Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9sR7ZIAgDL13Vcnr7iuPDm7nvzo.roa
File: 9sR7ZIAgDL13Vcnr7iuPDm7nvzo.roa (raw, json)
Hash identifier: /f9uFx4BXVcKQu7uPSzf9zhO57KGxs8uuZRTtPaczMI=
Subject key identifier: F6:C4:7B:64:80:20:0C:BD:77:55:C9:EB:EE:2B:8F:0E:6E:E7:BF:3A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195F69369F1BEE2874D7BF489C6EF10F7EE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9sR7ZIAgDL13Vcnr7iuPDm7nvzo.roa
Signing time: Wed 02 Apr 2025 12:56:50 +0000
ROA not before: Wed 02 Apr 2025 12:56:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.198.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.112.0/22 maxlen: 24
87.120.116.0/23 maxlen: 24
87.120.120.0/23 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.18.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.92.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:93:69:f1:be:e2:87:4d:7b:f4:89:c6:ef:10:f7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 2 12:56:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6c47b6480200cbd7755c9ebee2b8f0e6ee7bf3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0d:1a:fc:5b:bf:1c:de:06:08:2f:d3:fc:92:
ce:dc:0e:49:e2:b1:77:ee:f8:c6:8f:9f:68:25:d0:
99:dc:0e:61:15:01:a9:7b:7e:dc:76:18:a1:3d:85:
1c:3c:7f:1d:f6:1c:4e:c4:10:c6:94:c0:74:52:ed:
fb:70:df:12:03:2c:93:08:21:b4:ab:a4:ef:c3:7b:
2f:d8:c7:9a:e3:d9:50:d0:25:25:40:fe:88:84:46:
55:c7:a6:14:3a:b9:a3:b7:45:eb:5a:ee:f1:9c:6a:
b8:9a:fe:18:34:33:2c:4f:6e:dd:f1:16:03:f1:f6:
63:ee:aa:3a:0e:ab:64:8a:bf:47:e6:75:d6:e0:f6:
53:47:46:22:88:ad:ec:f4:50:7b:1f:69:d5:b9:9a:
d4:c9:37:fc:b8:a2:1e:4c:13:da:94:4c:07:c3:22:
ed:a6:02:f6:a4:f3:79:cf:9b:9e:2f:90:1b:6d:4f:
5d:f9:10:e2:8d:ee:c9:ab:24:63:3d:4d:21:31:fc:
dc:11:62:44:55:e4:4b:60:07:d8:c5:21:99:17:f3:
34:24:56:c2:e6:16:17:6f:af:7a:23:4a:cc:9e:92:
1a:4e:3e:23:64:e4:25:0d:9b:fa:1b:63:09:cb:85:
01:98:7a:50:a9:78:a4:cb:0a:fa:8a:70:56:b3:0b:
ce:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C4:7B:64:80:20:0C:BD:77:55:C9:EB:EE:2B:8F:0E:6E:E7:BF:3A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9sR7ZIAgDL13Vcnr7iuPDm7nvzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.198.0/24
31.13.211.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.230.0/23
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/23
79.110.50.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.112.0-87.120.117.255
87.120.120.0/23
87.120.125.0/24
87.120.166.0/24
87.121.18.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.70.0/24
91.92.240.0/20
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.92.0/24
94.156.232.0/24
109.206.237.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.73.0-171.22.75.255
178.215.224.0/24
