Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/DCLRPfAfV3oYJd7_6PhX-2HbIus.roa
File: DCLRPfAfV3oYJd7_6PhX-2HbIus.roa (raw, json)
Hash identifier: EaFlj/P+e+dg1zgDwhIliQHFuUfDHdUYCUy//cH0rz4=
Subject key identifier: 0C:22:D1:3D:F0:1F:57:7A:18:25:DE:FF:E8:F8:57:FB:61:DB:22:EB
Certificate issuer: /CN=d76d71d8845d2fe296a46d79176f590d8db4f16a
Certificate serial: 144974B5
Authority key identifier: D7:6D:71:D8:84:5D:2F:E2:96:A4:6D:79:17:6F:59:0D:8D:B4:F1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/121x2IRdL-KWpG15F29ZDY208Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/DCLRPfAfV3oYJd7_6PhX-2HbIus.roa
Signing time: Sat 01 Jan 2022 15:57:30 +0000
ROA not before: Sat 01 Jan 2022 15:57:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31148
IP address blocks: 94.76.105.77/32 maxlen: 32
94.76.105.78/32 maxlen: 32
94.76.105.73/32 maxlen: 32
94.76.105.74/32 maxlen: 32
195.160.220.0/22 maxlen: 24
193.24.25.14/32 maxlen: 32
94.76.105.109/32 maxlen: 32
94.76.105.110/32 maxlen: 32
94.76.105.105/32 maxlen: 32
94.76.105.106/32 maxlen: 32
94.76.104.121/32 maxlen: 32
94.76.104.122/32 maxlen: 32
94.76.106.117/32 maxlen: 32
94.76.104.117/32 maxlen: 32
94.76.104.118/32 maxlen: 32
94.76.106.118/32 maxlen: 32
94.76.106.113/32 maxlen: 32
94.76.106.114/32 maxlen: 32
94.76.105.13/32 maxlen: 32
109.251.255.186/32 maxlen: 32
94.76.105.14/32 maxlen: 32
109.251.255.185/32 maxlen: 32
193.24.25.93/32 maxlen: 32
94.76.105.5/32 maxlen: 32
109.251.255.178/32 maxlen: 32
109.251.255.177/32 maxlen: 32
94.76.105.6/32 maxlen: 32
109.251.255.182/32 maxlen: 32
193.24.25.85/32 maxlen: 32
193.24.25.86/32 maxlen: 32
109.251.255.181/32 maxlen: 32
193.24.25.73/32 maxlen: 32
94.76.105.25/32 maxlen: 32
109.251.255.174/32 maxlen: 32
109.251.255.173/32 maxlen: 32
94.76.105.26/32 maxlen: 32
109.251.255.154/32 maxlen: 32
109.251.255.153/32 maxlen: 32
94.76.106.41/32 maxlen: 32
94.76.106.42/32 maxlen: 32
185.124.168.0/22 maxlen: 24
109.251.252.146/32 maxlen: 32
94.76.104.37/32 maxlen: 32
94.76.104.38/32 maxlen: 32
109.251.252.145/32 maxlen: 32
46.219.0.0/16 maxlen: 24
109.251.252.150/32 maxlen: 32
94.76.104.33/32 maxlen: 32
94.76.104.34/32 maxlen: 32
109.251.252.149/32 maxlen: 32
109.251.255.138/32 maxlen: 32
109.251.255.137/32 maxlen: 32
94.76.104.56/32 maxlen: 32
109.251.252.142/32 maxlen: 32
94.76.104.57/32 maxlen: 32
109.251.252.141/32 maxlen: 32
78.159.32.0/19 maxlen: 24
94.76.104.52/32 maxlen: 32
94.76.104.53/32 maxlen: 32
193.24.25.0/24 maxlen: 24
109.251.255.134/32 maxlen: 32
109.251.255.133/32 maxlen: 32
89.252.0.0/18 maxlen: 24
109.251.255.126/32 maxlen: 32
109.251.255.125/32 maxlen: 32
212.22.192.0/19 maxlen: 24
94.76.104.197/32 maxlen: 32
109.251.255.114/32 maxlen: 32
94.76.104.198/32 maxlen: 32
109.251.255.113/32 maxlen: 32
109.251.255.118/32 maxlen: 32
94.76.104.193/32 maxlen: 32
109.251.255.117/32 maxlen: 32
94.76.104.194/32 maxlen: 32
94.76.105.217/32 maxlen: 32
