Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/00ZOpSJH33ZEwtfl6yLx8qfv3XM.roa
File: 00ZOpSJH33ZEwtfl6yLx8qfv3XM.roa (raw, json)
Hash identifier: YWZCN4xDNSr/rk02+uMTJEN/jMKupZw3d+9dQMXdL+0=
Subject key identifier: D3:46:4E:A5:22:47:DF:76:44:C2:D7:E5:EB:22:F1:F2:A7:EF:DD:73
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018982945B09E8B2AEBC9C288A26E5041000
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/00ZOpSJH33ZEwtfl6yLx8qfv3XM.roa
Signing time: Sun 23 Jul 2023 11:48:27 +0000
ROA not before: Sun 23 Jul 2023 11:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.33.14.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.248.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
103.205.26.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.251.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.134.0/24 maxlen: 24
62.197.133.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.103.74.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
185.115.147.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
77.75.63.0/24 maxlen: 24
194.4.158.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
89.40.160.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
185.245.239.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
185.121.229.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:82:94:5b:09:e8:b2:ae:bc:9c:28:8a:26:e5:04:10:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 23 11:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3464ea52247df7644c2d7e5eb22f1f2a7efdd73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:db:04:4b:25:79:b2:db:b1:ba:ee:48:f0:
e3:1f:a5:2d:97:97:c9:dc:49:7c:15:e5:2d:3a:68:
98:b9:3e:44:bf:79:02:da:f3:61:ce:d8:21:15:4e:
62:d1:7e:5d:74:70:a5:64:d2:90:37:8d:70:89:d5:
d8:cd:af:f8:4c:22:9c:e2:7a:83:b4:69:0d:4d:29:
bf:69:32:14:42:8a:d1:0c:b1:48:21:99:cf:41:21:
89:c6:1f:0d:2f:ef:e0:3e:37:f2:82:7d:db:f9:e6:
d6:97:b1:41:5b:05:7e:aa:7c:f2:72:54:cf:d0:23:
87:1b:82:c4:64:56:28:d3:23:dc:b1:26:c8:ba:62:
6e:c3:88:5c:05:81:ed:c3:2d:3d:9d:4d:f1:33:77:
e4:fa:dd:15:4b:30:e3:f8:5d:2a:1e:72:91:a1:80:
5f:e0:22:a4:d4:ec:2d:12:37:3a:e0:d0:35:60:a5:
01:e3:a2:ac:8e:f2:23:16:7c:34:76:4b:b5:1b:02:
e8:00:6a:ce:11:a5:1c:69:be:39:d2:fd:37:32:c4:
7f:ff:79:da:08:6a:c0:cb:57:22:a3:31:22:9d:ca:
17:72:91:b7:ba:b4:6a:93:e8:51:f6:1e:4f:3c:3e:
d3:a7:92:a9:c4:4a:30:5a:bb:c8:9c:cb:52:dd:2e:
ac:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:46:4E:A5:22:47:DF:76:44:C2:D7:E5:EB:22:F1:F2:A7:EF:DD:73
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/00ZOpSJH33ZEwtfl6yLx8qfv3XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/22
77.75.60.0/24
77.75.62.0/23
78.142.242.0/23
89.33.14.0/24
89.38.101.0/24
89.40.160.0/24
89.43.208.0/24
89.43.210.0/23
89.47.89.0/24
93.114.246.0/24
103.205.25.0-103.205.27.255
