Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/SD-qJsxSeIiRB_IJ2TO-BD4J-B0.roa
File: SD-qJsxSeIiRB_IJ2TO-BD4J-B0.roa (raw, json)
Hash identifier: V+/6fte1JnmPge41xRE4tN083NPF7Lw6CO7tEfX237Q=
Subject key identifier: 48:3F:AA:26:CC:52:78:88:91:07:F2:09:D9:33:BE:04:3E:09:F8:1D
Certificate issuer: /CN=0cda5c874354d83826e43c2535b76e20d5b61b05
Certificate serial: 018625196F8F5AE796E679EB82CB44A0DBD2
Authority key identifier: 0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/SD-qJsxSeIiRB_IJ2TO-BD4J-B0.roa
Signing time: Mon 06 Feb 2023 05:01:09 +0000
ROA not before: Mon 06 Feb 2023 05:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48434
IP address blocks: 94.232.168.0/21 maxlen: 27
185.162.218.0/23 maxlen: 27
185.37.52.0/22 maxlen: 27
185.232.152.0/24 maxlen: 27
185.232.152.0/23 maxlen: 27
185.232.152.0/22 maxlen: 27
185.232.154.0/24 maxlen: 27
185.232.154.0/23 maxlen: 27
185.232.153.0/24 maxlen: 27
185.232.155.0/24 maxlen: 27
185.78.20.0/22 maxlen: 27
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:19:6f:8f:5a:e7:96:e6:79:eb:82:cb:44:a0:db:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cda5c874354d83826e43c2535b76e20d5b61b05
Validity
Not Before: Feb 6 05:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=483faa26cc5278889107f209d933be043e09f81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e0:d2:dc:44:34:5a:76:aa:fd:0d:dc:d1:a0:
c3:53:08:6a:ac:ff:f8:e9:0a:53:e5:e3:de:e4:9f:
ca:5c:a9:5d:d6:7b:02:5a:57:3a:c4:40:ab:05:c1:
2a:e4:c6:e1:72:d7:d4:09:df:e6:e5:c6:1d:57:47:
29:60:d6:ca:ae:ed:d2:b4:8e:ab:0a:92:d4:6b:f1:
86:82:5d:f6:88:bf:33:4b:15:e3:81:f8:5d:fe:b4:
63:09:97:f3:3b:e6:72:c5:89:de:19:5b:b2:d5:fe:
73:2a:42:40:c4:13:0f:bc:06:c2:7a:cf:63:bc:a5:
74:64:51:28:9f:b1:c6:e9:e6:ac:72:87:c7:e5:05:
e9:11:7d:fa:6a:ec:a7:f8:9e:81:97:94:12:52:d4:
46:65:b5:89:b0:61:3a:85:8d:8a:9d:be:27:34:3b:
b6:52:eb:2b:fb:b7:dd:fb:14:d6:a5:1e:20:11:42:
4d:12:d6:49:45:6b:9f:d0:0d:db:00:9f:58:b7:66:
07:29:39:a1:da:c9:53:26:76:8d:d1:ab:87:9d:aa:
9d:92:97:6b:a8:2f:9f:b2:53:2a:26:ad:5c:e6:a6:
02:34:e0:3c:e8:1c:d6:d3:73:c5:8d:fd:27:72:c7:
b0:8e:96:23:ff:64:e2:0b:64:6e:db:7f:f0:fc:9f:
b3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3F:AA:26:CC:52:78:88:91:07:F2:09:D9:33:BE:04:3E:09:F8:1D
X509v3 Authority Key Identifier:
keyid:0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/SD-qJsxSeIiRB_IJ2TO-BD4J-B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.168.0/21
185.37.52.0/22
