Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lKypWyoYQ9UQ4cfwiNADMSF9c7I.roa
File: lKypWyoYQ9UQ4cfwiNADMSF9c7I.roa (raw, json)
Hash identifier: 18v+xgRUK8eINn1A3o6ixLlC8nv3NCGcjysgS6WBWqQ=
Subject key identifier: 94:AC:A9:5B:2A:18:43:D5:10:E1:C7:F0:88:D0:03:31:21:7D:73:B2
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01970C11911A5A6646DB20DEE52F1538B140
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lKypWyoYQ9UQ4cfwiNADMSF9c7I.roa
Signing time: Mon 26 May 2025 10:09:27 +0000
ROA not before: Mon 26 May 2025 10:09:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12325
IP address blocks: 46.102.191.0/24 maxlen: 24
77.81.183.0/24 maxlen: 24
86.105.151.0/24 maxlen: 24
86.107.47.0/24 maxlen: 24
86.107.184.0/24 maxlen: 24
86.107.244.0/23 maxlen: 24
89.33.87.0/24 maxlen: 24
89.35.26.0/24 maxlen: 24
89.35.51.0/24 maxlen: 24
89.35.172.0/24 maxlen: 24
89.37.142.0/24 maxlen: 24
89.39.64.0/23 maxlen: 24
89.39.80.0/24 maxlen: 24
89.39.90.0/24 maxlen: 24
89.40.65.0/24 maxlen: 24
89.40.204.0/24 maxlen: 24
89.40.233.0/24 maxlen: 24
89.42.158.0/23 maxlen: 24
92.114.104.0/23 maxlen: 24
94.176.3.0/24 maxlen: 24
94.177.58.0/24 maxlen: 24
188.240.17.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:11:91:1a:5a:66:46:db:20:de:e5:2f:15:38:b1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 26 10:09:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94aca95b2a1843d510e1c7f088d00331217d73b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:16:56:51:82:bd:cc:88:48:64:23:f8:dd:b9:
e5:bb:98:c9:26:59:11:13:27:ed:db:02:7f:10:1a:
87:d2:8f:61:88:5a:98:4c:24:fb:13:8c:16:16:8f:
3d:6d:59:bb:07:74:17:22:ab:8e:4f:a7:cb:9a:cb:
c1:0f:be:3c:3e:c2:7d:64:8d:d5:ed:f2:2d:cf:95:
56:4c:30:49:d7:86:38:86:69:62:2d:a3:f7:07:89:
ce:77:cf:5d:1d:ae:cd:e2:e3:eb:7a:13:f6:06:9b:
94:13:15:d9:44:ed:d9:fc:c8:18:88:b1:6d:6b:69:
63:60:59:de:29:63:4b:ca:3d:f0:64:c2:c7:da:3a:
0d:33:e7:e8:94:be:bf:db:a1:09:a9:22:e3:68:e9:
12:dc:72:bd:d5:cc:b0:42:4a:95:2e:c0:c6:ee:d1:
6a:aa:51:f6:36:65:07:9c:01:f5:64:d0:2d:f7:bd:
35:59:47:b5:8e:f2:86:cf:9f:a9:81:f6:74:4f:08:
90:5e:2c:7f:0f:5c:b5:89:5d:6f:2e:25:8d:2a:a8:
53:93:db:a0:e4:3e:66:fc:fb:aa:e7:2b:b4:7c:9a:
55:3e:97:d3:97:61:68:2c:8e:bf:db:36:03:5a:4a:
71:e8:9e:07:b8:ae:31:58:1b:f0:35:9d:21:1e:f6:
78:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AC:A9:5B:2A:18:43:D5:10:E1:C7:F0:88:D0:03:31:21:7D:73:B2
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/lKypWyoYQ9UQ4cfwiNADMSF9c7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.191.0/24
77.81.183.0/24
86.105.151.0/24
86.107.47.0/24
86.107.184.0/24
86.107.244.0/23
89.33.87.0/24
