Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t0vZziWL6w8MHdT2QdPlsdtVURE.roa
File: t0vZziWL6w8MHdT2QdPlsdtVURE.roa (raw, json)
Hash identifier: aL8g+LrCM/ikecXVv0jhiC/O2FAsgAAKGOa1gBS04PA=
Subject key identifier: B7:4B:D9:CE:25:8B:EB:0F:0C:1D:D4:F6:41:D3:E5:B1:DB:55:51:11
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01890022F0E18AFE90D36A1065151224ADFB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t0vZziWL6w8MHdT2QdPlsdtVURE.roa
Signing time: Wed 28 Jun 2023 03:53:57 +0000
ROA not before: Wed 28 Jun 2023 03:53:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.37.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
193.124.124.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.22.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
212.192.244.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.247.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
192.124.170.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:00:22:f0:e1:8a:fe:90:d3:6a:10:65:15:12:24:ad:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 28 03:53:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b74bd9ce258beb0f0c1dd4f641d3e5b1db555111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f0:56:c3:4f:00:a4:1d:8f:f8:62:55:ec:64:
40:d8:4b:d9:a2:f5:e1:e6:d5:b0:75:78:7b:32:ad:
8c:7e:1a:e9:3a:32:2f:e0:ce:80:71:fd:b5:89:df:
5c:11:3a:00:41:dd:f6:f3:ad:50:6b:89:b1:59:ef:
9b:06:31:cf:dd:80:26:09:f8:dc:64:1d:72:fa:11:
d7:12:e6:f7:5b:3a:4c:f5:19:76:c5:3c:59:4e:93:
04:9b:30:a0:a9:e8:d1:38:51:88:f7:46:7d:2f:f7:
44:c2:02:19:0a:eb:8e:a1:ef:7a:50:6f:37:2c:97:
23:73:43:25:1b:a7:9e:b4:33:87:38:7e:e9:16:fd:
4d:46:49:25:96:d2:0a:74:8a:53:e3:41:39:ce:92:
be:c3:c9:b8:e6:b6:98:d3:b2:0e:06:29:fb:b5:9c:
8f:01:ef:27:4d:c5:37:5e:9f:e7:aa:70:0b:12:e3:
18:a1:85:5b:74:49:e4:9e:38:2a:db:60:9b:6d:9f:
f9:66:9a:d7:92:3b:5a:87:1c:38:6b:49:18:5b:94:
1d:37:4f:35:15:76:93:c9:d3:8a:83:6b:39:7b:ed:
7b:82:f2:df:1f:56:42:7c:ed:42:fd:b8:42:c7:11:
e9:d3:d2:f1:3f:f2:fa:62:e1:24:b9:10:8a:f0:f7:
ae:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4B:D9:CE:25:8B:EB:0F:0C:1D:D4:F6:41:D3:E5:B1:DB:55:51:11
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t0vZziWL6w8MHdT2QdPlsdtVURE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.170.0/24
192.124.178.0/24
192.124.181.0/24
192.124.189.0/24
192.124.191.0/24
193.124.3.0/24
193.124.8.0/24
193.124.16.0/24
193.124.49.0/24
193.124.80.0/24
193.124.90.0/24
193.124.124.0/24
193.124.133.0/24
193.124.200.0/24
193.124.204.0/24
194.58.42.0/24
194.58.47.0/24
194.58.223.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.23.0-194.87.27.255
194.87.36.0/23
194.87.43.0/24
194.87.56.0/24
194.87.73.0/24
194.87.78.0/24
194.87.83.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.160.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.172.0/24
194.87.177.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.135.24.0/24
194.135.46.0/24
195.58.36.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.22.0/24
