Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qTAvN8X_NtSyQwZNmq386FtNKmM.roa
File: qTAvN8X_NtSyQwZNmq386FtNKmM.roa (raw, json)
Hash identifier: xenqeoidJ/lIBVl7PaLNXnNALD3mnNLxEonV6lvwPe8=
Subject key identifier: A9:30:2F:37:C5:FF:36:D4:B2:43:06:4D:9A:AD:FC:E8:5B:4D:2A:63
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CB0BE1E80DF0838E7C9A0B75BD1AFA569
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qTAvN8X_NtSyQwZNmq386FtNKmM.roa
Signing time: Thu 28 Dec 2023 14:04:58 +0000
ROA not before: Thu 28 Dec 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:be:1e:80:df:08:38:e7:c9:a0:b7:5b:d1:af:a5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 28 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9302f37c5ff36d4b243064d9aadfce85b4d2a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c1:e0:12:5d:9f:96:83:5a:43:72:39:14:67:
3d:11:36:39:ea:d5:8d:41:87:0b:08:36:8e:66:b1:
17:4f:3f:b9:ed:fd:8d:83:ae:f5:dc:21:53:36:ef:
bb:ff:b7:7a:12:97:95:94:46:76:8b:e0:a9:6e:a4:
2a:8e:2f:a8:5e:da:e0:f0:b8:3d:c0:c8:96:53:00:
03:f9:be:09:fe:e2:aa:78:cb:9c:b6:05:68:76:95:
1e:25:95:34:98:22:c3:2b:1d:50:95:ec:f2:51:9d:
7d:48:c5:7e:8e:e6:96:8e:90:f8:b4:f3:0d:19:4d:
af:75:ca:39:d1:cf:6b:de:26:19:1b:97:b0:32:99:
e6:31:47:14:84:a6:e1:da:f0:fc:3b:42:31:69:13:
98:06:cb:80:4e:68:50:07:f2:8a:a4:63:f4:89:57:
31:d0:01:02:2c:4d:9b:04:43:cb:6f:08:87:49:2a:
73:8b:a9:df:aa:88:ff:cc:49:6c:f8:e6:72:16:a1:
b8:b1:f2:0f:ee:1f:2b:23:8c:96:48:a8:bf:dc:36:
f6:34:d2:64:bd:d8:07:d6:64:a5:4a:d3:ed:76:6e:
fe:20:da:c0:c0:1e:cb:12:32:cc:a3:9e:2f:e7:e2:
6a:73:50:1c:6d:59:93:d6:58:8c:b6:67:60:15:a0:
1d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:30:2F:37:C5:FF:36:D4:B2:43:06:4D:9A:AD:FC:E8:5B:4D:2A:63
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qTAvN8X_NtSyQwZNmq386FtNKmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
82.115.210.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
94.154.172.0/24
94.156.248.0/24
147.78.100.0/24
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:7b:2b:a1:67:69:d5:33:1c:d9:0c:d4:c6:c2:01:d6:88:08:
00:da:8e:bb:ca:06:6e:59:b4:dd:29:b6:75:3c:f0:29:e1:d9:
d9:63:65:3d:26:2b:fd:c0:38:ba:0d:cd:36:f9:09:4a:73:2c:
b3:cc:ea:d3:26:d7:74:aa:9c:8d:e1:7b:ce:f2:d5:50:19:11:
48:e5:83:30:12:78:51:89:96:d5:0f:88:d9:47:4b:98:57:eb:
bd:d8:52:2d:00:2b:4f:e8:a6:43:76:f3:d6:ab:80:10:44:d3:
fa:54:72:81:8d:ab:17:9d:f8:a8:5d:92:2d:03:8a:02:6b:58:
a0:64:a9:f7:0c:d3:96:2a:37:82:b1:0c:ea:5d:dc:39:ae:f8:
47:c9:2d:6c:4d:4e:d1:0c:81:1a:03:8e:e5:e4:a0:c5:6b:b3:
74:15:a3:0a:19:1c:03:7e:aa:e4:fd:99:3a:f9:31:18:7d:c5:
dc:33:91:47:8e:0c:6a:0c:32:fa:e5:bf:cc:2f:a1:74:e7:4e:
85:53:18:52:0e:24:bb:e8:4d:e3:6a:bc:c3:a0:35:d2:03:34:
f2:a7:ce:5e:ac:0c:49:bd:5c:12:58:49:99:4c:2c:48:37:24:
6e:5f:47:c3:25:ab:ac:4b:37:41:b9:8e:17:e0:92:76:3d:dc:
13:eb:4c:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYywvh6A3wg458mgt1vRr6VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjI4MTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTMwMmYzN2M1ZmYzNmQ0YjI0MzA2NGQ5YWFkZmNlODViNGQyYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8HgEl2floNaQ3I5FGc9ETY56tWN
QYcLCDaOZrEXTz+57f2Ng6713CFTNu+7/7d6EpeVlEZ2i+CpbqQqji+oXtrg8Lg9
wMiWUwAD+b4J/uKqeMuctgVodpUeJZU0mCLDKx1QlezyUZ19SMV+juaWjpD4tPMN
GU2vdco50c9r3iYZG5ewMpnmMUcUhKbh2vD8O0IxaROYBsuATmhQB/KKpGP0iVcx
0AECLE2bBEPLbwiHSSpzi6nfqoj/zEls+OZyFqG4sfIP7h8rI4yWSKi/3Db2NNJk
vdgH1mSlStPtdm7+INrAwB7LEjLMo54v5+Jqc1AcbVmT1liMtmdgFaAdIQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFKkwLzfF/zbUskMGTZqt/OhbTSpjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcVRBdk44WF9OdFN5UXdaTm1xMzg2RnROS21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEACWLggME
AC2BVAMEAC2NngMEAE9uPQMEAFGh7wMEAFJz0gMEAVd5fAMEAFd5ogMEAlvIwAME
AF6arAMEAF6c+AMEAJNOZDAMAwQAqxYRAwQAqxYSAwQAqxYfAwQAwRnYAwQAwSMT
MA0GCSqGSIb3DQEBCwUAA4IBAQAOeyuhZ2nVMxzZDNTGwgHWiAgA2o67ygZuWbTd
KbZ1PPAp4dnZY2U9Jiv9wDi6Dc02+QlKcyyzzOrTJtd0qpyN4XvO8tVQGRFI5YMw
EnhRiZbVD4jZR0uYV+u92FItACtP6KZDdvPWq4AQRNP6VHKBjasXnfioXZItA4oC
a1igZKn3DNOWKjeCsQzqXdw5rvhHyS1sTU7RDIEaA47l5KDFa7N0FaMKGRwDfqrk
/Zk6+TEYfcXcM5FHjgxqDDL65b/ML6F0506FUxhSDiS76E3jarzDoDXSAzTyp85e
rAxJvVwSWEmZTCxINyRuX0fDJausSzdBuY4X4JJ2PdwT60xZ
-----END CERTIFICATE-----
Generated at Wed May 14 00:07:39 2025 by rpki-client