Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/NINVuZJDoRBZN4A9m-rIw042SAM.roa
File: NINVuZJDoRBZN4A9m-rIw042SAM.roa (raw, json)
Hash identifier: cuYSoWQRRrhYBzfCA6iRCbyyhIMCtRS8tf9PIgjzhqw=
Subject key identifier: 34:83:55:B9:92:43:A1:10:59:37:80:3D:9B:EA:C8:C3:4E:36:48:03
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 0187CBDC3F3BC7B128C9AD4FB4854E2C48B7
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/NINVuZJDoRBZN4A9m-rIw042SAM.roa
Signing time: Sat 29 Apr 2023 07:13:41 +0000
ROA not before: Sat 29 Apr 2023 07:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9119
IP address blocks: 85.208.172.0/24 maxlen: 24
185.175.0.0/22 maxlen: 22
80.65.174.0/24 maxlen: 24
80.65.173.0/24 maxlen: 24
80.65.175.0/24 maxlen: 24
194.39.85.0/24 maxlen: 24
213.253.120.0/22 maxlen: 22
213.253.124.0/22 maxlen: 22
91.132.74.0/23 maxlen: 23
2.58.48.0/22 maxlen: 22
80.65.166.0/24 maxlen: 24
80.65.165.0/24 maxlen: 24
80.65.160.0/24 maxlen: 24
80.65.160.0/20 maxlen: 20
80.65.164.0/24 maxlen: 24
80.65.163.0/24 maxlen: 24
80.65.162.0/24 maxlen: 24
80.65.161.0/24 maxlen: 24
80.65.172.0/24 maxlen: 24
80.65.167.0/24 maxlen: 24
80.65.171.0/24 maxlen: 24
80.65.170.0/24 maxlen: 24
80.65.169.0/24 maxlen: 24
80.65.168.0/24 maxlen: 24
147.78.219.0/24 maxlen: 24
147.78.216.0/24 maxlen: 24
147.78.216.0/22 maxlen: 22
213.253.96.0/20 maxlen: 20
213.253.96.0/21 maxlen: 21
217.199.132.0/24 maxlen: 24
217.199.131.0/24 maxlen: 24
213.253.104.0/22 maxlen: 22
217.199.130.0/24 maxlen: 24
217.199.129.0/24 maxlen: 24
217.199.128.0/20 maxlen: 24
217.199.128.0/24 maxlen: 24
217.199.133.0/24 maxlen: 24
217.199.139.0/24 maxlen: 24
213.253.112.0/22 maxlen: 22
217.199.138.0/24 maxlen: 24
213.253.111.0/24 maxlen: 24
217.199.134.0/24 maxlen: 24
217.199.137.0/24 maxlen: 24
217.199.136.0/24 maxlen: 24
213.253.110.0/24 maxlen: 24
213.253.108.0/22 maxlen: 22
217.199.135.0/24 maxlen: 24
213.253.108.0/24 maxlen: 24
213.253.109.0/24 maxlen: 24
217.199.140.0/24 maxlen: 24
213.253.116.0/22 maxlen: 22
217.199.143.0/24 maxlen: 24
217.199.142.0/24 maxlen: 24
217.199.141.0/24 maxlen: 24
213.253.64.0/19 maxlen: 19
45.15.44.0/22 maxlen: 22
212.103.128.0/19 maxlen: 19
84.41.122.0/23 maxlen: 23
84.41.120.0/23 maxlen: 23
84.41.124.0/22 maxlen: 22
84.41.96.0/21 maxlen: 21
84.41.104.0/22 maxlen: 22
84.41.108.0/23 maxlen: 23
84.41.112.0/23 maxlen: 23
84.41.111.0/24 maxlen: 24
84.41.110.0/24 maxlen: 24
84.41.115.0/24 maxlen: 24
84.41.114.0/24 maxlen: 24
