Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eFvfcpSZ5x7OstXdHu5JADmixk8.roa
File: eFvfcpSZ5x7OstXdHu5JADmixk8.roa (raw, json)
Hash identifier: OVWqk5AyywjyuFwCUdDzol/uDUBDihFLzfLeHc9hy7k=
Subject key identifier: 78:5B:DF:72:94:99:E7:1E:CE:B2:D5:DD:1E:EE:49:00:39:A2:C6:4F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019753B8EED6F44358D4D1131348E7D44BE9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eFvfcpSZ5x7OstXdHu5JADmixk8.roa
Signing time: Mon 09 Jun 2025 08:05:18 +0000
ROA not before: Mon 09 Jun 2025 08:05:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.20.0/23 maxlen: 23
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
195.178.111.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:b8:ee:d6:f4:43:58:d4:d1:13:13:48:e7:d4:4b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 9 08:05:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=785bdf729499e71eceb2d5dd1eee490039a2c64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7e:37:de:6e:be:b0:03:bd:f8:f6:71:fe:af:
02:b1:10:0e:26:3b:d7:38:bc:03:11:62:6a:64:a7:
ca:58:75:0b:86:69:61:d7:40:71:49:a8:c7:55:a3:
c4:2a:8c:1b:4a:f8:5e:2f:7b:7f:99:5d:2e:aa:d9:
19:20:a6:7c:b9:a2:c3:0b:b4:4a:11:fd:38:65:d1:
7b:80:62:47:36:9f:fd:a1:21:64:8a:54:e7:30:3d:
31:e4:a4:51:a2:6a:60:8f:92:57:dc:98:d6:61:38:
ac:ab:bf:c0:83:5f:0f:be:2c:4f:d0:00:86:56:2b:
2e:5c:5b:a7:41:7c:64:16:27:a3:59:07:10:2b:97:
c7:a0:3c:60:16:44:35:a8:7d:13:23:f5:73:2e:b1:
fd:8e:aa:cc:96:db:6e:ce:ad:37:03:3d:f7:93:e3:
0a:a2:06:df:39:67:60:ea:ca:36:75:0b:e5:dc:69:
b7:4f:6b:a4:c7:14:39:22:b0:87:8f:56:21:9d:a6:
7b:eb:4e:35:02:59:77:ea:4c:68:f7:ed:39:dd:7c:
e7:52:c9:c6:a3:08:67:0e:65:ab:ff:a8:97:f8:48:
d4:f8:f6:78:4d:b0:df:8e:f1:5d:c4:8e:27:63:9b:
7a:72:5b:c6:85:09:04:ad:38:09:0e:84:39:ae:50:
f4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5B:DF:72:94:99:E7:1E:CE:B2:D5:DD:1E:EE:49:00:39:A2:C6:4F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eFvfcpSZ5x7OstXdHu5JADmixk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.8.93.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.126.0/24
87.120.166.0/24
87.121.20.0-87.121.22.255
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.165.0/24
91.92.70.0/24
92.119.196.0/23
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
193.222.98.0/24
194.55.186.0/24
194.169.175.0/24
195.178.111.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:12:89:68:00:3b:3c:33:55:a2:d1:6a:d4:57:7e:e2:ea:ea:
d1:0b:ff:38:f2:29:2e:47:a5:e6:67:d3:a5:4d:fa:8e:c4:5c:
47:93:56:62:99:07:fb:90:3e:73:14:cb:9e:bc:b1:99:b4:a9:
ab:17:3d:3b:72:79:c9:96:54:07:75:b5:85:84:22:1f:76:9e:
7e:f4:7f:ab:e2:fa:24:5c:bf:26:0d:8c:27:b6:ba:79:48:e7:
4b:b8:75:90:b8:88:84:e6:b6:76:6b:3c:df:85:ec:c9:49:79:
a6:75:d7:b2:2f:5c:06:ef:c7:c6:a2:64:74:c0:63:07:19:ef:
62:ee:86:9d:b3:9f:4b:46:1e:b3:97:dd:01:f0:09:2d:8f:e2:
c7:63:2b:ab:36:f3:dd:35:da:7e:98:ef:7f:dc:f5:47:67:13:
65:82:0e:85:2d:71:8d:28:72:5a:21:b1:07:d9:73:e9:d7:1b:
3f:5f:64:92:b6:54:29:ea:74:7c:90:fd:96:56:1e:50:ba:0c:
24:2d:26:fa:86:d9:25:4c:4a:19:bd:f4:6b:15:f9:07:7a:05:
8b:0b:8b:0e:40:09:b7:7a:2a:2b:47:0b:81:d2:e4:67:e2:41:
e8:2c:9a:24:f0:aa:92:16:bc:27:7b:9d:0c:b4:cc:7c:7d:c5:
6c:ac:b3:f5
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgISAZdTuO7W9ENY1NETE0jn1EvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjA5MDgwNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODViZGY3Mjk0OTllNzFlY2ViMmQ1ZGQxZWVlNDkwMDM5YTJjNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn433m6+sAO9+PZx/q8CsRAOJjvX
OLwDEWJqZKfKWHULhmlh10BxSajHVaPEKowbSvheL3t/mV0uqtkZIKZ8uaLDC7RK
Ef04ZdF7gGJHNp/9oSFkilTnMD0x5KRRompgj5JX3JjWYTisq7/Ag18PvixP0ACG
VisuXFunQXxkFiejWQcQK5fHoDxgFkQ1qH0TI/VzLrH9jqrMlttuzq03Az33k+MK
ogbfOWdg6so2dQvl3Gm3T2ukxxQ5IrCHj1YhnaZ76041All36kxo9+053XznUsnG
owhnDmWr/6iX+EjU+PZ4TbDfjvFdxI4nY5t6clvGhQkErTgJDoQ5rlD0YwIDAQAB
o4IDYTCCA10wHQYDVR0OBBYEFHhb33KUmecezrLV3R7uSQA5osZPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZUZ2ZmNwU1o1eDdPc3RYZEh1NUpBRG1peGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdQYIKwYBBQUHAQcBAf8EggFkMIIBYDCCAVwEAgABMIIB
VAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0IXQMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C
5wMEAC1RJwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAFd4fgMEAFd4pjAMAwQCV3kUAwQA
V3kWAwQAV3kmAwQAV3ktAwQAV3lXAwQAV3mlAwQAW1xGAwQBXHfEAwQAXPkyAwQA
XXstAwQAXXsvAwQAXXtVAwQAXXttAwQAXXt1AwQAXXt3AwQAXmd9AwQCXpqgAwQD
XpxAAwQAXpzoAwQAXpzvAwQAjWIBAwQAjWIGMAwDBACrFkkDBAKrFkgDBACy1+MD
BAK52FQDBADBGdgDBADBIxIDBADB3mADBADB3mIDBADCN7oDBADCqa8DBADDsm8D
BADUcykwDQYJKoZIhvcNAQELBQADggEBAC4SiWgAOzwzVaLRatRXfuLq6tEL/zjy
KS5HpeZn06VN+o7EXEeTVmKZB/uQPnMUy568sZm0qasXPTtyecmWVAd1tYWEIh92
nn70f6vi+iRcvyYNjCe2unlI50u4dZC4iITmtnZrPN+F7MlJeaZ117IvXAbvx8ai
ZHTAYwcZ72Luhp2zn0tGHrOX3QHwCS2P4sdjK6s289012n6Y73/c9UdnE2WCDoUt
cY0oclohsQfZc+nXGz9fZJK2VCnqdHyQ/ZZWHlC6DCQtJvqG2SVMShm99GsV+Qd6
BYsLiw5ACbd6KitHC4HS5GfiQegsmiTwqpIWvCd7nQy0zHx9xWyss/U=
-----END CERTIFICATE-----
Generated at Fri Jun 20 08:58:37 2025 by rpki-client