Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lWEUmvoiNiq2mP0N75fV7IcD6Us.roa
File: lWEUmvoiNiq2mP0N75fV7IcD6Us.roa (raw, json)
Hash identifier: MhYpglnzxUhnDsnERexeIkhWpVQjzmwBWwR+DOe+pP4=
Subject key identifier: 95:61:14:9A:FA:22:36:2A:B6:98:FD:0D:EF:97:D5:EC:87:03:E9:4B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188AFAFA9CB85FCE0E66E9C8C041C178CE9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lWEUmvoiNiq2mP0N75fV7IcD6Us.roa
Signing time: Mon 12 Jun 2023 12:58:25 +0000
ROA not before: Mon 12 Jun 2023 12:58:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.22.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.32.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.247.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
192.124.170.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
193.124.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:af:a9:cb:85:fc:e0:e6:6e:9c:8c:04:1c:17:8c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 12 12:58:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9561149afa22362ab698fd0def97d5ec8703e94b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5b:10:7d:0c:2f:b1:c3:15:e0:d8:a6:94:f4:
28:32:fa:af:fc:07:b6:c0:2d:77:14:90:72:7d:55:
ac:3e:42:57:bb:f0:f4:a9:8d:bc:4c:76:39:2e:b2:
1f:3f:63:b9:69:6d:3c:60:9b:b1:30:02:1c:06:02:
63:8f:80:7e:fe:38:b6:53:cd:89:b3:76:1e:e4:92:
94:6e:55:3f:10:a1:6b:20:c8:db:b0:12:c0:45:e9:
4f:7f:5c:03:8e:3c:51:97:d5:c0:bc:49:f2:7d:f3:
68:fe:66:3b:84:83:c9:56:c7:c6:4c:3f:fb:ce:dd:
0b:48:ba:d7:5c:c3:0b:9c:78:25:be:45:7e:5e:dc:
d2:64:1a:78:50:d8:ed:ea:2a:2f:2b:b1:a1:51:b5:
88:08:68:62:00:d2:29:0f:fd:c5:fb:4c:3d:5d:22:
6c:5c:17:7b:34:46:63:7d:42:f5:ff:b2:af:24:2a:
1f:25:80:6b:76:1f:6c:f3:35:07:de:5e:43:8e:09:
a7:60:65:a8:b7:4f:e2:3a:f8:a2:a8:53:b6:68:9e:
29:33:ec:ac:e5:b0:4c:2b:68:9a:04:af:df:c6:da:
39:31:46:36:38:2d:10:20:8e:b2:8b:3a:90:c8:f2:
ac:a6:ec:26:b6:03:31:8e:34:cd:4c:ed:36:7a:8a:
f2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:61:14:9A:FA:22:36:2A:B6:98:FD:0D:EF:97:D5:EC:87:03:E9:4B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lWEUmvoiNiq2mP0N75fV7IcD6Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.170.0/24
192.124.178.0/24
192.124.181.0/24
192.124.189.0-192.124.191.255
193.108.115.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.16.0/24
193.124.49.0/24
193.124.80.0/24
193.124.90.0/24
193.124.93.0/24
193.124.124.0/24
193.124.133.0/24
193.124.200.0-193.124.202.255
193.124.204.0/24
194.58.38.0/24
194.58.42.0/24
194.58.47.0/24
194.58.59.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.22.0-194.87.27.255
194.87.36.0/23
194.87.43.0/24
194.87.56.0/24
194.87.73.0/24
194.87.78.0/24
194.87.83.0/24
194.87.105.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.149.0/24
194.87.160.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.172.0/24
194.87.176.0/23
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.19.0/24
195.133.22.0/24
195.133.26.0/24
195.133.30.0/24
195.133.32.0/24
195.133.35.0/24
195.133.74.0/24
195.133.84.0/23
