Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/eeWOqUj0mBqapEhRefetZj3y7dA.roa
File: eeWOqUj0mBqapEhRefetZj3y7dA.roa (raw, json)
Hash identifier: as8MT4DcvfePUXg0WAueX1uPOrEejF+/h9srTEpDp7k=
Subject key identifier: 79:E5:8E:A9:48:F4:98:1A:9A:A4:48:51:79:F7:AD:66:3D:F2:ED:D0
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 01828DAED7468AA15F04AD27F6C027D60ADE
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/eeWOqUj0mBqapEhRefetZj3y7dA.roa
Signing time: Thu 11 Aug 2022 16:13:42 +0000
ROA not before: Thu 11 Aug 2022 16:13:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209235
IP address blocks: 2.56.84.0/24 maxlen: 24
2.56.85.0/24 maxlen: 24
45.141.242.0/24 maxlen: 24
45.141.255.0/24 maxlen: 24
193.38.224.0/24 maxlen: 24
2a09:c0c0::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:ae:d7:46:8a:a1:5f:04:ad:27:f6:c0:27:d6:0a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Aug 11 16:13:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79e58ea948f4981a9aa4485179f7ad663df2edd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:69:4b:15:98:b8:c9:4b:2f:c2:0d:67:bf:04:
de:db:a7:b9:d5:e5:21:8b:46:12:cd:5d:f8:be:e9:
98:a6:9a:10:f2:21:9b:ea:98:55:00:c0:0d:a2:34:
63:b4:12:ce:9f:d1:55:e4:54:59:6e:53:f0:40:aa:
cd:a2:db:37:c5:74:82:d4:e3:7a:11:ab:aa:cd:85:
83:b1:0c:df:fa:e9:74:3a:82:c3:ff:3d:0f:8f:04:
83:28:2e:20:7a:30:6a:62:35:4d:09:d8:22:99:c5:
fa:a9:63:1e:3a:25:d0:01:94:ac:2b:97:9e:39:a8:
ff:23:7a:a9:35:95:cd:29:58:f9:66:42:e3:ca:3c:
c6:06:2a:d1:cd:dd:c1:83:8e:8b:a4:97:43:b3:08:
4f:cf:fe:09:1e:99:e9:4c:d8:2e:8b:0b:5a:16:fb:
85:a4:f0:85:be:4e:fb:3d:71:58:e2:4b:93:80:98:
4b:88:81:2d:d6:46:d7:65:e8:8f:f2:13:1a:89:49:
b4:02:8c:15:97:8a:ec:32:76:e8:ae:03:63:b1:6f:
08:ae:fe:a2:08:c1:40:ac:79:72:f5:c6:92:2c:3f:
9e:57:41:4c:2f:73:a8:ae:f2:df:8c:b7:21:78:d4:
c4:23:79:7a:c2:20:a2:b8:2b:54:e9:5c:b0:f8:39:
8f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E5:8E:A9:48:F4:98:1A:9A:A4:48:51:79:F7:AD:66:3D:F2:ED:D0
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/eeWOqUj0mBqapEhRefetZj3y7dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.84.0/23
45.141.242.0/24
45.141.255.0/24
193.38.224.0/24
IPv6:
2a09:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:98:59:01:98:e3:e3:99:3d:3b:10:5d:42:91:87:a7:93:ab:
9c:2a:30:59:a0:54:8f:b0:74:bf:61:fb:e9:fe:91:2e:08:5f:
c6:12:b0:51:0e:05:66:4b:d6:91:5b:26:9d:51:6e:60:13:d3:
97:32:45:ee:33:2e:36:f4:61:14:79:30:5d:b1:04:0f:8c:18:
17:73:a7:7f:b5:fb:ab:33:02:67:f4:a4:c6:ee:01:c1:be:c1:
96:e3:4e:ed:d8:62:f2:5d:02:81:af:08:ef:f5:04:93:55:2c:
74:36:a1:53:cd:f2:2e:01:c8:e5:37:bb:b3:40:70:7b:91:02:
0b:46:0f:48:05:6d:e9:1e:c3:61:73:fa:da:16:4f:97:f0:05:
62:f7:6e:7c:6b:36:10:32:8f:96:d3:db:0b:60:a5:a8:8a:a5:
14:80:d6:e3:4f:39:10:90:80:1f:3a:14:ee:e7:76:32:14:bc:
e8:f5:13:5e:12:6b:1d:9e:db:16:d3:5a:d1:e0:11:a1:16:f5:
89:13:1c:2c:da:56:ed:9e:33:aa:ff:97:a4:2f:80:ab:64:1a:
cc:36:bf:b1:2e:d0:db:6f:5d:88:af:78:b2:9d:55:b7:5f:2f:
b1:9a:b8:01:15:65:c7:f9:ce:04:89:57:e4:7e:10:5d:03:85:
46:80:1b:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYKNrtdGiqFfBK0n9sAn1greMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzc4ZWVlZjdhY2I0NTFmYzM3NTc1ZmViOTExNGRmY2Nj
MWNkZmIwHhcNMjIwODExMTYxMzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWU1OGVhOTQ4ZjQ5ODFhOWFhNDQ4NTE3OWY3YWQ2NjNkZjJlZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32lLFZi4yUsvwg1nvwTe26e51eUh
i0YSzV34vumYppoQ8iGb6phVAMANojRjtBLOn9FV5FRZblPwQKrNots3xXSC1ON6
EauqzYWDsQzf+ul0OoLD/z0PjwSDKC4gejBqYjVNCdgimcX6qWMeOiXQAZSsK5ee
Oaj/I3qpNZXNKVj5ZkLjyjzGBirRzd3Bg46LpJdDswhPz/4JHpnpTNguiwtaFvuF
pPCFvk77PXFY4kuTgJhLiIEt1kbXZeiP8hMaiUm0AowVl4rsMnborgNjsW8Irv6i
CMFArHly9caSLD+eV0FML3OorvLfjLcheNTEI3l6wiCiuCtU6Vyw+DmPTwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHnljqlI9JgamqRIUXn3rWY98u3QMB8GA1UdIwQY
MBaAFDLHju73rLRR/DdXX+uRFN/Mwc37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYt
MmYxYzhlNDA4YjY0LzEvZWVXT3FVajBtQnFhcEVoUmVmZXRaajN5N2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYtMmYxYzhlNDA4YjY0
LzEvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBAjhUAwQA
LY3yAwQALY3/AwQAwSbgMA0EAgACMAcDBQMqCcDAMA0GCSqGSIb3DQEBCwUAA4IB
AQBEmFkBmOPjmT07EF1CkYenk6ucKjBZoFSPsHS/Yfvp/pEuCF/GErBRDgVmS9aR
WyadUW5gE9OXMkXuMy429GEUeTBdsQQPjBgXc6d/tfurMwJn9KTG7gHBvsGW407t
2GLyXQKBrwjv9QSTVSx0NqFTzfIuAcjlN7uzQHB7kQILRg9IBW3pHsNhc/raFk+X
8AVi9258azYQMo+W09sLYKWoiqUUgNbjTzkQkIAfOhTu53YyFLzo9RNeEmsdntsW
01rR4BGhFvWJExws2lbtnjOq/5ekL4CrZBrMNr+xLtDbb12Ir3iynVW3Xy+xmrgB
FWXH+c4EiVfkfhBdA4VGgBud
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:51:08 2025 by rpki-client