185.78.20.0/22
185.162.218.0/23
185.232.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:5d:53:53:44:68:0a:6d:a4:ca:d4:59:6a:d9:7f:42:b4:36:
33:17:ef:f5:91:ff:81:f2:da:77:7b:23:f6:e6:06:d7:cb:5d:
0d:7b:e0:84:50:9c:ec:b7:c2:f2:60:34:a3:84:2d:bd:39:f9:
f4:71:a2:d7:30:44:0f:cf:80:c7:4d:6e:1f:35:61:84:1b:3b:
3a:10:44:5b:bb:d5:67:bc:6c:6e:11:9f:32:2a:75:0d:d0:f4:
78:d8:99:80:41:08:c3:1c:0f:c0:1c:3a:f6:4e:19:91:7b:43:
f4:0b:1a:c0:83:c6:e3:68:10:1d:4b:ea:bf:96:48:c9:4f:99:
3f:f2:0b:41:7b:dd:8b:5d:3d:5d:db:dc:78:b5:e3:bf:52:9d:
52:fc:68:e5:85:c7:fb:d6:9f:f0:86:46:2b:34:f8:62:4d:d4:
7a:7a:6c:d7:74:e7:13:3f:1c:ea:15:b2:3a:c4:b7:9c:48:0d:
2c:8e:7c:40:05:43:2c:cb:e3:c7:e2:33:8a:4b:d0:e2:a5:42:
30:13:79:51:9f:4b:97:8a:91:29:69:c7:f5:34:c8:cf:b1:82:
e3:c5:96:0c:61:89:60:f6:99:9f:9d:e9:2a:81:05:58:ad:c9:
6e:61:1a:5c:d0:03:ae:02:09:a9:34:9d:be:48:cc:fe:17:ff:
c9:84:d7:78
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYlGW+PWueW5nnrgstEoNvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZGE1Yzg3NDM1NGQ4MzgyNmU0M2MyNTM1Yjc2ZTIwZDVi
NjFiMDUwHhcNMjMwMjA2MDUwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNmYWEyNmNjNTI3ODg4OTEwN2YyMDlkOTMzYmUwNDNlMDlmODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+DS3EQ0Wnaq/Q3c0aDDUwhqrP/4
6QpT5ePe5J/KXKld1nsCWlc6xECrBcEq5MbhctfUCd/m5cYdV0cpYNbKru3StI6r
CpLUa/GGgl32iL8zSxXjgfhd/rRjCZfzO+ZyxYneGVuy1f5zKkJAxBMPvAbCes9j
vKV0ZFEon7HG6eascofH5QXpEX36auyn+J6Bl5QSUtRGZbWJsGE6hY2Knb4nNDu2
Uusr+7fd+xTWpR4gEUJNEtZJRWuf0A3bAJ9Yt2YHKTmh2slTJnaN0auHnaqdkpdr
qC+fslMqJq1c5qYCNOA86BzW03PFjf0ncsewjpYj/2TiC2Ru23/w/J+zVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEg/qibMUniIkQfyCdkzvgQ+CfgdMB8GA1UdIwQY
MBaAFAzaXIdDVNg4JuQ8JTW3biDVthsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMt
YzgyZjQyNGI2ZDBkLzEvU0QtcUpzeFNlSWlSQl9JSjJUTy1CRDRKLUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMtYzgyZjQyNGI2ZDBk
LzEvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDXuioAwQC
uSU0AwQCuU4UAwQBuaLaAwQCueiYMA0GCSqGSIb3DQEBCwUAA4IBAQBuXVNTRGgK
baTK1Flq2X9CtDYzF+/1kf+B8tp3eyP25gbXy10Ne+CEUJzst8LyYDSjhC29Ofn0
caLXMEQPz4DHTW4fNWGEGzs6EERbu9VnvGxuEZ8yKnUN0PR42JmAQQjDHA/AHDr2
ThmRe0P0CxrAg8bjaBAdS+q/lkjJT5k/8gtBe92LXT1d29x4teO/Up1S/Gjlhcf7
1p/whkYrNPhiTdR6emzXdOcTPxzqFbI6xLecSA0sjnxABUMsy+PH4jOKS9DipUIw
E3lRn0uXipEpacf1NMjPsYLjxZYMYYlg9pmfnekqgQVYrcluYRpc0AOuAgmpNJ2+
SMz+F//JhNd4
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:07:05 2025 by rpki-client