Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UJigqHFSGgZ3Kd5iGwLpCawY9eA.roa
File: UJigqHFSGgZ3Kd5iGwLpCawY9eA.roa (raw, json)
Hash identifier: /u/Wg/OSbBP0DkHCDYKSq4Gd2YntIv2FZ/5Mz3KHVcY=
Subject key identifier: 50:98:A0:A8:71:52:1A:06:77:29:DE:62:1B:02:E9:09:AC:18:F5:E0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01950431BC97B3DB9D340AA1961825636C7F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UJigqHFSGgZ3Kd5iGwLpCawY9eA.roa
Signing time: Fri 14 Feb 2025 11:22:03 +0000
ROA not before: Fri 14 Feb 2025 11:22:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.252.132.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.112.0/22 maxlen: 24
87.120.116.0/23 maxlen: 24
87.120.120.0/23 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.104.0/24 maxlen: 24
94.156.106.0/24 maxlen: 32
94.156.166.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.49.94.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:31:bc:97:b3:db:9d:34:0a:a1:96:18:25:63:6c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 14 11:22:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5098a0a871521a067729de621b02e909ac18f5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:56:b2:35:18:b0:49:eb:b6:c0:ea:b8:4c:06:
17:4b:6a:4e:6a:84:3f:cd:d1:66:a4:14:67:bf:21:
0f:c3:05:14:51:87:3e:8d:ef:34:74:db:46:d3:69:
f3:4d:3a:68:95:90:a2:40:3b:86:b6:6b:d3:63:a1:
cf:80:3a:19:fd:3e:9b:59:24:44:b3:8a:7f:50:e0:
85:32:1a:b0:ec:0c:c3:29:ac:c6:67:3d:04:76:aa:
a5:3f:db:2a:44:d1:ef:0c:5e:d2:f1:ff:18:20:93:
eb:36:cd:eb:bb:bb:1a:ea:63:49:dc:7e:02:2e:a1:
27:cf:00:42:a9:a2:59:aa:42:25:0e:f3:4b:18:ce:
01:aa:33:49:8d:ee:d7:25:e1:c4:4f:ec:32:01:48:
27:23:aa:1b:6a:e6:e8:c2:dd:ea:f5:88:38:6a:99:
7a:2c:0d:c8:6a:a4:35:83:ac:f0:2c:07:bc:09:81:
3e:dd:9f:c9:95:b1:8c:e3:51:d2:6d:12:22:12:4f:
09:c8:5a:71:8b:53:e0:3d:5c:89:a7:fd:d7:0a:ad:
1a:3b:35:54:e9:a2:8f:cd:f5:f1:fa:17:59:1d:2f:
e5:5c:04:40:d6:97:8d:92:7a:97:33:a1:dd:f3:b9:
96:d0:cb:94:fa:d0:87:b2:6c:ab:90:b7:de:61:47:
11:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:98:A0:A8:71:52:1A:06:77:29:DE:62:1B:02:E9:09:AC:18:F5:E0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UJigqHFSGgZ3Kd5iGwLpCawY9eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
45.9.156.0/23
45.14.164.0/24
45.66.228.0/24
45.66.230.0/23
45.88.64.0/24
45.88.88.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0-45.151.91.255
79.110.50.0/24
79.110.62.0/24
81.161.230.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.112.0-87.120.117.255
87.120.120.0/23
87.120.125.0-87.120.127.255
87.120.166.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
92.249.50.0/24
93.123.39.0/24
93.123.85.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
94.156.104.0/24
94.156.106.0/24
94.156.166.0/23
