Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zuCy6sCbIhx5m0A7xjxwmH3lpx0.roa
File: zuCy6sCbIhx5m0A7xjxwmH3lpx0.roa (raw, json)
Hash identifier: MQp78uwUZQpcFrojm8Iuzr4o6wjB5ct9siVHgEXhGUQ=
Subject key identifier: CE:E0:B2:EA:C0:9B:22:1C:79:9B:40:3B:C6:3C:70:98:7D:E5:A7:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01878E4508B920D38A99A9E717E3B2198167
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zuCy6sCbIhx5m0A7xjxwmH3lpx0.roa
Signing time: Mon 17 Apr 2023 08:11:41 +0000
ROA not before: Mon 17 Apr 2023 08:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
62.76.225.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
62.76.230.0/23 maxlen: 23
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.25.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.77.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.133.20.0/24 maxlen: 24
195.133.26.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.32.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.64.0/22 maxlen: 22
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
212.192.248.0/22 maxlen: 22
194.58.67.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.204.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.170.0/23 maxlen: 23
192.124.180.0/22 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:45:08:b9:20:d3:8a:99:a9:e7:17:e3:b2:19:81:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 17 08:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cee0b2eac09b221c799b403bc63c70987de5a71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6b:c6:9c:b3:cc:1d:8e:de:d2:c6:71:bf:09:
57:bc:6d:5e:7a:e7:db:4e:6b:7a:14:6d:1d:c0:0e:
ec:9b:45:43:25:8a:fd:cd:8e:0e:76:86:14:78:cf:
c4:db:31:fb:b6:6a:2d:4b:04:98:cd:38:e7:63:40:
22:3d:7e:29:8e:69:bd:70:5a:e5:d6:0c:2d:39:dc:
8b:05:52:03:54:a2:64:35:d9:ef:7e:a9:ce:82:1c:
b2:15:fa:f3:c3:31:03:8a:c6:cb:97:52:93:3d:15:
d4:0e:fc:9a:a6:40:75:ac:50:1b:e4:d6:84:de:f8:
f4:37:a0:93:ad:08:20:1a:f9:dc:43:35:d9:6a:9e:
ab:34:e1:e2:cb:bd:e4:c4:bf:bd:62:2f:bf:fd:65:
7a:0c:b2:be:0a:68:42:12:b3:12:d9:3e:11:09:21:
d8:27:c3:2d:9b:a1:77:29:07:2c:d1:ea:33:d0:85:
c7:b8:e4:ca:bf:54:73:1f:93:6a:5f:f2:37:a2:04:
17:44:9a:80:54:b7:2e:d5:f8:f5:c3:6f:14:0c:b5:
57:5f:d9:1c:35:1c:28:84:53:71:81:4b:fe:86:ed:
b5:7f:13:22:41:64:da:b2:28:1d:45:ee:ac:d6:b6:
41:5a:7f:b3:a6:a4:97:36:87:6f:27:ab:ef:9b:d7:
aa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E0:B2:EA:C0:9B:22:1C:79:9B:40:3B:C6:3C:70:98:7D:E5:A7:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zuCy6sCbIhx5m0A7xjxwmH3lpx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
62.76.230.0/23
192.124.178.0/24
192.124.180.0/22
193.108.115.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/23
193.124.16.0/24
193.124.44.0/24
193.124.80.0/24
193.124.90.0/24
193.124.93.0/24
193.124.133.0/24
193.124.201.0/24
194.58.38.0/24
194.58.40.0/24
194.58.42.0/24
194.58.47.0/24
194.58.59.0/24
194.58.67.0/24
194.58.154.0/24
194.87.1.0-194.87.3.255
194.87.7.0/24
194.87.10.0-194.87.12.255
194.87.16.0/24
194.87.18.0/24
194.87.22.0/24
194.87.24.0/22
194.87.37.0/24
194.87.44.0/24
194.87.56.0/24
194.87.63.0/24
194.87.73.0/24
194.87.77.0/24
194.87.83.0/24
194.87.104.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.138.0/24
194.87.149.0/24
194.87.160.0/24
194.87.166.0/24
194.87.168.0/24
194.87.170.0-194.87.172.255
194.87.176.0/22