89.35.26.0/24
89.35.51.0/24
89.35.172.0/24
89.37.142.0/24
89.39.64.0/23
89.39.80.0/24
89.39.90.0/24
89.40.65.0/24
89.40.204.0/24
89.40.233.0/24
89.42.158.0/23
92.114.104.0/23
94.176.3.0/24
94.177.58.0/24
188.240.17.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:26:ba:65:7d:d3:b4:ea:39:a3:2f:15:ab:93:01:92:e7:b1:
5a:8b:07:af:d5:5f:ae:ad:4a:ff:e3:12:7c:9b:42:e0:ef:00:
54:a8:44:e2:4e:d3:9f:c1:47:1d:b0:25:3a:66:13:48:d3:3a:
35:2a:65:d6:03:50:b8:12:21:ab:9a:4e:ec:9a:7b:31:d1:ab:
5c:b0:71:e0:32:b0:9d:39:9f:d9:a9:44:51:af:0d:f7:49:0b:
8f:91:b2:69:89:01:ce:6c:14:4b:eb:92:e3:ec:aa:5f:79:8a:
28:80:3d:89:21:f2:f3:f0:d5:e3:42:16:68:9f:6a:af:1a:6a:
eb:41:6e:85:9b:d9:1f:f1:ab:bb:28:de:9b:4b:fd:c4:c2:25:
17:00:57:25:f5:ae:dd:40:82:94:95:bf:7c:8c:ce:b7:1f:91:
1a:8a:5f:96:d0:58:5a:b3:ec:e9:45:a1:0c:4f:ec:68:b1:d7:
55:86:23:cc:95:f1:6c:fd:0f:cf:e0:3a:45:5c:3b:5c:61:80:
e6:6b:3f:fb:40:b1:a6:b2:a0:4e:04:54:de:d6:c8:a7:38:bd:
f1:51:96:36:14:b2:29:8e:53:7a:e4:f1:07:dc:15:ec:4a:5c:
19:df:46:1c:dc:54:4b:8a:fd:a0:4f:5a:56:92:88:54:3b:5f:
e9:41:ca:86
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZcMEZEaWmZG2yDe5S8VOLFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwNTI2MTAwOTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFjYTk1YjJhMTg0M2Q1MTBlMWM3ZjA4OGQwMDMzMTIxN2Q3M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xZWUYK9zIhIZCP43bnlu5jJJlkR
Eyft2wJ/EBqH0o9hiFqYTCT7E4wWFo89bVm7B3QXIquOT6fLmsvBD748PsJ9ZI3V
7fItz5VWTDBJ14Y4hmliLaP3B4nOd89dHa7N4uPrehP2BpuUExXZRO3Z/MgYiLFt
a2ljYFneKWNLyj3wZMLH2joNM+folL6/26EJqSLjaOkS3HK91cywQkqVLsDG7tFq
qlH2NmUHnAH1ZNAt9701WUe1jvKGz5+pgfZ0TwiQXix/D1y1iV1vLiWNKqhTk9ug
5D5m/Puq5yu0fJpVPpfTl2FoLI6/2zYDWkpx6J4HuK4xWBvwNZ0hHvZ4wwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFJSsqVsqGEPVEOHH8IjQAzEhfXOyMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2xLeXBXeW9ZUTlVUTRjZndpTkFETVNGOWM3SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgaEGCCsGAQUFBwEHAQH/BIGRMIGOMIGLBAIAATCBhAME
AC5mvwMEAE1RtwMEAFZplwMEAFZrLwMEAFZruAMEAVZr9AMEAFkhVwMEAFkjGgME
AFkjMwMEAFkjrAMEAFkljgMEAVknQAMEAFknUAMEAFknWgMEAFkoQQMEAFkozAME
AFko6QMEAVkqngMEAVxyaAMEAF6wAwMEAF6xOgMEALzwETANBgkqhkiG9w0BAQsF
AAOCAQEAoya6ZX3TtOo5oy8Vq5MBkuexWosHr9Vfrq1K/+MSfJtC4O8AVKhE4k7T
n8FHHbAlOmYTSNM6NSpl1gNQuBIhq5pO7Jp7MdGrXLBx4DKwnTmf2alEUa8N90kL
j5GyaYkBzmwUS+uS4+yqX3mKKIA9iSHy8/DV40IWaJ9qrxpq60FuhZvZH/Gruyje
m0v9xMIlFwBXJfWu3UCClJW/fIzOtx+RGopfltBYWrPs6UWhDE/saLHXVYYjzJXx
bP0Pz+A6RVw7XGGA5ms/+0CxprKgTgRU3tbIpzi98VGWNhSyKY5TeuTxB9wV7Epc
Gd9GHNxUS4r9oE9aVpKIVDtf6UHKhg==
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:46:59 2025 by rpki-client