Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i_Moeuu4UH5WR8ZMkjuY_BPnv5o.roa
File: i_Moeuu4UH5WR8ZMkjuY_BPnv5o.roa (raw, json)
Hash identifier: 3uXJ6DQTQfZz9cRbppl7FjyFUZXPoeOlgE8ONfUicKs=
Subject key identifier: 8B:F3:28:7A:EB:B8:50:7E:56:47:C6:4C:92:3B:98:FC:13:E7:BF:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019408B5304FB08B3F5364A94DF7D98193AE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i_Moeuu4UH5WR8ZMkjuY_BPnv5o.roa
Signing time: Fri 27 Dec 2024 15:21:19 +0000
ROA not before: Fri 27 Dec 2024 15:21:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.157.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.90.88.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
85.209.133.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.84.0/23 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
92.249.48.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.102.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
95.214.27.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
176.125.254.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
194.49.94.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:b5:30:4f:b0:8b:3f:53:64:a9:4d:f7:d9:81:93:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 27 15:21:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bf3287aebb8507e5647c64c923b98fc13e7bf9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a5:b5:a2:26:93:c0:13:3e:3b:88:e9:07:64:
2a:fc:d6:66:14:c0:13:83:d1:ff:5e:8b:00:82:50:
b8:51:65:47:27:5f:e1:4b:18:0c:75:b7:88:ce:76:
c3:a3:76:0d:41:69:1f:42:50:7d:f0:95:ee:89:1c:
ba:34:5e:5a:fa:77:51:43:b9:d7:f9:6a:25:ca:e6:
11:d7:fe:d2:4b:20:8b:a4:e2:b9:7c:71:ff:a2:0b:
f4:11:7f:9d:8d:02:aa:31:d1:e4:8e:e6:de:bc:54:
5c:86:aa:59:e7:8f:dd:fa:72:48:d5:50:8f:13:f0:
73:e4:f7:ec:5f:95:49:55:4c:5a:e8:2a:c9:7e:d1:
76:92:a3:61:c5:e7:52:12:e3:34:53:dc:dc:29:af:
25:8b:f8:25:f5:00:9f:98:3b:9e:6c:1c:7c:2e:c7:
6b:09:a3:84:6d:7e:43:a4:53:9f:4a:c3:5e:49:37:
70:67:0c:ab:a4:a5:f8:66:a0:55:91:7b:65:e8:48:
c7:a4:49:e7:df:fc:30:63:0e:35:de:6a:46:79:95:
25:41:04:14:c0:2e:3b:26:07:a0:bf:a4:b9:4c:dd:
45:f5:ea:a0:68:b4:24:88:27:c5:dc:b6:a8:7c:75:
a7:9e:22:19:23:fe:16:01:ae:58:db:88:c7:9b:2d:
ae:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F3:28:7A:EB:B8:50:7E:56:47:C6:4C:92:3B:98:FC:13:E7:BF:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i_Moeuu4UH5WR8ZMkjuY_BPnv5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.157.0/24
45.12.255.0/24
45.14.164.0/24
45.66.228.0/24
45.66.230.0/24
45.88.64.0/24
45.90.88.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0-45.151.91.255
79.110.62.0/24
81.161.239.0/24
83.219.97.0/24
84.54.48.0/24
85.209.133.0/24
87.120.84.0/24
87.120.87.0/24
87.120.166.0/24
87.121.45.0/24
87.121.84.0/23
87.121.87.0/24
87.121.105.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
92.249.48.0/24
92.249.50.0/24
