Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/J_cMNyt84t7Yp63rzYQRu7lUnF4.roa
File: J_cMNyt84t7Yp63rzYQRu7lUnF4.roa (raw, json)
Hash identifier: s8ABDFhxZwZtbYQqxZ1+OtQ9V7RWALWIBw3+tERRIWQ=
Subject key identifier: 27:F7:0C:37:2B:7C:E2:DE:D8:A7:AD:EB:CD:84:11:BB:B9:54:9C:5E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01892EDF74EA6BD06BF720A6AA174948E90C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/J_cMNyt84t7Yp63rzYQRu7lUnF4.roa
Signing time: Fri 07 Jul 2023 05:42:23 +0000
ROA not before: Fri 07 Jul 2023 05:42:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.124.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.247.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2e:df:74:ea:6b:d0:6b:f7:20:a6:aa:17:49:48:e9:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 7 05:42:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27f70c372b7ce2ded8a7adebcd8411bbb9549c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8e:77:f1:6e:b9:42:3f:64:b7:15:b1:27:28:
08:fd:53:14:d0:a2:56:99:56:e5:8e:b7:54:e0:85:
f5:a2:fa:1b:6a:02:72:29:af:34:7f:c2:f8:68:01:
f6:41:fd:fb:4b:a2:53:ab:ca:2a:59:55:4f:8e:0c:
5b:6a:1e:f3:b7:38:c0:c5:d4:0f:ad:1f:61:c6:37:
9a:de:ea:0b:8f:a8:72:73:9f:b7:7b:4b:26:a4:b2:
9a:ae:a3:ed:f5:42:73:ea:81:a7:38:e0:ac:09:13:
b6:46:86:7f:b5:db:9e:3b:73:34:e7:1d:da:1c:49:
04:64:dc:6e:72:21:8b:46:3e:e6:50:a0:90:05:b3:
d9:60:dd:ec:5e:cb:4b:76:9b:2e:3c:5e:8f:da:68:
9a:97:e7:8e:20:48:64:1c:8e:fd:2c:14:40:12:2c:
78:7f:2a:40:66:09:93:86:4b:7f:01:35:84:f6:19:
17:a9:d2:fd:10:38:b7:61:7b:fe:7a:3c:e3:82:2c:
70:dc:f4:12:cc:a1:e3:e6:e6:cd:08:34:1f:1e:92:
81:b3:b9:d7:41:36:cd:9a:73:79:e6:95:25:39:ac:
37:b6:7c:c9:6d:f7:7d:42:8b:d9:af:17:0c:df:df:
7e:fa:16:1a:69:4e:44:cf:57:9f:71:65:d8:ef:cd:
42:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F7:0C:37:2B:7C:E2:DE:D8:A7:AD:EB:CD:84:11:BB:B9:54:9C:5E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/J_cMNyt84t7Yp63rzYQRu7lUnF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.178.0/24
192.124.181.0/24
192.124.189.0/24
192.124.191.0/24
193.124.3.0/24
193.124.8.0/24
193.124.16.0/24
193.124.80.0/24
193.124.124.0/24
193.124.133.0/24
193.124.200.0/24
193.124.204.0/24
194.58.42.0/24
194.58.47.0/24
194.58.223.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.23.0-194.87.27.255
194.87.36.0/23
194.87.43.0/24
194.87.56.0/24
194.87.73.0/24
194.87.78.0/24
194.87.83.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.160.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.172.0/24
194.87.177.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.135.24.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.30.0/24
195.133.35.0/24
195.133.84.0/23
195.133.194.0/23
212.192.8.0/24
212.192.10.0/24
212.192.241.0/24
212.192.244.0/24