195.133.194.0/23
212.192.8.0/24
212.192.10.0/24
212.192.241.0/24
212.192.244.0/24
212.192.247.0-212.192.251.255
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d4:8d:7a:4d:85:31:28:80:eb:45:7b:80:04:3d:2c:cb:e2:
1e:84:9a:90:ad:6f:37:fb:71:47:86:8f:9c:4e:f8:2a:cd:66:
19:2d:61:ea:b9:3b:4e:50:5a:84:fd:c6:07:4f:67:09:d9:b9:
ef:05:be:d3:f7:ec:87:4a:33:7c:84:e9:6e:33:dc:08:1d:91:
61:a7:1a:e8:ad:2a:f1:1c:04:d3:f9:03:fc:81:72:e8:22:58:
82:88:a2:6c:31:95:44:9e:55:17:f1:f3:36:31:21:b5:40:f3:
e9:d2:a0:da:2f:fd:2f:1b:ad:fe:82:ad:52:41:82:bf:5d:ff:
60:64:f3:c7:c3:63:87:89:f6:f2:a3:6c:92:b1:f7:50:d8:7e:
89:0b:1b:39:ee:b0:5b:66:44:1a:c4:19:1a:78:0a:08:cc:04:
a1:79:ae:ff:6e:8b:f5:08:0a:17:fe:d9:eb:42:83:d8:81:91:
e2:c9:fb:37:d8:26:b3:3e:d5:18:cd:00:66:56:4b:fc:98:79:
5d:ae:20:c1:a7:4a:7c:36:5c:80:ce:7a:33:65:66:3c:07:2d:
90:06:cc:65:78:82:a8:69:95:03:a4:87:66:ea:99:c1:5b:c5:
38:fc:5d:70:7a:b5:bd:a9:ba:19:d2:bc:c6:cd:31:81:4b:f2:
30:46:f8:40
-----BEGIN CERTIFICATE-----
MIIHJzCCBg+gAwIBAgISAYivr6nLhfzg5m6cjAQcF4zpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjEyMTI1ODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTYxMTQ5YWZhMjIzNjJhYjY5OGZkMGRlZjk3ZDVlYzg3MDNlOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFsQfQwvscMV4NimlPQoMvqv/Ae2
wC13FJByfVWsPkJXu/D0qY28THY5LrIfP2O5aW08YJuxMAIcBgJjj4B+/ji2U82J
s3Ye5JKUblU/EKFrIMjbsBLARelPf1wDjjxRl9XAvEnyffNo/mY7hIPJVsfGTD/7
zt0LSLrXXMMLnHglvkV+XtzSZBp4UNjt6iovK7GhUbWICGhiANIpD/3F+0w9XSJs
XBd7NEZjfUL1/7KvJCofJYBrdh9s8zUH3l5DjgmnYGWot0/iOviiqFO2aJ4pM+ys
5bBMK2iaBK/fxto5MUY2OC0QII6yizqQyPKspuwmtgMxjjTNTO02eoryWwIDAQAB
o4IEMzCCBC8wHQYDVR0OBBYEFJVhFJr6IjYqtpj9De+X1eyHA+lLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbFdFVW12b2lOaXEybVAwTjc1ZlY3SWNENlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICRwYIKwYBBQUHAQcBAf8EggI2MIICMjCCAi4EAgABMIIC
JgMEAD5M4QMEAT5M5gMEAMB8qgMEAMB8sgMEAMB8tTAMAwQAwHy9AwQGwHyAAwQA
wWxzAwQAwXwDAwQAwXwGAwQAwXwIAwQAwXwQAwQAwXwxAwQAwXxQAwQAwXxaAwQA
wXxdAwQAwXx8AwQAwXyFMAwDBAPBfMgDBADBfMoDBADBfMwDBADCOiYDBADCOioD
BADCOi8DBADCOjsDBADCOpoDBADCOt8wDAMEAMJXAQMEAsJXAAMEAMJXBzAMAwQA
wlcLAwQAwlcMAwQAwlcQAwQAwlcSMAwDBAHCVxYDBALCVxgDBAHCVyQDBADCVysD
BADCVzgDBADCV0kDBADCV04DBADCV1MDBADCV2kDBAHCV3IDBADCV3oDBADCV3wD
BAHCV4IwDAMEAMJXhQMEA8JXgAMEAMJXlQMEAMJXoAMEAMJXogMEAMJXpgMEAMJX
qAMEAMJXrAMEAcJXsAMEAMJXswMEAMJXuwMEAMJXvgMEAMJXyAMEAMJXygMEAMJX
zAMEAMJX3gMEAMJX8AMEAMJX8zAMAwQAwocXAwQAwocYAwQAwocuAwQAwzokAwQA
wzo2AwQBwzo6AwQBwzo+AwQAw4UAAwQAw4UTAwQAw4UWAwQAw4UaAwQAw4UeAwQA
w4UgAwQAw4UjAwQAw4VKAwQBw4VUAwQBw4XCAwQA1MAIAwQA1MAKAwQA1MDxAwQA
1MD0MAwDBADUwPcDBALUwPgDBADUwQ8wDQYJKoZIhvcNAQELBQADggEBABDUjXpN
hTEogOtFe4AEPSzL4h6EmpCtbzf7cUeGj5xO+CrNZhktYeq5O05QWoT9xgdPZwnZ
ue8FvtP37IdKM3yE6W4z3AgdkWGnGuitKvEcBNP5A/yBcugiWIKIomwxlUSeVRfx
8zYxIbVA8+nSoNov/S8brf6CrVJBgr9d/2Bk88fDY4eJ9vKjbJKx91DYfokLGznu
sFtmRBrEGRp4CgjMBKF5rv9ui/UIChf+2etCg9iBkeLJ+zfYJrM+1RjNAGZWS/yY
eV2uIMGnSnw2XIDOejNlZjwHLZAGzGV4gqhplQOkh2bqmcFbxTj8XXB6tb2puhnS
vMbNMYFL8jBG+EA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:10:41 2025 by rpki-client