![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/VHjmOS3qFxDIVEpla9o6Z2ehtrI.roa
File: VHjmOS3qFxDIVEpla9o6Z2ehtrI.roa (raw, json)
Hash identifier: xexsQut2Cy1a7igdKDKDj2j7LAFEQEL7G4zkfEEbjgk=
Subject key identifier: 54:78:E6:39:2D:EA:17:10:C8:54:4A:65:6B:DA:3A:67:67:A1:B6:B2
Certificate issuer: /CN=66d337d330ba44efcfef555355132a6a2c69783c
Certificate serial: 0187DFF9CD7F068BE6E4B6B93E7EF5A25342
Authority key identifier: 66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/VHjmOS3qFxDIVEpla9o6Z2ehtrI.roa
Signing time: Wed 03 May 2023 04:58:22 +0000
ROA not before: Wed 03 May 2023 04:58:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9147
IP address blocks: 185.119.240.0/22 maxlen: 22
212.86.64.0/20 maxlen: 20
185.119.240.0/23 maxlen: 23
185.119.240.0/24 maxlen: 24
212.86.64.0/19 maxlen: 19
212.86.64.0/24 maxlen: 24
212.86.67.0/24 maxlen: 24
212.86.69.0/24 maxlen: 24
212.86.70.0/24 maxlen: 24
185.119.242.0/23 maxlen: 23
185.119.242.0/24 maxlen: 24
212.86.68.0/24 maxlen: 24
185.119.241.0/24 maxlen: 24
185.119.243.0/24 maxlen: 24
212.86.71.0/24 maxlen: 24
212.86.65.0/24 maxlen: 24
212.86.66.0/24 maxlen: 24
212.86.72.0/24 maxlen: 24
212.86.73.0/24 maxlen: 24
212.86.76.0/24 maxlen: 24
212.86.74.0/24 maxlen: 24
212.86.75.0/24 maxlen: 24
212.86.77.0/24 maxlen: 24
212.86.78.0/24 maxlen: 24
212.86.79.0/24 maxlen: 24
212.86.80.0/24 maxlen: 24
212.86.80.0/20 maxlen: 20
212.86.83.0/24 maxlen: 24
212.86.81.0/24 maxlen: 24
212.86.82.0/24 maxlen: 24
212.86.84.0/24 maxlen: 24
212.86.85.0/24 maxlen: 24
212.86.86.0/24 maxlen: 24
212.86.87.0/24 maxlen: 24
212.86.90.0/24 maxlen: 24
212.86.88.0/24 maxlen: 24
212.86.89.0/24 maxlen: 24
212.86.91.0/24 maxlen: 24
212.86.93.0/24 maxlen: 24
212.86.94.0/24 maxlen: 24
212.86.92.0/24 maxlen: 24
212.86.95.0/24 maxlen: 24
185.176.57.0/24 maxlen: 24
185.176.58.0/24 maxlen: 24
185.176.56.0/24 maxlen: 24
185.176.56.0/22 maxlen: 22
185.176.59.0/24 maxlen: 24
78.31.232.0/24 maxlen: 24
78.31.232.0/23 maxlen: 23
78.31.232.0/22 maxlen: 22
78.31.233.0/24 maxlen: 24
78.31.234.0/23 maxlen: 23
78.31.234.0/24 maxlen: 24
78.31.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:df:f9:cd:7f:06:8b:e6:e4:b6:b9:3e:7e:f5:a2:53:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d337d330ba44efcfef555355132a6a2c69783c
Validity
Not Before: May 3 04:58:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5478e6392dea1710c8544a656bda3a6767a1b6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:53:21:df:a7:31:27:2c:73:01:21:0f:32:cf:
