Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m_2fn_tmIUtFYE-YDEXYCZV7sC4.roa
File: m_2fn_tmIUtFYE-YDEXYCZV7sC4.roa (raw, json)
Hash identifier: O49oKFi3qeegNzSSTyPsQgAv3wjr1X+0V9WKsTFfQaE=
Subject key identifier: 9B:FD:9F:9F:FB:66:21:4B:45:60:4F:98:0C:45:D8:09:95:7B:B0:2E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195951C88A7EACAB7FD7EF5C8692825D993
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m_2fn_tmIUtFYE-YDEXYCZV7sC4.roa
Signing time: Fri 14 Mar 2025 14:43:50 +0000
ROA not before: Fri 14 Mar 2025 14:43:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.252.132.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.112.0/22 maxlen: 24
87.120.116.0/23 maxlen: 24
87.120.120.0/23 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.104.0/24 maxlen: 24
94.156.105.0/24 maxlen: 24
94.156.106.0/24 maxlen: 32
94.156.166.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
194.49.94.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:95:1c:88:a7:ea:ca:b7:fd:7e:f5:c8:69:28:25:d9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 14 14:43:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bfd9f9ffb66214b45604f980c45d809957bb02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:22:a5:c0:4b:4d:54:b5:2b:f1:27:6b:7f:a0:
47:fe:75:b6:02:03:7b:75:4c:fc:95:ff:ed:47:32:
90:c1:28:e1:33:a0:7e:8e:7b:a7:ba:b6:60:47:7f:
57:02:24:e9:f5:6e:4a:7f:ac:79:2e:9d:b7:35:e0:
4d:aa:cf:67:25:28:0b:34:35:1d:58:f7:45:c3:64:
30:5b:b6:dd:bf:7c:a0:41:11:aa:a8:7d:d5:a8:14:
f7:ce:b8:17:f6:11:2c:86:a3:82:a8:ef:6f:52:42:
59:6e:15:67:59:31:6c:c9:d8:7f:c0:99:0e:9a:08:
26:bf:bb:06:1f:bb:de:ac:25:c2:b0:21:f8:af:2d:
fc:43:ce:ea:92:ff:54:a5:56:ee:b4:11:0e:ad:5f:
00:88:b9:e5:d5:47:b3:64:fa:80:cb:82:d3:9d:46:
57:1d:45:96:4e:b3:10:29:8d:ec:c9:a8:0e:7f:41:
90:22:0d:2e:f9:fd:a3:40:77:a1:b7:4c:79:17:65:
c2:00:9f:a5:3c:ca:fa:a7:8b:ff:ba:99:9d:51:b1:
0b:1f:d1:98:a2:ee:38:7e:9c:c1:e7:10:ef:c5:32:
69:21:9f:78:25:b8:e9:94:c9:3e:d8:64:ba:12:3e:
bb:2c:88:b5:af:c9:c5:21:59:1f:ed:f7:23:a8:7a:
e5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FD:9F:9F:FB:66:21:4B:45:60:4F:98:0C:45:D8:09:95:7B:B0:2E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m_2fn_tmIUtFYE-YDEXYCZV7sC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
45.9.156.0/23
45.14.164.0/24
45.66.228.0/24
45.66.230.0/23
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0-45.151.91.255
79.110.50.0/24
79.110.62.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
85.31.47.0/24
87.120.87.0/24
87.120.112.0-87.120.117.255
87.120.120.0/23
87.120.125.0-87.120.127.255
87.120.166.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
92.249.50.0/24
93.123.109.0/24
94.154.160.0/22
94.156.64.0/21
94.156.104.0-94.156.106.255
