Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HbKn4lYufm9g7-O5ShzDxZ8Nju8.roa
File: HbKn4lYufm9g7-O5ShzDxZ8Nju8.roa (raw, json)
Hash identifier: y70fSIIYq+nRFD4lnq+1bhBaH5E8Jip0bsm85KthF0k=
Subject key identifier: 1D:B2:A7:E2:56:2E:7E:6F:60:EF:E3:B9:4A:1C:C3:C5:9F:0D:8E:EF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01881F492EFA949BFDDFEED355071C57DA63
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HbKn4lYufm9g7-O5ShzDxZ8Nju8.roa
Signing time: Mon 15 May 2023 12:01:09 +0000
ROA not before: Mon 15 May 2023 12:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
193.8.184.0/23 maxlen: 24
193.8.186.0/23 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
45.95.2.0/23 maxlen: 24
45.95.0.0/23 maxlen: 24
5.253.58.0/23 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:49:2e:fa:94:9b:fd:df:ee:d3:55:07:1c:57:da:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 15 12:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1db2a7e2562e7e6f60efe3b94a1cc3c59f0d8eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b8:15:e4:08:74:7e:bf:07:18:58:2d:6f:54:
ca:73:7a:61:64:61:2d:9b:92:71:0b:3e:bf:89:28:
0c:ad:02:71:a7:85:ee:83:49:b4:ce:db:c1:82:3b:
16:3c:74:0a:37:27:70:cb:67:97:13:68:65:4a:f2:
c6:7e:3d:a9:fc:c4:8d:61:d0:79:93:e4:27:3f:10:
2d:d8:e6:04:3a:d2:49:79:da:b3:1a:6b:52:b3:68:
4a:87:4e:d7:7e:52:1e:46:80:9f:22:e9:58:8c:db:
5e:cb:41:c8:37:a5:be:9a:4b:d0:83:50:0e:58:d2:
3b:f2:3e:7a:bd:cf:b9:93:cc:6d:b2:1a:6b:46:34:
d4:b5:0e:e8:b4:09:18:82:e2:66:40:3e:09:54:60:
a1:f0:f7:f3:bb:69:95:9c:02:68:a8:5e:50:62:e6:
80:8a:10:d9:b7:b1:d9:41:9b:fa:28:4b:a5:1b:89:
d4:c2:36:94:e5:ba:e3:30:21:9d:07:c3:99:98:46:
ff:d9:be:72:fe:89:70:a4:ce:d8:a6:b2:c0:95:90:
53:a6:1e:83:64:e3:4f:ce:76:98:c5:1b:69:e4:db:
32:e5:62:92:b7:84:50:69:e0:2b:6f:b2:e1:2c:50:
4b:24:44:eb:7c:29:c8:b1:7c:f8:b4:e3:82:5a:e5:
9b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B2:A7:E2:56:2E:7E:6F:60:EF:E3:B9:4A:1C:C3:C5:9F:0D:8E:EF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HbKn4lYufm9g7-O5ShzDxZ8Nju8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
37.139.130.0/23
45.8.92.0/24
45.9.208.0/22
45.95.0.0/22
45.139.123.0/24
45.143.100.0/22
87.120.46.0/23
87.120.96.0/23
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.112.0/22
93.123.117.0/24
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.8.184.0/22
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7b:70:ef:a5:60:7d:be:93:24:f3:39:9b:b3:a7:0e:da:f2:
