Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/amqG2G4QLEAwcLtFJUWu2FsSwcs.roa
File: amqG2G4QLEAwcLtFJUWu2FsSwcs.roa (raw, json)
Hash identifier: dyOkd+ItBD47EJOt89CRDloWzBqiRwE7gAVmvnF5MrM=
Subject key identifier: 6A:6A:86:D8:6E:10:2C:40:30:70:BB:45:25:45:AE:D8:5B:12:C1:CB
Certificate issuer: /CN=9984b9eb122237111c1f8ca57707ec7307291ee8
Certificate serial: 0189B15C80808CBA307323A3176BB30C29BA
Authority key identifier: 99:84:B9:EB:12:22:37:11:1C:1F:8C:A5:77:07:EC:73:07:29:1E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mYS56xIiNxEcH4yldwfscwcpHug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/amqG2G4QLEAwcLtFJUWu2FsSwcs.roa
Signing time: Tue 01 Aug 2023 13:49:36 +0000
ROA not before: Tue 01 Aug 2023 13:49:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15372
IP address blocks: 193.36.120.0/22 maxlen: 22
212.111.224.0/19 maxlen: 24
195.248.83.0/24 maxlen: 24
91.90.167.0/24 maxlen: 24
188.239.190.0/24 maxlen: 24
188.239.188.0/23 maxlen: 23
31.42.180.0/24 maxlen: 24
2a01:7700::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:5c:80:80:8c:ba:30:73:23:a3:17:6b:b3:0c:29:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9984b9eb122237111c1f8ca57707ec7307291ee8
Validity
Not Before: Aug 1 13:49:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a6a86d86e102c403070bb452545aed85b12c1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:36:a0:f7:fa:c5:95:d0:50:09:d1:d7:9d:a5:
9f:fe:a7:e9:bb:59:7b:79:65:ce:d2:ed:df:ae:01:
d7:1e:98:a6:e1:73:d0:ee:03:7d:af:65:62:08:82:
cd:4b:d0:ef:e4:1c:92:45:cf:51:64:40:af:b9:c8:
2c:74:0a:1f:c9:a6:ee:90:25:8f:32:84:e5:a5:86:
85:55:3d:93:e7:2b:7b:80:7c:66:ba:08:17:c3:2e:
1a:ac:65:0c:56:73:85:aa:db:af:3e:f3:a5:6f:53:
54:7e:a8:14:89:ff:b5:4b:d9:4d:cc:19:c0:2c:30:
b5:9a:40:fe:a6:cb:86:ec:10:79:89:dc:f2:14:0f:
ae:27:a3:34:2a:2b:17:ba:83:ed:2f:6e:c1:2f:69:
0d:65:f9:81:ef:58:2a:38:7f:28:12:91:0a:91:70:
19:e2:78:30:e0:e6:2d:4f:69:e9:70:b9:7b:ec:e8:
59:cc:7d:29:44:d4:94:2e:25:1b:9c:26:91:01:b6:
ab:61:a9:b3:d1:19:fe:17:f7:0c:ff:39:4c:e9:eb:
c3:57:ce:5b:fe:e4:c9:c9:6b:3a:a6:dd:ac:16:01:
1e:d1:1c:f2:c0:e5:37:c7:99:8e:69:99:89:02:99:
85:7f:75:7e:3c:15:3b:97:4d:c6:5c:d6:86:8b:8e:
48:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:6A:86:D8:6E:10:2C:40:30:70:BB:45:25:45:AE:D8:5B:12:C1:CB
X509v3 Authority Key Identifier:
keyid:99:84:B9:EB:12:22:37:11:1C:1F:8C:A5:77:07:EC:73:07:29:1E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mYS56xIiNxEcH4yldwfscwcpHug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/amqG2G4QLEAwcLtFJUWu2FsSwcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/mYS56xIiNxEcH4yldwfscwcpHug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.180.0/24
91.90.167.0/24
