Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/nLKgLZCyesw00erZTI_cs0Rj9hc.roa
File: nLKgLZCyesw00erZTI_cs0Rj9hc.roa (raw, json)
Hash identifier: tsJMMVUxNzqjHZBYnlf1Ny3HzPZWNYq1Lv8S4crCKcw=
Subject key identifier: 9C:B2:A0:2D:90:B2:7A:CC:34:D1:EA:D9:4C:8F:DC:B3:44:63:F6:17
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 0192F61EB93E702503C4751E734B3FC0C058
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/nLKgLZCyesw00erZTI_cs0Rj9hc.roa
Signing time: Mon 04 Nov 2024 07:41:01 +0000
ROA not before: Mon 04 Nov 2024 07:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15695
IP address blocks: 5.253.88.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
86.48.192.0/24 maxlen: 24
86.48.193.0/24 maxlen: 24
86.48.194.0/24 maxlen: 24
86.48.195.0/24 maxlen: 24
86.48.208.0/24 maxlen: 24
86.48.209.0/24 maxlen: 24
86.48.210.0/24 maxlen: 24
86.48.211.0/24 maxlen: 24
86.48.212.0/24 maxlen: 24
86.48.214.0/24 maxlen: 24
86.48.215.0/24 maxlen: 24
86.48.216.0/24 maxlen: 24
86.48.217.0/24 maxlen: 24
86.48.218.0/24 maxlen: 24
86.48.219.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.221.0/24 maxlen: 24
86.48.222.0/24 maxlen: 24
86.48.223.0/24 maxlen: 24
86.48.224.0/24 maxlen: 24
86.48.225.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
86.48.241.0/24 maxlen: 24
86.48.242.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
195.238.244.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
2a0c:5900:1000::/36 maxlen: 36
2a0c:5900:2000::/36 maxlen: 36
2a0c:5900:3000::/36 maxlen: 36
2a0c:5900:4000::/36 maxlen: 36
2a0c:5900:5000::/36 maxlen: 36
2a0c:5900:6000::/36 maxlen: 36
2a0c:5900:7000::/36 maxlen: 36
2a0c:5900:8000::/36 maxlen: 36
2a0c:5900:9000::/36 maxlen: 36
2a0c:5900:a000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:1e:b9:3e:70:25:03:c4:75:1e:73:4b:3f:c0:c0:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Nov 4 07:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cb2a02d90b27acc34d1ead94c8fdcb34463f617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:15:61:25:5e:ad:d6:de:5a:25:80:05:ff:39:
ad:ab:69:17:7b:28:b2:25:fc:fe:a8:ea:00:22:e4:
f6:41:14:7e:9a:62:d1:7b:b1:b9:38:f0:23:84:63:
ae:e5:a1:34:c2:4b:64:c2:20:e8:68:a2:f4:c9:4d:
ab:de:14:37:a4:6c:13:d7:25:6c:c8:74:07:73:05:
38:73:0c:0a:04:34:9a:63:f8:4a:e1:ab:c9:c8:a6:
3d:ba:66:e8:6e:fd:3d:99:06:03:99:0d:aa:61:ff:
6c:f6:0d:6c:59:47:29:6f:b7:9b:15:e2:df:6f:1a:
23:fb:21:f4:82:8f:e9:0f:9f:ab:14:56:6f:c5:a8:
f6:58:ff:a4:ac:53:8b:09:0a:21:60:9b:38:89:6a:
a3:ce:99:56:e0:c0:e8:c5:7e:9c:60:95:73:9d:2a:
2a:70:81:ca:01:5a:64:51:cb:d1:ac:8c:33:80:f1:
ce:3b:84:7a:c9:ad:2c:56:cf:52:72:61:94:0a:c2:
88:2e:dd:9b:de:28:e3:da:62:5c:b6:5d:f2:98:92:
93:44:cf:eb:8d:37:16:b8:b3:2b:ce:88:19:76:7c:
fe:10:e3:3f:f7:93:03:4c:a8:06:bd:1a:ea:85:d9:
4f:af:37:a2:8f:ad:88:b6:4a:5c:2b:bd:d7:82:2a:
10:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B2:A0:2D:90:B2:7A:CC:34:D1:EA:D9:4C:8F:DC:B3:44:63:F6:17
