Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/urBGI32n32B0JD9ej4c-VHRmC44.roa
File: urBGI32n32B0JD9ej4c-VHRmC44.roa (raw, json)
Hash identifier: 7aqlSys7QomoTY+lVqgNtnuNW3+PhxUvfiHE1tfz9mI=
Subject key identifier: BA:B0:46:23:7D:A7:DF:60:74:24:3F:5E:8F:87:3E:54:74:66:0B:8E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01952C69C2723F78A2E2CFCCED70CADD7860
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/urBGI32n32B0JD9ej4c-VHRmC44.roa
Signing time: Sat 22 Feb 2025 06:48:03 +0000
ROA not before: Sat 22 Feb 2025 06:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.252.132.0/22 maxlen: 24
31.13.224.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.112.0/22 maxlen: 24
87.120.116.0/23 maxlen: 24
87.120.120.0/23 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.104.0/24 maxlen: 24
94.156.105.0/24 maxlen: 24
94.156.106.0/24 maxlen: 32
94.156.166.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.49.94.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2c:69:c2:72:3f:78:a2:e2:cf:cc:ed:70:ca:dd:78:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 22 06:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bab046237da7df6074243f5e8f873e5474660b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:15:a3:fc:47:c6:37:2f:8b:24:31:ca:3c:ae:
a3:97:f4:4c:79:ed:68:7e:ae:f8:9b:7f:b7:b3:2f:
89:54:e0:0d:da:c6:a1:25:13:8c:a3:24:b7:f7:b5:
ea:d3:1e:97:78:94:04:ca:0b:ed:34:e0:c6:ec:25:
cf:cd:8d:32:5e:14:1a:22:1f:b4:e1:a4:ca:fd:84:
32:29:bc:e6:b2:ac:6e:53:86:a7:b3:c9:e7:17:43:
77:8a:bc:fa:52:6f:9b:78:ee:29:e2:00:5c:b1:40:
26:90:2b:ad:30:12:b6:6f:10:47:9b:32:7f:7d:aa:
d0:6a:c2:86:77:4f:18:ca:8a:f1:55:4f:04:7b:45:
fb:89:71:81:94:26:f0:02:73:5c:a2:43:49:88:05:
e8:ce:88:be:80:a3:26:84:78:16:60:74:6b:5d:2f:
b4:31:64:19:5a:02:92:bc:f6:c1:8c:e8:18:9e:66:
38:11:11:8e:8e:4c:8e:e8:e5:8b:73:51:0f:af:eb:
2f:1d:59:b2:59:15:60:f1:d3:9d:d6:cb:4d:b1:0b:
c1:c2:25:cd:c5:db:c5:95:a4:e2:76:b7:cd:0e:48:
46:dd:58:75:ca:bf:b4:d3:50:02:f5:64:18:dc:05:
c4:9f:46:f2:89:2f:a4:54:ad:26:7c:ff:a1:2d:9e:
e7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B0:46:23:7D:A7:DF:60:74:24:3F:5E:8F:87:3E:54:74:66:0B:8E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/urBGI32n32B0JD9ej4c-VHRmC44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
31.13.224.0/24
45.9.156.0/23
45.14.164.0/24
45.66.228.0/24
45.66.230.0/23
45.88.64.0/24
45.88.88.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/24
45.149.241.0/24
45.151.89.0-45.151.91.255
79.110.50.0/24
79.110.62.0/24
80.76.51.0/24
81.161.230.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
85.31.47.0/24
87.120.87.0/24
87.120.112.0-87.120.117.255
87.120.120.0/23
87.120.125.0-87.120.127.255
87.120.166.0/24
87.121.45.0/24
87.121.86.0/23
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
92.249.50.0/24
93.123.39.0/24
93.123.85.0/24
93.123.109.0/24
94.103.125.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
