Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/UtM511HIJgc8qF73TVmmXRxujkM.roa
File: UtM511HIJgc8qF73TVmmXRxujkM.roa (raw, json)
Hash identifier: d5XM5YPREY3ySnK9ybOpFTzni9Vs+agOETJ60+DtT4s=
Subject key identifier: 52:D3:39:D7:51:C8:26:07:3C:A8:5E:F7:4D:59:A6:5D:1C:6E:8E:43
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0AD9D87F
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/UtM511HIJgc8qF73TVmmXRxujkM.roa
Signing time: Mon 04 Apr 2022 14:02:19 +0000
ROA not before: Mon 04 Apr 2022 14:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202505
IP address blocks: 185.225.37.0/24 maxlen: 24
185.225.38.0/24 maxlen: 24
185.225.36.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
185.132.125.0/24 maxlen: 24
185.132.127.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
213.226.116.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182048895 (0xad9d87f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Apr 4 14:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52d339d751c826073ca85ef74d59a65d1c6e8e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:55:8c:4a:97:5a:da:5b:01:ef:6a:dc:ae:95:
e8:e2:61:83:43:2a:6e:a3:49:24:e1:66:ea:57:58:
fd:32:04:26:11:8e:b4:6e:bd:a8:33:a4:6b:4a:90:
f2:96:da:fc:7d:85:07:20:c8:bc:9c:62:df:0d:e1:
7a:38:c9:bd:6e:41:14:ec:ca:3d:33:51:5d:38:1c:
26:cd:99:55:ba:c0:a7:6a:6e:89:89:c8:1d:6b:21:
1a:94:c6:15:43:6e:e3:09:12:1e:5e:ff:18:a2:b1:
f2:e6:7a:1a:8a:d9:0a:05:b9:4a:91:3e:dd:e0:94:
74:78:6a:3a:89:95:f5:80:f4:9e:48:5a:b4:86:08:
45:44:71:9f:d5:90:66:e3:58:ac:b2:c0:9e:05:0e:
6d:e6:b4:83:aa:f3:e5:ec:5a:2f:91:cd:21:56:d6:
b2:84:ca:70:90:eb:40:fb:61:fd:91:28:09:bd:b7:
74:44:a2:ae:e1:17:bc:7a:cb:e4:b8:78:03:2a:98:
07:70:af:08:08:2e:5e:cb:7f:8a:5a:aa:87:71:d6:
2b:12:89:fd:04:75:ff:9c:85:97:a8:b2:af:c1:40:
da:a0:81:66:81:54:46:c7:bf:60:1b:01:10:8d:16:
2d:7f:4d:1d:ca:0a:94:c9:05:1d:dc:01:e4:f3:0d:
63:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D3:39:D7:51:C8:26:07:3C:A8:5E:F7:4D:59:A6:5D:1C:6E:8E:43
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/UtM511HIJgc8qF73TVmmXRxujkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
93.114.130.0/24
176.98.43.0/24
185.81.152.0/22
185.132.125.0/24
185.132.127.0/24
185.225.36.0-185.225.38.255
193.31.117.0/24
193.31.119.0/24
213.226.116.0/24
IPv6:
2a06:f7c0::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
9a:32:19:08:1f:8f:1e:73:91:9f:e6:93:4a:90:47:6b:52:cb:
e2:0c:59:07:3e:af:c2:63:ef:44:9f:d5:9d:62:8d:49:04:14:
ae:21:4f:bb:1e:a2:e0:73:87:8c:ae:d3:4e:1f:7e:ac:4a:a3:
ae:a5:02:ee:83:87:59:c0:c2:1b:58:b6:b3:98:e4:da:1a:8f:
a2:be:98:4d:10:52:69:ad:7a:fc:d6:3b:fa:3f:d7:a5:e3:c5:
58:f6:64:b4:75:85:bd:a1:5c:2a:f8:92:83:f0:3c:d9:6d:74:
a1:8e:ca:e3:67:bc:85:c1:40:65:f9:b2:19:96:57:23:1f:f5:
50:f1:68:c1:81:02:64:e1:ed:46:6d:4e:e6:53:2d:47:b2:0b:
7d:2a:f0:89:cc:4f:81:45:60:7b:2e:b5:5f:3d:27:e6:00:bb:
3b:ed:a4:2b:de:b7:5f:78:18:85:1a:d0:48:34:19:e0:53:b1:
7b:60:97:1d:03:90:b5:e2:85:b8:b5:28:0a:1d:0e:ee:ea:ce:
cb:17:14:ac:4c:27:49:e4:80:c8:87:4d:96:df:8b:9e:80:17:
b2:6f:9c:fd:31:50:4d:e6:3a:3b:79:42:6e:d3:a0:7f:9a:54:
7c:d6:81:21:54:75:2d:ec:36:68:84:a5:42:1d:41:97:27:4d:
ad:49:2b:d1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIECtnYfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDQw
NDE0MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJkMzM5ZDc1MWM4
MjYwNzNjYTg1ZWY3NGQ1OWE2NWQxYzZlOGU0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIZVjEqXWtpbAe9q3K6V6OJhg0MqbqNJJOFm6ldY/TIEJhGO
tG69qDOka0qQ8pba/H2FByDIvJxi3w3hejjJvW5BFOzKPTNRXTgcJs2ZVbrAp2pu
iYnIHWshGpTGFUNu4wkSHl7/GKKx8uZ6GorZCgW5SpE+3eCUdHhqOomV9YD0nkha
tIYIRURxn9WQZuNYrLLAngUObea0g6rz5exaL5HNIVbWsoTKcJDrQPth/ZEoCb23
dESiruEXvHrL5Lh4AyqYB3CvCAguXst/ilqqh3HWKxKJ/QR1/5yFl6iyr8FA2qCB
ZoFURse/YBsBEI0WLX9NHcoKlMkFHdwB5PMNYyECAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBRS0znXUcgmBzyoXvdNWaZdHG6OQzAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L1V0TTUxMUhJSmdjOHFGNzNUVm1tWFJ4dWprTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MFYEAgABMFADBABUNg4DBABWaA4DBABZK04DBABd
coIDBACwYisDBAK5UZgDBAC5hH0DBAC5hH8wDAMEArnhJAMEALnhJgMEAMEfdQME
AMEfdwMEANXidDAiBAIAAjAcAwUDKgb3wAMFAyoQf0ADBQMqEH/AAwUDKhHRADAN
BgkqhkiG9w0BAQsFAAOCAQEAmjIZCB+PHnORn+aTSpBHa1LL4gxZBz6vwmPvRJ/V
nWKNSQQUriFPux6i4HOHjK7TTh9+rEqjrqUC7oOHWcDCG1i2s5jk2hqPor6YTRBS
aa16/NY7+j/XpePFWPZktHWFvaFcKviSg/A82W10oY7K42e8hcFAZfmyGZZXIx/1
UPFowYECZOHtRm1O5lMtR7ILfSrwicxPgUVgey61Xz0n5gC7O+2kK963X3gYhRrQ
SDQZ4FOxe2CXHQOQteKFuLUoCh0O7urOyxcUrEwnSeSAyIdNlt+LnoAXsm+c/TFQ
TeY6O3lCbtOgf5pUfNaBIVR1Lew2aISlQh1BlydNrUkr0Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:29:07 2025 by rpki-client