Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/B_1v9_31nQ7LpG_ewBT6vg-udo0.roa
File: B_1v9_31nQ7LpG_ewBT6vg-udo0.roa (raw, json)
Hash identifier: aFa1kV14DnRkrCYFPLvWOr7yDgRdXNiO0g83YWLr1L0=
Subject key identifier: 07:FD:6F:F7:FD:F5:9D:0E:CB:A4:6F:DE:C0:14:FA:BE:0F:AE:76:8D
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01857169E6D8727AA47031C43D9317D9E2CE
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/B_1v9_31nQ7LpG_ewBT6vg-udo0.roa
Signing time: Mon 02 Jan 2023 07:37:23 +0000
ROA not before: Mon 02 Jan 2023 07:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202505
IP address blocks: 193.31.118.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
213.226.116.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:e6:d8:72:7a:a4:70:31:c4:3d:93:17:d9:e2:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 2 07:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07fd6ff7fdf59d0ecba46fdec014fabe0fae768d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e3:c3:7c:29:c7:ca:66:8e:5f:2f:f7:2c:4e:
3a:b7:b2:62:ea:ce:e4:7c:e6:fa:cb:17:a4:a4:64:
e9:9d:da:fc:92:5a:d3:a0:7d:e0:93:74:0e:fc:c9:
0f:f9:8e:05:3f:10:c3:58:a4:b8:58:3a:e0:3a:40:
a4:3f:46:d3:e0:12:a6:e8:97:0c:a6:d8:cd:6a:62:
e3:ff:03:06:21:db:2d:af:16:56:05:4d:51:5a:1e:
d3:b0:90:0a:98:81:a5:55:90:27:10:a7:c1:ce:88:
b7:64:cb:67:28:ea:b7:c6:65:c8:10:77:45:7c:6b:
fb:84:c2:9a:e4:3f:8c:70:d4:58:c3:72:35:88:ce:
28:95:67:08:16:43:d9:f6:42:c9:62:98:8d:b1:8f:
14:f8:27:b9:3b:3f:ba:3a:5d:9d:c0:cc:4e:b0:df:
b7:9b:3b:d6:18:b2:b8:e2:f6:e8:76:08:a4:51:3e:
eb:3d:fb:5a:85:0b:44:02:16:c6:7f:1e:a5:42:a9:
08:89:5b:90:f1:00:62:e1:2e:c4:ef:5f:cb:06:4c:
56:28:84:39:60:0f:fb:ee:1a:d3:90:14:1e:8d:01:
0a:d3:16:3b:99:fe:20:d3:d2:da:aa:ea:9c:b9:11:
f1:d9:8d:c5:49:c4:df:81:63:1c:00:9b:d9:d1:f6:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:FD:6F:F7:FD:F5:9D:0E:CB:A4:6F:DE:C0:14:FA:BE:0F:AE:76:8D
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/B_1v9_31nQ7LpG_ewBT6vg-udo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
176.98.42.0/23
185.81.152.0/22
193.31.117.0-193.31.119.255
213.226.116.0/24
IPv6:
2a06:f7c0::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
cb:71:33:39:a8:e9:94:62:3f:d1:ba:2d:51:b3:de:c1:6c:bd:
bc:c8:57:a1:d7:49:0d:96:b1:cf:74:71:70:39:a7:4d:a9:da:
a5:2d:60:ff:c8:29:b2:20:c5:b1:ac:25:3d:c4:ff:e8:0c:84:
17:9f:7e:f8:b8:f0:d5:27:52:86:1f:82:47:d8:05:af:d9:05:
b4:d3:8a:e5:9d:e3:6d:4a:bd:fd:35:ad:79:32:5e:a4:6f:1f:
82:19:98:3f:ce:40:d5:5f:fc:3b:49:f4:60:ce:d8:9f:11:7c:
27:4b:7f:56:f4:08:e4:e8:31:d6:bb:17:de:12:ef:c3:b6:df:
2c:ea:5c:3a:bb:43:12:0c:a5:97:d5:e7:0f:e6:54:f2:56:e3:
05:d5:d9:33:05:23:84:23:bc:57:4d:57:6e:9b:45:eb:8a:22:
72:34:db:f5:91:a5:c3:30:91:a5:ad:f6:06:4a:2c:9b:45:7b:
6c:00:43:16:7a:e4:7a:4c:02:fb:81:82:41:9a:1d:46:cb:c9:
91:a1:ef:89:6e:b9:f6:90:5b:34:44:9c:58:07:40:15:d7:2d:
6d:b5:91:9b:1a:4d:99:70:74:db:41:b2:77:39:1c:9c:92:81:
b3:06:74:76:0b:e4:e7:91:0d:03:ce:ea:34:14:cd:cd:52:c0:
74:2b:ee:e4
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVxaebYcnqkcDHEPZMX2eLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwMTAyMDczNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2ZkNmZmN2ZkZjU5ZDBlY2JhNDZmZGVjMDE0ZmFiZTBmYWU3NjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+PDfCnHymaOXy/3LE46t7Ji6s7k
fOb6yxekpGTpndr8klrToH3gk3QO/MkP+Y4FPxDDWKS4WDrgOkCkP0bT4BKm6JcM
ptjNamLj/wMGIdstrxZWBU1RWh7TsJAKmIGlVZAnEKfBzoi3ZMtnKOq3xmXIEHdF
fGv7hMKa5D+McNRYw3I1iM4olWcIFkPZ9kLJYpiNsY8U+Ce5Oz+6Ol2dwMxOsN+3
mzvWGLK44vbodgikUT7rPftahQtEAhbGfx6lQqkIiVuQ8QBi4S7E71/LBkxWKIQ5
YA/77hrTkBQejQEK0xY7mf4g09LaquqcuRHx2Y3FScTfgWMcAJvZ0faDfQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFAf9b/f99Z0Oy6Rv3sAU+r4PrnaNMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvQl8xdjlfMzFuUTdMcEdfZXdCVDZ2Zy11ZG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjA4BAIAATAyAwQAVDYOAwQA
VmgOAwQAWStOAwQBsGIqAwQCuVGYMAwDBADBH3UDBAPBH3ADBADV4nQwIgQCAAIw
HAMFAyoG98ADBQMqEH9AAwUDKhB/wAMFAyoR0QAwDQYJKoZIhvcNAQELBQADggEB
AMtxMzmo6ZRiP9G6LVGz3sFsvbzIV6HXSQ2Wsc90cXA5p02p2qUtYP/IKbIgxbGs
JT3E/+gMhBeffvi48NUnUoYfgkfYBa/ZBbTTiuWd421Kvf01rXkyXqRvH4IZmD/O
QNVf/DtJ9GDO2J8RfCdLf1b0COToMda7F94S78O23yzqXDq7QxIMpZfV5w/mVPJW
4wXV2TMFI4QjvFdNV26bReuKInI02/WRpcMwkaWt9gZKLJtFe2wAQxZ65HpMAvuB
gkGaHUbLyZGh74luufaQWzREnFgHQBXXLW21kZsaTZlwdNtBsnc5HJySgbMGdHYL
5OeRDQPO6jQUzc1SwHQr7uQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:25:28 2025 by rpki-client