Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DjxgilYdGIdw5yycnvV6NMQXlts.roa
File: DjxgilYdGIdw5yycnvV6NMQXlts.roa (raw, json)
Hash identifier: uJ5bCPqDM10hFvKIjCkhTS4HRTtuNsQuOhyEEB0OjDY=
Subject key identifier: 0E:3C:60:8A:56:1D:18:87:70:E7:2C:9C:9E:F5:7A:34:C4:17:96:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018953B893210A0D0ED47AD2A67FC86A8411
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DjxgilYdGIdw5yycnvV6NMQXlts.roa
Signing time: Fri 14 Jul 2023 09:25:52 +0000
ROA not before: Fri 14 Jul 2023 09:25:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
193.124.124.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.247.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:b8:93:21:0a:0d:0e:d4:7a:d2:a6:7f:c8:6a:84:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 14 09:25:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e3c608a561d188770e72c9c9ef57a34c41796db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:b4:25:48:50:ae:23:f1:7e:49:99:53:46:
8b:9e:4e:51:50:ba:30:42:68:bc:70:49:64:ca:a4:
5b:6e:92:b5:e1:0d:ff:b1:c8:52:67:5d:48:de:aa:
7b:47:49:80:d1:43:ab:8b:bc:25:7d:ba:28:31:ac:
a4:18:1d:75:93:ef:05:2e:d5:70:82:8d:33:34:6e:
8a:9a:03:4d:93:bc:d1:dc:d8:69:4b:44:5c:53:dd:
a4:97:e5:d9:46:20:74:5f:bc:cd:0f:99:0f:0c:b0:
2c:28:bb:d7:bc:d5:f0:c6:be:71:c8:0f:b3:e6:bb:
d9:d6:10:e7:b9:b3:76:50:d4:2b:83:c0:c4:c1:de:
33:e6:f6:db:75:a5:6d:4d:33:4a:11:8d:dc:e8:85:
da:d1:20:cb:a1:d2:7b:4b:b5:87:fb:41:2b:77:8b:
56:11:55:c8:9b:fc:a5:26:e6:d8:6c:55:24:41:a8:
1a:c6:2c:80:b8:74:51:5e:33:42:65:69:66:3a:86:
2c:ee:99:fe:14:2b:8f:3b:8b:88:7f:9e:c2:9c:5e:
2b:6c:7f:28:75:48:83:2f:d7:6a:fe:50:54:f3:b9:
5a:cf:75:34:c4:ba:74:b7:c7:c3:86:6e:bf:b7:0f:
3a:b5:52:23:63:c3:46:e6:1f:cb:65:9d:5a:3b:5b:
57:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3C:60:8A:56:1D:18:87:70:E7:2C:9C:9E:F5:7A:34:C4:17:96:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DjxgilYdGIdw5yycnvV6NMQXlts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/23
192.124.178.0/24
192.124.181.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.124.0/24
193.124.133.0/24
193.124.200.0/24
193.124.204.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.3.0/24
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.23.0-194.87.27.255
194.87.36.0/24
194.87.40.0/24
194.87.43.0/24
194.87.56.0/24
194.87.73.0/24
194.87.78.0/24
194.87.83.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.172.0/24
194.87.177.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.135.24.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.35.0/24
195.133.84.0/23
195.133.194.0/23
212.192.8.0/24
212.192.10.0/24
212.192.241.0/24
212.192.244.0/24
212.192.247.0-212.192.251.255
