Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/ZxyBZUunAChPzgZWGtPGnoArGrU.roa
File: ZxyBZUunAChPzgZWGtPGnoArGrU.roa (raw, json)
Hash identifier: RG5dGu15PiWDLMPlxXr9ZsfVhU7f145bxO7z1DwHA+w=
Subject key identifier: 67:1C:81:65:4B:A7:00:28:4F:CE:06:56:1A:D3:C6:9E:80:2B:1A:B5
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018EA94FF7EE6BE07FD7DB07543AFB1E9D08
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/ZxyBZUunAChPzgZWGtPGnoArGrU.roa
Signing time: Thu 04 Apr 2024 13:32:54 +0000
ROA not before: Thu 04 Apr 2024 13:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43754
IP address blocks: 78.110.120.0/24 maxlen: 24
78.110.122.0/24 maxlen: 24
78.110.123.0/24 maxlen: 24
86.57.0.0/17 maxlen: 32
88.135.36.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
152.89.44.0/24 maxlen: 24
152.89.46.0/24 maxlen: 24
152.89.47.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.58.240.0/24 maxlen: 24
185.58.241.0/24 maxlen: 24
185.58.242.0/24 maxlen: 24
185.58.243.0/24 maxlen: 24
185.112.151.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.141.105.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
185.141.107.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
188.209.153.0/24 maxlen: 24
195.110.38.0/24 maxlen: 24
195.211.45.0/24 maxlen: 24
195.211.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:4f:f7:ee:6b:e0:7f:d7:db:07:54:3a:fb:1e:9d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Apr 4 13:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=671c81654ba700284fce06561ad3c69e802b1ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:04:f7:8c:fe:b3:9d:f3:40:40:5a:17:0d:4d:
0e:d5:f1:a7:82:37:d1:4d:9d:28:a9:a6:9b:8f:d3:
08:91:fb:35:6f:28:ec:bf:5d:cc:df:c7:33:8c:77:
b6:89:6e:29:16:5c:e3:be:67:97:ef:9e:c5:10:42:
d0:2b:df:7f:eb:c4:0e:66:d3:23:eb:f6:ba:12:cb:
cc:f3:e7:c0:94:74:96:df:3c:d0:10:27:a3:4b:57:
a0:55:7e:98:9e:48:1f:45:5c:6d:d0:14:e4:13:2b:
c3:c6:46:8b:08:6d:5a:65:76:48:44:d3:37:0d:ab:
ad:f0:3f:a2:65:40:5e:36:01:f2:6e:ca:a4:96:09:
1f:db:8e:bc:5f:be:eb:59:fc:d1:38:db:d3:03:ee:
bf:71:39:e1:cf:aa:3d:27:c9:14:27:0a:f8:5f:2b:
c7:1b:42:6d:4d:9e:2a:8b:15:6f:7e:d3:ca:75:b9:
e4:9d:a4:69:91:29:9d:32:ed:78:13:4b:53:cd:56:
90:5b:d9:be:92:e9:c2:e5:6f:52:b3:d0:1b:e7:47:
f8:dc:9c:20:e5:1c:c1:6a:1c:c8:20:ef:b9:58:8a:
6a:85:a5:ff:9f:3f:f8:21:1a:3b:0d:19:9e:99:e2:
89:2e:2b:c2:f1:2f:b5:a4:99:eb:d4:e8:dd:9d:9c:
d7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1C:81:65:4B:A7:00:28:4F:CE:06:56:1A:D3:C6:9E:80:2B:1A:B5
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/ZxyBZUunAChPzgZWGtPGnoArGrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.120.0/24