195.133.30.0/24
195.133.35.0/24
195.133.74.0/24
195.133.84.0/23
195.133.194.0/23
212.192.8.0/24
212.192.10.0/24
212.192.223.0/24
212.192.241.0/24
212.192.244.0/24
212.192.247.0-212.192.251.255
Signature Algorithm: sha256WithRSAEncryption
3b:a9:20:f8:6e:07:9d:56:fb:dd:46:b5:c7:fe:96:97:59:ae:
f0:17:a0:93:49:78:ff:4d:d8:09:5e:e1:9d:df:0c:85:03:df:
07:22:c2:ad:6c:57:23:22:bf:6b:f5:ab:e2:31:1f:ed:bb:1e:
4d:87:81:86:66:6a:8f:fc:a5:91:39:15:89:58:ac:cf:63:02:
32:33:5f:32:e4:14:02:1f:b7:e5:41:14:03:9e:bb:89:ca:b0:
13:60:5a:74:e9:11:87:89:25:a4:eb:18:1f:1b:42:52:c1:89:
ff:84:a7:00:92:70:e9:c2:5a:a6:7b:de:75:8a:92:d2:e6:90:
c9:6c:35:cf:13:cf:8a:8a:d3:c8:cf:aa:01:c1:34:60:c7:2b:
d0:f5:9e:5d:94:b1:0d:a9:d6:5b:d3:78:8d:4b:8f:23:38:b9:
42:b6:f8:49:1f:ce:97:31:3c:a9:cb:e7:a2:8e:f4:e8:99:14:
a9:8e:09:6b:40:f7:75:38:7d:a1:38:b6:7f:2d:13:03:80:8b:
89:c5:7d:de:e5:bb:97:a4:ff:d2:f4:9b:a7:21:40:a8:3c:dd:
ac:a7:05:93:c4:10:61:61:5b:db:ac:95:95:51:f3:61:aa:bd:
34:79:f4:50:1b:a7:20:60:44:e5:6f:3a:a6:71:49:ac:a4:ce:
0e:99:e6:60
-----BEGIN CERTIFICATE-----
MIIGzTCCBbWgAwIBAgISAYkAIvDhiv6Q02oQZRUSJK37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjI4MDM1MzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRiZDljZTI1OGJlYjBmMGMxZGQ0ZjY0MWQzZTViMWRiNTU1MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPBWw08ApB2P+GJV7GRA2EvZovXh
5tWwdXh7Mq2MfhrpOjIv4M6Acf21id9cEToAQd32861Qa4mxWe+bBjHP3YAmCfjc
ZB1y+hHXEub3WzpM9Rl2xTxZTpMEmzCgqejROFGI90Z9L/dEwgIZCuuOoe96UG83
LJcjc0MlG6eetDOHOH7pFv1NRkklltIKdIpT40E5zpK+w8m45raY07IOBin7tZyP
Ae8nTcU3Xp/nqnALEuMYoYVbdEnknjgq22CbbZ/5ZprXkjtahxw4a0kYW5QdN081
FXaTydOKg2s5e+17gvLfH1ZCfO1C/bhCxxHp09LxP/L6YuEkuRCK8PeucwIDAQAB
o4ID2TCCA9UwHQYDVR0OBBYEFLdL2c4li+sPDB3U9kHT5bHbVVERMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdDB2WnppV0w2dzhNSGRUMlFkUGxzZHRWVVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB7QYIKwYBBQUHAQcBAf8EggHcMIIB2DCCAdQEAgABMIIB
zAMEAD5M4QMEAT5M5gMEAMB8qgMEAMB8sgMEAMB8tQMEAMB8vQMEAMB8vwMEAMF8
AwMEAMF8CAMEAMF8EAMEAMF8MQMEAMF8UAMEAMF8WgMEAMF8fAMEAMF8hQMEAMF8
yAMEAMF8zAMEAMI6KgMEAMI6LwMEAMI63zAMAwQAwlcBAwQCwlcAAwQAwlcHMAwD
BADCVwsDBADCVwwDBADCVxADBADCVxIwDAMEAMJXFwMEAsJXGAMEAcJXJAMEAMJX
KwMEAMJXOAMEAMJXSQMEAMJXTgMEAMJXUwMEAcJXcgMEAMJXegMEAMJXfAMEAcJX
gjAMAwQAwleFAwQDwleAAwQAwlegAwQAwleiAwQAwlemAwQAwleoAwQAwlesAwQA
wlexAwQAwlezAwQAwle7AwQAwle+AwQAwlfIAwQAwlfKAwQAwlfMAwQAwlfeAwQA
wlfwAwQAwlfzAwQAwocYAwQAwocuAwQAwzokAwQAwzo2AwQBwzo6AwQBwzo+AwQA
w4UWAwQAw4UeAwQAw4UjAwQAw4VKAwQBw4VUAwQBw4XCAwQA1MAIAwQA1MAKAwQA
1MDfAwQA1MDxAwQA1MD0MAwDBADUwPcDBALUwPgwDQYJKoZIhvcNAQELBQADggEB
ADupIPhuB51W+91Gtcf+lpdZrvAXoJNJeP9N2Ale4Z3fDIUD3wciwq1sVyMiv2v1
q+IxH+27Hk2HgYZmao/8pZE5FYlYrM9jAjIzXzLkFAIft+VBFAOeu4nKsBNgWnTp
EYeJJaTrGB8bQlLBif+EpwCScOnCWqZ73nWKktLmkMlsNc8Tz4qK08jPqgHBNGDH
K9D1nl2UsQ2p1lvTeI1LjyM4uUK2+EkfzpcxPKnL56KO9OiZFKmOCWtA93U4faE4
tn8tEwOAi4nFfd7lu5ek/9L0m6chQKg83aynBZPEEGFhW9uslZVR82GqvTR59FAb
pyBgROVvOqZxSaykzg6Z5mA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:50:28 2025 by rpki-client