94.156.104.0-94.156.106.255
94.156.166.0/23
94.156.179.0/24
109.206.237.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.25.216.0/24
194.48.251.0/24
194.49.94.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:8f:9f:43:e3:b1:ab:fc:5c:84:9c:17:4b:8e:4d:78:f7:4b:
43:60:fd:02:d7:98:03:ff:91:4e:64:51:7c:6b:b7:74:49:fd:
63:63:ad:f6:d3:cf:76:52:ae:53:28:77:80:22:3b:cb:75:4e:
da:98:b5:54:b8:c1:61:57:14:4c:97:a1:0e:5f:bf:24:dc:fa:
c0:96:98:b8:56:e1:8f:97:9f:e8:8d:87:56:7c:a7:5f:89:68:
74:9d:11:97:ea:62:00:5f:a7:f0:39:d6:bd:a3:fb:70:c9:4c:
bf:31:67:d0:a3:52:cd:07:4d:7f:36:a6:15:53:02:4a:19:45:
ff:d9:17:27:2c:72:e8:06:17:9b:1e:62:ff:9a:ab:ac:19:cb:
92:7d:e0:80:91:f3:43:04:f4:26:58:8d:58:6e:72:06:58:ca:
33:87:0e:5c:20:38:45:a2:c9:9b:e9:f2:26:df:46:39:6c:58:
05:d1:b9:a7:2b:30:55:11:a0:27:51:2c:5e:6b:a4:73:03:65:
df:25:41:0d:57:5a:90:b7:ac:27:80:bc:87:1b:23:28:7a:d1:
1e:cf:d5:d0:ec:bd:ba:55:4c:14:eb:d0:ff:51:a7:dc:28:3c:
5a:aa:4d:ad:a5:48:54:53:6c:41:ed:f3:c6:b7:b9:ae:4e:10:
2a:5f:02:f8
-----BEGIN CERTIFICATE-----
MIIGfTCCBWWgAwIBAgISAZUsacJyP3ii4s/M7XDK3XhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjIyMDY0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWIwNDYyMzdkYTdkZjYwNzQyNDNmNWU4Zjg3M2U1NDc0NjYwYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhWj/EfGNy+LJDHKPK6jl/RMee1o
fq74m3+3sy+JVOAN2sahJROMoyS397Xq0x6XeJQEygvtNODG7CXPzY0yXhQaIh+0
4aTK/YQyKbzmsqxuU4ans8nnF0N3irz6Um+beO4p4gBcsUAmkCutMBK2bxBHmzJ/
farQasKGd08YyorxVU8Ee0X7iXGBlCbwAnNcokNJiAXozoi+gKMmhHgWYHRrXS+0
MWQZWgKSvPbBjOgYnmY4ERGOjkyO6OWLc1EPr+svHVmyWRVg8dOd1stNsQvBwiXN
xdvFlaTidrfNDkhG3Vh1yr+001AC9WQY3AXEn0byiS+kVK0mfP+hLZ7n7QIDAQAB
o4IDiTCCA4UwHQYDVR0OBBYEFLqwRiN9p99gdCQ/Xo+HPlR0ZguOMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdXJCR0kzMm4zMkIwSkQ5ZWo0Yy1WSFJtQzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnQYIKwYBBQUHAQcBAf8EggGMMIIBiDCCAYQEAgABMIIB
fAMEAgX8hAMEAB8N4AMEAS0JnAMEAC0OpAMEAC1C5AMEAS1C5gMEAC1YQAMEAC1Y
WAMEAC1Z9wMEAC1aWQMEAC2LagMEAC2NngMEAC2V8TAMAwQALZdZAwQCLZdYAwQA
T24yAwQAT24+AwQAUEwzAwQAUaHmAwQAUaHuAwQAU9thAwQAVDYwAwQAVR8vAwQA
V3hXMAwDBARXeHADBAFXeHQDBAFXeHgwDAMEAFd4fQMEB1d4AAMEAFd4pgMEAFd5
LQMEAVd5VgMEAVd5fAMEAFd5ogMEAFd5pQMEBFtc8AMEAVx3xAMEAFz5MgMEAF17
JwMEAF17VQMEAF17bQMEAF5nfQMEAl6aoAMEAF6cCwMEA16cQDAMAwQDXpxoAwQA
XpxqAwQBXpymAwQAXpyzAwQAbc7tAwQAjWIBAwQAjWIGAwQAk05kAwQCqxZIAwQA
stfgAwQCudhUAwQCudpUAwQAwRnYAwQAwjD7AwQAwjFeAwQAwje6AwQAwqmvMA0G
CSqGSIb3DQEBCwUAA4IBAQBfj59D47Gr/FyEnBdLjk1490tDYP0C15gD/5FOZFF8
a7d0Sf1jY6320892Uq5TKHeAIjvLdU7amLVUuMFhVxRMl6EOX78k3PrAlpi4VuGP
l5/ojYdWfKdfiWh0nRGX6mIAX6fwOda9o/twyUy/MWfQo1LNB01/NqYVUwJKGUX/
2RcnLHLoBhebHmL/mqusGcuSfeCAkfNDBPQmWI1YbnIGWMozhw5cIDhFosmb6fIm
30Y5bFgF0bmnKzBVEaAnUSxea6RzA2XfJUENV1qQt6wngLyHGyMoetEez9XQ7L26
VUwU69D/UafcKDxaqk2tpUhUU2xB7fPGt7muThAqXwL4
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:26:05 2025 by rpki-client