Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/hqHh1ZyjHakZR6JT90CUsYauEuk.roa
File: hqHh1ZyjHakZR6JT90CUsYauEuk.roa (raw, json)
Hash identifier: mHwB4g/ygnL8SPySFTGwPcmf0WkPH6XlrTQWXCI7IqE=
Subject key identifier: 86:A1:E1:D5:9C:A3:1D:A9:19:47:A2:53:F7:40:94:B1:86:AE:12:E9
Certificate issuer: /CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Certificate serial: 01960710E50D29DA515F8BAE0F9F4E5B8803
Authority key identifier: 79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/hqHh1ZyjHakZR6JT90CUsYauEuk.roa
Signing time: Sat 05 Apr 2025 17:47:49 +0000
ROA not before: Sat 05 Apr 2025 17:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42532
IP address blocks: 77.73.64.0/23 maxlen: 23
77.73.71.0/24 maxlen: 24
91.197.0.0/22 maxlen: 22
94.242.48.0/24 maxlen: 24
94.242.49.0/24 maxlen: 24
94.242.58.0/23 maxlen: 23
94.242.63.0/24 maxlen: 24
185.22.172.0/22 maxlen: 22
185.145.245.0/24 maxlen: 24
185.155.119.0/24 maxlen: 24
185.242.104.0/22 maxlen: 22
185.242.106.0/23 maxlen: 23
212.6.44.0/24 maxlen: 24
2a0c:16c0::/32 maxlen: 32
2a0c:16c1::/32 maxlen: 32
2a0c:16c2::/32 maxlen: 32
2a0c:16c3::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:07:10:e5:0d:29:da:51:5f:8b:ae:0f:9f:4e:5b:88:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Validity
Not Before: Apr 5 17:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86a1e1d59ca31da91947a253f74094b186ae12e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0a:2b:03:fa:30:da:c3:1c:b9:93:95:87:04:
5e:30:7d:dd:73:a3:80:b8:49:c3:d4:cc:f9:e1:51:
f0:ad:40:bc:3c:cf:49:da:d3:12:59:8c:81:38:eb:
7f:82:f6:04:33:d4:5b:95:76:47:f1:9c:b9:63:cd:
9f:d5:71:d9:0a:4e:07:88:df:9c:00:15:02:47:38:
58:e5:6b:69:2d:48:4e:fe:62:4c:2b:73:dc:7e:eb:
0b:c7:6b:59:93:8e:eb:19:57:14:86:05:8b:4c:c5:
72:b0:8d:78:9e:95:4f:90:d9:a0:05:ae:21:6a:f4:
d5:0b:ef:67:bf:5b:f9:de:56:d7:62:64:42:4d:81:
e1:ca:3d:ca:be:ff:7f:d4:1c:22:a4:1c:6a:33:bb:
8b:dc:b3:d5:5d:53:3d:80:e1:01:b7:d5:5d:d5:e6:
5d:f3:04:b3:92:93:f3:0e:39:34:a7:4b:18:8f:55:
99:73:49:20:4b:49:53:70:90:5d:88:4d:f7:f3:17:
28:df:87:be:ad:dd:02:14:0e:3d:bf:76:23:f8:6b:
3b:4b:8b:b7:66:f6:68:02:1c:c7:d4:0e:c2:fc:88:
df:0d:62:45:c7:91:a6:33:49:8a:0d:d9:3d:94:45:
ac:c2:13:b3:fb:ee:2e:92:a9:a6:f0:f0:72:ac:95:
2a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A1:E1:D5:9C:A3:1D:A9:19:47:A2:53:F7:40:94:B1:86:AE:12:E9
X509v3 Authority Key Identifier:
keyid:79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/hqHh1ZyjHakZR6JT90CUsYauEuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.64.0/23
77.73.71.0/24
91.197.0.0/22
94.242.48.0/23
94.242.58.0/23
