Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zlSnUtCAJpGuNvtdwc2QfMV6log.roa
File: zlSnUtCAJpGuNvtdwc2QfMV6log.roa (raw, json)
Hash identifier: E4EtF7z51elIhPDgw2qB+t9f6bX5lETrBuGc5Pn19vg=
Subject key identifier: CE:54:A7:52:D0:80:26:91:AE:36:FB:5D:C1:CD:90:7C:C5:7A:96:88
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195604E522D49B8FC813EBB5CAC88CFC07F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zlSnUtCAJpGuNvtdwc2QfMV6log.roa
Signing time: Tue 04 Mar 2025 08:38:20 +0000
ROA not before: Tue 04 Mar 2025 08:38:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.252.132.0/22 maxlen: 24
31.13.224.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.112.0/22 maxlen: 24
87.120.116.0/23 maxlen: 24
87.120.120.0/23 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.104.0/24 maxlen: 24
94.156.105.0/24 maxlen: 24
94.156.106.0/24 maxlen: 32
94.156.166.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.49.94.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:4e:52:2d:49:b8:fc:81:3e:bb:5c:ac:88:cf:c0:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 4 08:38:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce54a752d0802691ae36fb5dc1cd907cc57a9688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:13:70:6c:f0:de:5d:4f:08:23:23:27:3f:0e:
26:b3:4c:7b:68:48:d6:e4:40:2a:93:8c:36:69:18:
c2:2d:7c:fb:6c:42:b0:a1:ef:f5:b9:b1:a2:fa:5c:
4d:67:56:e1:60:b1:d9:e2:56:22:a3:0e:71:54:1a:
bb:68:6d:b4:f8:aa:d3:ff:2c:9e:63:db:6c:49:f2:
da:a5:d0:86:4f:fc:86:92:df:da:76:e3:22:45:5d:
7e:c0:57:f0:8a:43:93:06:1c:4b:73:06:91:34:7a:
6c:e0:2b:e0:c2:31:bf:68:e8:8c:48:a4:87:e9:e9:
fb:3d:da:f0:d2:45:d3:1e:54:69:54:9c:46:d3:a1:
7b:d5:16:8c:8e:87:dc:1a:1c:81:df:a1:e2:69:76:
a7:b3:d9:b5:d4:b2:7c:e4:dd:fb:29:7d:1d:39:da:
81:68:e9:2e:01:ce:7b:70:21:ae:4a:45:64:62:52:
5b:f6:eb:b0:55:19:f2:af:ca:8d:6e:a4:8d:6d:45:
f4:c0:52:eb:85:e9:90:c3:b8:7b:cc:35:ca:be:a8:
61:43:47:77:21:ed:7c:a8:d5:1d:8a:c8:39:fc:64:
cd:aa:60:11:86:16:12:0a:30:6e:78:fe:4d:d5:60:
77:52:e0:33:96:dc:94:a9:aa:89:b3:40:9c:95:94:
4b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:54:A7:52:D0:80:26:91:AE:36:FB:5D:C1:CD:90:7C:C5:7A:96:88
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zlSnUtCAJpGuNvtdwc2QfMV6log.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
31.13.224.0/24
45.9.156.0/23
45.14.164.0/24
45.66.228.0/24
45.66.230.0/23
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/24
45.149.241.0/24
45.151.89.0-45.151.91.255
79.110.50.0/24
79.110.62.0/24
81.161.230.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
85.31.47.0/24
87.120.87.0/24
87.120.112.0-87.120.117.255
87.120.120.0/23
87.120.125.0-87.120.127.255
87.120.166.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
92.249.50.0/24
93.123.109.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
94.156.104.0-94.156.106.255
