Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/YIZjHs4ARCxzf3QZTA_n79urdkQ.roa
File: YIZjHs4ARCxzf3QZTA_n79urdkQ.roa (raw, json)
Hash identifier: PmjTm1yjub+spfeY552lJ0yHOUUcHNq+7DitojisZWs=
Subject key identifier: 60:86:63:1E:CE:00:44:2C:73:7F:74:19:4C:0F:E7:EF:DB:AB:76:44
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0B0173F1
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/YIZjHs4ARCxzf3QZTA_n79urdkQ.roa
Signing time: Fri 22 Apr 2022 08:41:13 +0000
ROA not before: Fri 22 Apr 2022 08:41:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202505
IP address blocks: 185.225.37.0/24 maxlen: 24
185.225.38.0/24 maxlen: 24
185.225.36.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
185.132.125.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
213.226.116.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184644593 (0xb0173f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Apr 22 08:41:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6086631ece00442c737f74194c0fe7efdbab7644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:49:ff:59:cc:39:a9:ec:16:30:68:f0:be:
57:98:b6:e1:ab:9e:0f:a6:72:57:3c:0c:84:64:8e:
8f:1b:dc:66:52:bd:06:a5:bb:10:fe:07:fe:c1:a6:
4e:05:f2:62:58:00:ee:90:28:6a:96:8c:be:33:24:
09:77:9a:af:38:26:ea:04:ba:ac:e8:d4:92:6e:26:
7a:e5:b5:1b:ae:0e:ca:41:1d:d1:77:40:cb:f8:0e:
1b:b3:cb:df:7f:51:bd:d7:5b:5e:23:3c:bb:41:66:
12:ff:26:cc:ed:a6:4e:0b:98:ee:65:39:6f:0a:83:
99:5f:96:49:d3:ae:7e:42:7c:df:5c:47:01:6f:2c:
90:13:fe:b3:ea:c0:9c:90:90:f8:24:a3:e3:85:18:
ab:28:d9:b8:39:14:a6:a8:f7:22:c3:ec:50:7b:53:
c2:0f:58:20:8e:f9:87:03:57:aa:e8:19:d8:59:11:
91:d1:b5:6b:3b:c6:54:48:2b:78:1f:3e:e1:9f:b3:
35:77:d9:bb:c3:92:87:5d:68:04:39:6e:20:3e:d2:
2b:ae:31:4a:a2:89:da:2a:48:71:8d:f9:0f:07:86:
ac:4b:f0:d5:42:62:72:a6:90:d3:12:4b:76:b1:ec:
35:4f:73:70:5e:f9:69:34:d6:9d:51:34:2c:d4:2d:
7e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:86:63:1E:CE:00:44:2C:73:7F:74:19:4C:0F:E7:EF:DB:AB:76:44
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/YIZjHs4ARCxzf3QZTA_n79urdkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
93.114.130.0/24
176.98.42.0/23
185.81.152.0/22
185.132.125.0/24
185.225.36.0-185.225.38.255
193.31.117.0/24
193.31.119.0/24
213.226.116.0/24
IPv6:
2a06:f7c0::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
c9:47:aa:9e:b0:03:44:ec:68:82:be:52:04:6c:14:c2:70:ff:
63:db:34:f0:cd:12:b3:b1:31:22:7c:7c:2f:98:df:05:91:14:
41:3e:d1:d2:30:07:78:6b:0c:87:fa:cc:8b:57:64:dd:c5:55:
69:9b:e1:0b:e6:ef:4d:f2:5f:7e:39:bb:7b:41:66:62:9e:cb:
62:91:ce:4a:ae:6e:6d:bd:5c:ab:b4:6e:6b:96:ad:d5:e8:44:
3b:9c:92:33:83:9a:0b:8f:dd:78:30:77:23:4f:09:a7:a1:be:
9a:f6:83:45:ba:d9:67:44:62:12:e1:85:a6:cd:06:ef:80:da:
20:80:c4:42:fa:99:88:55:02:e2:20:2a:91:b8:61:ff:50:f6:
11:ea:3c:90:cd:74:f2:4f:33:59:5b:a2:22:7f:cc:63:4d:b9:
f0:4e:54:27:b4:e0:4a:ca:5a:a0:d2:32:d6:0a:48:62:a9:bd:
53:98:7b:4e:63:c4:aa:78:f9:0b:0b:5c:e6:12:ef:88:f1:4b:
4b:ea:58:32:9e:8f:3d:90:7a:69:d5:04:58:c9:28:35:8e:4e:
72:72:65:1c:91:30:ff:60:01:e1:bb:3e:4d:18:d7:a0:7f:6f:
ce:a7:5f:37:69:78:de:08:6a:aa:77:6d:81:4f:f6:ba:45:3c:
af:32:e8:85
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIECwFz8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDQy
MjA4NDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA4NjYzMWVjZTAw
NDQyYzczN2Y3NDE5NGMwZmU3ZWZkYmFiNzY0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8eSf9ZzDmp7BYwaPC+V5i24aueD6ZyVzwMhGSOjxvcZlK9
BqW7EP4H/sGmTgXyYlgA7pAoapaMvjMkCXearzgm6gS6rOjUkm4meuW1G64OykEd
0XdAy/gOG7PL339RvddbXiM8u0FmEv8mzO2mTguY7mU5bwqDmV+WSdOufkJ831xH
AW8skBP+s+rAnJCQ+CSj44UYqyjZuDkUpqj3IsPsUHtTwg9YII75hwNXqugZ2FkR
kdG1azvGVEgreB8+4Z+zNXfZu8OSh11oBDluID7SK64xSqKJ2ipIcY35DweGrEvw
1UJicqaQ0xJLdrHsNU9zcF75aTTWnVE0LNQtfgsCAwEAAaOCAnIwggJuMB0GA1Ud
DgQWBBRghmMezgBELHN/dBlMD+fv26t2RDAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L1lJWmpIczRBUkN4emYzUVpUQV9uNzl1cmRrUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hwYIKwYBBQUHAQcBAf8EeDB2MFAEAgABMEoDBABUNg4DBABWaA4DBABZK04DBABd
coIDBAGwYioDBAK5UZgDBAC5hH0wDAMEArnhJAMEALnhJgMEAMEfdQMEAMEfdwME
ANXidDAiBAIAAjAcAwUDKgb3wAMFAyoQf0ADBQMqEH/AAwUDKhHRADANBgkqhkiG
9w0BAQsFAAOCAQEAyUeqnrADROxogr5SBGwUwnD/Y9s08M0Ss7ExInx8L5jfBZEU
QT7R0jAHeGsMh/rMi1dk3cVVaZvhC+bvTfJffjm7e0FmYp7LYpHOSq5ubb1cq7Ru
a5at1ehEO5ySM4OaC4/deDB3I08Jp6G+mvaDRbrZZ0RiEuGFps0G74DaIIDEQvqZ
iFUC4iAqkbhh/1D2Eeo8kM108k8zWVuiIn/MY0258E5UJ7TgSspaoNIy1gpIYqm9
U5h7TmPEqnj5Cwtc5hLviPFLS+pYMp6PPZB6adUEWMkoNY5OcnJlHJEw/2AB4bs+
TRjXoH9vzqdfN2l43ghqqndtgU/2ukU8rzLohQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:54:26 2025 by rpki-client