94.156.166.0/23
94.156.179.0/24
109.206.237.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.25.216.0/24
194.49.94.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:79:42:c2:ed:59:9e:48:89:63:2e:31:61:7c:8b:46:f1:28:
98:67:d3:aa:c7:c9:c5:fe:67:d6:28:98:65:8b:2a:dd:06:a8:
ef:0c:47:e2:61:8f:96:43:09:8a:88:4b:c6:a7:06:0e:94:6e:
3a:3f:49:a9:eb:a9:af:85:1e:bf:03:ae:f2:12:3d:a0:11:5b:
13:c9:0a:29:ab:69:2b:34:1b:88:a4:4a:c3:43:f5:6a:9d:b4:
1c:88:c5:90:1b:d1:a1:c7:2b:01:9b:e6:9f:15:66:12:89:50:
bb:f9:0d:17:16:5c:28:e8:f7:ce:78:9b:3c:ee:93:ec:5d:d3:
e6:43:b7:a0:08:5f:97:84:7e:c4:45:9a:30:e5:ce:f0:e0:1a:
fb:0c:ec:5c:56:1b:fe:9a:1e:83:4e:7a:32:30:c5:b3:8f:ba:
3b:c1:99:10:6a:b5:98:c0:53:15:91:7b:d1:7d:ff:5d:9e:21:
f2:6d:56:8e:56:3b:84:7e:10:c2:80:47:c3:4b:59:d1:08:c5:
4a:15:38:01:6f:c6:af:d6:b3:fa:30:d4:83:c5:ce:b0:d1:b8:
f4:42:de:ec:e1:a2:0d:2e:bd:99:d6:60:8a:07:24:49:67:82:
20:ae:85:b1:5c:1c:69:22:2b:22:56:56:25:b4:2d:9f:11:45:
9a:a4:71:4a
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZWVHIin6sq3/X71yGkoJdmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzE0MTQ0MzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZkOWY5ZmZiNjYyMTRiNDU2MDRmOTgwYzQ1ZDgwOTk1N2JiMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CKlwEtNVLUr8Sdrf6BH/nW2AgN7
dUz8lf/tRzKQwSjhM6B+jnunurZgR39XAiTp9W5Kf6x5Lp23NeBNqs9nJSgLNDUd
WPdFw2QwW7bdv3ygQRGqqH3VqBT3zrgX9hEshqOCqO9vUkJZbhVnWTFsydh/wJkO
mggmv7sGH7verCXCsCH4ry38Q87qkv9UpVbutBEOrV8AiLnl1UezZPqAy4LTnUZX
HUWWTrMQKY3syagOf0GQIg0u+f2jQHeht0x5F2XCAJ+lPMr6p4v/upmdUbELH9GY
ou44fpzB5xDvxTJpIZ94JbjplMk+2GS6Ej67LIi1r8nFIVkf7fcjqHrlZQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFJv9n5/7ZiFLRWBPmAxF2AmVe7AuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbV8yZm5fdG1JVXRGWUUtWURFWFlDWlY3c0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAgX8hAMEAS0JnAMEAC0OpAMEAC1C5AMEAS1C5gMEAC1YQAMEAC1Z9wMEAC1a
WQMEAC2LagMEAC2NnjAMAwQALZdZAwQCLZdYAwQAT24yAwQAT24+AwQAUaHuAwQA
U9thAwQAVDYwAwQAVR8vAwQAV3hXMAwDBARXeHADBAFXeHQDBAFXeHgwDAMEAFd4
fQMEB1d4AAMEAFd4pgMEAFd5LQMEAFd5VwMEAVd5fAMEAFd5ogMEAFd5pQMEBFtc
8AMEAVx3xAMEAFz5MgMEAF17bQMEAl6aoAMEA16cQDAMAwQDXpxoAwQAXpxqAwQB
XpymAwQAXpyzAwQAbc7tAwQAjWIBAwQAjWIGAwQAk05kAwQCqxZIAwQAstfgAwQC
udhUAwQCudpUAwQAwRnYAwQAwjFeAwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUA
A4IBAQCteULC7VmeSIljLjFhfItG8SiYZ9Oqx8nF/mfWKJhliyrdBqjvDEfiYY+W
QwmKiEvGpwYOlG46P0mp66mvhR6/A67yEj2gEVsTyQopq2krNBuIpErDQ/VqnbQc
iMWQG9GhxysBm+afFWYSiVC7+Q0XFlwo6PfOeJs87pPsXdPmQ7egCF+XhH7ERZow
5c7w4Br7DOxcVhv+mh6DTnoyMMWzj7o7wZkQarWYwFMVkXvRff9dniHybVaOVjuE
fhDCgEfDS1nRCMVKFTgBb8av1rP6MNSDxc6w0bj0Qt7s4aINLr2Z1mCKByRJZ4Ig
roWxXBxpIisiVlYltC2fEUWapHFK
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:22:19 2025 by rpki-client