188.239.188.0-188.239.190.255
193.36.120.0/22
195.248.83.0/24
212.111.224.0/19
IPv6:
2a01:7700::/32
Signature Algorithm: sha256WithRSAEncryption
9a:8d:b3:52:d3:25:18:1a:d8:52:4d:ad:01:83:c8:c9:10:7a:
8c:6c:3a:b0:21:e1:23:23:86:28:8e:05:a3:b1:80:1b:58:6a:
60:53:c2:6e:f0:5b:d3:b3:4c:9b:c8:c6:e7:49:0f:61:cf:1b:
98:c7:2e:54:66:37:b8:02:bd:ea:23:df:46:35:f0:0e:78:79:
04:15:18:6c:60:3d:2f:ad:7b:e9:18:30:2e:f6:1e:30:1b:bf:
01:f2:06:57:eb:ea:80:64:f0:85:8f:9e:c0:73:b4:36:93:47:
96:f6:4c:1a:0b:70:4e:21:af:65:94:c9:0c:97:f5:1a:c7:67:
da:5e:da:06:32:b4:4a:f2:05:5a:7e:fd:4b:0f:d0:32:e4:38:
a3:21:87:8e:e8:6b:ff:e4:5e:42:7b:56:e6:77:aa:47:9c:73:
e5:c2:78:63:ec:3a:2a:1f:c5:bb:e2:60:30:9d:96:19:a1:17:
b8:d8:3f:f0:2a:78:be:e8:9e:34:d2:2d:93:3c:bd:b1:cf:25:
0e:29:7e:de:9e:d1:dc:1d:9f:36:fd:82:e3:01:bf:77:87:5a:
32:6d:4b:bb:c9:ee:ed:7c:a1:7c:eb:13:30:69:d4:10:71:5b:
04:03:ab:bf:0e:98:89:a3:39:e3:3c:57:5f:96:42:44:cf:5d:
71:ba:9d:9b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYmxXICAjLowcyOjF2uzDCm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ODRiOWViMTIyMjM3MTExYzFmOGNhNTc3MDdlYzczMDcy
OTFlZTgwHhcNMjMwODAxMTM0OTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZhODZkODZlMTAyYzQwMzA3MGJiNDUyNTQ1YWVkODViMTJjMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTag9/rFldBQCdHXnaWf/qfpu1l7
eWXO0u3frgHXHpim4XPQ7gN9r2ViCILNS9Dv5BySRc9RZECvucgsdAofyabukCWP
MoTlpYaFVT2T5yt7gHxmuggXwy4arGUMVnOFqtuvPvOlb1NUfqgUif+1S9lNzBnA
LDC1mkD+psuG7BB5idzyFA+uJ6M0KisXuoPtL27BL2kNZfmB71gqOH8oEpEKkXAZ
4ngw4OYtT2npcLl77OhZzH0pRNSULiUbnCaRAbarYamz0Rn+F/cM/zlM6evDV85b
/uTJyWs6pt2sFgEe0RzywOU3x5mOaZmJApmFf3V+PBU7l03GXNaGi45IbwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGpqhthuECxAMHC7RSVFrthbEsHLMB8GA1UdIwQY
MBaAFJmEuesSIjcRHB+MpXcH7HMHKR7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVlTNTZ4SWlOeEVjSDR5bGR3ZnNjd2NwSHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9iOWMxZDctMmFlZC00Njk2LTgwYTct
ZDVhYmY1MDMxZDIxLzEvYW1xRzJHNFFMRUF3Y0x0RkpVV3UyRnNTd2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9iOWMxZDctMmFlZC00Njk2LTgwYTctZDVhYmY1MDMxZDIx
LzEvbVlTNTZ4SWlOeEVjSDR5bGR3ZnNjd2NwSHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQAHyq0AwQA
W1qnMAwDBAK877wDBAC8774DBALBJHgDBADD+FMDBAXUb+AwDQQCAAIwBwMFACoB
dwAwDQYJKoZIhvcNAQELBQADggEBAJqNs1LTJRga2FJNrQGDyMkQeoxsOrAh4SMj
hiiOBaOxgBtYamBTwm7wW9OzTJvIxudJD2HPG5jHLlRmN7gCveoj30Y18A54eQQV
GGxgPS+te+kYMC72HjAbvwHyBlfr6oBk8IWPnsBztDaTR5b2TBoLcE4hr2WUyQyX
9RrHZ9pe2gYytEryBVp+/UsP0DLkOKMhh47oa//kXkJ7VuZ3qkecc+XCeGPsOiof
xbviYDCdlhmhF7jYP/AqeL7onjTSLZM8vbHPJQ4pft6e0dwdnzb9guMBv3eHWjJt
S7vJ7u18oXzrEzBp1BBxWwQDq78OmImjOeM8V1+WQkTPXXG6nZs=
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:40:21 2025 by rpki-client