Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/571yGA_Bmp3TZgOJFFO_ivYWAgw.roa
File: 571yGA_Bmp3TZgOJFFO_ivYWAgw.roa (raw, json)
Hash identifier: SAW5Dtew9aR5mwJUGaoCoMNgUmkmjwOpNPd0k4J4ezQ=
Subject key identifier: E7:BD:72:18:0F:C1:9A:9D:D3:66:03:89:14:53:BF:8A:F6:16:02:0C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01899C8DD31B3C0C7F8F8233E6AD2A5D0D1E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/571yGA_Bmp3TZgOJFFO_ivYWAgw.roa
Signing time: Fri 28 Jul 2023 12:51:27 +0000
ROA not before: Fri 28 Jul 2023 12:51:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 83.143.112.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:8d:d3:1b:3c:0c:7f:8f:82:33:e6:ad:2a:5d:0d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 28 12:51:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7bd72180fc19a9dd36603891453bf8af616020c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:35:94:ee:b3:68:94:f1:c8:07:e1:c2:66:ec:
c8:4a:05:58:67:b1:e1:b4:f9:f9:4a:a8:10:44:3e:
b2:1d:46:ba:ba:b3:0c:98:1d:eb:6a:a0:6b:d2:7c:
7b:83:47:d6:39:74:92:f0:ff:8f:d0:d1:28:0e:44:
d1:fd:ae:65:fa:fa:96:c7:a6:76:e9:13:63:11:7a:
a3:ba:1a:8c:bd:e0:cf:ca:71:bf:b0:e5:70:c3:ff:
36:c7:d1:d2:3b:f7:ed:70:2d:1c:22:2d:23:ca:74:
bd:19:c0:cc:fe:38:c5:2d:9f:c7:da:19:e3:9e:03:
49:65:a6:6b:be:ea:5f:f3:24:3a:45:91:ee:06:6c:
fc:73:1f:57:29:eb:eb:44:c8:79:ec:3a:d7:85:62:
d7:c4:91:8b:80:62:58:6d:7f:55:e1:4b:b5:6a:5f:
8f:28:f2:31:6b:69:8b:2e:d2:c4:4f:46:63:5a:fa:
f4:db:de:f5:53:f5:7c:58:cf:77:26:31:4e:3f:fc:
5e:3f:b4:1b:0d:b7:be:13:bf:02:03:bf:98:c5:0f:
f9:ea:7d:ef:ed:9a:41:b5:83:e9:ad:9a:17:25:d3:
c2:ef:98:64:a2:95:f1:36:5e:95:aa:69:24:61:5f:
93:12:21:c9:0e:f5:56:65:46:4a:4e:cb:4b:de:90:
87:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:BD:72:18:0F:C1:9A:9D:D3:66:03:89:14:53:BF:8A:F6:16:02:0C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/571yGA_Bmp3TZgOJFFO_ivYWAgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.128.99.0/24
45.149.233.0/24
79.110.50.0/24
83.143.112.0/23
85.209.132.0/24
85.217.145.0/24
87.121.69.0/24
93.123.85.0/24
176.125.252.0/24
178.215.237.0/24
185.222.163.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
82:69:7c:a4:7f:20:b0:ea:b6:03:fe:39:4b:91:d7:45:b7:e8:
e1:ad:10:32:55:8a:f8:fa:f6:d0:9d:67:1f:46:7b:c5:e0:4a:
ee:97:dd:49:70:e0:e1:13:76:77:96:d9:77:d2:05:81:db:af:
dc:58:09:99:e5:77:0e:b4:e3:61:bf:87:75:c8:76:bc:b5:5d:
5a:3c:c4:18:bc:63:b8:95:a4:cc:17:07:44:15:2a:89:ad:2e:
b9:2b:48:05:bc:aa:3f:74:9d:d9:99:7d:ec:f7:7c:bf:4b:ec:
7a:26:6b:0a:e0:2c:cf:56:74:57:1f:ad:2b:50:07:c4:70:af:
5c:b7:3d:5f:4b:73:08:64:4d:0f:65:1d:95:24:25:76:db:ec:
ec:3e:d9:b7:cd:cb:a2:73:0e:8e:48:ac:48:1c:0e:7d:71:fc:
07:62:54:71:18:c8:b5:e5:6e:70:da:4b:f4:bd:ba:f1:85:56:
7a:0e:60:6d:b6:48:00:60:2c:bd:2a:c2:6a:6c:96:12:7a:39:
b7:1c:a1:ba:0b:36:b9:ef:70:c5:89:7c:3b:5d:53:5d:9d:97:
8b:70:e2:ae:d9:91:ef:36:36:c3:f0:57:bf:e1:af:50:44:dd:
5b:31:22:9c:f0:b3:50:fd:f0:71:81:75:5b:80:90:54:50:88:
d1:fb:1a:54
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYmcjdMbPAx/j4Iz5q0qXQ0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI4MTI1MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2JkNzIxODBmYzE5YTlkZDM2NjAzODkxNDUzYmY4YWY2MTYwMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzWU7rNolPHIB+HCZuzISgVYZ7Hh
tPn5SqgQRD6yHUa6urMMmB3raqBr0nx7g0fWOXSS8P+P0NEoDkTR/a5l+vqWx6Z2
6RNjEXqjuhqMveDPynG/sOVww/82x9HSO/ftcC0cIi0jynS9GcDM/jjFLZ/H2hnj
ngNJZaZrvupf8yQ6RZHuBmz8cx9XKevrRMh57DrXhWLXxJGLgGJYbX9V4Uu1al+P
KPIxa2mLLtLET0ZjWvr02971U/V8WM93JjFOP/xeP7QbDbe+E78CA7+YxQ/56n3v
7ZpBtYPprZoXJdPC75hkopXxNl6VqmkkYV+TEiHJDvVWZUZKTstL3pCHhwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOe9chgPwZqd02YDiRRTv4r2FgIMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNTcxeUdBX0JtcDNUWmdPSkZGT19pdllXQWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQALVRaAwQA
LYBjAwQALZXpAwQAT24yAwQBU49wAwQAVdGEAwQAVdmRAwQAV3lFAwQAXXtVAwQA
sH38AwQAstftAwQAud6jAwQAwSoiAwQAwS88AwQAwS8/AwQAwjD5AwQAwjD7MA0G
CSqGSIb3DQEBCwUAA4IBAQCCaXykfyCw6rYD/jlLkddFt+jhrRAyVYr4+vbQnWcf
RnvF4Erul91JcODhE3Z3ltl30gWB26/cWAmZ5XcOtONhv4d1yHa8tV1aPMQYvGO4
laTMFwdEFSqJrS65K0gFvKo/dJ3ZmX3s93y/S+x6JmsK4CzPVnRXH60rUAfEcK9c
tz1fS3MIZE0PZR2VJCV22+zsPtm3zcuicw6OSKxIHA59cfwHYlRxGMi15W5w2kv0
vbrxhVZ6DmBttkgAYCy9KsJqbJYSejm3HKG6Cza573DFiXw7XVNdnZeLcOKu2ZHv
NjbD8Fe/4a9QRN1bMSKc8LNQ/fBxgXVbgJBUUIjR+xpU
-----END CERTIFICATE-----
Generated at Sat May 3 03:10:24 2025 by rpki-client