Signature Algorithm: sha256WithRSAEncryption
88:dd:b9:ac:c3:97:7b:5d:6b:71:21:a0:a4:1c:f2:02:e6:45:
e5:6d:d5:11:31:3b:87:94:2e:85:28:a3:a6:d4:49:00:26:33:
77:89:e1:2a:5c:ff:6a:f7:6f:b8:de:5e:3f:9f:7c:72:f9:6b:
3f:ba:d2:46:2c:43:88:35:88:a1:ee:c6:e4:9d:09:c4:b3:02:
d5:88:bd:43:2e:d7:db:34:eb:83:55:c1:3a:0d:fc:39:82:96:
aa:34:08:78:4c:34:6d:0c:44:3d:10:c5:c0:d8:fa:27:43:88:
f9:55:5f:36:7c:8b:c7:c4:a5:0b:5d:33:f6:bf:ab:e2:06:e8:
02:fb:2b:02:b2:66:06:c7:43:4d:32:bb:a0:68:62:66:8e:6f:
cd:d1:06:ec:2e:3d:51:d0:b1:5a:62:1f:2f:e4:a2:4c:41:31:
da:25:ca:1c:50:e6:0c:40:2a:fb:31:f8:94:4f:e8:31:c1:c1:
8e:42:67:49:67:e1:84:03:67:d7:39:a4:59:f1:ff:6f:52:3b:
28:34:73:32:99:52:fa:41:f9:78:3d:da:82:ca:b0:0b:a5:91:
31:4a:32:30:f1:0c:c8:32:86:29:01:21:28:7b:8d:60:33:aa:
d5:13:5b:c1:d0:39:b0:3a:23:f2:51:29:18:7b:6a:13:d7:20:
82:cf:4a:21
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAYlTuJMhCg0O1HrSpn/IaoQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzE0MDkyNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNjNjA4YTU2MWQxODg3NzBlNzJjOWM5ZWY1N2EzNGM0MTc5NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZC0JUhQriPxfkmZU0aLnk5RULow
Qmi8cElkyqRbbpK14Q3/schSZ11I3qp7R0mA0UOri7wlfbooMaykGB11k+8FLtVw
go0zNG6KmgNNk7zR3NhpS0RcU92kl+XZRiB0X7zND5kPDLAsKLvXvNXwxr5xyA+z
5rvZ1hDnubN2UNQrg8DEwd4z5vbbdaVtTTNKEY3c6IXa0SDLodJ7S7WH+0Erd4tW
EVXIm/ylJubYbFUkQagaxiyAuHRRXjNCZWlmOoYs7pn+FCuPO4uIf57CnF4rbH8o
dUiDL9dq/lBU87laz3U0xLp0t8fDhm6/tw86tVIjY8NG5h/LZZ1aO1tXiQIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFA48YIpWHRiHcOcsnJ71ejTEF5bbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRGp4Z2lsWWRHSWR3NXl5Y252VjZOTVFYbHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIB
egMEAT5M5gMEAMB8sgMEAMB8tQMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8
fAMEAMF8hQMEAMF8yAMEAMF8zAMEAMI6LwMEAMI6mgMEAMI63wMEAMJXAQMEAMJX
AwMEAMJXBzAMAwQAwlcLAwQAwlcMAwQAwlcQMAwDBADCVxcDBALCVxgDBADCVyQD
BADCVygDBADCVysDBADCVzgDBADCV0kDBADCV04DBADCV1MDBAHCV3IDBADCV3oD
BADCV3wDBAHCV4IDBAHCV4YDBADCV5cDBADCV6IDBADCV6YDBADCV6gDBADCV6wD
BADCV7EDBADCV7MDBADCV7sDBADCV74DBADCV8gDBADCV8wDBADCV94DBADCV/AD
BADChxgDBADDOjYDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhSMDBAHDhVQD
BAHDhcIDBADUwAgDBADUwAoDBADUwPEDBADUwPQwDAMEANTA9wMEAtTA+DANBgkq
hkiG9w0BAQsFAAOCAQEAiN25rMOXe11rcSGgpBzyAuZF5W3VETE7h5QuhSijptRJ
ACYzd4nhKlz/avdvuN5eP598cvlrP7rSRixDiDWIoe7G5J0JxLMC1Yi9Qy7X2zTr
g1XBOg38OYKWqjQIeEw0bQxEPRDFwNj6J0OI+VVfNnyLx8SlC10z9r+r4gboAvsr
ArJmBsdDTTK7oGhiZo5vzdEG7C49UdCxWmIfL+SiTEEx2iXKHFDmDEAq+zH4lE/o
McHBjkJnSWfhhANn1zmkWfH/b1I7KDRzMplS+kH5eD3agsqwC6WRMUoyMPEMyDKG
KQEhKHuNYDOq1RNbwdA5sDoj8lEpGHtqE9cggs9KIQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:09:53 2025 by rpki-client