94.156.179.0/24
94.156.248.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
193.25.216.0/24
194.48.251.0/24
194.49.94.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
67:99:e4:71:a3:8c:ba:b9:d2:35:fb:16:d6:0b:0a:b3:02:cb:
3b:4d:34:4c:a8:db:ee:0d:9c:c1:de:e2:a0:93:1b:88:39:51:
d6:00:e9:f7:8a:d4:42:57:01:c1:e1:a9:7d:76:4c:6e:19:2c:
eb:73:85:a9:7e:cc:72:43:d9:e6:56:34:34:63:92:45:c2:98:
a5:da:9e:6e:a4:39:f0:ee:05:22:ba:7e:fd:87:c6:f4:1b:05:
9d:f6:88:27:d5:ef:0a:e0:0d:2a:df:1f:74:5b:b0:45:7e:d8:
e6:4d:71:ec:dd:bb:c6:dc:9a:e7:ac:9a:d0:ff:db:42:94:0f:
3d:b3:3c:1c:a4:49:34:a0:f7:89:37:81:d2:c8:d9:eb:a1:6f:
5e:45:9d:f7:0e:66:71:12:d2:aa:6e:3f:0d:a3:ce:7c:54:af:
6c:27:7d:6b:d4:21:ea:51:ac:a1:c7:a7:0f:3b:81:2c:cd:35:
7f:0b:20:a5:2a:ad:63:84:0f:29:47:b9:ec:2b:56:1e:b4:ca:
7d:40:56:29:4f:fd:73:34:28:7f:01:ab:03:4d:5d:64:75:e5:
60:0a:be:06:17:d5:78:c1:6f:65:3d:d5:59:46:90:a0:0d:28:
e0:5f:07:77:1b:be:d5:0d:fc:c7:af:a3:24:c3:7f:ea:29:39:
64:61:cd:73
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgISAZUEMbyXs9udNAqhlhglY2x/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjE0MTEyMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk4YTBhODcxNTIxYTA2NzcyOWRlNjIxYjAyZTkwOWFjMThmNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71ayNRiwSeu2wOq4TAYXS2pOaoQ/
zdFmpBRnvyEPwwUUUYc+je80dNtG02nzTTpolZCiQDuGtmvTY6HPgDoZ/T6bWSRE
s4p/UOCFMhqw7AzDKazGZz0EdqqlP9sqRNHvDF7S8f8YIJPrNs3ru7sa6mNJ3H4C
LqEnzwBCqaJZqkIlDvNLGM4BqjNJje7XJeHET+wyAUgnI6obaubowt3q9Yg4apl6
LA3IaqQ1g6zwLAe8CYE+3Z/JlbGM41HSbRIiEk8JyFpxi1PgPVyJp/3XCq0aOzVU
6aKPzfXx+hdZHS/lXARA1peNknqXM6Hd87mW0MuU+tCHsmyrkLfeYUcRjQIDAQAB
o4IDVzCCA1MwHQYDVR0OBBYEFFCYoKhxUhoGdyneYhsC6QmsGPXgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVUppZ3FIRlNHZ1ozS2Q1aUd3THBDYXdZOWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBawYIKwYBBQUHAQcBAf8EggFaMIIBVjCCAVIEAgABMIIB
SgMEAgX8hAMEAS0JnAMEAC0OpAMEAC1C5AMEAS1C5gMEAC1YQAMEAC1YWAMEAC1Z
9wMEAC1aWQMEAC2LagMEAC2NnjAMAwQALZdZAwQCLZdYAwQAT24yAwQAT24+AwQA
UaHmAwQAU9thAwQAVDYwAwQAV3hXMAwDBARXeHADBAFXeHQDBAFXeHgwDAMEAFd4
fQMEB1d4AAMEAFd4pgMEAFd5LQMEAFd5VwMEAVd5fAMEAFd5ogMEAFd5pQMEBFtc
8AMEAVx3xAMEAFz5MgMEAF17JwMEAF17VQMEAl6aoAMEAF6cCwMEA16cQAMEAF6c
aAMEAF6cagMEAV6cpgMEAF6cswMEAF6c+AMEAI1iAQMEAI1iBgMEAJNOZAMEAqsW
SAMEArnYVAMEArnaVAMEAMEZ2AMEAMIw+wMEAMIxXgMEAMI3ugMEAMKprzANBgkq
hkiG9w0BAQsFAAOCAQEAZ5nkcaOMurnSNfsW1gsKswLLO000TKjb7g2cwd7ioJMb
iDlR1gDp94rUQlcBweGpfXZMbhks63OFqX7MckPZ5lY0NGOSRcKYpdqebqQ58O4F
Irp+/YfG9BsFnfaIJ9XvCuANKt8fdFuwRX7Y5k1x7N27xtya56ya0P/bQpQPPbM8
HKRJNKD3iTeB0sjZ66FvXkWd9w5mcRLSqm4/DaPOfFSvbCd9a9Qh6lGsocenDzuB
LM01fwsgpSqtY4QPKUe57CtWHrTKfUBWKU/9czQofwGrA01dZHXlYAq+BhfVeMFv
ZT3VWUaQoA0o4F8Hdxu+1Q38x6+jJMN/6ik5ZGHNcw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:58:37 2025 by rpki-client