Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1zLtWKBKHdV8aCiF4z4lg6PRuZA.roa
File: 1zLtWKBKHdV8aCiF4z4lg6PRuZA.roa (raw, json)
Hash identifier: ySOc0rRBeixmXLJprXnxcOJxx2X4mBsd/TdV8rQ2G3A=
Subject key identifier: D7:32:ED:58:A0:4A:1D:D5:7C:68:28:85:E3:3E:25:83:A3:D1:B9:90
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01894DBBFA236A6981898359B3B6A10D41F1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1zLtWKBKHdV8aCiF4z4lg6PRuZA.roa
Signing time: Thu 13 Jul 2023 05:31:52 +0000
ROA not before: Thu 13 Jul 2023 05:31:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 194.169.172.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4d:bb:fa:23:6a:69:81:89:83:59:b3:b6:a1:0d:41:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 13 05:31:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d732ed58a04a1dd57c682885e33e2583a3d1b990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:27:11:18:4d:15:4d:80:00:d6:6d:35:72:3d:
b2:c7:63:e1:18:97:5e:73:d4:aa:43:97:86:82:d2:
8e:4d:47:6c:2f:e5:0c:af:dd:ff:d3:8b:4e:81:a0:
56:59:b9:35:7e:ac:2b:3f:0e:e0:00:65:d5:51:63:
8d:ab:8c:80:0a:e1:4d:f5:02:c3:71:e9:97:78:bd:
2b:fd:44:9e:f1:34:56:19:71:02:38:1d:99:4a:9b:
d3:06:32:27:b4:04:83:da:5f:74:01:69:d1:a1:03:
0f:04:7b:36:60:24:55:b8:cd:f9:61:42:8d:02:8c:
5f:1b:5a:04:92:a9:07:49:71:a1:56:b2:ac:e1:72:
26:33:86:70:32:c1:2e:ad:d8:81:1b:cb:3b:65:e2:
17:8f:28:d5:29:ae:a1:83:f5:c7:fc:90:1a:44:83:
3d:aa:09:c8:ab:dd:5a:b9:64:65:fc:39:fd:e9:6e:
c4:48:f9:5c:9a:25:c5:98:a0:7e:ca:9b:d3:e9:d5:
67:17:d6:a7:5a:2f:1e:87:c1:40:4c:1c:26:3a:67:
b0:6a:7a:cd:36:aa:78:81:2e:8d:ef:9e:22:f2:dc:
0b:36:fd:3e:5a:7e:a6:da:b8:b4:7a:a9:68:ff:27:
db:02:1b:73:8b:f8:67:89:b9:be:46:d2:77:22:bd:
6d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:32:ED:58:A0:4A:1D:D5:7C:68:28:85:E3:3E:25:83:A3:D1:B9:90
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1zLtWKBKHdV8aCiF4z4lg6PRuZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.8.93.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
84.54.49.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.49.87.0/24
194.55.187.0/24
194.55.225.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
53:35:d0:c9:99:92:20:96:8b:bc:94:45:72:ef:1e:4e:34:e4:
b2:44:ea:1d:48:02:36:46:71:1c:ae:80:4e:c0:28:47:9d:45:
76:42:2a:b8:96:24:16:14:04:73:48:9a:46:a3:79:a1:76:2f:
66:82:82:00:32:58:c0:97:bf:f6:bb:08:67:14:52:b7:c8:ed:
83:ce:2e:7e:df:e9:d3:a1:48:09:8f:3c:9a:28:8e:bc:95:24:
91:77:89:ed:e8:29:b9:0a:bc:16:cf:75:e1:a4:1a:d9:18:5c:
4b:b8:14:37:33:f8:54:e3:1f:d4:b0:a6:de:b8:37:8c:8e:1f:
6e:8a:f5:73:97:32:41:5a:0e:47:9b:be:ab:ee:62:df:32:c0:
ef:d1:64:a5:e0:e9:38:25:63:2d:ca:ec:49:3e:62:e8:4c:2f:
57:cf:52:8f:59:78:a2:c4:6d:c9:2b:5c:05:de:d5:cf:1f:d4:
8e:6e:e9:f0:bc:8e:2b:5d:9a:3c:6f:77:25:65:ac:dd:37:41:
28:f3:bc:99:07:4b:c5:f7:b1:60:6c:11:2f:e4:de:d0:83:2a:
70:2e:38:00:7c:5e:1f:54:cf:20:4b:3f:0e:39:c5:00:d3:4a:
45:53:67:d8:fd:2d:c4:41:17:8c:ff:3d:96:e5:53:8e:6c:fe:
43:17:3f:54
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYlNu/ojammBiYNZs7ahDUHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzEzMDUzMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzMyZWQ1OGEwNGExZGQ1N2M2ODI4ODVlMzNlMjU4M2EzZDFiOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmScRGE0VTYAA1m01cj2yx2PhGJde
c9SqQ5eGgtKOTUdsL+UMr93/04tOgaBWWbk1fqwrPw7gAGXVUWONq4yACuFN9QLD
cemXeL0r/USe8TRWGXECOB2ZSpvTBjIntASD2l90AWnRoQMPBHs2YCRVuM35YUKN
AoxfG1oEkqkHSXGhVrKs4XImM4ZwMsEurdiBG8s7ZeIXjyjVKa6hg/XH/JAaRIM9
qgnIq91auWRl/Dn96W7ESPlcmiXFmKB+ypvT6dVnF9anWi8eh8FATBwmOmewanrN
Nqp4gS6N754i8twLNv0+Wn6m2ri0eqlo/yfbAhtzi/hnibm+RtJ3Ir1tawIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFNcy7VigSh3VfGgoheM+JYOj0bmQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMXpMdFdLQktIZFY4YUNpRjR6NGxnNlBSdVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAC
O/0DBAAtCF0DBAAtVFsDBAAtWEADBAAtWFsDBABUNjEDBABcd8YDBABc+TIDBABe
mqIDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogMEAMEZ2QME
AMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMIxVwME
AMI3uwMEAMI34QMEAMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEAUzXQyZmS
IJaLvJRFcu8eTjTkskTqHUgCNkZxHK6ATsAoR51FdkIquJYkFhQEc0iaRqN5oXYv
ZoKCADJYwJe/9rsIZxRSt8jtg84uft/p06FICY88miiOvJUkkXeJ7egpuQq8Fs91
4aQa2RhcS7gUNzP4VOMf1LCm3rg3jI4fbor1c5cyQVoOR5u+q+5i3zLA79FkpeDp
OCVjLcrsST5i6EwvV89Sj1l4osRtyStcBd7Vzx/Ujm7p8LyOK12aPG93JWWs3TdB
KPO8mQdLxfexYGwRL+Te0IMqcC44AHxeH1TPIEs/DjnFANNKRVNn2P0txEEXjP89
luVTjmz+Qxc/VA==
-----END CERTIFICATE-----
Generated at Tue May 13 16:35:58 2025 by rpki-client