94.156.166.0/23
94.156.179.0/24
109.206.237.0/24
141.98.1.0/24
141.98.6.0/24
147.78.100.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.25.216.0/24
194.48.251.0/24
194.49.94.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
63:45:ee:5c:3b:a6:ba:34:95:5e:a6:80:b5:93:5f:4d:cb:27:
74:98:68:d2:a4:43:7d:6d:27:f7:b6:11:23:c3:72:99:18:9f:
f0:29:8c:31:ce:cd:b7:57:5d:db:0a:f1:2e:9d:9e:f4:b7:f3:
36:a0:88:8e:e7:a5:a4:4f:5c:3c:81:e5:67:df:53:6d:2f:0d:
25:e1:0e:fb:7f:14:35:43:cd:ef:0a:6d:c6:5c:21:6c:f0:7b:
c3:6b:db:09:2e:f4:7e:75:93:c3:16:64:6e:c9:7f:15:f8:50:
05:b3:92:47:8c:9f:42:63:a3:35:dc:62:13:4b:1b:5e:8f:2e:
ac:b9:94:f5:aa:29:d3:b0:9f:88:ef:c1:b1:c3:b3:d5:b7:0e:
77:28:7c:1a:b3:b5:8b:b2:85:a8:d7:e6:af:69:b6:83:d7:7e:
c4:8b:57:dc:71:f0:a1:60:de:9b:ec:2c:16:ad:d7:dd:ce:aa:
e4:3b:c3:13:71:93:40:5e:59:46:83:77:8a:43:dc:94:cb:15:
02:19:5a:6a:5b:e3:d7:b0:1f:fc:d2:9f:49:11:0e:83:2c:00:
f9:04:75:77:0e:eb:3d:36:41:b0:b2:40:7f:9b:2e:a7:4d:d1:
3c:7b:d5:00:2a:5b:9f:79:73:82:b5:34:b5:0e:99:0a:f8:e2:
2f:ac:5f:41
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAZVgTlItSbj8gT67XKyIz8B/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzA0MDgzODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU0YTc1MmQwODAyNjkxYWUzNmZiNWRjMWNkOTA3Y2M1N2E5Njg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8BNwbPDeXU8IIyMnPw4ms0x7aEjW
5EAqk4w2aRjCLXz7bEKwoe/1ubGi+lxNZ1bhYLHZ4lYiow5xVBq7aG20+KrT/yye
Y9tsSfLapdCGT/yGkt/aduMiRV1+wFfwikOTBhxLcwaRNHps4CvgwjG/aOiMSKSH
6en7Pdrw0kXTHlRpVJxG06F71RaMjofcGhyB36HiaXans9m11LJ85N37KX0dOdqB
aOkuAc57cCGuSkVkYlJb9uuwVRnyr8qNbqSNbUX0wFLrhemQw7h7zDXKvqhhQ0d3
Ie18qNUdisg5/GTNqmARhhYSCjBueP5N1WB3UuAzltyUqaqJs0CclZRL4wIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFM5Up1LQgCaRrjb7XcHNkHzFepaIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvemxTblV0Q0FKcEd1TnZ0ZHdjMlFmTVY2bG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEAgX8hAMEAB8N4AMEAS0JnAMEAC0OpAMEAC1C5AMEAS1C5gMEAC1YQAMEAC1Z
9wMEAC1aWQMEAC2LagMEAC2NngMEAC2V8TAMAwQALZdZAwQCLZdYAwQAT24yAwQA
T24+AwQAUaHmAwQAUaHuAwQAU9thAwQAVDYwAwQAVR8vAwQAV3hXMAwDBARXeHAD
BAFXeHQDBAFXeHgwDAMEAFd4fQMEB1d4AAMEAFd4pgMEAFd5LQMEAFd5VwMEAVd5
fAMEAFd5ogMEAFd5pQMEBFtc8AMEAVx3xAMEAFz5MgMEAF17bQMEAl6aoAMEAF6c
CwMEA16cQDAMAwQDXpxoAwQAXpxqAwQBXpymAwQAXpyzAwQAbc7tAwQAjWIBAwQA
jWIGAwQAk05kAwQCqxZIAwQAstfgAwQCudhUAwQCudpUAwQAwRnYAwQAwjD7AwQA
wjFeAwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUAA4IBAQBjRe5cO6a6NJVepoC1
k19Nyyd0mGjSpEN9bSf3thEjw3KZGJ/wKYwxzs23V13bCvEunZ70t/M2oIiO56Wk
T1w8geVn31NtLw0l4Q77fxQ1Q83vCm3GXCFs8HvDa9sJLvR+dZPDFmRuyX8V+FAF
s5JHjJ9CY6M13GITSxtejy6suZT1qinTsJ+I78Gxw7PVtw53KHwas7WLsoWo1+av
abaD137Ei1fccfChYN6b7CwWrdfdzqrkO8MTcZNAXllGg3eKQ9yUyxUCGVpqW+PX
sB/80p9JEQ6DLAD5BHV3Dus9NkGwskB/my6nTdE8e9UAKlufeXOCtTS1DpkK+OIv
rF9B
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:24:23 2025 by rpki-client