Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L4Ucs0B5PYxkyBBl8OZIAZ9YNHI.roa
File: L4Ucs0B5PYxkyBBl8OZIAZ9YNHI.roa (raw, json)
Hash identifier: uz8GfmB2DenYVaSOXmlmKxNZMHrjemGou1IhgZ0fNnU=
Subject key identifier: 2F:85:1C:B3:40:79:3D:8C:64:C8:10:65:F0:E6:48:01:9F:58:34:72
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B93E84C5BE70F3D3BEA8E65246E3B8B82
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L4Ucs0B5PYxkyBBl8OZIAZ9YNHI.roa
Signing time: Fri 03 Nov 2023 06:39:16 +0000
ROA not before: Fri 03 Nov 2023 06:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
87.120.130.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:e8:4c:5b:e7:0f:3d:3b:ea:8e:65:24:6e:3b:8b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 06:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f851cb340793d8c64c81065f0e648019f583472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f4:bd:60:40:92:19:bd:43:bc:b7:6a:58:3e:
38:77:14:ec:fe:17:ab:34:33:6b:61:0b:f6:47:fd:
dd:3e:21:f8:1a:e3:d2:0d:a9:0a:b3:24:41:a9:9c:
e5:13:14:5e:8b:3d:a7:23:91:d5:a2:99:bd:18:74:
88:a4:ff:a0:a1:e9:f2:15:cb:66:9a:5b:eb:74:8d:
53:90:83:ed:6e:e9:b6:17:61:15:8d:2b:5b:39:85:
93:d9:d4:ed:53:ca:d3:73:29:e4:c7:7b:32:72:c2:
e2:39:5b:29:d8:80:59:ae:b1:68:cc:84:79:a7:1d:
35:76:26:fa:e0:cd:9c:c1:88:9f:24:11:6f:8f:75:
3c:b9:0d:78:35:91:33:07:61:99:9b:ba:48:ea:65:
f2:96:4a:1a:08:bf:d3:88:8d:26:f4:8f:be:43:71:
aa:c4:88:7e:35:6c:a0:52:9d:83:dd:58:9e:21:e3:
d0:47:45:c1:6a:a7:1e:e3:1a:ae:8e:44:d7:ed:f5:
e9:64:84:39:50:1c:c4:44:ff:08:98:3b:ef:c8:8e:
f4:3b:e0:7e:70:4d:36:ab:e6:b1:be:5b:31:27:92:
55:91:5a:26:0d:ca:6a:c2:36:f7:38:53:30:c3:67:
f6:c1:ad:34:15:c7:3e:ac:82:a5:40:55:80:8a:5d:
60:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:85:1C:B3:40:79:3D:8C:64:C8:10:65:F0:E6:48:01:9F:58:34:72
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L4Ucs0B5PYxkyBBl8OZIAZ9YNHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/24
83.219.97.0/24
87.120.130.0/24
87.121.124.0/23
87.121.162.0/24
87.121.220.0/24
91.200.192.0/22
92.249.48.0/24
93.123.39.0/24
94.154.172.0/24
94.156.160.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
185.246.223.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:51:d5:d0:63:cf:07:a7:e0:84:1d:59:18:db:04:e2:52:53:
48:cc:b0:35:15:e2:18:8d:5e:a4:df:ed:2f:90:8e:b1:21:9a:
78:1c:dc:12:68:05:55:05:37:f0:55:e1:d0:02:3a:4c:3d:18:
24:42:13:fc:2c:86:a7:51:2d:94:27:7a:5f:e4:d9:76:63:7c:
68:eb:df:b8:5c:cf:0e:56:80:73:ed:06:ea:0b:83:0f:03:3c:
6e:fb:fe:f1:67:f4:1f:2a:bb:83:19:f5:01:0e:d7:18:dc:26:
4e:6c:fe:fa:d0:72:41:d5:39:71:0e:85:1d:e4:9b:13:d0:0a:
33:b9:ff:a6:e1:a7:e1:09:61:b7:63:ff:40:54:38:df:f1:47:
64:f6:da:c0:45:0a:db:0f:b1:7f:72:86:49:f3:0d:da:90:1e:
0f:fc:17:d2:e9:78:c4:5c:6a:4d:16:d0:55:da:e2:0a:f0:ec:
d6:72:c0:91:3a:49:61:ff:95:cc:60:80:b5:51:60:c8:97:7e:
3f:5e:5f:2a:07:25:e3:db:bc:13:0e:99:cd:6b:63:82:d8:64:
68:6a:d7:c9:f1:4e:37:10:11:5b:d6:2a:d0:0b:d6:f3:a8:e4:
00:61:36:91:87:f4:e4:1f:65:ee:ad:4e:a3:b8:71:18:60:2c:
0a:8a:fa:a3
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYuT6Exb5w89O+qOZSRuO4uCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMDYzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg1MWNiMzQwNzkzZDhjNjRjODEwNjVmMGU2NDgwMTlmNTgzNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/S9YECSGb1DvLdqWD44dxTs/her
NDNrYQv2R/3dPiH4GuPSDakKsyRBqZzlExReiz2nI5HVopm9GHSIpP+goenyFctm
mlvrdI1TkIPtbum2F2EVjStbOYWT2dTtU8rTcynkx3sycsLiOVsp2IBZrrFozIR5
px01dib64M2cwYifJBFvj3U8uQ14NZEzB2GZm7pI6mXylkoaCL/TiI0m9I++Q3Gq
xIh+NWygUp2D3VieIePQR0XBaqce4xqujkTX7fXpZIQ5UBzERP8ImDvvyI70O+B+
cE02q+axvlsxJ5JVkVomDcpqwjb3OFMww2f2wa00Fcc+rIKlQFWAil1gbQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFC+FHLNAeT2MZMgQZfDmSAGfWDRyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTDRVY3MwQjVQWXhreUJCbDhPWklBWjlZTkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAl
i4IDBAAtCZwDBAAtDP8DBAAtQuQDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABP
bj0DBABRoeYDBABRoe8DBABSc9IDBABT22EDBABXeIIDBAFXeXwDBABXeaIDBABX
edwDBAJbyMADBABc+TADBABdeycDBABemqwDBABenKADBABenPgDBABenPoDBAGT
TmQwDAMEAKsWEQMEAKsWEgMEAKsWHwMEALLX4gMEALLX7gMEALn23wMEAMEZ2AME
AMEjEwMEAMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAPFHV0GPPB6fghB1ZGNsE4lJT
SMywNRXiGI1epN/tL5COsSGaeBzcEmgFVQU38FXh0AI6TD0YJEIT/CyGp1EtlCd6
X+TZdmN8aOvfuFzPDlaAc+0G6guDDwM8bvv+8Wf0Hyq7gxn1AQ7XGNwmTmz++tBy
QdU5cQ6FHeSbE9AKM7n/puGn4Qlht2P/QFQ43/FHZPbawEUK2w+xf3KGSfMN2pAe
D/wX0ul4xFxqTRbQVdriCvDs1nLAkTpJYf+VzGCAtVFgyJd+P15fKgcl49u8Ew6Z
zWtjgthkaGrXyfFONxARW9Yq0AvW86jkAGE2kYf05B9l7q1Oo7hxGGAsCor6ow==
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:14:53 2025 by rpki-client