Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/EiLuPFGr6qm2uh5bXyA7p8LL2dA.roa
File: EiLuPFGr6qm2uh5bXyA7p8LL2dA.roa (raw, json)
Hash identifier: x6ntV4ZiA0SUUQTiVKiIaIIFIpQi46RZgNMWVZFlVhI=
Subject key identifier: 12:22:EE:3C:51:AB:EA:A9:B6:BA:1E:5B:5F:20:3B:A7:C2:CB:D9:D0
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0195CDEB3DD2DF431E3E635101AE42EF1F05
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/EiLuPFGr6qm2uh5bXyA7p8LL2dA.roa
Signing time: Tue 25 Mar 2025 15:28:20 +0000
ROA not before: Tue 25 Mar 2025 15:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12325
IP address blocks: 37.156.35.0/24 maxlen: 24
46.102.191.0/24 maxlen: 24
77.81.183.0/24 maxlen: 24
84.247.36.0/22 maxlen: 24
86.105.151.0/24 maxlen: 24
86.105.224.0/24 maxlen: 24
86.107.47.0/24 maxlen: 24
86.107.77.0/24 maxlen: 24
86.107.184.0/24 maxlen: 24
86.107.244.0/23 maxlen: 24
89.33.81.0/24 maxlen: 24
89.33.87.0/24 maxlen: 24
89.34.90.0/24 maxlen: 24
89.34.174.0/24 maxlen: 24
89.35.26.0/24 maxlen: 24
89.35.51.0/24 maxlen: 24
89.35.172.0/24 maxlen: 24
89.37.142.0/24 maxlen: 24
89.39.64.0/23 maxlen: 24
89.39.80.0/24 maxlen: 24
89.39.90.0/24 maxlen: 24
89.40.65.0/24 maxlen: 24
89.40.69.0/24 maxlen: 24
89.40.104.0/23 maxlen: 24
89.40.204.0/24 maxlen: 24
89.40.233.0/24 maxlen: 24
89.42.158.0/23 maxlen: 24
92.114.104.0/23 maxlen: 24
93.113.98.0/23 maxlen: 24
93.113.214.0/23 maxlen: 24
93.115.56.0/23 maxlen: 24
93.117.175.0/24 maxlen: 24
94.176.3.0/24 maxlen: 24
94.177.10.0/23 maxlen: 24
94.177.58.0/24 maxlen: 24
94.177.96.0/23 maxlen: 23
176.223.163.0/24 maxlen: 24
188.215.68.0/23 maxlen: 24
188.215.78.0/24 maxlen: 24
188.240.17.0/24 maxlen: 24
188.241.66.0/23 maxlen: 24
188.241.138.0/23 maxlen: 24
188.241.143.0/24 maxlen: 24
188.241.213.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:eb:3d:d2:df:43:1e:3e:63:51:01:ae:42:ef:1f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 25 15:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1222ee3c51abeaa9b6ba1e5b5f203ba7c2cbd9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5b:62:50:d3:92:67:2f:cb:72:fc:b2:ca:26:
92:5c:b3:ed:ac:f3:c3:dd:6b:48:c5:7e:b4:4a:3a:
81:28:5e:02:36:97:d1:c9:5f:48:b8:f0:75:a1:08:
69:b4:b1:d4:2a:b9:08:ad:91:92:a8:c5:9b:d0:3b:
f1:2c:e8:64:bc:84:68:d6:66:36:56:fa:6e:47:dc:
89:a6:e7:06:54:c1:7c:88:a7:0b:4b:85:ce:d3:70:
6b:f4:60:8f:0d:1a:2e:19:98:86:29:3e:a8:61:40:
d6:0b:f4:32:29:88:93:8e:42:59:aa:0a:5c:6f:04:
3c:3a:b6:2c:a1:41:38:6f:a5:33:49:42:f9:64:e9:
97:ad:01:b5:80:ce:91:82:c4:7f:a0:2f:eb:c0:d2:
58:84:11:e0:e4:d8:ba:02:35:55:ba:51:46:fe:6a:
b2:14:fb:d0:8d:0d:df:e2:90:04:36:f2:40:9c:a0:
80:75:40:46:d1:e3:89:d0:23:21:f2:8f:d9:f7:31:
53:e5:d7:1b:9c:49:49:55:2f:f8:75:59:93:77:7f:
cf:c9:02:6c:bb:ff:46:18:65:fe:10:94:87:3a:bf:
f8:31:5b:45:5c:40:e8:2f:39:95:13:30:db:c7:7c:
81:33:2d:d3:00:30:f1:93:47:63:5b:94:3f:d9:48:
b5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:22:EE:3C:51:AB:EA:A9:B6:BA:1E:5B:5F:20:3B:A7:C2:CB:D9:D0
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/EiLuPFGr6qm2uh5bXyA7p8LL2dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.35.0/24
46.102.191.0/24
77.81.183.0/24
84.247.36.0/22
86.105.151.0/24