7b:e0:2e:ad:30:15:8c:dd:0d:31:59:b6:33:a6:da:b9:3d:b1:
b5:ef:43:ee:67:0b:49:13:62:a4:5b:65:8b:29:1a:82:a4:2b:
9a:ec:23:d5:1e:4e:17:1f:c0:e3:23:8a:7c:a4:d4:e2:cf:23:
4c:e9:be:ca:4a:6a:57:62:8a:53:c9:09:85:6a:ce:dd:8f:64:
7c:e6:f3:8a:b2:71:19:c8:85:2f:ff:7d:07:d1:61:66:ae:ad:
10:15:00:1c:d6:23:06:8d:f0:fb:bf:22:72:38:e2:f7:12:09:
56:b4:58:90:ac:29:b5:b6:c9:21:37:e3:e2:d9:3b:39:da:2f:
15:b4:f0:85:b9:53:f8:22:90:ff:fe:ea:2e:3e:dd:04:d4:9e:
fd:42:ac:2c:b4:df:39:78:93:84:70:79:8f:87:b7:5b:e4:c7:
63:44:7e:01:2c:c4:05:3d:03:c8:64:b6:15:ea:6b:35:59:06:
fb:75:46:02:48:79:05:b2:4a:d3:09:51:a3:f4:e2:8a:e6:f5:
e7:4d:29:73:9b:9a:25:b1:b3:f7:85:2d:0a:35:7b:b8:c1:3d:
0d:72:f0:17:5b:c4:1a:55:e6:7a:9f:32:ca:86:47:a2:63:e7:
9c:17:59:77
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgISAYgfSS76lJv93+7TVQccV9pjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE1MTIwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIyYTdlMjU2MmU3ZTZmNjBlZmUzYjk0YTFjYzNjNTlmMGQ4ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbgV5Ah0fr8HGFgtb1TKc3phZGEt
m5JxCz6/iSgMrQJxp4Xug0m0ztvBgjsWPHQKNydwy2eXE2hlSvLGfj2p/MSNYdB5
k+QnPxAt2OYEOtJJedqzGmtSs2hKh07XflIeRoCfIulYjNtey0HIN6W+mkvQg1AO
WNI78j56vc+5k8xtshprRjTUtQ7otAkYguJmQD4JVGCh8Pfzu2mVnAJoqF5QYuaA
ihDZt7HZQZv6KEulG4nUwjaU5brjMCGdB8OZmEb/2b5y/olwpM7YprLAlZBTph6D
ZONPznaYxRtp5Nsy5WKSt4RQaeArb7LhLFBLJETrfCnIsXz4tOOCWuWbBwIDAQAB
o4IDTzCCA0swHQYDVR0OBBYEFB2yp+JWLn5vYO/juUocw8WfDY7vMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSGJLbjRsWXVmbTlnNy1PNVNoekR4WjhOanU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCCAUoEAgABMIIB
QgMEAgX9OAMEASWLggMEAC0IXAMEAi0J0AMEAi1fAAMEAC2LewMEAi2PZAMEAVd4
LgMEAVd4YAMEAVd4wAMEAFd42zAMAwQCV3kkAwQAV3kmAwQCV3k8MAwDBABXeWcD
BABXeWgDBAFXeXIDBAFXeZIDBABXeaMDBABbXBADBAFbXBoDBABbXEMDBABdexgD
BAFdexoDBAFdex4DBAJde0QwDAMEAl17TAMEAF17UAMEAl17cAMEAF17dQMEAF17
dwMEAV6aoAMEAF6arQMEAF6cAgMEAF6cmAMEAV6cmjAMAwQEXpywAwQBXpy0MAwD
BABenO0DBABenO4DBACy1+4DBAK5k2QDBAG5zw4DBAC5/LEDBALBCLgDBADBGdsD
BADBLz4DBADBOnkDBADBOnsDBADCMPkDBADCN+IDBADUV80wDQYJKoZIhvcNAQEL
BQADggEBAD17cO+lYH2+kyTzOZuzpw7a8nvgLq0wFYzdDTFZtjOm2rk9sbXvQ+5n
C0kTYqRbZYspGoKkK5rsI9UeThcfwOMjinyk1OLPI0zpvspKaldiilPJCYVqzt2P
ZHzm84qycRnIhS//fQfRYWaurRAVABzWIwaN8Pu/InI44vcSCVa0WJCsKbW2ySE3
4+LZOznaLxW08IW5U/gikP/+6i4+3QTUnv1CrCy03zl4k4RweY+Ht1vkx2NEfgEs
xAU9A8hkthXqazVZBvt1RgJIeQWyStMJUaP04orm9edNKXObmiWxs/eFLQo1e7jB
PQ1y8BdbxBpV5nqfMsqGR6Jj55wXWXc=
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:41:48 2025 by rpki-client