Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/DS0EBGBfH2NBorJBENfgjIxANk4.roa
File: DS0EBGBfH2NBorJBENfgjIxANk4.roa (raw, json)
Hash identifier: sZzHSfM2S9r8+hnfhs67lsvRZXwz3uVrtA4zOLLngx4=
Subject key identifier: 0D:2D:04:04:60:5F:1F:63:41:A2:B2:41:10:D7:E0:8C:8C:40:36:4E
Certificate issuer: /CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Certificate serial: 0188AA062F95FBC093D0A73DBF0F8810CEC5
Authority key identifier: F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/DS0EBGBfH2NBorJBENfgjIxANk4.roa
Signing time: Sun 11 Jun 2023 10:35:12 +0000
ROA not before: Sun 11 Jun 2023 10:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47956
IP address blocks: 141.226.144.0/20 maxlen: 24
141.226.144.0/21 maxlen: 21
141.226.152.0/21 maxlen: 21
188.120.128.0/19 maxlen: 24
141.226.160.0/20 maxlen: 24
141.226.160.0/22 maxlen: 22
141.226.160.0/21 maxlen: 21
141.226.168.0/21 maxlen: 21
141.226.176.0/21 maxlen: 24
94.230.80.0/20 maxlen: 24
141.226.0.0/22 maxlen: 22
141.226.0.0/21 maxlen: 21
141.226.0.0/18 maxlen: 23
141.226.4.0/22 maxlen: 22
141.226.8.0/22 maxlen: 22
141.226.8.0/21 maxlen: 21
141.226.12.0/22 maxlen: 22
5.102.192.0/18 maxlen: 24
91.205.152.0/22 maxlen: 24
31.210.176.0/20 maxlen: 24
37.46.32.0/20 maxlen: 24
141.226.56.0/21 maxlen: 21
141.226.64.0/20 maxlen: 23
141.226.72.0/21 maxlen: 21
2a02:ed5::/32 maxlen: 32
2a02:ed0::/29 maxlen: 29
2a02:ed1::/32 maxlen: 32
2a02:ed2::/32 maxlen: 32
2a02:ed0::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:aa:06:2f:95:fb:c0:93:d0:a7:3d:bf:0f:88:10:ce:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Validity
Not Before: Jun 11 10:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d2d0404605f1f6341a2b24110d7e08c8c40364e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5a:89:21:5a:b9:f6:b4:b5:e9:6a:a8:5a:17:
4d:2b:05:43:39:2a:42:ef:4f:95:4b:1e:b9:08:29:
a1:56:88:7c:08:5f:25:66:8e:ca:2a:f1:51:54:88:
f5:0a:c3:0e:3d:db:64:69:9c:70:44:4b:52:20:c6:
3e:98:71:40:c6:f5:f8:ec:82:12:02:b4:ea:57:bf:
82:2e:82:12:fb:35:61:3a:4f:fc:66:45:23:02:2c:
1b:31:02:5b:94:9b:67:4d:06:fe:0a:38:76:ea:b1:
9b:e7:68:07:9a:1b:8e:46:07:2f:be:64:e0:77:dc:
5c:30:ae:0a:86:1f:94:07:d9:62:8a:58:0d:21:94:
bb:d7:f3:de:32:44:8c:2d:df:21:0c:72:a3:9b:9e:
29:2f:87:f6:da:16:67:00:ee:72:57:62:62:f2:d8:
c2:90:2c:83:73:bf:34:ee:71:44:f2:7e:bf:d5:58:
46:84:e6:e0:e4:8c:41:54:6e:94:98:2f:e6:77:59:
56:bd:92:8f:c7:35:c1:49:02:b0:54:60:c0:53:f7:
96:8b:f7:47:4d:be:c4:a2:43:8a:1d:2b:65:4c:ca:
d7:54:0d:82:41:0a:28:13:d5:a8:92:e0:11:40:2e:
98:38:00:4d:5b:37:68:e4:8b:2e:06:09:3d:5b:0f:
9d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2D:04:04:60:5F:1F:63:41:A2:B2:41:10:D7:E0:8C:8C:40:36:4E
X509v3 Authority Key Identifier:
