Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/_AnaFEXX7Mn2UUJOew-pj_0Udgo.roa
File: _AnaFEXX7Mn2UUJOew-pj_0Udgo.roa (raw, json)
Hash identifier: 9lCeOMYbbXH2elrUew/Z2V4P/jBUDx2dtDHHfCaHmUQ=
Subject key identifier: FC:09:DA:14:45:D7:EC:C9:F6:51:42:4E:7B:0F:A9:8F:FD:14:76:0A
Certificate issuer: /CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Certificate serial: 018CC9BBA6CDD2763F5726E70B6E38C7D7D6
Authority key identifier: CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/_AnaFEXX7Mn2UUJOew-pj_0Udgo.roa
Signing time: Tue 02 Jan 2024 10:32:47 +0000
ROA not before: Tue 02 Jan 2024 10:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 213.144.98.0/24 maxlen: 24
213.144.96.0/24 maxlen: 24
213.144.97.0/24 maxlen: 24
213.144.99.0/24 maxlen: 24
213.144.100.0/24 maxlen: 24
213.144.105.0/24 maxlen: 24
213.144.101.0/24 maxlen: 24
213.144.102.0/24 maxlen: 24
213.144.103.0/24 maxlen: 24
213.144.104.0/24 maxlen: 24
213.144.111.0/24 maxlen: 24
213.144.112.0/24 maxlen: 24
213.144.108.0/24 maxlen: 24
213.144.109.0/24 maxlen: 24
213.144.110.0/24 maxlen: 24
213.144.106.0/24 maxlen: 24
213.144.107.0/24 maxlen: 24
213.144.118.0/24 maxlen: 24
213.144.115.0/24 maxlen: 24
213.144.116.0/24 maxlen: 24
213.144.117.0/24 maxlen: 24
213.144.113.0/24 maxlen: 24
213.144.114.0/24 maxlen: 24
213.144.125.0/24 maxlen: 24
213.144.122.0/24 maxlen: 24
213.144.123.0/24 maxlen: 24
213.144.124.0/24 maxlen: 24
213.144.119.0/24 maxlen: 24
213.144.120.0/24 maxlen: 24
213.144.121.0/24 maxlen: 24
213.144.126.0/24 maxlen: 24
213.144.127.0/24 maxlen: 24
77.92.110.0/24 maxlen: 24
77.92.111.0/24 maxlen: 24
77.92.112.0/24 maxlen: 24
77.92.106.0/24 maxlen: 24
77.92.107.0/24 maxlen: 24
77.92.108.0/24 maxlen: 24
77.92.109.0/24 maxlen: 24
77.92.117.0/24 maxlen: 24
77.92.118.0/24 maxlen: 24
77.92.113.0/24 maxlen: 24
77.92.114.0/24 maxlen: 24
77.92.115.0/24 maxlen: 24
77.92.116.0/24 maxlen: 24
77.92.124.0/24 maxlen: 24
77.92.125.0/24 maxlen: 24
77.92.120.0/24 maxlen: 24
77.92.121.0/24 maxlen: 24
77.92.122.0/24 maxlen: 24
77.92.123.0/24 maxlen: 24
77.92.119.0/24 maxlen: 24
77.92.127.0/24 maxlen: 24
77.92.126.0/24 maxlen: 24
185.115.210.0/24 maxlen: 24
185.115.211.0/24 maxlen: 24
185.115.208.0/24 maxlen: 24
77.92.96.0/24 maxlen: 24
77.92.97.0/24 maxlen: 24
77.92.98.0/24 maxlen: 24
77.92.103.0/24 maxlen: 24
77.92.104.0/24 maxlen: 24
77.92.105.0/24 maxlen: 24
77.92.99.0/24 maxlen: 24
77.92.100.0/24 maxlen: 24
77.92.101.0/24 maxlen: 24
77.92.102.0/24 maxlen: 24
31.40.240.0/24 maxlen: 24
31.40.241.0/24 maxlen: 24
31.40.242.0/24 maxlen: 24
31.40.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:a6:cd:d2:76:3f:57:26:e7:0b:6e:38:c7:d7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Validity
Not Before: Jan 2 10:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc09da1445d7ecc9f651424e7b0fa98ffd14760a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d6:69:a4:2d:56:bb:27:81:a9:01:63:de:0f:
80:e9:b8:fd:78:e7:5a:a0:62:a0:43:45:22:ea:ae:
93:95:f2:9f:19:da:02:82:1c:c5:78:79:4e:0b:1d:
05:02:f4:e5:37:61:cd:2a:91:70:e5:25:70:c0:ef:
e6:ac:ff:cc:c8:c6:74:f4:1c:f5:48:de:59:7b:2c:
1d:47:99:7e:cc:12:73:11:de:35:55:7f:0f:e8:53:
6e:7e:5b:8a:e6:90:96:5e:7e:e3:8a:ec:17:65:34:
85:60:a2:93:a1:1b:8e:90:0b:3d:32:c6:3b:b2:f0:
87:3a:e5:b5:9c:69:1d:2a:c8:d6:25:df:27:5a:2e:
25:0b:66:8e:a8:9f:3c:a2:92:70:6b:e5:cc:cd:b2:
23:a2:3d:40:ee:c8:61:55:be:b9:49:b3:ea:09:db:
da:a3:a0:bf:31:58:1d:fc:8d:5e:b5:89:44:c3:dc:
03:9a:a0:d7:56:f8:4a:d8:4f:9d:91:71:85:cd:be:
93:db:08:8a:ba:f5:b4:4b:3c:2c:16:4f:52:66:b0:
9c:a8:f9:69:df:b2:f4:fb:b9:97:c6:db:cc:ef:b4:
3c:45:27:79:7d:f3:a0:fd:8b:85:0c:de:2c:0b:47:
c8:3f:e7:35:bc:f8:39:5e:89:2c:f3:53:16:2a:46:
f9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:09:DA:14:45:D7:EC:C9:F6:51:42:4E:7B:0F:A9:8F:FD:14:76:0A
X509v3 Authority Key Identifier:
keyid:CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/_AnaFEXX7Mn2UUJOew-pj_0Udgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.240.0/22
77.92.96.0/19
185.115.208.0/24
185.115.210.0/23
213.144.96.0/19
Signature Algorithm: sha256WithRSAEncryption
77:48:b9:c6:7c:71:37:79:93:88:51:88:e0:f7:99:1d:7b:bd:
93:a0:dc:e8:e8:ec:4b:95:db:e7:11:77:b8:e0:7e:b9:cc:b6:
05:95:4d:9a:01:a8:05:7a:dd:d8:d2:1d:d9:b3:15:e3:46:31:
b6:a8:91:f7:c2:82:49:60:ca:19:11:5f:87:64:be:68:58:1e:
e0:15:1f:62:95:0f:da:3c:f4:86:f1:26:48:4f:ba:74:0c:5b:
c4:89:ba:df:fe:9c:1e:dd:f3:9e:27:7b:39:0b:96:29:a9:0a:
4a:f6:71:7c:f0:52:1c:74:c4:17:5e:9b:44:5a:68:27:bd:6a:
80:45:86:b5:c5:ea:6a:bc:ce:62:b6:f6:7f:db:95:e6:29:c4:
6f:bc:62:70:66:5b:6b:b1:ef:44:15:96:44:4b:24:73:83:00:
8d:9b:fc:c9:85:5b:05:a2:4b:50:df:a6:e4:65:ed:04:fa:05:
29:f8:fd:7b:d1:77:b1:c5:53:72:f7:4e:55:6a:bd:a9:87:9c:
08:a0:e2:77:ee:63:7b:b6:63:ee:64:89:5b:89:f8:4e:4b:e6:
9b:47:a0:fb:a2:22:1a:9a:e7:ae:9c:ea:ae:44:0f:2d:4d:d7:
76:ef:46:f9:61:db:70:7a:1d:9d:c0:27:12:7c:0b:7c:ee:dd:
87:c1:04:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJu6bN0nY/VybnC244x9fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTYyMThjMjBlZmQ4ZmU1M2ZjYTk5OTBiNzI1ZGQ3OTYz
Yzg4NWMwHhcNMjQwMTAyMTAzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzA5ZGExNDQ1ZDdlY2M5ZjY1MTQyNGU3YjBmYTk4ZmZkMTQ3NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNZppC1WuyeBqQFj3g+A6bj9eOda
oGKgQ0Ui6q6TlfKfGdoCghzFeHlOCx0FAvTlN2HNKpFw5SVwwO/mrP/MyMZ09Bz1
SN5ZeywdR5l+zBJzEd41VX8P6FNufluK5pCWXn7jiuwXZTSFYKKToRuOkAs9MsY7
svCHOuW1nGkdKsjWJd8nWi4lC2aOqJ88opJwa+XMzbIjoj1A7shhVb65SbPqCdva
o6C/MVgd/I1etYlEw9wDmqDXVvhK2E+dkXGFzb6T2wiKuvW0SzwsFk9SZrCcqPlp
37L0+7mXxtvM77Q8RSd5ffOg/YuFDN4sC0fIP+c1vPg5Xoks81MWKkb53wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPwJ2hRF1+zJ9lFCTnsPqY/9FHYKMB8GA1UdIwQY
MBaAFMqWIYwg79j+U/ypmQtyXdeWPIhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAt
ZDcxMmQ0NzM4MDQ2LzEvX0FuYUZFWFg3TW4yVVVKT2V3LXBqXzBVZGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAtZDcxMmQ0NzM4MDQ2
LzEveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHyjwAwQF
TVxgAwQAuXPQAwQBuXPSAwQF1ZBgMA0GCSqGSIb3DQEBCwUAA4IBAQB3SLnGfHE3
eZOIUYjg95kde72ToNzo6OxLldvnEXe44H65zLYFlU2aAagFet3Y0h3ZsxXjRjG2
qJH3woJJYMoZEV+HZL5oWB7gFR9ilQ/aPPSG8SZIT7p0DFvEibrf/pwe3fOeJ3s5
C5YpqQpK9nF88FIcdMQXXptEWmgnvWqARYa1xepqvM5itvZ/25XmKcRvvGJwZltr
se9EFZZESyRzgwCNm/zJhVsFoktQ36bkZe0E+gUp+P170XexxVNy905Var2ph5wI
oOJ37mN7tmPuZIlbifhOS+abR6D7oiIamueunOquRA8tTdd270b5Ydtweh2dwCcS
fAt87t2HwQSE
-----END CERTIFICATE-----
Generated at Tue May 13 00:31:05 2025 by rpki-client