w-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
45.148.116.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
7b:47:28:bb:72:18:5f:b7:f2:72:c2:46:8f:dd:a0:39:95:76:
fb:fd:f1:6e:f9:25:c4:d1:9c:3f:c7:d7:01:53:cb:60:68:4e:
de:04:5b:d0:57:a9:a1:46:74:12:53:cc:14:f5:ad:99:8b:f1:
c3:5d:31:93:7b:ab:9b:53:34:b1:81:96:e4:d8:12:17:ba:8e:
33:29:7e:ed:a1:16:fd:47:8c:35:d1:fd:d0:dc:90:fb:f9:e1:
fe:29:49:ec:95:95:aa:60:1e:94:85:21:04:74:06:4b:37:1b:
f3:41:49:77:40:87:80:a8:df:c2:2f:f0:2d:5a:37:9e:b0:52:
45:aa:69:6e:af:91:f3:4e:07:57:6a:67:75:fe:58:bc:d1:db:
a5:9c:09:e1:89:c2:f8:66:f2:41:b9:24:1f:7e:0a:84:47:d7:
79:28:e1:1c:28:60:b0:33:c0:6e:32:37:74:66:fc:18:fb:c5:
aa:8d:3a:bc:ef:5f:d6:ce:fe:ba:b3:00:b9:e6:92:bc:a8:d7:
ab:11:cc:50:cd:e8:58:14:00:e3:bc:35:3f:52:b9:fd:b8:95:
70:39:7b:a3:33:b8:d3:12:d3:58:83:34:fd:62:9e:c0:6e:d4:
e5:ab:bf:dc:e7:44:81:eb:4e:3e:60:48:cd:e8:19:6e:d7:a1:
a6:0f:26:01
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYfsUtpPN6ySYSHi0nhaEyjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTA1MTQzMTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODM3YTdlNDkzMmJhNWFhZjEzYmEzNmNmMTAwNWJkMTFjZmVjM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhts90BaMMfgGF7jm2HhWD2/C/v+t
Fg4uj9ikvMPcaotLWKZTtoSK/cPQUFiwWhnT751EfPjwpZdbOXmdsqjT7l2QcaAq
wh+6AB3H6hEKg/+wp/8dUufPOHP8DoScY510YbdqvOEYtemC5dzbggD74djKf97Z
nO/jDOZKK1BPCv9cdT+iJGxGijOSGTz88tRZnRywz0Jx8beaoFXLLNUtIzvmPh0t
HHRzydzv9OP43vlNdFuk96Ce7GryR3AufIEUSr/NBXY+iigDtefmbirupj/PC1tw
2AXtg5BKbdShHgG6UOgsiDMmKP+YqArWmoMc9ietz6GqT3rT9cN0JdgXOwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFFg3p+STK6Wq8TujbPEAW9Ec/sPrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV0RlbjVKTXJwYXJ4TzZOczhRQmIwUnotdy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTBOBAIAATBIAwQA
Hyq3AwQCLQxEAwQCLYO4AwQCLYiIAwQCLZR0AwQBTVEyAwQAVcrLAwQAXrF6AwQC
ixxgAwQAueh1AwQAwjJcAwQAwjJeMIG2BAIAAjCBrwMHACABB/gBGQMFAyoJBMAw
DgMFByoMO4ADBQAqDDuGAwcAKg6XwAFwAwcEKg6XwAHQAwcEKg6XwAJgAwYAKg6X
wQIDBwQqDpfDARADBwQqDpfEAQADBwQqDpfEASADBwAqDrEHCfIDBwAqDrEHEWUD
BwAqDrEHF4YDBwMqDrEHIcADBwAqD+QEAQIDBwAqEC8AAY0DBwAqEC8AAY8DBwQq
EMxAAlADBwQqEMxFATAwDQYJKoZIhvcNAQELBQADggEBAHtHKLtyGF+38nLCRo/d
oDmVdvv98W75JcTRnD/H1wFTy2BoTt4EW9BXqaFGdBJTzBT1rZmL8cNdMZN7q5tT
NLGBluTYEhe6jjMpfu2hFv1HjDXR/dDckPv54f4pSeyVlapgHpSFIQR0Bks3G/NB
SXdAh4Co38Iv8C1aN56wUkWqaW6vkfNOB1dqZ3X+WLzR26WcCeGJwvhm8kG5JB9+
CoRH13ko4RwoYLAzwG4yN3Rm/Bj7xaqNOrzvX9bO/rqzALnmkryo16sRzFDN6FgU
AOO8NT9Suf24lXA5e6MzuNMS01iDNP1insBu1OWrv9znRIHrTj5gSM3oGW7XoaYP
JgE=
-----END CERTIFICATE-----
Generated at Sat Jun 21 04:30:32 2025 by rpki-client