Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/n-3MLfWVDVx-FcCNnAKURobLZZM.roa
File: n-3MLfWVDVx-FcCNnAKURobLZZM.roa (raw, json)
Hash identifier: Lwz5w+XIs1IU15F5/gGXfpitlJwfZcGfDDhxRswPL7s=
Subject key identifier: 9F:ED:CC:2D:F5:95:0D:5C:7E:15:C0:8D:9C:02:94:46:86:CB:65:93
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018FE7A5DDAD1326741BC3CFA91FB7898D0B
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/n-3MLfWVDVx-FcCNnAKURobLZZM.roa
Signing time: Wed 05 Jun 2024 09:05:57 +0000
ROA not before: Wed 05 Jun 2024 09:05:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202505
IP address blocks: 84.54.14.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
213.226.117.0/24 maxlen: 24
2a05:88c0::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a05:88c5::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a06:f7c5::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a10:3300::/32 maxlen: 32
2a10:3301::/32 maxlen: 32
2a10:3302::/32 maxlen: 32
2a10:3303::/32 maxlen: 32
2a10:3304::/32 maxlen: 32
2a10:3305::/32 maxlen: 32
2a10:3306::/32 maxlen: 32
2a10:3307::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:a5:dd:ad:13:26:74:1b:c3:cf:a9:1f:b7:89:8d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jun 5 09:05:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fedcc2df5950d5c7e15c08d9c02944686cb6593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e3:e4:22:6f:08:e9:41:4e:61:42:4f:29:76:
92:09:63:b3:53:15:72:a4:80:79:28:2d:52:58:0d:
12:6b:0c:c4:f4:e0:85:d9:a2:87:0b:5f:58:13:2a:
64:6a:47:25:ad:3e:32:78:f8:af:e8:1d:62:f5:1d:
8e:57:f4:a9:44:c9:6c:99:61:e2:a9:49:1f:7e:98:
ae:d8:2c:ec:97:dc:fe:41:9e:74:ca:d8:42:4f:41:
ca:2d:1a:db:82:9f:21:c7:a6:09:dd:07:9d:3c:8e:
d3:37:f4:53:5c:0a:f9:e3:ad:2f:e7:63:e8:b5:5d:
47:ad:90:e0:16:63:0e:a4:ef:af:da:fc:e7:2b:97:
4d:e9:6e:99:3e:ba:ca:0b:e2:dc:69:3e:89:68:e4:
cb:0a:56:5c:f5:62:34:2f:b8:dc:f6:c2:b5:4b:56:
3e:3a:c0:42:71:fb:9b:0a:2e:b2:c7:16:3a:04:ee:
bf:8a:b5:f1:54:e9:ff:59:28:d9:1a:43:3b:8b:1e:
50:43:64:99:de:0b:cf:3d:fc:8a:d9:a5:c8:56:41:
7f:82:c3:08:1e:0e:e2:e1:2b:b0:53:f8:cf:07:34:
65:46:07:71:b0:e8:c9:3d:a6:9e:fb:1b:7c:9c:fb:
ff:66:ac:29:ac:f1:cc:3d:3c:cd:83:0e:fb:38:02:
b7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:ED:CC:2D:F5:95:0D:5C:7E:15:C0:8D:9C:02:94:46:86:CB:65:93
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/n-3MLfWVDVx-FcCNnAKURobLZZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