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/nLKgLZCyesw00erZTI_cs0Rj9hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.192.0/22
86.48.208.0-86.48.212.255
86.48.214.0-86.48.225.255
86.48.240.0-86.48.242.255
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
2a0c:5900:1000::-2a0c:5900:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:24:d8:31:19:d5:24:ea:12:32:cf:19:81:7b:a9:ef:1d:99:
f3:02:49:a4:78:4a:4f:ad:9e:2d:97:c7:a6:ea:d0:aa:06:bd:
74:71:75:c3:c2:54:07:92:36:67:b2:3a:f5:b1:05:da:5f:ab:
86:a3:3e:44:38:57:7b:d1:05:f4:67:e3:23:6e:4e:37:4a:c4:
b1:0f:9d:be:5e:2b:b2:c4:94:a3:a3:02:bf:19:0f:68:1b:d1:
94:60:f8:fd:1c:bc:7f:23:c9:1a:bb:8a:9d:13:59:02:d5:9d:
ea:32:e2:a3:b7:8b:f6:e7:4a:b6:c1:9b:ca:b8:c3:50:52:4c:
cb:c3:c0:5a:9d:e3:a4:59:22:69:e8:1a:ae:7c:eb:ac:3e:e2:
45:ce:6a:6f:20:94:2f:c4:af:0d:d6:17:2c:7b:91:be:58:6f:
81:99:eb:46:d5:2e:f9:86:a0:54:f5:f3:10:1b:41:28:c2:79:
de:7a:67:df:a5:28:fd:b7:67:80:58:e3:a3:6c:d0:a3:6a:c9:
15:51:9d:c5:07:82:b3:8e:86:89:32:3f:b2:cf:c8:ce:58:fa:
af:fd:ff:80:23:dd:b4:3b:66:50:fc:5c:cc:7d:b3:a8:af:bf:
b7:7d:5d:88:90:f9:46:1b:58:28:42:2a:e8:5e:27:35:36:bf:
bd:ac:9b:16
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZL2Hrk+cCUDxHUec0s/wMBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQxMTA0MDc0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2IyYTAyZDkwYjI3YWNjMzRkMWVhZDk0YzhmZGNiMzQ0NjNmNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBVhJV6t1t5aJYAF/zmtq2kXeyiy
Jfz+qOoAIuT2QRR+mmLRe7G5OPAjhGOu5aE0wktkwiDoaKL0yU2r3hQ3pGwT1yVs
yHQHcwU4cwwKBDSaY/hK4avJyKY9umbobv09mQYDmQ2qYf9s9g1sWUcpb7ebFeLf
bxoj+yH0go/pD5+rFFZvxaj2WP+krFOLCQohYJs4iWqjzplW4MDoxX6cYJVznSoq
cIHKAVpkUcvRrIwzgPHOO4R6ya0sVs9ScmGUCsKILt2b3ijj2mJctl3ymJKTRM/r
jTcWuLMrzogZdnz+EOM/95MDTKgGvRrqhdlPrzeij62ItkpcK73XgioQswIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFJyyoC2QsnrMNNHq2UyP3LNEY/YXMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvbkxLZ0xaQ3llc3cwMGVyWlRJX2NzMFJqOWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCBkQQCAAEwgYoD
BAIF/VgDBAMlGuADBAItUdwDBAEtXVQDBAAtXVcDBAAtXr4DBAItX9gDBAQ/98AD
BAJWMMAwDAMEBFYw0AMEAFYw1DAMAwQBVjDWAwQBVjDgMAwDBARWMPADBABWMPID
BAJbZxADBABbZxUDBABbZxcDBAK5PnQDBAHBoIYDBADD7vQDBATYrEAwdAQCAAIw
bgMHACoADLgAMTASAwcAKgAMuAAzAwcAKgAMuAA0AwcAKgAMuAA5AwcAKgAMuABB
AwcAKgAMuABEAwcBKgAMuABIAwcAKgAMuAFEAwcAKgAMuANTAwcAKgAMuAlxMBAD
BgQqDFkAEAMGBCoMWQCgMA0GCSqGSIb3DQEBCwUAA4IBAQAFJNgxGdUk6hIyzxmB
e6nvHZnzAkmkeEpPrZ4tl8em6tCqBr10cXXDwlQHkjZnsjr1sQXaX6uGoz5EOFd7
0QX0Z+Mjbk43SsSxD52+XiuyxJSjowK/GQ9oG9GUYPj9HLx/I8kau4qdE1kC1Z3q
MuKjt4v250q2wZvKuMNQUkzLw8BaneOkWSJp6BqufOusPuJFzmpvIJQvxK8N1hcs
e5G+WG+BmetG1S75hqBU9fMQG0EownneemffpSj9t2eAWOOjbNCjaskVUZ3FB4Kz
joaJMj+yz8jOWPqv/f+AI920O2ZQ/FzMfbOor7+3fV2IkPlGG1goQiroXic1Nr+9
rJsW
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:41 2025 by rpki-client