194.87.182.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.202.0/24
194.87.204.0/24
194.87.222.0/24
194.87.240.0/24
194.87.243.0/24
194.87.246.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/23
195.58.54.0/24
195.58.56.0/24
195.133.0.0/24
195.133.20.0/24
195.133.26.0/24
195.133.30.0/24
195.133.32.0/24
195.133.35.0/24
195.133.64.0/22
195.133.76.0/24
195.133.84.0/24
195.133.194.0/23
212.192.1.0/24
212.192.4.0/24
212.192.10.0/24
212.192.248.0/22
Signature Algorithm: sha256WithRSAEncryption
90:29:67:a9:ae:f4:13:ea:ba:14:fb:0e:4e:d3:0d:da:cd:1b:
ae:47:52:9f:70:60:ea:a1:e9:f8:c7:69:c0:2e:2a:60:f5:98:
38:55:b6:5a:94:9d:08:ee:ea:e6:6f:4c:39:b0:6d:8c:35:8a:
bb:09:b0:eb:05:5a:7c:a8:26:04:f4:c1:e4:94:63:be:16:80:
85:b8:e3:c4:16:a6:ca:75:c9:3a:e9:2b:52:fb:01:c1:37:57:
a5:41:5c:5a:88:3c:0b:91:c6:2e:01:3d:be:61:b6:3c:1d:2f:
ed:85:9f:f7:4d:ea:08:49:50:8a:47:e7:4e:5b:5d:4e:10:a1:
e5:21:d8:07:94:ee:7f:c0:46:3d:bb:3c:3b:e1:b4:ae:84:38:
38:de:d5:0a:32:e1:28:be:bd:d7:25:42:19:2e:51:31:e8:3b:
7a:9b:3c:2b:8c:25:67:74:b3:f0:a1:65:23:4f:b0:f2:2b:86:
22:1d:8f:f9:bc:dd:d3:71:23:4d:7e:b6:bb:da:48:65:8e:46:
a0:eb:a9:eb:03:e8:76:d3:25:31:a6:9e:7a:93:59:ba:bd:68:
35:a6:68:6b:9e:79:02:12:69:be:2b:e5:2a:75:6b:fd:8c:f9:
08:22:81:26:d9:cf:b1:94:fa:a1:c6:56:2a:24:fe:36:0c:b9:
30:48:e2:8f
-----BEGIN CERTIFICATE-----
MIIG9TCCBd2gAwIBAgISAYeORQi5INOKmannF+OyGYFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDE3MDgxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWUwYjJlYWMwOWIyMjFjNzk5YjQwM2JjNjNjNzA5ODdkZTVhNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmvGnLPMHY7e0sZxvwlXvG1eeufb
Tmt6FG0dwA7sm0VDJYr9zY4OdoYUeM/E2zH7tmotSwSYzTjnY0AiPX4pjmm9cFrl
1gwtOdyLBVIDVKJkNdnvfqnOghyyFfrzwzEDisbLl1KTPRXUDvyapkB1rFAb5NaE
3vj0N6CTrQggGvncQzXZap6rNOHiy73kxL+9Yi+//WV6DLK+CmhCErMS2T4RCSHY
J8Mtm6F3KQcs0eoz0IXHuOTKv1RzH5NqX/I3ogQXRJqAVLcu1fj1w28UDLVXX9kc
NRwohFNxgUv+hu21fxMiQWTasigdRe6s1rZBWn+zpqSXNodvJ6vvm9eqrwIDAQAB
o4IEATCCA/0wHQYDVR0OBBYEFM7gsurAmyIceZtAO8Y8cJh95acdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvenVDeTZzQ2JJaHg1bTBBN3hqeHdtSDNscHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICFQYIKwYBBQUHAQcBAf8EggIEMIICADCCAfwEAgABMIIB
9AMEAD5M4QMEAT5M5gMEAMB8sgMEAsB8tAMEAMFscwMEAMF8AwMEAMF8BgMEAcF8
CAMEAMF8EAMEAMF8LAMEAMF8UAMEAMF8WgMEAMF8XQMEAMF8hQMEAMF8yQMEAMI6
JgMEAMI6KAMEAMI6KgMEAMI6LwMEAMI6OwMEAMI6QwMEAMI6mjAMAwQAwlcBAwQC
wlcAAwQAwlcHMAwDBAHCVwoDBADCVwwDBADCVxADBADCVxIDBADCVxYDBALCVxgD
BADCVyUDBADCVywDBADCVzgDBADCVz8DBADCV0kDBADCV00DBADCV1MDBADCV2gD
BAHCV3IDBADCV3oDBADCV3wDBAHCV4IDBADCV4oDBADCV5UDBADCV6ADBADCV6YD
BADCV6gwDAMEAcJXqgMEAMJXrAMEAsJXsAMEAMJXtgMEAMJXuwMEAMJXvgMEAMJX
yAMEAMJXygMEAMJXzAMEAMJX3gMEAMJX8AMEAMJX8wMEAMJX9gMEAMKHEgMEAMKH
FzAMAwQAwzojAwQAwzokAwQBwzoyAwQAwzo2AwQAwzo4AwQAw4UAAwQAw4UUAwQA
w4UaAwQAw4UeAwQAw4UgAwQAw4UjAwQCw4VAAwQAw4VMAwQAw4VUAwQBw4XCAwQA
1MABAwQA1MAEAwQA1MAKAwQC1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQCQKWeprvQT
6roU+w5O0w3azRuuR1KfcGDqoen4x2nALipg9Zg4VbZalJ0I7urmb0w5sG2MNYq7
CbDrBVp8qCYE9MHklGO+FoCFuOPEFqbKdck66StS+wHBN1elQVxaiDwLkcYuAT2+
YbY8HS/thZ/3TeoISVCKR+dOW11OEKHlIdgHlO5/wEY9uzw74bSuhDg43tUKMuEo
vr3XJUIZLlEx6Dt6mzwrjCVndLPwoWUjT7DyK4YiHY/5vN3TcSNNfra72khljkag
66nrA+h20yUxpp56k1m6vWg1pmhrnnkCEmm+K+UqdWv9jPkIIoEm2c+xlPqhxlYq
JP42DLkwSOKP
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:01:06 2025 by rpki-client