176.98.42.0/23
185.81.152.0/22
193.31.117.0/24
193.31.119.0/24
213.226.117.0/24
IPv6:
2a05:88c0::/29
2a06:f7c0::/29
2a10:3300::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
d8:82:f6:d1:2e:3e:f3:6c:f0:ad:92:ad:af:41:9b:cc:f7:31:
c8:ff:01:5a:85:b5:56:79:3c:47:7a:ef:9c:b9:3a:9b:8f:0f:
ae:a4:8a:bc:ce:5b:cc:0c:ed:27:83:a8:e5:9f:93:0c:fc:10:
c2:6f:0d:aa:45:41:0d:44:d7:95:69:b0:b9:60:0b:aa:f1:5c:
bd:2f:71:ae:03:a2:c1:77:f9:77:ce:9c:91:3a:04:99:6f:11:
e5:b8:b4:f5:fe:b1:be:d3:6f:01:6f:11:7d:91:ac:bb:8d:39:
c4:38:c1:82:7e:84:cb:a7:b5:db:4b:0c:ca:41:78:29:1d:69:
9d:c6:9d:10:ba:32:87:93:01:8f:05:e2:c4:b0:c9:95:95:c9:
49:f5:0b:0f:5d:85:d5:e8:03:31:0e:74:b0:e1:2d:e6:66:87:
72:3f:f9:cc:75:18:ca:bb:de:fa:45:98:54:98:63:97:cc:40:
c2:cd:f1:ad:bf:07:46:64:b5:15:ef:4c:fc:79:d1:71:77:fb:
43:47:21:7a:88:21:10:76:d8:44:3d:4e:5f:89:55:ca:ae:53:
0a:93:ab:a3:7d:9e:63:ae:e2:fb:72:f3:a3:4e:0f:8b:f9:a6:
d1:9a:ec:9c:8f:73:aa:af:03:27:8e:58:6d:d9:5d:b9:b6:e7:
f5:9e:59:18
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY/npd2tEyZ0G8PPqR+3iY0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQwNjA1MDkwNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmVkY2MyZGY1OTUwZDVjN2UxNWMwOGQ5YzAyOTQ0Njg2Y2I2NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+PkIm8I6UFOYUJPKXaSCWOzUxVy
pIB5KC1SWA0SawzE9OCF2aKHC19YEypkakclrT4yePiv6B1i9R2OV/SpRMlsmWHi
qUkffpiu2Czsl9z+QZ50ythCT0HKLRrbgp8hx6YJ3QedPI7TN/RTXAr5460v52Po
tV1HrZDgFmMOpO+v2vznK5dN6W6ZPrrKC+LcaT6JaOTLClZc9WI0L7jc9sK1S1Y+
OsBCcfubCi6yxxY6BO6/irXxVOn/WSjZGkM7ix5QQ2SZ3gvPPfyK2aXIVkF/gsMI
Hg7i4SuwU/jPBzRlRgdxsOjJPaae+xt8nPv/ZqwprPHMPTzNgw77OAK3iQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJ/tzC31lQ1cfhXAjZwClEaGy2WTMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvbi0zTUxmV1ZEVngtRmNDTm5BS1VSb2JMWlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajA2BAIAATAwAwQAVDYOAwQA
VmgOAwQAWStOAwQBsGIqAwQCuVGYAwQAwR91AwQAwR93AwQA1eJ1MDAEAgACMCoD
BQMqBYjAAwUDKgb3wAMFAyoQMwADBQMqEH9AAwUDKhB/wAMFAyoR0QAwDQYJKoZI
hvcNAQELBQADggEBANiC9tEuPvNs8K2Sra9Bm8z3Mcj/AVqFtVZ5PEd675y5OpuP
D66kirzOW8wM7SeDqOWfkwz8EMJvDapFQQ1E15VpsLlgC6rxXL0vca4DosF3+XfO
nJE6BJlvEeW4tPX+sb7TbwFvEX2RrLuNOcQ4wYJ+hMuntdtLDMpBeCkdaZ3GnRC6
MoeTAY8F4sSwyZWVyUn1Cw9dhdXoAzEOdLDhLeZmh3I/+cx1GMq73vpFmFSYY5fM
QMLN8a2/B0ZktRXvTPx50XF3+0NHIXqIIRB22EQ9Tl+JVcquUwqTq6N9nmOu4vty
86NOD4v5ptGa7JyPc6qvAyeOWG3ZXbm25/WeWRg=
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:27 2025 by rpki-client