78.110.122.0/23
86.57.0.0/17
88.135.36.0/22
91.236.168.0/23
152.89.44.0/24
152.89.46.0/23
185.18.213.0-185.18.214.255
185.51.200.0/22
185.58.240.0/22
185.112.151.0/24
185.128.136.0/24
185.141.105.0-185.141.107.255
185.141.132.0/24
185.141.135.0/24
188.209.153.0/24
195.110.38.0/24
195.211.45.0-195.211.46.255
Signature Algorithm: sha256WithRSAEncryption
62:a3:8b:09:b1:22:28:5a:7c:48:46:ed:37:0f:68:aa:e8:98:
47:c8:39:27:df:57:02:7b:5f:ca:88:cf:1e:e9:5c:b5:af:0a:
98:c7:85:cc:d0:83:fa:ea:c8:00:4b:e3:00:a4:dd:0a:16:a0:
a9:0b:8d:fb:a7:a2:90:ee:57:5a:99:64:a2:75:19:04:00:c5:
d2:d0:b6:11:ef:a2:e6:15:1a:44:51:61:67:13:1c:d9:b0:54:
98:d2:1b:b0:e7:86:33:d4:21:a2:31:c0:6b:02:f1:49:70:11:
8f:f7:42:ba:6c:24:a1:89:20:2f:0d:95:b4:97:cc:ec:97:42:
cf:96:ec:72:a1:5a:69:23:8d:a6:14:16:96:dd:6e:aa:9c:d0:
0f:58:0a:67:a4:96:11:c0:02:02:8d:44:18:94:03:63:69:a3:
8b:0f:ba:ee:3c:72:4c:4a:81:0a:e0:e0:d8:ae:c0:e6:a8:f2:
43:3e:81:c8:fc:f8:30:25:4f:ba:6f:51:b8:f9:f8:3d:16:5c:
f3:5e:02:a2:6f:54:26:56:81:50:51:5a:0d:33:1b:9e:2a:38:
74:74:f6:e5:3a:9b:e8:c3:ea:b8:5f:60:1b:7b:2a:f8:8a:f6:
ee:24:ae:35:c4:05:f6:57:1d:3b:38:71:59:77:b9:ce:8a:6e:
85:f4:dc:5b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY6pT/fua+B/19sHVDr7Hp0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjQwNDA0MTMzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFjODE2NTRiYTcwMDI4NGZjZTA2NTYxYWQzYzY5ZTgwMmIxYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgT3jP6znfNAQFoXDU0O1fGngjfR
TZ0oqaabj9MIkfs1byjsv13M38czjHe2iW4pFlzjvmeX757FEELQK99/68QOZtMj
6/a6EsvM8+fAlHSW3zzQECejS1egVX6YnkgfRVxt0BTkEyvDxkaLCG1aZXZIRNM3
Daut8D+iZUBeNgHybsqklgkf2468X77rWfzRONvTA+6/cTnhz6o9J8kUJwr4XyvH
G0JtTZ4qixVvftPKdbnknaRpkSmdMu14E0tTzVaQW9m+kunC5W9Ss9Ab50f43Jwg
5RzBahzIIO+5WIpqhaX/nz/4IRo7DRmemeKJLivC8S+1pJnr1OjdnZzX8QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFGccgWVLpwAoT84GVhrTxp6AKxq1MB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvWnh5QlpVdW5BQ2hQemdaV0d0UEdub0FyR3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBABO
bngDBAFObnoDBAdWOQADBAJYhyQDBAFb7KgDBACYWSwDBAGYWS4wDAMEALkS1QME
ALkS1gMEArkzyAMEArk68AMEALlwlwMEALmAiDAMAwQAuY1pAwQCuY1oAwQAuY2E
AwQAuY2HAwQAvNGZAwQAw24mMAwDBADD0y0DBADD0y4wDQYJKoZIhvcNAQELBQAD
ggEBAGKjiwmxIihafEhG7TcPaKromEfIOSffVwJ7X8qIzx7pXLWvCpjHhczQg/rq
yABL4wCk3QoWoKkLjfunopDuV1qZZKJ1GQQAxdLQthHvouYVGkRRYWcTHNmwVJjS
G7DnhjPUIaIxwGsC8UlwEY/3QrpsJKGJIC8NlbSXzOyXQs+W7HKhWmkjjaYUFpbd
bqqc0A9YCmeklhHAAgKNRBiUA2Npo4sPuu48ckxKgQrg4NiuwOao8kM+gcj8+DAl
T7pvUbj5+D0WXPNeAqJvVCZWgVBRWg0zG54qOHR09uU6m+jD6rhfYBt7KviK9u4k
rjXEBfZXHTs4cVl3uc6KboX03Fs=
-----END CERTIFICATE-----
Generated at Sat May 17 02:22:27 2025 by rpki-client