Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/dj1Tiiw2UvkeOZY8EumM2bAB2bE.roa
File: dj1Tiiw2UvkeOZY8EumM2bAB2bE.roa (raw, json)
Hash identifier: wKuB6rP2JfOBljnyppv7up6xh92HDGCsCvtLIoe5KPc=
Subject key identifier: 76:3D:53:8A:2C:36:52:F9:1E:39:96:3C:12:E9:8C:D9:B0:01:D9:B1
Certificate issuer: /CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Certificate serial: 019730FC697A3B8D79C7E0EB0934FE6D13E4
Authority key identifier: 49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/dj1Tiiw2UvkeOZY8EumM2bAB2bE.roa
Signing time: Mon 02 Jun 2025 14:12:17 +0000
ROA not before: Mon 02 Jun 2025 14:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 5.144.128.0/21 maxlen: 21
5.144.128.0/22 maxlen: 22
5.144.128.0/23 maxlen: 23
5.144.128.0/24 maxlen: 24
5.144.129.0/24 maxlen: 24
5.144.130.0/23 maxlen: 24
5.144.130.0/24 maxlen: 24
5.144.131.0/24 maxlen: 24
5.144.132.0/22 maxlen: 22
5.144.132.0/23 maxlen: 24
5.144.132.0/24 maxlen: 24
5.144.133.0/24 maxlen: 24
5.144.134.0/23 maxlen: 24
5.144.134.0/24 maxlen: 24
5.144.135.0/24 maxlen: 24
45.92.92.0/22 maxlen: 24
45.92.92.0/23 maxlen: 24
45.92.92.0/24 maxlen: 24
45.92.93.0/24 maxlen: 24
45.92.94.0/23 maxlen: 24
45.92.94.0/24 maxlen: 24
45.92.95.0/24 maxlen: 24
45.138.132.0/22 maxlen: 24
45.138.132.0/23 maxlen: 24
45.138.132.0/24 maxlen: 24
45.138.133.0/24 maxlen: 24
45.138.134.0/24 maxlen: 24
45.138.135.0/24 maxlen: 24
80.91.208.0/24 maxlen: 24
185.36.231.0/24 maxlen: 24
185.40.16.0/24 maxlen: 24
185.83.112.0/22 maxlen: 22
185.83.112.0/23 maxlen: 23
185.83.112.0/24 maxlen: 24
185.83.113.0/24 maxlen: 24
185.83.114.0/23 maxlen: 24
185.83.114.0/24 maxlen: 24
185.83.115.0/24 maxlen: 24
185.83.181.0/24 maxlen: 24
185.83.183.0/24 maxlen: 24
185.169.6.0/24 maxlen: 24
185.173.104.0/22 maxlen: 24
185.173.104.0/24 maxlen: 24
185.173.105.0/24 maxlen: 24
185.173.106.0/24 maxlen: 24
185.173.107.0/24 maxlen: 24
185.205.203.0/24 maxlen: 24
185.208.76.0/23 maxlen: 23
185.208.78.0/23 maxlen: 24
185.208.78.0/24 maxlen: 24
185.208.79.0/24 maxlen: 24
193.3.231.0/24 maxlen: 24
193.162.129.0/24 maxlen: 24
2a05:9a00::/29 maxlen: 29
2a05:9a00::/48 maxlen: 48
2a05:9a00:1::/48 maxlen: 48
2a05:9a00:2::/48 maxlen: 48
2a05:9a00:3::/48 maxlen: 48
2a05:9a00:4::/48 maxlen: 48
2a05:9a00:1000::/48 maxlen: 48
2a05:9a00:1001::/48 maxlen: 48
2a05:9a00:1002::/48 maxlen: 48
2a05:9a00:1003::/48 maxlen: 48
2a07:e440::/29 maxlen: 29
2a10:4340::/29 maxlen: 29
2a10:5c40::/29 maxlen: 29
2a10:6140::/29 maxlen: 29
2a10:b800::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:fc:69:7a:3b:8d:79:c7:e0:eb:09:34:fe:6d:13:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Validity
Not Before: Jun 2 14:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=763d538a2c3652f91e39963c12e98cd9b001d9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a0:1b:7c:d0:73:50:f4:95:04:3e:b9:6e:1e:
a8:95:56:27:87:03:dd:16:aa:6e:35:f8:c7:b8:68:
cd:99:67:6d:a2:cd:1b:36:81:1b:e6:cd:91:3d:68:
27:e7:39:7c:ee:8f:1f:95:2f:0b:82:33:6c:f9:4e:
8a:91:6a:37:ab:6f:24:83:d0:f8:3f:a6:8a:fd:40:
68:99:02:18:65:3a:b9:8c:b9:47:54:1d:39:be:f3:
1f:1b:63:c0:40:7d:5d:f0:23:b3:ba:28:01:6b:68:
3f:15:fb:85:59:c6:3a:2a:90:64:06:89:f7:f9:d0:
43:a7:85:11:1c:37:20:f6:97:4f:c4:7a:90:4b:bf:
4b:7d:ee:8d:66:ed:e0:54:ea:33:ca:80:fa:66:07:
cc:fe:8c:a1:0e:57:ae:98:82:7e:3b:9e:1d:f2:5d:
05:e0:1f:c1:1e:b0:20:f8:48:a3:14:3e:72:d7:a7:
7b:12:f8:ee:7d:6c:b1:78:2c:8b:91:bc:83:cd:e0:
74:33:75:e0:07:08:45:8b:71:6c:1b:c3:00:72:d4:
c5:29:78:09:6e:b5:2c:a5:8e:d3:7e:04:8e:51:bd:
25:d5:2e:2b:f5:8a:53:5d:ae:09:b4:c6:28:dc:7d:
b5:9f:74:27:35:ca:64:87:ad:a8:38:61:f4:13:94:
e5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3D:53:8A:2C:36:52:F9:1E:39:96:3C:12:E9:8C:D9:B0:01:D9:B1
X509v3 Authority Key Identifier:
keyid:49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/dj1Tiiw2UvkeOZY8EumM2bAB2bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.128.0/21
45.92.92.0/22
45.138.132.0/22
80.91.208.0/24
185.36.231.0/24
185.40.16.0/24
185.83.112.0/22
185.83.181.0/24
185.83.183.0/24
185.169.6.0/24
185.173.104.0/22
185.205.203.0/24
185.208.76.0/22
193.3.231.0/24
193.162.129.0/24
IPv6:
2a05:9a00::/29
2a07:e440::/29
2a10:4340::/29
2a10:5c40::/29
2a10:6140::/29
2a10:b800::/29
Signature Algorithm: sha256WithRSAEncryption
47:49:5b:1e:fb:90:20:c6:d0:1b:be:a4:bb:6a:da:e0:20:21:
d1:26:f2:5a:bb:52:3f:ef:d5:91:ec:0e:b6:cc:fe:53:d4:60:
e7:5c:c3:cb:30:30:21:a8:50:99:a2:c5:33:a2:ff:14:13:8e:
98:35:e5:65:a3:cd:5c:2b:03:a6:04:31:1a:c1:19:87:c4:48:
7e:be:bf:2d:ca:e4:e9:ba:14:44:2d:68:a9:aa:a5:61:d9:ff:
93:01:d1:29:40:a1:b4:d4:ed:a6:32:1a:3c:ce:f5:cd:2e:24:
d4:83:df:17:e8:41:0f:56:15:30:1e:79:97:aa:cf:dc:c4:0a:
c1:6d:64:34:4f:6d:4d:f3:5d:c4:2a:78:3c:fb:b1:7c:b4:c0:
f3:9b:ba:39:c0:b7:06:0d:8a:30:55:77:cc:14:1e:7e:b4:1f:
68:80:a4:92:10:9f:dc:00:b8:76:23:60:19:85:a4:ee:5a:4e:
d0:bb:76:7e:7b:6f:49:16:89:4d:42:94:74:e6:0a:51:87:92:
ae:b5:d6:ad:bd:4f:81:c7:0a:20:ec:2a:f1:72:0a:c8:5c:e4:
7a:82:da:d5:65:df:b9:6f:9e:f3:41:7f:9e:6f:26:e4:44:0a:
c2:00:1e:1c:43:cc:00:a4:dd:6b:48:2d:85:c4:c6:4c:97:5c:
de:98:70:0b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZcw/Gl6O415x+DrCTT+bRPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZWUxMTk0YmQ4MWQxOTQ2YzM5ZjEwZjdmZGZkZjIyZDFh
MDMxMTIwHhcNMjUwNjAyMTQxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNkNTM4YTJjMzY1MmY5MWUzOTk2M2MxMmU5OGNkOWIwMDFkOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKAbfNBzUPSVBD65bh6olVYnhwPd
FqpuNfjHuGjNmWdtos0bNoEb5s2RPWgn5zl87o8flS8LgjNs+U6KkWo3q28kg9D4
P6aK/UBomQIYZTq5jLlHVB05vvMfG2PAQH1d8COzuigBa2g/FfuFWcY6KpBkBon3
+dBDp4URHDcg9pdPxHqQS79Lfe6NZu3gVOozyoD6ZgfM/oyhDleumIJ+O54d8l0F
4B/BHrAg+EijFD5y16d7EvjufWyxeCyLkbyDzeB0M3XgBwhFi3FsG8MActTFKXgJ
brUspY7TfgSOUb0l1S4r9YpTXa4JtMYo3H21n3QnNcpkh62oOGH0E5TlWwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHY9U4osNlL5HjmWPBLpjNmwAdmxMB8GA1UdIwQY
MBaAFEnuEZS9gdGUbDnxD3/f3yLRoDESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYt
ZDYyZmE2MzE5ZmQ0LzEvZGoxVGlpdzJVdmtlT1pZOEV1bU0yYkFCMmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYtZDYyZmE2MzE5ZmQ0
LzEvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBgBAIAATBaAwQDBZCA
AwQCLVxcAwQCLYqEAwQAUFvQAwQAuSTnAwQAuSgQAwQCuVNwAwQAuVO1AwQAuVO3
AwQAuakGAwQCua1oAwQAuc3LAwQCudBMAwQAwQPnAwQAwaKBMDAEAgACMCoDBQMq
BZoAAwUDKgfkQAMFAyoQQ0ADBQMqEFxAAwUDKhBhQAMFAyoQuAAwDQYJKoZIhvcN
AQELBQADggEBAEdJWx77kCDG0Bu+pLtq2uAgIdEm8lq7Uj/v1ZHsDrbM/lPUYOdc
w8swMCGoUJmixTOi/xQTjpg15WWjzVwrA6YEMRrBGYfESH6+vy3K5Om6FEQtaKmq
pWHZ/5MB0SlAobTU7aYyGjzO9c0uJNSD3xfoQQ9WFTAeeZeqz9zECsFtZDRPbU3z
XcQqeDz7sXy0wPObujnAtwYNijBVd8wUHn60H2iApJIQn9wAuHYjYBmFpO5aTtC7
dn57b0kWiU1ClHTmClGHkq611q29T4HHCiDsKvFyCshc5HqC2tVl37lvnvNBf55v
JuRECsIAHhxDzACk3WtILYXExkyXXN6YcAs=
-----END CERTIFICATE-----
Generated at Thu Jun 5 03:24:06 2025 by rpki-client