86.105.224.0/24
86.107.47.0/24
86.107.77.0/24
86.107.184.0/24
86.107.244.0/23
89.33.81.0/24
89.33.87.0/24
89.34.90.0/24
89.34.174.0/24
89.35.26.0/24
89.35.51.0/24
89.35.172.0/24
89.37.142.0/24
89.39.64.0/23
89.39.80.0/24
89.39.90.0/24
89.40.65.0/24
89.40.69.0/24
89.40.104.0/23
89.40.204.0/24
89.40.233.0/24
89.42.158.0/23
92.114.104.0/23
93.113.98.0/23
93.113.214.0/23
93.115.56.0/23
93.117.175.0/24
94.176.3.0/24
94.177.10.0/23
94.177.58.0/24
94.177.96.0/23
176.223.163.0/24
188.215.68.0/23
188.215.78.0/24
188.240.17.0/24
188.241.66.0/23
188.241.138.0/23
188.241.143.0/24
188.241.213.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:1d:12:84:73:cc:bb:7d:2e:63:b4:d0:74:66:4b:4e:e7:bd:
81:7b:12:bf:70:30:b7:bb:9b:0e:9a:f9:88:10:cb:81:e5:80:
e9:29:6d:a8:a0:c5:01:aa:a5:2a:d1:69:26:aa:99:60:22:65:
24:24:69:95:58:81:64:3f:8d:71:22:90:45:69:18:a0:77:67:
d3:be:91:26:78:d4:bf:0a:c8:20:88:c9:a0:41:fd:f6:1b:ba:
8f:7f:52:b1:a0:bc:fc:fe:cb:8d:76:95:02:4a:c4:66:e3:7b:
71:49:e6:e9:79:36:a5:7d:dc:0e:e6:32:78:02:56:a4:f6:f3:
39:34:1c:50:d9:35:1a:ac:76:b1:8a:b0:d2:08:87:07:fb:38:
c1:81:df:17:f8:ec:73:13:66:69:02:a7:98:7a:a8:ac:cf:28:
9d:66:d3:cb:9b:69:46:b1:af:40:58:ad:5d:a3:fb:74:6a:82:
5b:50:9a:82:fa:08:f4:73:c0:03:c0:f3:c5:73:63:39:db:dc:
9a:18:a8:b5:5d:1a:c5:48:33:c2:3a:6d:ea:73:fa:47:a6:5e:
66:f2:22:31:ad:97:04:79:00:61:f4:ce:b5:88:6c:a4:c5:31:
81:fc:bd:70:c3:6d:f9:cd:af:19:55:1d:d5:bc:54:27:46:19:
ce:2e:d8:86
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZXN6z3S30MePmNRAa5C7x8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMzI1MTUyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjIyZWUzYzUxYWJlYWE5YjZiYTFlNWI1ZjIwM2JhN2MyY2JkOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1tiUNOSZy/LcvyyyiaSXLPtrPPD
3WtIxX60SjqBKF4CNpfRyV9IuPB1oQhptLHUKrkIrZGSqMWb0DvxLOhkvIRo1mY2
VvpuR9yJpucGVMF8iKcLS4XO03Br9GCPDRouGZiGKT6oYUDWC/QyKYiTjkJZqgpc
bwQ8OrYsoUE4b6UzSUL5ZOmXrQG1gM6RgsR/oC/rwNJYhBHg5Ni6AjVVulFG/mqy
FPvQjQ3f4pAENvJAnKCAdUBG0eOJ0CMh8o/Z9zFT5dcbnElJVS/4dVmTd3/PyQJs
u/9GGGX+EJSHOr/4MVtFXEDoLzmVEzDbx3yBMy3TADDxk0djW5Q/2Ui1twIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFBIi7jxRq+qptroeW18gO6fCy9nQMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0VpTHVQRkdyNnFtMnVoNWJYeUE3cDhMTDJkQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEpBggrBgEFBQcBBwEB/wSCARgwggEUMIIBEAQCAAEw
ggEIAwQAJZwjAwQALma/AwQATVG3AwQCVPckAwQAVmmXAwQAVmngAwQAVmsvAwQA
VmtNAwQAVmu4AwQBVmv0AwQAWSFRAwQAWSFXAwQAWSJaAwQAWSKuAwQAWSMaAwQA
WSMzAwQAWSOsAwQAWSWOAwQBWSdAAwQAWSdQAwQAWSdaAwQAWShBAwQAWShFAwQB
WShoAwQAWSjMAwQAWSjpAwQBWSqeAwQBXHJoAwQBXXFiAwQBXXHWAwQBXXM4AwQA
XXWvAwQAXrADAwQBXrEKAwQAXrE6AwQBXrFgAwQAsN+jAwQBvNdEAwQAvNdOAwQA
vPARAwQBvPFCAwQBvPGKAwQAvPGPAwQAvPHVMA0GCSqGSIb3DQEBCwUAA4IBAQAc
HRKEc8y7fS5jtNB0ZktO572BexK/cDC3u5sOmvmIEMuB5YDpKW2ooMUBqqUq0Wkm
qplgImUkJGmVWIFkP41xIpBFaRigd2fTvpEmeNS/CsggiMmgQf32G7qPf1KxoLz8
/suNdpUCSsRm43txSebpeTalfdwO5jJ4Alak9vM5NBxQ2TUarHaxirDSCIcH+zjB
gd8X+OxzE2ZpAqeYeqiszyidZtPLm2lGsa9AWK1do/t0aoJbUJqC+gj0c8ADwPPF
c2M529yaGKi1XRrFSDPCOm3qc/pHpl5m8iIxrZcEeQBh9M61iGykxTGB/L1ww235
za8ZVR3VvFQnRhnOLtiG
-----END CERTIFICATE-----
Generated at Sat Jun 21 15:17:46 2025 by rpki-client