94.242.63.0/24
185.22.172.0/22
185.145.245.0/24
185.155.119.0/24
185.242.104.0/22
212.6.44.0/24
IPv6:
2a0c:16c0::/30
Signature Algorithm: sha256WithRSAEncryption
3c:51:9a:bd:bc:51:6a:b1:5d:4a:ab:44:c4:af:ec:15:f8:13:
8e:f0:6d:00:c6:b6:61:89:36:fe:1f:8e:8c:e3:4e:f5:b5:f7:
59:d6:9d:95:70:f6:cc:cc:da:5e:78:f2:24:41:3d:78:0e:df:
f4:df:fc:be:22:8c:61:3c:4a:7b:8b:47:39:b5:03:a1:66:95:
ec:73:28:99:71:18:da:5f:e1:d1:84:1a:55:32:e3:7b:69:7f:
18:b3:e0:68:7b:cd:ef:63:26:99:48:bd:b4:3d:09:87:d9:a0:
be:27:3a:bf:63:82:a1:bd:f1:4f:64:07:60:5a:ac:70:bc:8e:
15:39:05:aa:39:b5:e5:51:d2:c9:80:0c:2c:8a:59:41:16:69:
47:b7:d5:14:3a:e9:5d:41:8a:54:c3:8e:79:44:f6:2e:5a:6e:
b5:78:f4:58:65:b7:36:b3:07:35:aa:a2:70:e0:3f:2f:f8:28:
0d:be:4c:7d:9f:3c:65:25:b6:2b:15:50:2a:65:6c:44:59:fe:
77:a3:dc:50:c5:db:46:29:a2:5c:4e:60:4f:12:65:8a:0f:f2:
a5:64:ef:22:a6:2d:58:91:0f:00:27:3a:7e:8c:46:62:3b:77:
76:a4:53:e7:a9:6f:96:b8:4e:f2:08:64:17:b9:3c:d1:6f:b7:
1e:c6:11:41
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZYHEOUNKdpRX4uuD59OW4gDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZTI0YjQ3Zjg5NDNjYWQ2ZTA0YzlmNjQ2Y2IxMDc3YzE0
MGZkZmIwHhcNMjUwNDA1MTc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmExZTFkNTljYTMxZGE5MTk0N2EyNTNmNzQwOTRiMTg2YWUxMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxworA/ow2sMcuZOVhwReMH3dc6OA
uEnD1Mz54VHwrUC8PM9J2tMSWYyBOOt/gvYEM9RblXZH8Zy5Y82f1XHZCk4HiN+c
ABUCRzhY5WtpLUhO/mJMK3PcfusLx2tZk47rGVcUhgWLTMVysI14npVPkNmgBa4h
avTVC+9nv1v53lbXYmRCTYHhyj3Kvv9/1BwipBxqM7uL3LPVXVM9gOEBt9Vd1eZd
8wSzkpPzDjk0p0sYj1WZc0kgS0lTcJBdiE338xco34e+rd0CFA49v3Yj+Gs7S4u3
ZvZoAhzH1A7C/IjfDWJFx5GmM0mKDdk9lEWswhOz++4ukqmm8PByrJUq/wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFIah4dWcox2pGUeiU/dAlLGGrhLpMB8GA1UdIwQY
MBaAFHniS0f4lDytbgTJ9kbLEHfBQP37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQt
YmM1ODRiMzZjYmVmLzEvaHFIaDFaeWpIYWtaUjZKVDkwQ1VzWWF1RXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQtYmM1ODRiMzZjYmVm
LzEvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQBTUlAAwQA
TUlHAwQCW8UAAwQBXvIwAwQBXvI6AwQAXvI/AwQCuRasAwQAuZH1AwQAuZt3AwQC
ufJoAwQA1AYsMA0EAgACMAcDBQIqDBbAMA0GCSqGSIb3DQEBCwUAA4IBAQA8UZq9
vFFqsV1Kq0TEr+wV+BOO8G0AxrZhiTb+H46M4071tfdZ1p2VcPbMzNpeePIkQT14
Dt/03/y+IoxhPEp7i0c5tQOhZpXscyiZcRjaX+HRhBpVMuN7aX8Ys+Boe83vYyaZ
SL20PQmH2aC+Jzq/Y4KhvfFPZAdgWqxwvI4VOQWqObXlUdLJgAwsillBFmlHt9UU
OuldQYpUw455RPYuWm61ePRYZbc2swc1qqJw4D8v+CgNvkx9nzxlJbYrFVAqZWxE
Wf53o9xQxdtGKaJcTmBPEmWKD/KlZO8ipi1YkQ8AJzp+jEZiO3d2pFPnqW+WuE7y
CGQXuTzRb7cexhFB
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:11:05 2025 by rpki-client