Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hlj6mldMQw3Xf8bC6UkLw7_2PIc.roa
File: hlj6mldMQw3Xf8bC6UkLw7_2PIc.roa (raw, json)
Hash identifier: qc6rYJ2MDmmfKDTKfdd9vUyXokkP8Z3utDWr8B5oeew=
Subject key identifier: 86:58:FA:9A:57:4C:43:0D:D7:7F:C6:C2:E9:49:0B:C3:BF:F6:3C:87
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A601C5735671D4550FF81A123ECCEFBCE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hlj6mldMQw3Xf8bC6UkLw7_2PIc.roa
Signing time: Mon 04 Sep 2023 12:13:04 +0000
ROA not before: Mon 04 Sep 2023 12:13:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 193.124.3.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
212.193.31.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
194.87.205.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:1c:57:35:67:1d:45:50:ff:81:a1:23:ec:ce:fb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 12:13:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8658fa9a574c430dd77fc6c2e9490bc3bff63c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d4:75:d7:3f:bd:3c:ef:72:65:e7:9c:a5:31:
3e:db:4e:82:f0:37:7b:91:63:7c:9b:2d:77:05:1f:
35:fc:d4:64:28:82:e4:be:3e:eb:dc:39:72:2b:63:
cd:29:1e:da:be:7d:55:13:9c:00:84:31:bf:16:8d:
ad:40:5b:bf:48:be:d5:e8:4d:be:10:92:15:94:ea:
f0:96:83:33:d1:71:86:9e:41:b3:eb:19:c5:d8:b7:
47:e7:3c:07:82:53:7c:c4:62:f7:2d:1f:75:dc:d5:
51:d9:cc:b0:26:5e:b8:e1:09:8c:92:16:d2:58:46:
81:42:63:05:b5:3c:a8:94:f5:1d:f3:b3:96:23:33:
ae:76:85:33:f4:b4:8b:9e:50:6e:d3:ab:c6:af:34:
5d:d1:a6:28:e8:8f:80:4c:8b:12:59:a9:a9:e2:55:
b0:a2:9b:0d:8f:24:94:33:b9:8f:34:32:2f:ee:93:
ee:ef:cd:d3:c1:69:53:75:8a:9c:0d:9c:27:97:eb:
0f:0c:4e:40:7b:38:4b:f0:da:d9:9d:8a:c5:30:1f:
5a:0d:21:e4:5d:f9:8d:fa:f4:98:4b:13:0c:2d:90:
54:7e:e4:de:83:73:a9:8e:6b:80:fc:b4:8b:23:46:
a4:b8:f2:e9:52:15:06:6b:cc:2b:99:a1:ac:6a:42:
f0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:58:FA:9A:57:4C:43:0D:D7:7F:C6:C2:E9:49:0B:C3:BF:F6:3C:87
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hlj6mldMQw3Xf8bC6UkLw7_2PIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
62.76.231.0/24
62.76.235.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.49.0/24
193.124.91.0/24
193.124.94.0/24
193.124.201.0/24
193.124.226.0/24
194.58.38.0/24
194.58.43.0/24
194.58.46.0/24
194.58.58.0-194.58.60.255
194.58.67.0/24
194.87.3.0/24
194.87.6.0/23
194.87.16.0/24
194.87.23.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/24
194.87.63.0/24
194.87.78.0/24
194.87.85.0/24
194.87.105.0/24
194.87.116.0-194.87.121.255
194.87.160.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.180.0-194.87.182.255
194.87.205.0/24
194.87.230.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.19.0/24
195.133.22.0/24
195.133.80.0/24
195.133.82.0/24
195.133.195.0/24
212.192.0.0/24
212.192.7.0/24
212.192.10.0/24
212.192.30.0/24
