Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/6SQlFnEPaDUIc63WIYXjmRUuHH8.roa
File: 6SQlFnEPaDUIc63WIYXjmRUuHH8.roa (raw, json)
Hash identifier: TASWIBvLOrqImiu+YL3HJKxezZDBX523ndHUcrDnRjM=
Subject key identifier: E9:24:25:16:71:0F:68:35:08:73:AD:D6:21:85:E3:99:15:2E:1C:7F
Certificate issuer: /CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Certificate serial: 01856DC1AAD9CA60BD0EC0ADCAC00A0BAB7C
Authority key identifier: CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/6SQlFnEPaDUIc63WIYXjmRUuHH8.roa
Signing time: Sun 01 Jan 2023 14:34:46 +0000
ROA not before: Sun 01 Jan 2023 14:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 213.144.98.0/24 maxlen: 24
213.144.96.0/24 maxlen: 24
213.144.97.0/24 maxlen: 24
213.144.99.0/24 maxlen: 24
213.144.100.0/24 maxlen: 24
213.144.105.0/24 maxlen: 24
213.144.101.0/24 maxlen: 24
213.144.102.0/24 maxlen: 24
213.144.103.0/24 maxlen: 24
213.144.104.0/24 maxlen: 24
213.144.111.0/24 maxlen: 24
213.144.112.0/24 maxlen: 24
213.144.108.0/24 maxlen: 24
213.144.109.0/24 maxlen: 24
213.144.110.0/24 maxlen: 24
213.144.106.0/24 maxlen: 24
213.144.107.0/24 maxlen: 24
213.144.118.0/24 maxlen: 24
213.144.115.0/24 maxlen: 24
213.144.116.0/24 maxlen: 24
213.144.117.0/24 maxlen: 24
213.144.113.0/24 maxlen: 24
213.144.114.0/24 maxlen: 24
213.144.125.0/24 maxlen: 24
213.144.122.0/24 maxlen: 24
213.144.123.0/24 maxlen: 24
213.144.124.0/24 maxlen: 24
213.144.119.0/24 maxlen: 24
213.144.120.0/24 maxlen: 24
213.144.121.0/24 maxlen: 24
213.144.126.0/24 maxlen: 24
213.144.127.0/24 maxlen: 24
77.92.110.0/24 maxlen: 24
77.92.111.0/24 maxlen: 24
77.92.112.0/24 maxlen: 24
77.92.106.0/24 maxlen: 24
77.92.107.0/24 maxlen: 24
77.92.108.0/24 maxlen: 24
77.92.109.0/24 maxlen: 24
77.92.117.0/24 maxlen: 24
77.92.118.0/24 maxlen: 24
77.92.113.0/24 maxlen: 24
77.92.114.0/24 maxlen: 24
77.92.115.0/24 maxlen: 24
77.92.116.0/24 maxlen: 24
77.92.124.0/24 maxlen: 24
77.92.125.0/24 maxlen: 24
77.92.120.0/24 maxlen: 24
77.92.121.0/24 maxlen: 24
77.92.122.0/24 maxlen: 24
77.92.123.0/24 maxlen: 24
77.92.119.0/24 maxlen: 24
77.92.127.0/24 maxlen: 24
77.92.126.0/24 maxlen: 24
185.115.210.0/24 maxlen: 24
185.115.211.0/24 maxlen: 24
185.115.208.0/24 maxlen: 24
77.92.96.0/24 maxlen: 24
77.92.97.0/24 maxlen: 24
77.92.98.0/24 maxlen: 24
77.92.103.0/24 maxlen: 24
77.92.104.0/24 maxlen: 24
77.92.105.0/24 maxlen: 24
77.92.99.0/24 maxlen: 24
77.92.100.0/24 maxlen: 24
77.92.101.0/24 maxlen: 24
77.92.102.0/24 maxlen: 24
31.40.240.0/24 maxlen: 24
31.40.241.0/24 maxlen: 24
31.40.242.0/24 maxlen: 24
31.40.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:aa:d9:ca:60:bd:0e:c0:ad:ca:c0:0a:0b:ab:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Validity
Not Before: Jan 1 14:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9242516710f68350873add62185e399152e1c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:17:9c:50:aa:4a:2f:35:c8:4d:a2:6b:3b:48:
6c:f6:c4:26:c8:71:cd:84:b8:8d:de:01:f1:cc:46:
80:03:0c:70:38:81:8d:09:e8:c8:02:1e:d0:34:e5:
d7:7f:5b:8b:27:9b:28:aa:91:35:24:5d:7d:e6:b9:
ce:aa:53:65:94:18:f9:84:b5:24:f1:4f:79:ae:93:
e1:15:4d:76:fd:c6:45:93:98:6a:e9:a7:2f:75:44:
ba:e6:d3:da:f4:ab:16:89:1a:11:fb:66:d9:c1:fb:
36:6f:b0:ac:1f:c8:55:a6:db:a0:96:80:d2:82:e1:
fd:25:b4:51:c4:ec:32:19:b6:6d:22:44:3d:98:0c:
36:4f:48:64:43:d7:52:1f:c8:df:0d:46:a0:c4:45:
3e:69:18:92:34:f5:1f:41:d0:89:40:a1:85:6e:9d:
a6:78:18:60:90:b7:9d:44:e4:de:34:f0:47:72:07:
e6:47:6d:1d:4a:1e:97:9c:87:85:88:65:fd:9f:4d:
9d:2c:f9:41:59:34:4f:ba:a4:68:fb:10:1c:03:f6:
13:bf:61:ef:ff:cb:43:37:44:2e:9b:3c:4d:3c:1d:
8d:5b:5a:d1:d7:b3:f2:cf:59:e0:96:dc:5f:23:81:
e2:87:16:bb:75:a0:6b:bc:b1:6e:c3:8c:b0:b0:c3:
39:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:24:25:16:71:0F:68:35:08:73:AD:D6:21:85:E3:99:15:2E:1C:7F
X509v3 Authority Key Identifier:
keyid:CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/6SQlFnEPaDUIc63WIYXjmRUuHH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.240.0/22
77.92.96.0/19
185.115.208.0/24
185.115.210.0/23
213.144.96.0/19
Signature Algorithm: sha256WithRSAEncryption
c4:33:88:cb:8b:28:23:c1:56:74:38:e9:0d:9a:28:1c:9e:e3:
b7:ea:58:d9:68:7a:1e:f5:a2:a6:ca:7d:32:d9:e2:64:cc:17:
4f:3e:d7:ff:15:16:7a:d6:ea:08:0b:a7:ec:12:e7:25:25:e2:
fd:1d:13:ea:e8:b1:92:8f:6c:17:0f:6a:6e:ce:d5:a0:63:a2:
a7:0f:a2:9a:08:78:f9:7c:c1:e5:f2:eb:76:06:86:d5:cc:c7:
b6:0d:1f:66:55:ae:bf:2b:90:f3:9c:5b:f1:6f:2f:03:9d:90:
df:28:ad:93:2f:1d:73:85:ac:b8:b7:aa:3d:5a:dc:78:c8:d4:
b3:86:cb:40:34:62:80:bd:e0:ef:95:e7:28:b1:75:e0:e2:3a:
8c:cc:df:13:ce:27:e4:32:d9:b2:a7:28:fe:75:a9:c7:7c:0a:
bb:46:67:ed:42:e9:a1:fb:0f:2b:9b:6f:6b:4b:73:8d:29:b5:
17:4c:ed:be:a2:da:65:a3:2e:66:6c:d6:33:7e:00:8d:84:4c:
a6:8b:d3:42:34:c9:3d:d1:80:a6:6b:22:fb:c1:3c:f7:2a:95:
cc:ad:9a:ff:c2:42:77:13:5c:81:e8:3d:04:83:6c:01:45:3c:
03:ea:3e:c0:0c:03:d2:ea:eb:a0:30:40:d8:47:be:82:56:ea:
64:30:ea:51
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVtwarZymC9DsCtysAKC6t8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTYyMThjMjBlZmQ4ZmU1M2ZjYTk5OTBiNzI1ZGQ3OTYz
Yzg4NWMwHhcNMjMwMTAxMTQzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTI0MjUxNjcxMGY2ODM1MDg3M2FkZDYyMTg1ZTM5OTE1MmUxYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hecUKpKLzXITaJrO0hs9sQmyHHN
hLiN3gHxzEaAAwxwOIGNCejIAh7QNOXXf1uLJ5soqpE1JF195rnOqlNllBj5hLUk
8U95rpPhFU12/cZFk5hq6acvdUS65tPa9KsWiRoR+2bZwfs2b7CsH8hVptugloDS
guH9JbRRxOwyGbZtIkQ9mAw2T0hkQ9dSH8jfDUagxEU+aRiSNPUfQdCJQKGFbp2m
eBhgkLedROTeNPBHcgfmR20dSh6XnIeFiGX9n02dLPlBWTRPuqRo+xAcA/YTv2Hv
/8tDN0QumzxNPB2NW1rR17Pyz1ngltxfI4Hihxa7daBrvLFuw4ywsMM5CwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOkkJRZxD2g1CHOt1iGF45kVLhx/MB8GA1UdIwQY
MBaAFMqWIYwg79j+U/ypmQtyXdeWPIhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAt
ZDcxMmQ0NzM4MDQ2LzEvNlNRbEZuRVBhRFVJYzYzV0lZWGptUlV1SEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAtZDcxMmQ0NzM4MDQ2
LzEveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHyjwAwQF
TVxgAwQAuXPQAwQBuXPSAwQF1ZBgMA0GCSqGSIb3DQEBCwUAA4IBAQDEM4jLiygj
wVZ0OOkNmigcnuO36ljZaHoe9aKmyn0y2eJkzBdPPtf/FRZ61uoIC6fsEuclJeL9
HRPq6LGSj2wXD2puztWgY6KnD6KaCHj5fMHl8ut2BobVzMe2DR9mVa6/K5DznFvx
by8DnZDfKK2TLx1zhay4t6o9Wtx4yNSzhstANGKAveDvlecosXXg4jqMzN8Tzifk
Mtmypyj+danHfAq7RmftQumh+w8rm29rS3ONKbUXTO2+otploy5mbNYzfgCNhEym
i9NCNMk90YCmayL7wTz3KpXMrZr/wkJ3E1yB6D0Eg2wBRTwD6j7ADAPS6uugMEDY
R76CVupkMOpR
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:11 2025 by rpki-client