94.76.105.218/32 maxlen: 32
89.252.40.101/32 maxlen: 32
89.252.35.101/32 maxlen: 32
193.24.25.129/32 maxlen: 32
89.252.35.102/32 maxlen: 32
89.252.40.102/32 maxlen: 32
94.76.104.209/32 maxlen: 32
89.252.40.97/32 maxlen: 32
89.252.40.98/32 maxlen: 32
94.76.104.210/32 maxlen: 32
109.251.255.82/32 maxlen: 32
109.251.255.81/32 maxlen: 32
109.251.0.0/16 maxlen: 24
109.251.255.86/32 maxlen: 32
109.251.255.85/32 maxlen: 32
109.251.255.74/32 maxlen: 32
109.251.255.73/32 maxlen: 32
188.231.128.0/17 maxlen: 24
109.251.252.66/32 maxlen: 32
94.76.104.245/32 maxlen: 32
109.251.252.65/32 maxlen: 32
94.76.64.0/18 maxlen: 24
94.76.104.246/32 maxlen: 32
193.24.25.209/32 maxlen: 32
109.251.255.42/32 maxlen: 32
193.24.25.201/32 maxlen: 32
193.24.25.202/32 maxlen: 32
109.251.255.41/32 maxlen: 32
193.24.25.205/32 maxlen: 32
193.24.25.206/32 maxlen: 32
109.251.255.34/32 maxlen: 32
109.251.255.33/32 maxlen: 32
81.95.176.0/20 maxlen: 24
109.251.255.38/32 maxlen: 32
109.251.255.37/32 maxlen: 32
109.251.255.30/32 maxlen: 32
109.251.255.29/32 maxlen: 32
109.251.255.18/32 maxlen: 32
109.251.255.17/32 maxlen: 32
109.251.255.10/32 maxlen: 32
109.251.255.9/32 maxlen: 32
109.251.255.14/32 maxlen: 32
94.76.104.185/32 maxlen: 32
94.76.104.186/32 maxlen: 32
109.251.255.13/32 maxlen: 32
109.251.255.2/32 maxlen: 32
109.251.255.1/32 maxlen: 32
109.251.255.6/32 maxlen: 32
109.251.255.5/32 maxlen: 32
2a00:1228::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 340358325 (0x144974b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76d71d8845d2fe296a46d79176f590d8db4f16a
Validity
Not Before: Jan 1 15:57:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c22d13df01f577a1825deffe8f857fb61db22eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:28:f4:1d:23:3b:b5:fd:9b:b3:00:d3:a5:88:
8f:8a:41:79:01:40:0a:2b:28:63:94:e3:22:8c:3c:
19:a8:1d:14:ca:38:8b:fa:4c:78:5a:15:af:a9:e1:
8d:60:a0:24:ae:06:c9:8c:85:a0:0a:02:05:c9:22:
4b:0a:5d:2e:9c:fe:f4:c3:9e:f9:0b:df:d5:96:21:
25:3a:ef:1a:a7:39:9d:87:35:d6:3f:1f:cc:7c:a2:
3b:83:be:14:df:58:d3:fa:2f:0b:47:97:06:a0:5e:
09:7f:8f:8c:7d:dd:21:fa:f9:9a:96:3a:ef:8c:1b:
21:bb:cf:89:0d:20:37:a9:12:49:31:cc:de:e4:7b:
a5:bb:82:26:1b:d2:53:55:b2:27:26:37:53:3e:77:
ab:69:b7:4f:8c:6e:25:06:b9:2e:a9:7e:39:d3:88:
84:91:56:0e:70:c3:c0:b9:c2:59:55:ad:32:c0:30:
10:10:bf:56:e6:ce:04:d6:c8:f3:fc:8e:89:3a:b9:
57:e6:3d:95:28:23:b8:b9:b3:c0:b9:f4:1c:ab:84:
d7:cc:bd:6b:bb:fc:9a:d7:9c:23:72:3a:ce:8d:2e:
c5:20:25:15:a7:ef:e6:14:1b:44:73:65:59:99:21:
f6:51:b5:de:8d:6f:14:90:3c:c5:39:95:39:dc:56:
c6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:22:D1:3D:F0:1F:57:7A:18:25:DE:FF:E8:F8:57:FB:61:DB:22:EB
X509v3 Authority Key Identifier:
keyid:D7:6D:71:D8:84:5D:2F:E2:96:A4:6D:79:17:6F:59:0D:8D:B4:F1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/121x2IRdL-KWpG15F29ZDY208Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/DCLRPfAfV3oYJd7_6PhX-2HbIus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/121x2IRdL-KWpG15F29ZDY208Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.219.0.0/16