84.41.116.0/22 maxlen: 22
46.163.48.0/21 maxlen: 21
46.163.58.0/24 maxlen: 24
46.163.58.0/23 maxlen: 23
46.163.56.0/23 maxlen: 23
46.163.56.0/24 maxlen: 24
46.163.59.0/24 maxlen: 24
46.163.60.0/22 maxlen: 22
45.156.140.0/23 maxlen: 23
45.156.140.0/24 maxlen: 24
45.8.0.0/22 maxlen: 22
46.163.0.0/19 maxlen: 19
46.163.32.0/20 maxlen: 20
212.13.224.0/19 maxlen: 19
84.41.32.0/19 maxlen: 19
84.41.64.0/19 maxlen: 19
84.41.0.0/18 maxlen: 18
84.41.0.0/19 maxlen: 19
84.41.0.0/21 maxlen: 21
185.54.131.0/24 maxlen: 24
185.54.130.0/24 maxlen: 24
185.54.128.0/24 maxlen: 24
185.54.128.0/23 maxlen: 23
2a0b:c300::/29 maxlen: 29
2a02:805::/33 maxlen: 33
2a0b:c306::/32 maxlen: 32
2a02:801::/33 maxlen: 33
2a02:800::/32 maxlen: 32
2a0f:2180::/29 maxlen: 29
2a0e:2e00::/29 maxlen: 29
2a0e:1e80::/29 maxlen: 29
2a09:e140::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cb:dc:3f:3b:c7:b1:28:c9:ad:4f:b4:85:4e:2c:48:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Apr 29 07:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=348355b99243a1105937803d9beac8c34e364803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:58:a8:75:f9:20:a0:22:e2:7c:7c:b2:33:
96:35:fa:07:f6:a8:bd:3c:cc:65:08:90:db:18:57:
a1:ca:59:74:15:b2:13:11:46:4e:c9:76:dc:f2:24:
f4:79:f8:2f:5e:c5:0a:1d:62:bb:39:28:a2:a4:94:
10:25:8f:77:35:bd:14:73:05:4d:eb:f2:ef:3b:e8:
ac:69:60:c1:e8:82:42:9e:3f:7d:f7:04:95:68:b3:
5f:b6:f7:b9:02:8d:de:02:0d:7e:9f:82:63:99:86:
d9:bb:b9:1a:d4:69:3b:44:0d:d1:b0:bb:6a:37:55:
d8:fe:18:fe:b5:3d:d7:40:d9:77:c5:a0:46:26:ce:
57:28:1a:1d:bf:88:6d:b4:86:24:b2:2c:61:56:ae:
c0:f4:ef:bc:9d:d2:92:9d:5f:1b:13:66:ea:36:35:
7b:54:fe:d4:8f:e8:1e:8a:e5:88:5b:97:3c:fb:df:
54:af:ff:4b:06:e1:db:66:ca:51:25:4d:34:27:37:
60:6a:e8:09:52:5e:23:dc:26:ae:6a:9f:a1:f9:ee:
0f:36:9b:d9:1b:cc:13:c6:93:6f:a5:ba:b9:78:7a:
00:bd:d4:88:b1:66:25:f7:54:7a:41:30:2f:62:2f:
55:18:a3:50:06:4f:73:a4:18:37:33:e2:1f:3e:23:
c4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:83:55:B9:92:43:A1:10:59:37:80:3D:9B:EA:C8:C3:4E:36:48:03
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/NINVuZJDoRBZN4A9m-rIw042SAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.48.0/22
45.8.0.0/22
45.15.44.0/22
45.156.140.0/23
46.163.0.0/18
80.65.160.0/20
84.41.0.0/17
85.208.172.0/24
91.132.74.0/23
147.78.216.0/22
185.54.128.0/22
185.175.0.0/22
194.39.85.0/24
212.13.224.0/19
212.103.128.0/19
213.253.64.0/18
217.199.128.0/20
IPv6:
2a02:800::-2a02:801:7fff:ffff:ffff:ffff:ffff:ffff
2a02:805::/33