103.212.82.0/24
178.239.192.0-178.239.194.255
178.239.200.0/23
178.239.203.0/24
185.9.54.0/24
185.103.72.0-185.103.74.255
185.115.144.0/22
185.121.228.0/22
185.229.104.0/22
185.230.248.0/22
185.236.62.0/23
185.245.236.0/22
188.214.27.0/24
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/22
203.0.8.0/24
213.32.248.0/23
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
45:83:19:93:e3:f8:21:0f:73:a9:b3:ed:5b:60:25:fd:98:9f:
d1:39:c4:e8:5e:f5:ca:7f:17:ca:02:84:d3:24:ef:5a:d2:0d:
84:8b:76:be:bf:01:9d:78:10:1b:53:cf:60:c4:ee:32:d6:c0:
f3:c6:0d:84:6c:3b:4a:3e:5e:d3:9c:36:c0:77:3b:a3:e7:be:
10:30:b1:16:24:e8:aa:e7:19:fe:4f:de:b5:c3:f7:fa:e8:50:
e9:0c:e7:1f:1b:3f:c1:7c:b5:3c:93:97:e5:a9:b6:45:e9:23:
6d:05:15:2c:2a:6a:45:25:83:4f:92:b9:20:0f:67:73:65:36:
71:d5:e3:1a:66:80:cd:bf:8a:87:7a:1a:76:51:34:12:bc:24:
f6:64:80:7a:e2:53:a9:46:1d:d5:0c:83:76:95:09:6a:91:7a:
da:38:f6:2d:4e:cf:f6:09:15:4d:eb:89:c8:b1:e3:c9:0d:25:
80:0a:59:d5:b7:c9:88:a2:bc:37:53:c6:4d:d1:92:f5:db:b5:
48:8e:c0:ed:55:58:53:f0:65:a7:95:1d:ca:ff:c2:2c:4e:a0:
a8:f2:30:cc:be:19:bc:48:8a:42:74:2c:0a:ac:03:d7:56:2d:
e9:69:f2:19:f5:ee:c1:19:e3:80:de:4a:0d:1b:d4:32:ab:65:
5f:a9:2a:37
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYmClFsJ6LKuvJwoiiblBBAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIzMTE0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQ2NGVhNTIyNDdkZjc2NDRjMmQ3ZTVlYjIyZjFmMmE3ZWZkZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnfbBEslebLbsbruSPDjH6Utl5fJ
3El8FeUtOmiYuT5Ev3kC2vNhztghFU5i0X5ddHClZNKQN41widXYza/4TCKc4nqD
tGkNTSm/aTIUQorRDLFIIZnPQSGJxh8NL+/gPjfygn3b+ebWl7FBWwV+qnzyclTP
0COHG4LEZFYo0yPcsSbIumJuw4hcBYHtwy09nU3xM3fk+t0VSzDj+F0qHnKRoYBf
4CKk1OwtEjc64NA1YKUB46KsjvIjFnw0dku1GwLoAGrOEaUcab450v03MsR//3na
CGrAy1ciozEincoXcpG3urRqk+hR9h5PPD7Tp5KpxEowWrvInMtS3S6sOQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFNNGTqUiR992RMLX5esi8fKn791zMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMDBaT3BTSkgzM1pFd3RmbDZ5THg4cWZ2M1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsMAwD
BAMtn5gDBAAtn5oDBAI+xYQDBABNSzwDBAFNSz4DBAFOjvIDBABZIQ4DBABZJmUD
BABZKKADBABZK9ADBAFZK9IDBABZL1kDBABdcvYwDAMEAGfNGQMEAmfNGAMEAGfU
UjAMAwQGsu/AAwQAsu/CAwQBsu/IAwQAsu/LAwQAuQk2MAwDBAO5Z0gDBAC5Z0oD
BAK5c5ADBAK5eeQDBAK55WgDBAK55vgDBAG57D4DBAK59ewDBAC81hsDBALAptQD
BADBE2oDBADBKjQDBAHBKjYDBALCBJwDBADLAAgDBAHVIPgDBADfG3AwDQYJKoZI
hvcNAQELBQADggEBAEWDGZPj+CEPc6mz7VtgJf2Yn9E5xOhe9cp/F8oChNMk71rS
DYSLdr6/AZ14EBtTz2DE7jLWwPPGDYRsO0o+XtOcNsB3O6PnvhAwsRYk6KrnGf5P
3rXD9/roUOkM5x8bP8F8tTyTl+WptkXpI20FFSwqakUlg0+SuSAPZ3NlNnHV4xpm
gM2/iod6GnZRNBK8JPZkgHriU6lGHdUMg3aVCWqReto49i1Oz/YJFU3ricix48kN
JYAKWdW3yYiivDdTxk3RkvXbtUiOwO1VWFPwZaeVHcr/wixOoKjyMMy+GbxIikJ0
LAqsA9dWLelp8hn17sEZ44DeSg0b1DKrZV+pKjc=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:41:35 2025 by rpki-client