78.159.32.0/19
81.95.176.0/20
89.252.0.0/18
94.76.64.0/18
109.251.0.0/16
185.124.168.0/22
188.231.128.0/17
193.24.25.0/24
195.160.220.0/22
212.22.192.0/19
IPv6:
2a00:1228::/32
Signature Algorithm: sha256WithRSAEncryption
6b:f5:91:c7:a2:88:84:c0:24:b9:f3:d7:4c:6d:bb:54:dd:34:
df:00:72:ed:cb:d0:cf:19:9f:62:60:0b:fd:13:80:96:5b:35:
80:45:44:ce:f7:f8:82:f2:4e:c5:5e:6f:27:0c:5d:01:36:07:
ee:f4:49:61:86:70:ee:2e:a4:49:c9:d9:4b:36:86:40:b5:b7:
01:63:15:db:56:fd:9a:62:6e:f5:8f:a9:d2:0b:33:53:1c:d5:
12:cd:47:6f:26:3a:92:2b:d4:03:cc:30:b3:1f:e3:0f:af:36:
6d:cf:1d:08:7e:bf:91:29:93:8a:ae:0e:c2:7d:e8:57:1c:98:
7f:5c:7b:28:f5:4a:ef:a9:d7:b3:b4:81:be:3d:4c:c5:00:e4:
05:db:1a:8a:ca:3c:ff:84:f1:31:83:39:3d:6b:07:09:3f:a9:
c8:05:a1:78:b5:7f:47:73:59:e9:55:21:e5:ec:95:ca:98:ca:
75:94:e2:cb:39:91:9c:4f:17:86:2d:18:80:68:d8:81:08:f9:
6a:74:82:0c:ff:66:d1:6b:59:9b:70:45:87:02:26:3b:e2:c0:
ec:d4:cb:a9:aa:dd:93:aa:4b:59:ef:ef:86:eb:28:cb:80:20:
28:5a:4d:e2:3b:95:77:69:c3:2a:e7:59:04:ec:99:2e:42:d9:
fe:e1:4a:85
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIEFEl0tTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzZkNzFkODg0NWQyZmUyOTZhNDZkNzkxNzZmNTkwZDhkYjRmMTZhMB4XDTIyMDEw
MTE1NTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMyMmQxM2RmMDFm
NTc3YTE4MjVkZWZmZThmODU3ZmI2MWRiMjJlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQo9B0jO7X9m7MA06WIj4pBeQFACisoY5TjIow8GagdFMo4
i/pMeFoVr6nhjWCgJK4GyYyFoAoCBckiSwpdLpz+9MOe+Qvf1ZYhJTrvGqc5nYc1
1j8fzHyiO4O+FN9Y0/ovC0eXBqBeCX+PjH3dIfr5mpY674wbIbvPiQ0gN6kSSTHM
3uR7pbuCJhvSU1WyJyY3Uz53q2m3T4xuJQa5Lql+OdOIhJFWDnDDwLnCWVWtMsAw
EBC/VubOBNbI8/yOiTq5V+Y9lSgjuLmzwLn0HKuE18y9a7v8mtecI3I6zo0uxSAl
Fafv5hQbRHNlWZkh9lG13o1vFJA8xTmVOdxWxu8CAwEAAaOCAlIwggJOMB0GA1Ud
DgQWBBQMItE98B9Xehgl3v/o+Ff7Ydsi6zAfBgNVHSMEGDAWgBTXbXHYhF0v4pak
bXkXb1kNjbTxajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEyMXgySVJkTC1LV3BHMTVGMjlaRFkyMDhXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvZWMzMTA2LWU3YmYtNDI5OS1hZTEyLWRiZDkxYjExMTg0NC8x
L0RDTFJQZkFmVjNvWUpkN182UGhYLTJIYkl1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
ZWMzMTA2LWU3YmYtNDI5OS1hZTEyLWRiZDkxYjExMTg0NC8xLzEyMXgySVJkTC1L
V3BHMTVGMjlaRFkyMDhXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBo
BggrBgEFBQcBBwEB/wRZMFcwRgQCAAEwQAMDAC7bAwQFTp8gAwQEUV+wAwQGWfwA
AwQGXkxAAwMAbfsDBAK5fKgDBAe854ADBADBGBkDBALDoNwDBAXUFsAwDQQCAAIw
BwMFACoAEigwDQYJKoZIhvcNAQELBQADggEBAGv1kceiiITAJLnz10xtu1TdNN8A
cu3L0M8Zn2JgC/0TgJZbNYBFRM73+ILyTsVebycMXQE2B+70SWGGcO4upEnJ2Us2
hkC1twFjFdtW/ZpibvWPqdILM1Mc1RLNR28mOpIr1APMMLMf4w+vNm3PHQh+v5Ep
k4quDsJ96FccmH9ceyj1Su+p17O0gb49TMUA5AXbGorKPP+E8TGDOT1rBwk/qcgF
oXi1f0dzWelVIeXslcqYynWU4ss5kZxPF4YtGIBo2IEI+Wp0ggz/ZtFrWZtwRYcC
JjviwOzUy6mq3ZOqS1nv74brKMuAIChaTeI7lXdpwyrnWQTsmS5C2f7hSoU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:27:52 2025 by rpki-client