2a09:e140::/29
2a0b:c300::/29
2a0e:1e80::/29
2a0e:2e00::/29
2a0f:2180::/29
Signature Algorithm: sha256WithRSAEncryption
2f:85:a2:f0:98:70:f0:78:ca:12:90:5a:f9:95:2a:4b:29:4c:
27:10:d1:fb:54:aa:0a:73:a4:89:06:49:a7:b8:32:f8:c3:9c:
bf:41:ac:39:77:af:8d:87:48:82:f7:48:3f:a7:1a:df:97:41:
54:46:05:d1:9c:6e:f6:a5:83:9d:01:39:bc:37:0a:83:04:b5:
ae:0f:64:78:cf:b6:fb:52:57:47:1d:ec:06:b7:9e:ec:8f:ad:
63:75:2e:e0:ed:72:2a:33:b8:ab:f5:4b:d5:29:65:18:bc:f2:
53:ad:78:87:d8:b4:17:43:17:27:3e:54:d2:fe:f0:a5:fa:bf:
48:df:d1:ba:15:4e:fe:f1:97:5f:4a:06:52:57:74:4d:d6:47:
93:78:3b:a5:f2:0c:b3:3c:6a:f0:aa:1d:3d:47:57:a7:17:e2:
92:88:7c:cd:10:d4:c8:46:2d:a0:86:54:da:1b:fb:1a:60:1e:
d3:35:dc:37:b4:c2:54:3b:62:00:1a:39:3c:5f:3e:42:db:e3:
46:49:63:e7:bf:d6:88:b8:2e:15:97:a7:13:1b:7d:e0:de:9e:
00:67:11:58:c4:05:36:0c:52:30:d1:79:40:66:ac:27:2e:fb:
03:18:96:3f:c6:fe:11:3f:39:3d:94:f9:80:60:4c:ab:b2:9c:
74:95:95:09
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYfL3D87x7Eoya1PtIVOLEi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwNDI5MDcxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDgzNTViOTkyNDNhMTEwNTkzNzgwM2Q5YmVhYzhjMzRlMzY0ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDtYqHX5IKAi4nx8sjOWNfoH9qi9
PMxlCJDbGFehyll0FbITEUZOyXbc8iT0efgvXsUKHWK7OSiipJQQJY93Nb0UcwVN
6/LvO+isaWDB6IJCnj999wSVaLNftve5Ao3eAg1+n4JjmYbZu7ka1Gk7RA3RsLtq
N1XY/hj+tT3XQNl3xaBGJs5XKBodv4httIYksixhVq7A9O+8ndKSnV8bE2bqNjV7
VP7Uj+geiuWIW5c8+99Ur/9LBuHbZspRJU00JzdgaugJUl4j3Cauap+h+e4PNpvZ
G8wTxpNvpbq5eHoAvdSIsWYl91R6QTAvYi9VGKNQBk9zpBg3M+IfPiPEBwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDSDVbmSQ6EQWTeAPZvqyMNONkgDMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvTklOVnVaSkRvUkJaTjRBOW0tckl3MDQyU0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTBsBAIAATBmAwQCAjow
AwQCLQgAAwQCLQ8sAwQBLZyMAwQGLqMAAwQEUEGgAwQHVCkAAwQAVdCsAwQBW4RK
AwQCk07YAwQCuTaAAwQCua8AAwQAwidVAwQF1A3gAwQF1GeAAwQG1f1AAwQE2ceA
MEEEAgACMDswDgMEAyoCCAMGByoCCAEAAwYHKgIIBQADBQMqCeFAAwUDKgvDAAMF
AyoOHoADBQMqDi4AAwUDKg8hgDANBgkqhkiG9w0BAQsFAAOCAQEAL4Wi8Jhw8HjK
EpBa+ZUqSylMJxDR+1SqCnOkiQZJp7gy+MOcv0GsOXevjYdIgvdIP6ca35dBVEYF
0Zxu9qWDnQE5vDcKgwS1rg9keM+2+1JXRx3sBree7I+tY3Uu4O1yKjO4q/VL1Sll
GLzyU614h9i0F0MXJz5U0v7wpfq/SN/RuhVO/vGXX0oGUld0TdZHk3g7pfIMszxq
8KodPUdXpxfikoh8zRDUyEYtoIZU2hv7GmAe0zXcN7TCVDtiABo5PF8+QtvjRklj
57/WiLguFZenExt94N6eAGcRWMQFNgxSMNF5QGasJy77AxiWP8b+ET85PZT5gGBM
q7KcdJWVCQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:21:34 2025 by rpki-client