Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vZjd6dX4jJe0fhZe7rNhMtWSi94.roa
File: vZjd6dX4jJe0fhZe7rNhMtWSi94.roa (raw, json)
Hash identifier: 5JPEYj6l3LM4FBktu44BsWq+FpJLgBlSzkWGHj1BTRs=
Subject key identifier: BD:98:DD:E9:D5:F8:8C:97:B4:7E:16:5E:EE:B3:61:32:D5:92:8B:DE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197400F5DAD00F5AA23A47D1C702301BC9E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vZjd6dX4jJe0fhZe7rNhMtWSi94.roa
Signing time: Thu 05 Jun 2025 12:27:18 +0000
ROA not before: Thu 05 Jun 2025 12:27:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.20.0/23 maxlen: 23
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.167.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
195.178.111.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:0f:5d:ad:00:f5:aa:23:a4:7d:1c:70:23:01:bc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 5 12:27:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd98dde9d5f88c97b47e165eeeb36132d5928bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:76:7c:72:14:c5:c2:d6:1d:8f:52:12:c2:35:
c4:21:c3:ce:c2:6a:cc:72:37:09:cb:67:31:91:54:
4f:60:d8:f4:9b:eb:c5:74:19:05:b8:e7:11:ff:3b:
3e:c0:f3:c2:7d:99:73:b2:a6:e4:80:95:e1:5f:e3:
3c:19:12:85:28:56:21:ef:4c:ad:99:3c:40:5b:d3:
71:09:ef:23:19:ed:78:5e:18:18:8d:5c:a2:d5:53:
1a:85:f6:1d:0c:53:da:21:ad:39:ca:32:f0:47:3c:
bc:b7:42:70:cc:ff:6d:f6:82:77:74:35:ac:4b:1b:
31:c1:5a:08:a2:37:80:38:cb:0b:de:99:e7:87:d3:
01:b3:77:27:e0:89:95:4e:64:39:bd:58:6f:c9:53:
86:5d:36:93:16:dc:e8:d0:3e:98:f9:84:e5:34:0c:
fb:9e:a0:4b:17:03:5f:df:0c:b9:fb:0c:6e:12:95:
a8:b2:16:af:7f:82:97:6c:3e:5b:c2:3c:7f:cd:8c:
bd:d2:11:68:f2:15:06:e3:52:bc:7c:4e:5a:0d:8c:
e1:43:ad:80:92:0b:fc:3d:51:c2:8e:97:f4:9a:6f:
fa:d4:2d:98:36:81:a7:af:92:2f:ba:4f:39:8a:b5:
21:5c:54:80:be:1c:82:d4:25:ae:70:5c:9f:70:9c:
e1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:98:DD:E9:D5:F8:8C:97:B4:7E:16:5E:EE:B3:61:32:D5:92:8B:DE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vZjd6dX4jJe0fhZe7rNhMtWSi94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.8.93.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.126.0/23
87.120.166.0/24
87.121.20.0-87.121.22.255
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.165.0/24
91.92.70.0/24
92.119.196.0/23
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.167.0/24
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
193.222.98.0/24
194.55.186.0/24
194.169.175.0/24
195.178.111.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f3:36:b6:20:11:e8:af:30:44:84:db:ee:90:30:c3:57:64:
fa:3d:22:1b:c2:ac:55:46:ce:c4:da:6e:82:e7:73:a3:b4:64:
75:86:54:0c:dc:4c:c2:69:6e:87:41:a8:5f:29:f9:a1:30:b8:
1b:ec:89:09:3c:af:7b:71:27:36:8b:00:0e:92:84:f2:17:73:
36:d2:33:84:a2:db:dd:d2:72:ba:88:c7:ef:d4:6e:0c:53:c3:
0f:c4:db:a8:16:1f:3e:4c:84:bb:85:3e:63:35:80:e3:d9:99:
79:d2:77:2a:e9:1f:25:d5:e5:a1:0e:93:a7:c5:34:b4:c6:c0:
df:5b:38:a4:20:e0:54:8c:e2:1b:ee:55:62:74:79:f7:d8:68:
e2:b4:99:30:d5:1c:e6:22:2e:c4:51:74:01:a3:7b:e5:63:6b:
76:4d:73:7c:4b:e4:5e:63:9f:76:13:ea:fb:8d:b1:d0:13:fe:
9f:e4:7a:4d:c6:90:3e:c0:93:c3:85:a9:f0:7d:fc:24:3e:79:
73:5e:4b:26:9f:21:3a:5c:18:ad:7c:8a:e4:e4:a0:ec:a2:d2:
e6:a1:3d:33:c3:a8:10:74:18:f9:7e:97:e0:f9:9d:5d:3e:4e:
7c:d1:cb:14:6d:29:55:32:97:36:5e:e2:c7:9c:0e:60:97:26:
36:50:7a:5d
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISAZdAD12tAPWqI6R9HHAjAbyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjA1MTIyNzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk4ZGRlOWQ1Zjg4Yzk3YjQ3ZTE2NWVlZWIzNjEzMmQ1OTI4YmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHZ8chTFwtYdj1ISwjXEIcPOwmrM
cjcJy2cxkVRPYNj0m+vFdBkFuOcR/zs+wPPCfZlzsqbkgJXhX+M8GRKFKFYh70yt
mTxAW9NxCe8jGe14XhgYjVyi1VMahfYdDFPaIa05yjLwRzy8t0JwzP9t9oJ3dDWs
SxsxwVoIojeAOMsL3pnnh9MBs3cn4ImVTmQ5vVhvyVOGXTaTFtzo0D6Y+YTlNAz7
nqBLFwNf3wy5+wxuEpWoshavf4KXbD5bwjx/zYy90hFo8hUG41K8fE5aDYzhQ62A
kgv8PVHCjpf0mm/61C2YNoGnr5Ivuk85irUhXFSAvhyC1CWucFyfcJzh3QIDAQAB
o4IDZzCCA2MwHQYDVR0OBBYEFL2Y3enV+IyXtH4WXu6zYTLVkoveMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdlpqZDZkWDRqSmUwZmhaZTdyTmhNdFdTaTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBewYIKwYBBQUHAQcBAf8EggFqMIIBZjCCAWIEAgABMIIB
WgMEAAI7/QMEAgX8hAMEAB8N0wMEAC0IXQMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C
5wMEAC1RJwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAFGh
7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAVd4fgMEAFd4pjAMAwQCV3kUAwQA
V3kWAwQAV3kmAwQAV3ktAwQAV3lXAwQAV3mlAwQAW1xGAwQBXHfEAwQAXPkyAwQA
XXstAwQAXXsvAwQAXXtVAwQAXXttAwQAXXt1AwQAXXt3AwQAXmd9AwQCXpqgAwQD
XpxAAwQAXpynAwQAXpzoAwQAXpzvAwQAjWIBAwQAjWIGMAwDBACrFkkDBAKrFkgD
BACy1+MDBAK52FQDBADBGdgDBADBIxIDBADB3mADBADB3mIDBADCN7oDBADCqa8D
BADDsm8DBADUcykwDQYJKoZIhvcNAQELBQADggEBAAjzNrYgEeivMESE2+6QMMNX
ZPo9IhvCrFVGzsTaboLnc6O0ZHWGVAzcTMJpbodBqF8p+aEwuBvsiQk8r3txJzaL
AA6ShPIXczbSM4Si293ScrqIx+/UbgxTww/E26gWHz5MhLuFPmM1gOPZmXnSdyrp
HyXV5aEOk6fFNLTGwN9bOKQg4FSM4hvuVWJ0effYaOK0mTDVHOYiLsRRdAGje+Vj
a3ZNc3xL5F5jn3YT6vuNsdAT/p/kek3GkD7Ak8OFqfB9/CQ+eXNeSyafITpcGK18
iuTkoOyi0uahPTPDqBB0GPl+l+D5nV0+TnzRyxRtKVUylzZe4secDmCXJjZQel0=
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:00:00 2025 by rpki-client