Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/BtTXgh5vWL-qjbW5ZX1QkirefdE.roa
File: BtTXgh5vWL-qjbW5ZX1QkirefdE.roa (raw, json)
Hash identifier: qzKTuNOgqGnC/XPmQ23GHxdWzZyt5iOrtO6oo6frmOo=
Subject key identifier: 06:D4:D7:82:1E:6F:58:BF:AA:8D:B5:B9:65:7D:50:92:2A:DE:7D:D1
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 09FD8D66
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/BtTXgh5vWL-qjbW5ZX1QkirefdE.roa
Signing time: Sat 01 Jan 2022 11:56:00 +0000
ROA not before: Sat 01 Jan 2022 11:56:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202505
IP address blocks: 185.225.37.0/24 maxlen: 24
185.225.38.0/24 maxlen: 24
185.225.36.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
185.132.125.0/24 maxlen: 24
185.132.127.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
213.226.116.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167611750 (0x9fd8d66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 1 11:56:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06d4d7821e6f58bfaa8db5b9657d50922ade7dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:a9:34:1a:fd:a1:7a:29:7f:59:96:dc:0d:69:
53:1d:ce:a3:12:3c:ed:fe:b1:29:64:44:10:53:e3:
3e:a7:fd:86:d2:3c:5a:02:43:85:08:48:d4:75:37:
18:41:f1:72:8f:a3:fb:57:4e:af:24:8d:b0:a9:23:
1e:15:ba:d1:ab:3d:62:17:a2:dc:db:9c:7b:f2:df:
8a:81:96:25:56:22:0a:44:19:0b:06:a3:e3:05:95:
d2:b8:03:cd:a4:8f:d9:5a:eb:18:ad:ac:04:a7:24:
ce:95:72:45:4c:9d:2f:92:89:1a:e7:ef:43:4f:03:
24:58:50:61:51:bb:9a:b0:73:71:62:09:e5:6c:74:
c5:18:98:f1:e6:8a:96:7a:10:78:cb:1f:aa:d8:9c:
97:bf:bc:cf:ed:16:92:44:d6:41:e7:5b:22:54:83:
80:11:5a:82:6e:68:ba:f8:41:ba:a2:e2:2a:9d:6f:
3b:61:2b:8a:f5:e4:6a:fa:52:ba:c9:39:4a:c6:ae:
c1:b2:ee:a5:0e:85:62:b1:a4:36:ad:08:e2:f9:3d:
47:65:da:12:9c:ff:9b:28:ee:ad:e9:6e:d6:99:20:
da:68:dd:ef:3e:49:85:61:13:66:26:b7:79:a1:62:
df:33:3e:b9:94:94:2c:9e:71:28:7f:dd:e4:f1:24:
d6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D4:D7:82:1E:6F:58:BF:AA:8D:B5:B9:65:7D:50:92:2A:DE:7D:D1
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/BtTXgh5vWL-qjbW5ZX1QkirefdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
93.114.130.0/24
176.98.42.0/23
185.81.152.0/22
185.132.125.0/24
185.132.127.0/24
185.225.36.0-185.225.38.255
193.31.117.0/24
193.31.119.0/24
213.226.116.0/24
IPv6:
2a06:f7c0::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
a8:eb:e7:06:14:21:fa:38:eb:9d:d7:60:d3:c6:dd:75:a1:c1:
9d:0e:52:7a:ee:28:fa:78:c4:64:d9:18:9e:7f:a8:23:de:3b:
4f:d8:42:24:0c:fd:1c:05:35:e8:94:90:5f:d9:b1:07:90:d8:
91:55:ef:91:20:97:13:c6:75:5c:d7:40:69:bb:8d:09:7c:5b:
40:1a:ef:4d:ce:9d:20:e5:c0:37:43:66:10:8c:b3:db:56:fb:
ba:86:dd:03:66:24:0f:28:6d:05:75:5d:8e:cc:ea:b1:10:6d:
d7:d0:b5:54:47:f0:53:16:e7:f8:b2:e1:13:f2:bf:1c:ae:0b:
30:d2:0d:9b:be:6e:26:3d:db:04:c6:49:7f:9f:56:a3:cb:4d:
5d:e4:e7:64:2f:3c:cf:c9:f8:1c:b2:dc:28:b3:8b:a9:8c:bc:
bc:c7:8a:4a:a3:73:9e:a4:8b:27:67:c6:ac:0f:85:d1:17:3c:
af:ea:ed:e8:f6:c7:52:5a:9f:51:2e:9c:0f:42:19:56:fe:b6:
fb:68:18:86:12:f1:31:06:cc:15:16:57:ef:96:3d:d1:22:04:
bb:49:2f:4e:e8:1b:fc:50:f8:46:e3:3c:3f:c5:d2:05:60:7c:
7e:65:20:f2:cd:7c:e5:4e:8b:e9:cf:1d:2c:76:00:7a:ba:95:
41:0c:8a:44
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIECf2NZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDEw
MTExNTYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZkNGQ3ODIxZTZm
NThiZmFhOGRiNWI5NjU3ZDUwOTIyYWRlN2RkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPWpNBr9oXopf1mW3A1pUx3OoxI87f6xKWREEFPjPqf9htI8
WgJDhQhI1HU3GEHxco+j+1dOrySNsKkjHhW60as9Yhei3Nuce/LfioGWJVYiCkQZ
Cwaj4wWV0rgDzaSP2VrrGK2sBKckzpVyRUydL5KJGufvQ08DJFhQYVG7mrBzcWIJ
5Wx0xRiY8eaKlnoQeMsfqticl7+8z+0WkkTWQedbIlSDgBFagm5ouvhBuqLiKp1v
O2ErivXkavpSusk5SsauwbLupQ6FYrGkNq0I4vk9R2XaEpz/myjurelu1pkg2mjd
7z5JhWETZia3eaFi3zM+uZSULJ5xKH/d5PEk1m0CAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBQG1NeCHm9Yv6qNtbllfVCSKt590TAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L0J0VFhnaDV2V0wtcWpiVzVaWDFRa2lyZWZkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MFYEAgABMFADBABUNg4DBABWaA4DBABZK04DBABd
coIDBAGwYioDBAK5UZgDBAC5hH0DBAC5hH8wDAMEArnhJAMEALnhJgMEAMEfdQME
AMEfdwMEANXidDAiBAIAAjAcAwUDKgb3wAMFAyoQf0ADBQMqEH/AAwUDKhHRADAN
BgkqhkiG9w0BAQsFAAOCAQEAqOvnBhQh+jjrnddg08bddaHBnQ5Seu4o+njEZNkY
nn+oI947T9hCJAz9HAU16JSQX9mxB5DYkVXvkSCXE8Z1XNdAabuNCXxbQBrvTc6d
IOXAN0NmEIyz21b7uobdA2YkDyhtBXVdjszqsRBt19C1VEfwUxbn+LLhE/K/HK4L
MNINm75uJj3bBMZJf59Wo8tNXeTnZC88z8n4HLLcKLOLqYy8vMeKSqNznqSLJ2fG
rA+F0Rc8r+rt6PbHUlqfUS6cD0IZVv62+2gYhhLxMQbMFRZX75Y90SIEu0kvTugb
/FD4RuM8P8XSBWB8fmUg8s185U6L6c8dLHYAerqVQQyKRA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:29:15 2025 by rpki-client