Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/xv5lm8_8eqrvTLBIoO72nEK7daw.roa
File: xv5lm8_8eqrvTLBIoO72nEK7daw.roa (raw, json)
Hash identifier: mKqsQ4jRIX47wl6lD0I22IBWLsV0ovEQi0Xu9oDclN0=
Subject key identifier: C6:FE:65:9B:CF:FC:7A:AA:EF:4C:B0:48:A0:EE:F6:9C:42:BB:75:AC
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 0B582DE1
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/xv5lm8_8eqrvTLBIoO72nEK7daw.roa
Signing time: Wed 01 Jun 2022 15:16:20 +0000
ROA not before: Wed 01 Jun 2022 15:16:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202505
IP address blocks: 185.225.37.0/24 maxlen: 24
185.225.38.0/24 maxlen: 24
185.225.36.0/24 maxlen: 24
89.43.78.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
86.104.14.0/24 maxlen: 24
193.31.117.0/24 maxlen: 24
193.31.119.0/24 maxlen: 24
84.54.14.0/24 maxlen: 24
185.81.152.0/24 maxlen: 24
185.81.153.0/24 maxlen: 24
185.81.155.0/24 maxlen: 24
213.226.116.0/24 maxlen: 24
185.81.154.0/24 maxlen: 24
176.98.42.0/24 maxlen: 24
176.98.43.0/24 maxlen: 24
2a06:f7c5::/32 maxlen: 32
2a05:88c5::/32 maxlen: 32
2a10:7f46::/32 maxlen: 32
2a10:7f45::/32 maxlen: 32
2a05:88c4::/32 maxlen: 32
2a06:f7c4::/32 maxlen: 32
2a10:7f44::/32 maxlen: 32
2a10:7f47::/32 maxlen: 32
2a06:f7c7::/32 maxlen: 32
2a05:88c7::/32 maxlen: 32
2a11:d102::/32 maxlen: 32
2a11:d101::/32 maxlen: 32
2a10:7f40::/32 maxlen: 32
2a06:f7c3::/32 maxlen: 32
2a05:88c6::/32 maxlen: 32
2a10:7fc5::/32 maxlen: 32
2a10:7f43::/32 maxlen: 32
2a06:f7c0::/32 maxlen: 32
2a05:88c0::/32 maxlen: 32
2a05:88c3::/32 maxlen: 32
2a06:f7c6::/32 maxlen: 32
2a11:d105::/32 maxlen: 32
2a10:7fc2::/32 maxlen: 32
2a11:d104::/32 maxlen: 32
2a10:7fc1::/32 maxlen: 32
2a11:d107::/32 maxlen: 32
2a10:7fc4::/32 maxlen: 32
2a10:7fc0::/32 maxlen: 32
2a10:7fc3::/32 maxlen: 32
2a05:88c1::/32 maxlen: 32
2a06:f7c1::/32 maxlen: 32
2a10:7f42::/32 maxlen: 32
2a10:7fc6::/32 maxlen: 32
2a10:7f41::/32 maxlen: 32
2a10:7fc7::/32 maxlen: 32
2a06:f7c2::/32 maxlen: 32
2a05:88c2::/32 maxlen: 32
2a11:d106::/32 maxlen: 32
2a11:d100::/32 maxlen: 32
2a11:d103::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190328289 (0xb582de1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jun 1 15:16:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6fe659bcffc7aaaef4cb048a0eef69c42bb75ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5f:ed:ae:15:67:d2:fc:39:81:d2:8e:3e:1e:
9b:58:d3:c4:c8:5e:52:40:bf:c5:5c:18:06:e9:b9:
be:75:42:36:bd:40:9a:33:e3:b1:47:f0:cf:32:e9:
ba:b6:d6:c5:67:16:cf:d4:a9:5e:a5:a9:0e:85:a3:
42:2b:23:a0:6b:e0:84:6a:73:cf:6c:7d:1e:5a:2a:
71:e9:5b:1d:1b:00:cc:3f:66:47:3b:44:63:f6:68:
52:a5:73:dc:4f:4f:c1:27:e0:bd:d7:ad:76:78:ac:
2a:d3:40:b7:9b:9e:e1:76:2b:5c:44:75:0e:80:65:
01:f9:5c:17:d6:45:d0:ee:ff:72:83:a5:57:31:4d:
6c:eb:dd:1e:4d:5f:d1:c4:5c:5b:4a:2a:cb:04:95:
c5:d7:74:8c:bd:60:16:7a:ae:f4:47:58:30:4e:44:
f1:06:ba:55:8c:81:0a:e0:cc:55:84:03:a1:22:86:
fd:c3:51:03:60:f7:8b:18:e3:0e:a0:d4:de:11:f4:
f3:48:13:fb:df:c9:90:6e:3d:ac:c7:42:19:ba:77:
86:5d:de:9a:0b:39:9e:e7:b7:e5:11:03:77:7a:8a:
cc:05:9c:09:e9:87:c6:ca:c8:2f:c2:5d:ce:81:53:
07:68:d6:41:2e:c0:a1:73:9b:3e:98:b3:b5:cf:65:
71:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FE:65:9B:CF:FC:7A:AA:EF:4C:B0:48:A0:EE:F6:9C:42:BB:75:AC
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/xv5lm8_8eqrvTLBIoO72nEK7daw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.14.0/24
86.104.14.0/24
89.43.78.0/24
93.114.130.0/24
176.98.42.0/23
185.81.152.0/22
185.225.36.0-185.225.38.255
193.31.117.0/24
193.31.119.0/24
213.226.116.0/24
IPv6:
2a05:88c0::/29
2a06:f7c0::/29
2a10:7f40::/29
2a10:7fc0::/29
2a11:d100::/29
Signature Algorithm: sha256WithRSAEncryption
1f:18:44:26:27:b9:50:cb:33:e8:5b:39:d2:36:f7:50:ef:8a:
07:ae:04:c7:57:8e:8d:d9:4d:07:64:74:a5:01:a1:a1:a3:e6:
d0:18:56:70:de:48:4c:cc:16:a7:10:25:3c:03:a8:14:f1:ee:
10:d6:e6:80:22:6b:ba:04:e0:c1:bc:28:ca:70:1f:45:61:cf:
53:29:7a:00:2d:08:e4:bc:57:f3:96:b5:06:fe:d1:e0:36:ef:
ba:98:40:c6:3a:ce:c5:4c:d2:88:dd:43:4b:39:00:9c:85:97:
50:9f:23:c4:99:a1:ad:0c:e6:e2:32:67:4a:63:69:ab:e1:4a:
c3:0e:7d:68:78:b1:35:7c:e2:e4:2f:76:ad:a6:8d:14:c9:45:
79:a5:46:4e:b9:a3:a4:da:85:1a:63:40:8b:b2:6b:e7:dc:56:
28:0e:53:0c:b8:b7:43:2b:92:b6:96:f5:51:72:45:77:3c:9d:
dc:35:1c:04:9b:9d:50:5e:9b:b4:5e:d2:ba:ca:32:85:f4:b6:
8e:b7:22:0d:80:dd:e6:06:a3:30:28:d1:9e:d1:6f:bb:23:11:
ca:2f:73:05:f4:8a:54:2b:79:3d:e9:b1:3f:e4:3a:73:08:47:
a6:52:d5:72:d2:c8:7d:3c:76:b3:23:2b:ed:62:4f:bc:68:1c:
3c:46:3b:0d
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIEC1gt4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGIzNDc3NGIwMTk3OTI4NGZkOWU3NTRmZWE2OGZhM2M2MTc4M2QwMB4XDTIyMDYw
MTE1MTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZmZTY1OWJjZmZj
N2FhYWVmNGNiMDQ4YTBlZWY2OWM0MmJiNzVhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO9f7a4VZ9L8OYHSjj4em1jTxMheUkC/xVwYBum5vnVCNr1A
mjPjsUfwzzLpurbWxWcWz9SpXqWpDoWjQisjoGvghGpzz2x9HloqcelbHRsAzD9m
RztEY/ZoUqVz3E9PwSfgvdetdnisKtNAt5ue4XYrXER1DoBlAflcF9ZF0O7/coOl
VzFNbOvdHk1f0cRcW0oqywSVxdd0jL1gFnqu9EdYME5E8Qa6VYyBCuDMVYQDoSKG
/cNRA2D3ixjjDqDU3hH080gT+9/JkG49rMdCGbp3hl3emgs5nue35REDd3qKzAWc
CemHxsrIL8JdzoFTB2jWQS7AoXObPpiztc9lcXUCAwEAAaOCAnMwggJvMB0GA1Ud
DgQWBBTG/mWbz/x6qu9MsEig7vacQrt1rDAfBgNVHSMEGDAWgBSNs0d0sBl5KE/Z
51T+po+jxheD0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2piTkhkTEFaZVNoUDJlZFVfcWFQbzhZWGc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvNzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8x
L3h2NWxtOF84ZXFydlRMQklvTzcybkVLN2Rhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
NzBhOGYxLWQ4ZWItNDJiNS1iZGRiLTYyNjU1MjFmNmRmNy8xL2piTkhkTEFaZVNo
UDJlZFVfcWFQbzhZWGc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iAYIKwYBBQUHAQcBAf8EeTB3MEoEAgABMEQDBABUNg4DBABWaA4DBABZK04DBABd
coIDBAGwYioDBAK5UZgwDAMEArnhJAMEALnhJgMEAMEfdQMEAMEfdwMEANXidDAp
BAIAAjAjAwUDKgWIwAMFAyoG98ADBQMqEH9AAwUDKhB/wAMFAyoR0QAwDQYJKoZI
hvcNAQELBQADggEBAB8YRCYnuVDLM+hbOdI291DvigeuBMdXjo3ZTQdkdKUBoaGj
5tAYVnDeSEzMFqcQJTwDqBTx7hDW5oAia7oE4MG8KMpwH0Vhz1MpegAtCOS8V/OW
tQb+0eA277qYQMY6zsVM0ojdQ0s5AJyFl1CfI8SZoa0M5uIyZ0pjaavhSsMOfWh4
sTV84uQvdq2mjRTJRXmlRk65o6TahRpjQIuya+fcVigOUwy4t0MrkraW9VFyRXc8
ndw1HASbnVBem7Re0rrKMoX0to63Ig2A3eYGozAo0Z7Rb7sjEcovcwX0ilQreT3p
sT/kOnMIR6ZS1XLSyH08drMjK+1iT7xoHDxGOw0=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:38:42 2025 by rpki-client