93.123.84.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
94.156.102.0/24
94.156.179.0/24
94.156.248.0/24
95.214.27.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.72.0/22
176.125.254.0/24
178.215.237.0/24
185.216.71.0/24
185.216.84.0/22
185.218.84.0/22
193.25.216.0/24
194.49.94.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:f6:9b:39:df:da:6e:4f:f0:ad:98:fb:f9:e3:7b:51:80:75:
65:1d:8a:52:a7:91:e7:39:b2:6a:10:97:bb:17:71:d4:b5:2e:
02:1a:a1:b8:3c:58:18:2f:e3:7f:87:b7:fa:69:0a:46:0e:6f:
e8:e3:04:84:5e:40:21:4e:32:38:1d:91:fd:ee:96:10:4c:2b:
b6:ea:7c:33:1e:c7:c7:99:d1:b4:26:31:62:c4:fe:ba:3b:a2:
20:91:d7:55:ca:8b:c3:68:b3:a7:63:a1:ad:ba:8b:4c:83:5d:
f4:d4:c5:50:c9:0e:6d:ef:db:c3:a9:81:a6:b2:66:62:77:ed:
65:6a:7e:41:2d:69:b7:46:96:85:fe:44:28:60:53:92:08:7d:
b7:1d:cc:b0:6c:95:fb:d2:e5:c6:2a:40:50:c3:dd:c0:80:1e:
fd:3e:4a:a3:70:fe:5c:ec:ac:7d:b6:09:61:68:7a:21:60:66:
4f:4d:36:37:9d:35:49:18:cc:28:95:c9:35:59:f1:66:63:82:
e4:dd:34:a6:1f:e6:d2:34:09:ba:ac:93:be:64:cd:ac:66:26:
69:49:f5:37:bb:7c:68:5f:8e:5b:95:2c:9d:c0:0e:64:bd:75:
b8:fb:fc:45:4b:11:87:dd:80:9e:ca:b1:72:3c:c7:e0:4d:89:
1e:12:f6:ce
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAZQItTBPsIs/U2SpTffZgZOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjI3MTUyMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYzMjg3YWViYjg1MDdlNTY0N2M2NGM5MjNiOThmYzEzZTdiZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aW1oiaTwBM+O4jpB2Qq/NZmFMAT
g9H/XosAglC4UWVHJ1/hSxgMdbeIznbDo3YNQWkfQlB98JXuiRy6NF5a+ndRQ7nX
+WolyuYR1/7SSyCLpOK5fHH/ogv0EX+djQKqMdHkjubevFRchqpZ54/d+nJI1VCP
E/Bz5PfsX5VJVUxa6CrJftF2kqNhxedSEuM0U9zcKa8li/gl9QCfmDuebBx8Lsdr
CaOEbX5DpFOfSsNeSTdwZwyrpKX4ZqBVkXtl6EjHpEnn3/wwYw413mpGeZUlQQQU
wC47Jgegv6S5TN1F9eqgaLQkiCfF3LaofHWnniIZI/4WAa5Y24jHmy2u5wIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFIvzKHrruFB+VkfGTJI7mPwT57+aMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaV9Nb2V1dTRVSDVXUjhaTWtqdVlfQlBudjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NAMEAC0JnQMEAC0M/wMEAC0OpAMEAC1C5AMEAC1C5gMEAC1YQAMEAC1aWAMEAC2L
agMEAC2NnjAMAwQALZdZAwQCLZdYAwQAT24+AwQAUaHvAwQAU9thAwQAVDYwAwQA
VdGFAwQAV3hUAwQAV3hXAwQAV3imAwQAV3ktAwQBV3lUAwQAV3lXAwQAV3lpAwQB
V3l8AwQAV3miAwQAV3mlAwQEW1zwAwQBXHfEAwQAXPkwAwQAXPkyAwQAXXtUAwQC
XpqgAwQAXpwLAwQDXpxAAwQAXpxmAwQAXpyzAwQAXpz4AwQAX9YbAwQAjWIBAwQA
jWIGAwQAk05kAwQCqxZIAwQAsH3+AwQAstftAwQAudhHAwQCudhUAwQCudpUAwQA
wRnYAwQAwjFeAwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUAA4IBAQCK9ps539pu
T/CtmPv543tRgHVlHYpSp5HnObJqEJe7F3HUtS4CGqG4PFgYL+N/h7f6aQpGDm/o
4wSEXkAhTjI4HZH97pYQTCu26nwzHsfHmdG0JjFixP66O6IgkddVyovDaLOnY6Gt
uotMg1301MVQyQ5t79vDqYGmsmZid+1lan5BLWm3RpaF/kQoYFOSCH23HcywbJX7
0uXGKkBQw93AgB79PkqjcP5c7Kx9tglhaHohYGZPTTY3nTVJGMwolck1WfFmY4Lk
3TSmH+bSNAm6rJO+ZM2sZiZpSfU3u3xoX45blSydwA5kvXW4+/xFSxGH3YCeyrFy
PMfgTYkeEvbO
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:26:24 2025 by rpki-client