keyid:F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/DS0EBGBfH2NBorJBENfgjIxANk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/9MCqez48v_iCYq3ZKzOeNQUc4aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.192.0/18
31.210.176.0/20
37.46.32.0/20
91.205.152.0/22
94.230.80.0/20
141.226.0.0-141.226.79.255
141.226.144.0-141.226.183.255
188.120.128.0/19
IPv6:
2a02:ed0::/29
Signature Algorithm: sha256WithRSAEncryption
27:b8:63:ff:d7:37:02:07:fe:3f:0c:eb:d8:e7:b3:48:5d:fb:
01:4d:1c:6c:bd:34:7e:f6:ba:d7:30:e1:0c:02:e8:c9:ba:7b:
29:7e:d5:0e:bf:22:13:47:a7:cb:14:f7:c4:15:07:eb:d1:b8:
6a:f0:e0:83:39:58:e3:ea:24:39:23:e5:67:48:26:8d:fe:6c:
d2:24:b6:e1:5d:02:96:a7:ea:f7:28:bb:fb:fa:d7:32:d8:e3:
1b:42:b9:c6:8e:28:51:74:25:8d:a3:f6:ad:87:fc:f1:25:ea:
5c:c2:b0:bf:65:56:fa:b4:9a:f6:b1:02:26:92:6f:a8:d4:e1:
48:e0:7b:d6:f5:75:ce:23:a6:54:1a:04:01:45:d3:46:a5:16:
e6:53:aa:21:d1:2c:ce:50:b9:6b:5c:2b:06:a7:ee:12:04:3a:
02:03:e4:85:b5:08:d7:e6:ca:da:d7:08:d9:9c:a3:40:4d:3f:
43:91:d2:93:0f:cb:ec:2c:90:11:34:37:d7:a2:39:1c:89:22:
a5:25:8e:59:29:33:0e:b2:82:56:b7:4a:01:bb:ee:b1:29:a9:
85:ab:fd:4c:14:00:86:2f:5b:1b:17:82:b8:13:9f:18:7e:ba:
5e:75:32:92:70:26:ae:61:7e:ef:57:b4:e0:52:1c:79:48:9c:
4c:c1:63:c0
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYiqBi+V+8CT0Kc9vw+IEM7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzBhYTdiM2UzY2JmZjg4MjYyYWRkOTJiMzM5ZTM1MDUx
Y2UxYTAwHhcNMjMwNjExMTAzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJkMDQwNDYwNWYxZjYzNDFhMmIyNDExMGQ3ZTA4YzhjNDAzNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1qJIVq59rS16WqoWhdNKwVDOSpC
70+VSx65CCmhVoh8CF8lZo7KKvFRVIj1CsMOPdtkaZxwREtSIMY+mHFAxvX47IIS
ArTqV7+CLoIS+zVhOk/8ZkUjAiwbMQJblJtnTQb+Cjh26rGb52gHmhuORgcvvmTg
d9xcMK4Khh+UB9liilgNIZS71/PeMkSMLd8hDHKjm54pL4f22hZnAO5yV2Ji8tjC
kCyDc7807nFE8n6/1VhGhObg5IxBVG6UmC/md1lWvZKPxzXBSQKwVGDAU/eWi/dH
Tb7EokOKHStlTMrXVA2CQQooE9WokuARQC6YOABNWzdo5IsuBgk9Ww+d9wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFA0tBARgXx9jQaKyQRDX4IyMQDZOMB8GA1UdIwQY
MBaAFPTAqns+PL/4gmKt2SsznjUFHOGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEt
ZWE3NWRkZjQ3YjRhLzEvRFMwRUJHQmZIMk5Cb3JKQkVOZmdqSXhBTms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEtZWE3NWRkZjQ3YjRh
LzEvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwQGBWbAAwQE
H9KwAwQEJS4gAwQCW82YAwQEXuZQMAsDAwGN4gMEBI3iQDAMAwQEjeKQAwQDjeKw
AwQFvHiAMA0EAgACMAcDBQMqAg7QMA0GCSqGSIb3DQEBCwUAA4IBAQAnuGP/1zcC
B/4/DOvY57NIXfsBTRxsvTR+9rrXMOEMAujJunspftUOvyITR6fLFPfEFQfr0bhq
8OCDOVjj6iQ5I+VnSCaN/mzSJLbhXQKWp+r3KLv7+tcy2OMbQrnGjihRdCWNo/at
h/zxJepcwrC/ZVb6tJr2sQImkm+o1OFI4HvW9XXOI6ZUGgQBRdNGpRbmU6oh0SzO
ULlrXCsGp+4SBDoCA+SFtQjX5sra1wjZnKNATT9DkdKTD8vsLJARNDfXojkciSKl
JY5ZKTMOsoJWt0oBu+6xKamFq/1MFACGL1sbF4K4E58YfrpedTKScCauYX7vV7Tg
Uhx5SJxMwWPA
-----END CERTIFICATE-----
Generated at Fri May 2 00:34:51 2025 by rpki-client