212.192.210.0/23
212.192.241.0/24
212.192.247.0/24
212.193.10.0/24
212.193.15.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
04:0d:f2:e6:e4:be:bc:e4:88:0a:2c:bd:42:a0:eb:9a:7e:1b:
95:43:05:35:65:42:83:04:99:46:08:b6:db:84:b8:be:31:b0:
c3:4e:44:28:28:d8:f3:f4:8a:d4:bf:1d:61:3b:d0:ba:52:cb:
71:53:6c:c5:0f:62:fd:f6:0a:b3:35:6e:8e:75:c7:0f:4a:e6:
5d:f8:0f:49:04:9e:bd:6b:d8:db:66:82:71:80:8d:67:65:6f:
d4:e8:b2:ed:54:b7:f1:e2:ba:c8:c7:50:62:5f:bf:41:6f:52:
80:f7:66:27:62:41:5c:5d:99:c7:72:df:69:6c:d1:ca:b0:b2:
83:14:d0:dc:04:c4:3a:10:dd:1b:a3:6e:13:de:70:cf:c6:9a:
54:0c:65:ea:3b:3d:69:2e:43:16:32:20:91:ac:ff:b0:04:92:
c9:2e:64:3e:ae:af:76:89:56:10:c3:51:46:17:4e:94:c8:05:
d6:85:fe:b4:b2:15:60:e1:70:c0:ee:41:a6:c6:a9:40:bb:1d:
88:57:30:69:06:ee:11:df:25:f7:a4:61:eb:c2:e0:4f:0a:52:
55:18:d0:8c:4e:2b:9b:a6:b8:27:86:d7:fa:59:df:0f:6f:4e:
4a:e5:ec:e9:88:f7:38:a9:f6:e7:4b:c3:91:72:e6:41:df:f8:
e3:b2:ca:46
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgISAYpgHFc1Zx1FUP+BoSPszvvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA0MTIxMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU4ZmE5YTU3NGM0MzBkZDc3ZmM2YzJlOTQ5MGJjM2JmZjYzYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9R11z+9PO9yZeecpTE+206C8Dd7
kWN8my13BR81/NRkKILkvj7r3DlyK2PNKR7avn1VE5wAhDG/Fo2tQFu/SL7V6E2+
EJIVlOrwloMz0XGGnkGz6xnF2LdH5zwHglN8xGL3LR913NVR2cywJl644QmMkhbS
WEaBQmMFtTyolPUd87OWIzOudoUz9LSLnlBu06vGrzRd0aYo6I+ATIsSWamp4lWw
opsNjySUM7mPNDIv7pPu783TwWlTdYqcDZwnl+sPDE5AezhL8NrZnYrFMB9aDSHk
XfmN+vSYSxMMLZBUfuTeg3OpjmuA/LSLI0akuPLpUhUGa8wrmaGsakLw4wIDAQAB
o4IDkzCCA48wHQYDVR0OBBYEFIZY+ppXTEMN13/GwulJC8O/9jyHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaGxqNm1sZE1RdzNYZjhiQzZVa0x3N18yUEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpwYIKwYBBQUHAQcBAf8EggGWMIIBkjCCAY4EAgABMIIB
hgMEAD5M4gMEAD5M5wMEAD5M6wMEAMF8AwMEAMF8BgMEAMF8CAMEAMF8EgMEAMF8
MQMEAMF8WwMEAMF8XgMEAMF8yQMEAMF84gMEAMI6JgMEAMI6KwMEAMI6LjAMAwQB
wjo6AwQAwjo8AwQAwjpDAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcXAwQAwlciAwQA
wlckAwQAwlcqAwQAwlc/AwQAwldOAwQAwldVAwQAwldpMAwDBALCV3QDBAHCV3gD
BADCV6ADBADCV6MwDAMEAMJXpQMEAMJXpgMEAcJXsDAMAwQCwle0AwQAwle2AwQA
wlfNAwQAwlfmMAwDBADChxcDBADChxgDBADChy4wDAMEAMM6NwMEAMM6OAMEAMM6
OwMEAMM6PgMEAMOFDAMEAMOFEwMEAMOFFgMEAMOFUAMEAMOFUgMEAMOFwwMEANTA
AAMEANTABwMEANTACgMEANTAHgMEAdTA0gMEANTA8QMEANTA9wMEANTBCgMEANTB
DwMEANTBHzANBgkqhkiG9w0BAQsFAAOCAQEABA3y5uS+vOSICiy9QqDrmn4blUMF
NWVCgwSZRgi224S4vjGww05EKCjY8/SK1L8dYTvQulLLcVNsxQ9i/fYKszVujnXH
D0rmXfgPSQSevWvY22aCcYCNZ2Vv1Oiy7VS38eK6yMdQYl+/QW9SgPdmJ2JBXF2Z
x3LfaWzRyrCygxTQ3ATEOhDdG6NuE95wz8aaVAxl6js9aS5DFjIgkaz/sASSyS5k
Pq6vdolWEMNRRhdOlMgF1oX+tLIVYOFwwO5BpsapQLsdiFcwaQbuEd8l96Rh68Lg
TwpSVRjQjE4rm6a4J4bX+lnfD29OSuXs6Yj3OKn250vDkXLmQd/447LKRg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:43:02 2025 by rpki-client