212.192.247.0-212.192.251.255
Signature Algorithm: sha256WithRSAEncryption
89:2f:0b:55:9a:e2:72:bb:3c:fd:44:4b:c6:ff:24:29:a1:ef:
f0:be:67:4c:47:52:3c:63:31:33:62:81:86:1d:1b:0f:d6:9c:
8c:56:7a:e7:8e:9d:11:59:8f:87:dc:15:47:3e:b6:e5:10:d0:
9b:b8:1b:82:65:b3:34:17:e1:84:bd:fe:ca:76:59:5b:b8:e8:
6d:6d:5a:c6:3b:9b:6c:7b:eb:e3:22:86:ea:3d:29:b1:d2:b3:
82:d4:37:b9:c5:46:57:5e:94:97:4c:d3:9f:59:22:36:89:44:
67:71:70:0a:69:79:c1:f3:4d:09:c0:99:03:39:6b:61:5f:d3:
90:1d:83:2d:19:99:4d:91:c4:c2:9e:af:16:99:f9:b2:97:3d:
34:ed:a7:5f:d0:59:ef:66:53:62:5b:d7:00:e1:17:c1:24:1b:
ba:a0:9a:47:ac:12:08:84:ea:7f:c5:ef:85:9d:ae:e9:49:0f:
32:cc:0f:79:75:9a:4f:a0:c1:4b:ed:eb:c3:62:4f:d9:49:20:
29:1c:2e:1f:cc:8b:c4:76:fe:a4:07:5f:eb:ff:52:e3:50:08:
06:80:35:71:bd:7c:43:89:42:79:47:11:b9:65:cb:69:52:4d:
4b:17:a2:ab:7e:f0:eb:3b:e9:f8:61:43:d7:4c:33:15:c4:8d:
73:db:ef:a7
-----BEGIN CERTIFICATE-----
MIIGlzCCBX+gAwIBAgISAYku33Tqa9Br9yCmqhdJSOkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzA3MDU0MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Y3MGMzNzJiN2NlMmRlZDhhN2FkZWJjZDg0MTFiYmI5NTQ5YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4538W65Qj9ktxWxJygI/VMU0KJW
mVbljrdU4IX1ovobagJyKa80f8L4aAH2Qf37S6JTq8oqWVVPjgxbah7ztzjAxdQP
rR9hxjea3uoLj6hyc5+3e0smpLKarqPt9UJz6oGnOOCsCRO2RoZ/tdueO3M05x3a
HEkEZNxuciGLRj7mUKCQBbPZYN3sXstLdpsuPF6P2mial+eOIEhkHI79LBRAEix4
fypAZgmThkt/ATWE9hkXqdL9EDi3YXv+ejzjgixw3PQSzKHj5ubNCDQfHpKBs7nX
QTbNmnN55pUlOaw3tnzJbfd9QovZrxcM399++hYaaU5Ez1efcWXY781CZQIDAQAB
o4IDozCCA58wHQYDVR0OBBYEFCf3DDcrfOLe2Ket682EEbu5VJxeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSl9jTU55dDg0dDdZcDYzcnpZUVJ1N2xVbkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtwYIKwYBBQUHAQcBAf8EggGmMIIBojCCAZ4EAgABMIIB
lgMEAD5M4QMEAT5M5gMEAMB8sgMEAMB8tQMEAMB8vQMEAMB8vwMEAMF8AwMEAMF8
CAMEAMF8EAMEAMF8UAMEAMF8fAMEAMF8hQMEAMF8yAMEAMF8zAMEAMI6KgMEAMI6
LwMEAMI63zAMAwQAwlcBAwQCwlcAAwQAwlcHMAwDBADCVwsDBADCVwwDBADCVxAD
BADCVxIwDAMEAMJXFwMEAsJXGAMEAcJXJAMEAMJXKwMEAMJXOAMEAMJXSQMEAMJX
TgMEAMJXUwMEAcJXcgMEAMJXegMEAMJXfAMEAcJXgjAMAwQAwleFAwQDwleAAwQA
wlegAwQAwleiAwQAwlemAwQAwleoAwQAwlesAwQAwlexAwQAwlezAwQAwle7AwQA
wle+AwQAwlfIAwQAwlfMAwQAwlfeAwQAwlfwAwQAwocYAwQAwzokAwQAwzo2AwQB
wzo6AwQBwzo+AwQAw4UeAwQAw4UjAwQBw4VUAwQBw4XCAwQA1MAIAwQA1MAKAwQA
1MDxAwQA1MD0MAwDBADUwPcDBALUwPgwDQYJKoZIhvcNAQELBQADggEBAIkvC1Wa
4nK7PP1ES8b/JCmh7/C+Z0xHUjxjMTNigYYdGw/WnIxWeueOnRFZj4fcFUc+tuUQ
0Ju4G4JlszQX4YS9/sp2WVu46G1tWsY7m2x76+Mihuo9KbHSs4LUN7nFRldelJdM
059ZIjaJRGdxcAppecHzTQnAmQM5a2Ff05Adgy0ZmU2RxMKerxaZ+bKXPTTtp1/Q
We9mU2Jb1wDhF8EkG7qgmkesEgiE6n/F74WdrulJDzLMD3l1mk+gwUvt68NiT9lJ
ICkcLh/Mi8R2/qQHX+v/UuNQCAaANXG9fEOJQnlHEblly2lSTUsXoqt+8Os76fhh
Q9dMMxXEjXPb76c=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:00:42 2025 by rpki-client