Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/51E979KQTX9z0FG0YQdM7z8IKDs.roa
File: 51E979KQTX9z0FG0YQdM7z8IKDs.roa (raw, json)
Hash identifier: zRGT7Z/Nm2hEuDso/3nGPSUb+M+ywMupFZ2iH/qoisk=
Subject key identifier: E7:51:3D:EF:D2:90:4D:7F:73:D0:51:B4:61:07:4C:EF:3F:08:28:3B
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01877989B86DFBDB6701F852ECA21C7E2E3D
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/51E979KQTX9z0FG0YQdM7z8IKDs.roa
Signing time: Thu 13 Apr 2023 07:34:41 +0000
ROA not before: Thu 13 Apr 2023 07:34:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202505
IP address blocks: 89.43.78.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
193.31.118.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
213.226.118.0/24 maxlen: 24
213.226.117.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a05:88c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:89:b8:6d:fb:db:67:01:f8:52:ec:a2:1c:7e:2e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Apr 13 07:34:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7513defd2904d7f73d051b461074cef3f08283b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9c:b6:c0:85:d8:cc:1a:8d:da:f3:83:45:73:
fb:f2:0e:97:a8:8e:7a:9f:88:8a:87:c8:9c:7b:07:
54:01:aa:ac:11:9f:51:a9:80:69:04:47:d5:dd:f9:
d6:a5:97:d8:34:52:04:60:32:fa:31:b1:f4:ef:47:
37:21:69:39:af:11:6a:27:68:35:ce:e8:f9:fe:a3:
3d:4c:e2:f7:24:54:a7:41:71:ea:cf:17:8a:03:dc:
74:0c:3c:fb:7e:fa:d9:04:e5:34:f7:8d:bc:b9:94:
c7:94:b9:3b:30:c4:59:d4:87:db:80:87:18:36:d4:
ce:b7:bc:ca:56:7b:f8:d3:38:db:cc:85:22:26:6a:
ac:c3:11:67:95:be:c2:74:d9:0f:ef:66:f1:91:5d:
64:d3:d7:89:4d:67:f9:ff:dd:48:bd:fc:54:46:28:
ba:7c:e4:ab:40:ca:02:bd:98:b6:80:a3:d8:f6:0c:
f6:12:da:86:7c:32:37:44:3a:ad:c3:21:97:48:14:
4a:a1:06:a4:ed:45:95:a6:9d:b5:4d:a3:e3:26:ab:
71:d0:e4:52:06:d2:bd:55:2b:9c:a9:a9:23:65:5c:
a3:ff:87:53:40:ab:7f:0b:85:f5:67:6d:9d:f5:00:
a3:50:9e:be:6f:c4:8a:a5:e1:a5:6d:96:22:1c:18:
0f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:51:3D:EF:D2:90:4D:7F:73:D0:51:B4:61:07:4C:EF:3F:08:28:3B
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/51E979KQTX9z0FG0YQdM7z8IKDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
176.98.42.0/23
185.81.152.0/22
193.31.117.0-193.31.119.255
213.226.117.0-213.226.118.255
IPv6:
2a05:88c0::/29
2a06:f7c0::/29
2a10:3300::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
ae:40:37:dd:06:4b:21:60:02:72:ab:cc:34:c3:d8:f5:e0:87:
67:d7:d3:5e:87:37:e5:14:89:b6:b9:f2:84:15:5f:a1:6d:3d:
a1:5f:69:92:40:0d:6b:3e:88:ee:09:02:e4:31:7c:53:ab:5f:
a4:2a:ff:fd:b5:a8:48:5d:a9:e0:87:8c:7d:09:78:40:8f:a6:
14:b8:b8:25:35:08:14:39:ed:1d:8e:1d:38:69:08:0e:8c:76:
fe:bf:b1:4f:1f:ab:d2:eb:e4:53:9d:24:57:b6:0b:04:4e:83:
04:4b:4d:66:ad:8f:7d:9a:28:ef:0c:ac:7d:73:1c:4a:86:a2:
3c:77:0f:ea:10:f9:68:11:bb:38:c6:56:2f:8c:12:4d:e6:02:
d0:07:5d:fb:88:9d:e4:dc:1b:3b:7a:7d:bc:90:5e:c0:1b:00:
c9:ec:5d:1b:59:67:f9:1b:3f:3d:bc:69:e2:2e:79:e8:d3:9f:
5c:91:28:f0:f9:0a:e4:be:5e:01:5b:18:33:55:c8:08:a3:9b:
56:9b:4a:17:78:00:10:2f:b9:7f:2c:1f:c7:2a:d1:75:33:a9:
42:e2:d3:ab:b3:c8:29:bb:c2:30:08:e4:de:5f:d4:71:ed:a2:
f2:52:89:cc:86:eb:a3:0b:31:79:04:94:d0:78:7b:3c:1b:2b:
45:39:cf:bc
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYd5ibht+9tnAfhS7KIcfi49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwNDEzMDczNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzUxM2RlZmQyOTA0ZDdmNzNkMDUxYjQ2MTA3NGNlZjNmMDgyODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Zy2wIXYzBqN2vODRXP78g6XqI56
n4iKh8icewdUAaqsEZ9RqYBpBEfV3fnWpZfYNFIEYDL6MbH070c3IWk5rxFqJ2g1
zuj5/qM9TOL3JFSnQXHqzxeKA9x0DDz7fvrZBOU09428uZTHlLk7MMRZ1IfbgIcY
NtTOt7zKVnv40zjbzIUiJmqswxFnlb7CdNkP72bxkV1k09eJTWf5/91IvfxURii6
fOSrQMoCvZi2gKPY9gz2EtqGfDI3RDqtwyGXSBRKoQak7UWVpp21TaPjJqtx0ORS
BtK9VSucqakjZVyj/4dTQKt/C4X1Z22d9QCjUJ6+b8SKpeGlbZYiHBgPxwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFOdRPe/SkE1/c9BRtGEHTO8/CCg7MB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvNTFFOTc5S1FUWDl6MEZHMFlRZE03ejhJS0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwQAQCAAEwOgMEAFQ2DgME
AFZoDgMEAFkrTgMEAbBiKgMEArlRmDAMAwQAwR91AwQDwR9wMAwDBADV4nUDBADV
4nYwMAQCAAIwKgMFAyoFiMADBQMqBvfAAwUDKhAzAAMFAyoQf0ADBQMqEH/AAwUD
KhHRADANBgkqhkiG9w0BAQsFAAOCAQEArkA33QZLIWACcqvMNMPY9eCHZ9fTXoc3
5RSJtrnyhBVfoW09oV9pkkANaz6I7gkC5DF8U6tfpCr//bWoSF2p4IeMfQl4QI+m
FLi4JTUIFDntHY4dOGkIDox2/r+xTx+r0uvkU50kV7YLBE6DBEtNZq2PfZoo7wys
fXMcSoaiPHcP6hD5aBG7OMZWL4wSTeYC0Add+4id5NwbO3p9vJBewBsAyexdG1ln
+Rs/Pbxp4i556NOfXJEo8PkK5L5eAVsYM1XICKObVptKF3gAEC+5fywfxyrRdTOp
QuLTq7PIKbvCMAjk3l/Uce2i8lKJzIbrowsxeQSU0Hh7PBsrRTnPvA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:37:13 2025 by rpki-client