Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/IlSxa3cJj52kMEtUNWVNHbqZq9E.roa
File: IlSxa3cJj52kMEtUNWVNHbqZq9E.roa (raw, json)
Hash identifier: c9gTGAv5XpbOOzmZofH6T/UhlrYM7TZ6m+uuEsuF6BA=
Subject key identifier: 22:54:B1:6B:77:09:8F:9D:A4:30:4B:54:35:65:4D:1D:BA:99:AB:D1
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01896355C218BF9AF9FEEFC76C64244C3AE2
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/IlSxa3cJj52kMEtUNWVNHbqZq9E.roa
Signing time: Mon 17 Jul 2023 10:11:51 +0000
ROA not before: Mon 17 Jul 2023 10:11:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202505
IP address blocks: 89.43.78.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
193.31.118.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
213.226.118.0/24 maxlen: 24
213.226.117.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a05:88c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:55:c2:18:bf:9a:f9:fe:ef:c7:6c:64:24:4c:3a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jul 17 10:11:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2254b16b77098f9da4304b5435654d1dba99abd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ca:09:7c:d3:61:a0:88:e8:44:ee:72:e2:a0:
ab:1a:ab:c1:d4:91:60:20:ef:4e:64:f4:d3:98:e8:
d1:b5:9a:71:97:75:72:43:27:03:dc:32:eb:c1:49:
a3:11:46:f7:9b:cc:36:26:13:97:a9:7d:de:d3:28:
4f:84:b3:9b:6c:a7:c6:5a:a3:25:c5:23:e7:d4:10:
53:93:b0:c2:7d:cd:fb:dc:27:ca:ae:a5:ba:a2:cd:
8a:a8:3a:83:a9:bf:ce:ed:5b:ff:52:9a:4c:92:f8:
cc:26:54:9c:c0:13:26:68:1d:6d:8a:8c:bb:56:54:
26:1e:e0:9f:6b:db:1b:d5:48:9d:f4:f5:82:44:56:
58:ba:fd:bc:f0:23:99:04:5a:57:b4:22:74:41:40:
95:22:2d:12:ea:5c:a9:33:31:17:46:a3:1e:59:01:
42:03:66:be:e0:fc:c3:56:0c:90:16:8d:97:2e:6d:
0a:3a:2d:1e:5b:b7:7e:c4:2e:d9:41:25:ea:f7:40:
e0:49:30:8d:f6:f1:3f:c3:db:72:06:00:73:38:1c:
27:54:4d:9e:34:97:ab:44:e6:ec:70:25:6a:89:2a:
95:04:b6:f8:c7:14:b8:48:0f:10:d6:3a:89:10:fb:
5b:72:d9:0d:5b:56:e7:22:f9:6a:2b:17:1d:f3:70:
d3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:54:B1:6B:77:09:8F:9D:A4:30:4B:54:35:65:4D:1D:BA:99:AB:D1
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/IlSxa3cJj52kMEtUNWVNHbqZq9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
176.98.42.0/23
185.81.152.0/22
193.31.117.0-193.31.119.255
213.226.117.0-213.226.118.255
IPv6:
2a05:88c0::/29
2a06:f7c0::/29
2a10:3300::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
ca:b2:62:02:e9:92:11:68:54:63:b1:14:cf:c1:99:3f:7c:31:
7d:73:0c:8e:8c:e9:dc:a9:2e:98:94:78:38:a7:39:94:fc:cc:
53:06:02:19:51:fa:5b:34:de:56:f6:3f:f6:9e:9e:d4:a6:fe:
09:c7:0f:7a:67:be:ab:a7:b0:d6:95:bb:70:78:3a:bb:c6:67:
e2:30:4c:ac:50:52:de:ab:90:6b:3d:c9:58:8c:ca:49:09:42:
66:38:c7:1e:f3:61:d5:48:be:c3:a3:d6:85:1a:b8:c2:7c:e3:
6e:fc:b2:43:5c:3e:82:31:ef:21:82:a3:c1:00:a2:8b:6d:56:
77:5d:70:7a:9e:57:61:64:58:83:32:33:b3:6a:4c:f0:51:61:
7a:7e:e8:ed:22:23:1d:92:f7:7f:f1:fc:73:35:f2:de:44:30:
9f:49:0a:41:01:8b:35:23:57:1f:95:00:b4:d0:9d:5d:d5:94:
27:8d:1b:8e:b6:6e:83:7e:0d:a7:1c:53:84:e4:2f:c5:fe:a3:
ad:ca:87:72:15:2b:02:a1:3c:72:1b:87:64:db:62:29:8f:7b:
02:f5:19:b5:04:12:97:b9:0e:27:fa:37:b1:b3:59:8e:9e:b2:
82:fd:e6:8b:9f:dc:b6:3e:0c:86:14:2e:6d:b1:f8:89:de:ac:
6e:38:0b:2a
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYljVcIYv5r5/u/HbGQkTDriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwNzE3MTAxMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjU0YjE2Yjc3MDk4ZjlkYTQzMDRiNTQzNTY1NGQxZGJhOTlhYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcoJfNNhoIjoRO5y4qCrGqvB1JFg
IO9OZPTTmOjRtZpxl3VyQycD3DLrwUmjEUb3m8w2JhOXqX3e0yhPhLObbKfGWqMl
xSPn1BBTk7DCfc373CfKrqW6os2KqDqDqb/O7Vv/UppMkvjMJlScwBMmaB1tioy7
VlQmHuCfa9sb1Uid9PWCRFZYuv288COZBFpXtCJ0QUCVIi0S6lypMzEXRqMeWQFC
A2a+4PzDVgyQFo2XLm0KOi0eW7d+xC7ZQSXq90DgSTCN9vE/w9tyBgBzOBwnVE2e
NJerRObscCVqiSqVBLb4xxS4SA8Q1jqJEPtbctkNW1bnIvlqKxcd83DTkQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFCJUsWt3CY+dpDBLVDVlTR26mavRMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvSWxTeGEzY0pqNTJrTUV0VU5XVk5IYnFacTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwQAQCAAEwOgMEAFQ2DgME
AFZoDgMEAFkrTgMEAbBiKgMEArlRmDAMAwQAwR91AwQDwR9wMAwDBADV4nUDBADV
4nYwMAQCAAIwKgMFAyoFiMADBQMqBvfAAwUDKhAzAAMFAyoQf0ADBQMqEH/AAwUD
KhHRADANBgkqhkiG9w0BAQsFAAOCAQEAyrJiAumSEWhUY7EUz8GZP3wxfXMMjozp
3KkumJR4OKc5lPzMUwYCGVH6WzTeVvY/9p6e1Kb+CccPeme+q6ew1pW7cHg6u8Zn
4jBMrFBS3quQaz3JWIzKSQlCZjjHHvNh1Ui+w6PWhRq4wnzjbvyyQ1w+gjHvIYKj
wQCii21Wd11wep5XYWRYgzIzs2pM8FFhen7o7SIjHZL3f/H8czXy3kQwn0kKQQGL
NSNXH5UAtNCdXdWUJ40bjrZug34NpxxThOQvxf6jrcqHchUrAqE8chuHZNtiKY97
AvUZtQQSl7kOJ/o3sbNZjp6ygv3mi5/ctj4MhhQubbH4id6sbjgLKg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:49:54 2025 by rpki-client