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a3:f1:4b:12:4a:aa:e4:d7:46:8c:18:82:a2:31:26:f5:53:
9a:10:11:fe:59:ae:8d:7e:42:27:ac:48:5d:c7:1f:32:c8:e4:
e5:e8:91:a6:cb:46:cc:b1:11:4b:31:f8:b0:77:a1:cd:4e:1b:
4e:06:23:f6:4a:69:93:05:34:0d:ff:83:80:7d:cd:72:e8:67:
9b:ed:c4:76:09:9f:89:73:41:1f:08:71:1b:1a:60:c6:6c:89:
c2:93:fb:b3:c6:0e:c2:97:4d:38:96:99:ef:f2:cc:e6:b3:c0:
3c:fd:2c:d8:82:12:bf:d5:bf:1c:73:77:3a:96:57:89:7a:87:
95:be:dc:49:e1:28:9d:75:40:7c:55:2d:09:bb:b4:fc:c3:3d:
ad:f9:c4:5a:7d:2a:5a:e6:ce:9d:51:df:58:eb:6a:d9:e9:af:
25:15:4c:75:91:77:5c:f2:3a:0a:01:04:84:fa:60:b9:2d:51:
8e:68:6d:f0:1f:21:16:44:cb:37:39:cf:75:23:34:44:70:d1:
78:fa:7b:08:fc:ab:74:e9:f9:b6:4b:92:e5:8f:2e:64:55:c5:
82:b4:0b:45:d3:c4:df:ee:d4:7a:d6:ba:e1:2c:49:6e:f1:9c:
f0:fc:84:8b:d7:8b:01:e6:65:3b:1b:e9:7a:11:a2:9c:cd:f9:
d9:5e:4c:01
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAZX2k2nxvuKHTXv0icbvEPfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDAyMTI1NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmM0N2I2NDgwMjAwY2JkNzc1NWM5ZWJlZTJiOGYwZTZlZTdiZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQ0a/Fu/HN4GCC/T/JLO3A5J4rF3
7vjGj59oJdCZ3A5hFQGpe37cdhihPYUcPH8d9hxOxBDGlMB0Uu37cN8SAyyTCCG0
q6Tvw3sv2Mea49lQ0CUlQP6IhEZVx6YUOrmjt0XrWu7xnGq4mv4YNDMsT27d8RYD
8fZj7qo6Dqtkir9H5nXW4PZTR0YiiK3s9FB7H2nVuZrUyTf8uKIeTBPalEwHwyLt
pgL2pPN5z5ueL5AbbU9d+RDije7JqyRjPU0hMfzcEWJEVeRLYAfYxSGZF/M0JFbC
5hYXb696I0rMnpIaTj4jZOQlDZv6G2MJy4UBmHpQqXikywr6inBWswvONwIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFPbEe2SAIAy9d1XJ6+4rjw5u5786MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOXNSN1pJQWdETDEzVmNucjdpdVBEbTdudnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAXQEAgABMIIB
bAMEAAI7/QMEAgX8hAMEAB8NxgMEAB8N0wMEAC0JnQMEAC0M/QMEAC1C5AMEAS1C
5gMEAC1RJwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAS2XWgMEAE9u
MgMEAFGh7gMEAFPbYQMEAFQ2MAMEAFd4VzAMAwQEV3hwAwQBV3h0AwQBV3h4AwQA
V3h9AwQAV3imAwQAV3kSAwQAV3kWAwQAV3kmAwQAV3ktAwQAV3lXAwQBV3l8AwQA
V3miAwQAV3mlAwQAW1xGAwQEW1zwAwQAXPkyAwQAXXstAwQAXXsvAwQAXXtVAwQA
XXttAwQAXXt1AwQAXXt3AwQAXmd9AwQCXpqgAwQDXpxAAwQAXpxcAwQAXpzoAwQA
bc7tAwQAjWIBAwQAjWIGAwQAk05kMAwDBACrFkkDBAKrFkgDBACy1+ADBACy1+MD
BAK52FQDBADBGdgDBADBIxIDBADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQADggEB
AGOj8UsSSqrk10aMGIKiMSb1U5oQEf5Zro1+QiesSF3HHzLI5OXokabLRsyxEUsx
+LB3oc1OG04GI/ZKaZMFNA3/g4B9zXLoZ5vtxHYJn4lzQR8IcRsaYMZsicKT+7PG
DsKXTTiWme/yzOazwDz9LNiCEr/VvxxzdzqWV4l6h5W+3EnhKJ11QHxVLQm7tPzD
Pa35xFp9Klrmzp1R31jratnpryUVTHWRd1zyOgoBBIT6YLktUY5obfAfIRZEyzc5
z3UjNERw0Xj6ewj8q3Tp+bZLkuWPLmRVxYK0C0XTxN/u1HrWuuEsSW7xnPD8hIvX
iwHmZTsb6XoRopzN+dleTAE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:37:22 2025 by rpki-client