Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N8ppacOBNhh5f-He2Ke4dw6nieA.roa
File: N8ppacOBNhh5f-He2Ke4dw6nieA.roa (raw, json)
Hash identifier: 4hWgIp0J0uaMtzm92Mqp/fLIP52hhxmilfhygKpcFa0=
Subject key identifier: 37:CA:69:69:C3:81:36:18:79:7F:E1:DE:D8:A7:B8:77:0E:A7:89:E0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188527DF105CD1D5D1687721966E6420395
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N8ppacOBNhh5f-He2Ke4dw6nieA.roa
Signing time: Thu 25 May 2023 10:39:25 +0000
ROA not before: Thu 25 May 2023 10:39:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
87.120.130.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
82.115.210.0/23 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:7d:f1:05:cd:1d:5d:16:87:72:19:66:e6:42:03:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 25 10:39:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37ca6969c3813618797fe1ded8a7b8770ea789e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:69:83:1d:a4:ea:d5:df:e0:ef:80:11:66:ef:
4e:ad:ba:f5:06:13:75:ae:eb:57:fd:d3:62:b7:20:
9a:47:43:d2:b9:32:6a:b1:ee:e1:af:1d:d6:ee:d7:
83:4a:10:61:83:85:d3:cc:bb:5d:0b:57:34:19:19:
a1:14:b1:01:ab:e3:20:63:f5:eb:1d:2a:a5:38:6c:
e8:c6:0a:9b:c9:a4:87:fe:79:24:c7:9e:3c:12:9f:
1f:a9:5a:81:5c:39:58:56:43:d6:46:1c:44:70:6f:
7f:2c:b0:89:ad:78:47:1a:60:94:d6:4d:a2:c4:a7:
a9:21:f5:cf:21:55:ed:fc:5a:9a:00:05:a0:60:1a:
f3:7d:89:b4:16:57:be:db:f4:b7:15:1e:68:e0:c3:
b1:ac:bc:a1:4e:92:db:e3:be:88:f4:f3:cc:2c:ff:
e8:d2:05:a6:92:30:e8:f4:8b:f4:98:f2:15:89:41:
18:86:b4:82:3b:86:cd:af:86:8e:54:90:e3:0f:62:
c4:bf:54:e8:27:1c:8a:5b:2b:b2:c3:1b:43:32:4e:
4a:33:43:44:09:66:75:dd:61:16:16:79:00:15:6a:
2d:ff:0e:25:d3:ff:5b:d9:4c:33:13:7e:8a:56:2a:
81:ba:a2:e1:dc:c2:e1:2f:a9:b3:c5:ad:2c:04:f6:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CA:69:69:C3:81:36:18:79:7F:E1:DE:D8:A7:B8:77:0E:A7:89:E0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N8ppacOBNhh5f-He2Ke4dw6nieA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/23
83.219.97.0/24
87.120.130.0/24
87.121.124.0/23
87.121.162.0/24
87.121.220.0/24
91.200.192.0/22
93.123.39.0/24
94.154.172.0/24
94.156.160.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
185.246.223.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:c9:74:02:ba:29:9b:11:21:7a:01:d7:a3:7c:5a:e5:f4:e8:
cd:19:ef:99:c9:1d:57:1e:1c:39:b0:de:9e:3a:c5:64:5a:9f:
d1:3a:d1:82:d9:3d:ef:60:ea:36:1c:3a:7b:11:fe:44:d3:00:
8b:b0:e6:85:a9:17:5e:a1:da:4d:f0:ea:96:3a:d0:ca:89:48:
e6:37:7d:8e:47:80:01:84:8c:1f:81:c4:88:c5:c8:39:34:e3:
ed:3a:90:f2:f5:3d:f8:52:cf:3a:7d:3b:56:a4:29:87:29:50:
e5:37:fb:4b:bd:b3:42:a1:f5:ab:df:b1:f6:d0:72:2d:39:12:
a9:b3:38:70:b7:c0:88:e1:6f:46:27:6b:ee:03:b4:23:03:ad:
e4:3e:27:ac:65:25:6d:29:a8:63:b3:95:c2:fd:68:95:22:00:
af:42:44:ef:77:01:0e:7f:4d:53:ff:ba:75:2e:8c:d3:a5:1d:
ad:c3:55:5a:15:a1:01:2f:d9:86:03:ff:54:81:07:de:73:d6:
1e:ad:0a:69:fb:61:9a:81:af:c0:fd:03:87:d7:8c:33:bd:55:
9c:cf:4e:e4:17:4a:df:2e:a0:6e:74:41:29:a9:a2:0a:89:1a:
91:b9:c2:b9:07:ab:53:33:cb:e8:78:df:1f:ae:35:87:1c:cb:
db:70:01:34
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYhSffEFzR1dFodyGWbmQgOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTI1MTAzOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NhNjk2OWMzODEzNjE4Nzk3ZmUxZGVkOGE3Yjg3NzBlYTc4OWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGmDHaTq1d/g74ARZu9Orbr1BhN1
rutX/dNityCaR0PSuTJqse7hrx3W7teDShBhg4XTzLtdC1c0GRmhFLEBq+MgY/Xr
HSqlOGzoxgqbyaSH/nkkx548Ep8fqVqBXDlYVkPWRhxEcG9/LLCJrXhHGmCU1k2i
xKepIfXPIVXt/FqaAAWgYBrzfYm0Fle+2/S3FR5o4MOxrLyhTpLb476I9PPMLP/o
0gWmkjDo9Iv0mPIViUEYhrSCO4bNr4aOVJDjD2LEv1ToJxyKWyuywxtDMk5KM0NE
CWZ13WEWFnkAFWot/w4l0/9b2UwzE36KViqBuqLh3MLhL6mzxa0sBPa9dQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFDfKaWnDgTYYeX/h3tinuHcOp4ngMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTjhwcGFjT0JOaGg1Zi1IZTJLZTRkdzZuaWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAt
CZwDBAAtDP8DBAAtQuQDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABRoeYDBABR
oe8DBAFSc9IDBABT22EDBABXeIIDBAFXeXwDBABXeaIDBABXedwDBAJbyMADBABd
eycDBABemqwDBABenKADBABenPgDBABenPoDBAGTTmQwDAMEAKsWEQMEAKsWEgME
AKsWHwMEALLX4gMEALLX7gMEALn23wMEAMEjEwMEAMK0JzANBgkqhkiG9w0BAQsF
AAOCAQEAb8l0AropmxEhegHXo3xa5fTozRnvmckdVx4cObDenjrFZFqf0TrRgtk9
72DqNhw6exH+RNMAi7DmhakXXqHaTfDqljrQyolI5jd9jkeAAYSMH4HEiMXIOTTj
7TqQ8vU9+FLPOn07VqQphylQ5Tf7S72zQqH1q9+x9tByLTkSqbM4cLfAiOFvRidr
7gO0IwOt5D4nrGUlbSmoY7OVwv1olSIAr0JE73cBDn9NU/+6dS6M06UdrcNVWhWh
AS/ZhgP/VIEH3nPWHq0KafthmoGvwP0Dh9eMM71VnM9O5BdK3y6gbnRBKamiCoka
kbnCuQerUzPL6HjfH641hxzL23ABNA==
-----END CERTIFICATE-----
Generated at Tue May 13 17:19:50 2025 by rpki-client