b8:5f:de:10:b8:af:71:14:11:92:d0:7a:da:0c:e8:
51:5f:91:a1:fe:2c:2f:00:62:9a:f7:1b:9f:d5:6c:
e3:7f:5a:b6:c8:b4:31:d3:10:e2:8b:69:31:c0:b7:
8c:ea:42:a4:b8:8e:5e:24:ef:a2:9f:80:bd:59:86:
86:48:f5:e8:8c:84:0a:0c:88:df:91:cf:27:cd:62:
49:a9:6e:d4:7f:86:3e:1b:06:11:74:64:60:26:9c:
ef:22:80:0f:d0:f1:67:65:76:34:b7:af:5e:b6:03:
3a:6b:7f:ab:88:05:b8:e2:4b:1b:6a:b2:86:94:fd:
ca:50:7b:ed:27:c4:a0:62:b1:9b:23:e8:1e:f0:fd:
75:2c:5d:c3:25:ab:57:59:3c:bf:11:94:60:ad:cb:
49:ef:2f:f1:12:07:2c:a8:06:c2:b8:8d:14:55:2f:
ed:bf:90:33:72:97:6d:84:65:9b:f3:67:0a:5b:35:
35:e1:3c:59:54:bc:8b:99:24:21:bf:02:80:7c:1f:
a3:6b:ed:35:fb:88:11:c7:c3:ae:6d:6f:a7:ac:1d:
f8:db:ba:bf:1a:ed:3e:07:c4:bb:18:97:3f:2b:a7:
71:47:90:3e:05:28:81:4f:20:61:e1:b1:fb:6c:84:
d7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:78:E6:39:2D:EA:17:10:C8:54:4A:65:6B:DA:3A:67:67:A1:B6:B2
X509v3 Authority Key Identifier:
keyid:66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/VHjmOS3qFxDIVEpla9o6Z2ehtrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/ZtM30zC6RO_P71VTVRMqaixpeDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.232.0/22
185.119.240.0/22
185.176.56.0/22
212.86.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:aa:46:5f:e2:70:ee:11:2f:44:86:05:2f:88:73:ca:44:d1:
d8:bb:b8:3e:19:12:53:8a:ca:dd:a8:3e:c6:84:6f:06:33:fb:
8d:7c:5d:b2:22:91:e8:71:ad:bc:44:ff:b0:9b:0e:a7:89:1a:
60:5c:67:6d:df:12:d2:4c:26:5e:43:8b:05:5a:9e:e1:f0:50:
d8:11:64:2e:b3:5f:57:9a:a3:24:ee:c1:3b:c5:22:bc:db:53:
18:01:da:93:0c:09:7b:90:a8:49:d3:94:42:54:b5:58:8d:eb:
d7:37:17:1f:b9:45:84:37:2a:09:09:d8:a8:6b:f1:7a:8b:e1:
33:8c:f8:75:2a:55:33:ff:8a:23:05:37:57:20:14:e9:24:57:
57:f6:3a:48:87:5e:00:8b:14:53:d0:f2:10:60:1e:b8:15:bd:
2c:cc:1f:ad:df:63:4b:f3:44:47:a7:13:5e:b7:33:c7:24:d9:
ff:68:bf:37:60:ed:a0:7c:3d:e9:7d:f5:35:f2:d0:c4:74:40:
08:cf:6f:d8:59:42:73:5c:c3:1d:1e:cd:3e:37:9e:f3:0d:44:
a2:a1:d6:ad:56:96:4d:ef:7c:89:e9:81:d1:97:bd:32:f3:98:
0d:5f:e8:eb:b2:58:51:43:75:fb:7a:32:22:01:cb:70:0f:bc:
15:22:73:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYff+c1/Bovm5La5Pn71olNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDMzN2QzMzBiYTQ0ZWZjZmVmNTU1MzU1MTMyYTZhMmM2
OTc4M2MwHhcNMjMwNTAzMDQ1ODIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc4ZTYzOTJkZWExNzEwYzg1NDRhNjU2YmRhM2E2NzY3YTFiNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulMh36cxJyxzASEPMs+4X94QuK9x
FBGS0HraDOhRX5Gh/iwvAGKa9xuf1Wzjf1q2yLQx0xDii2kxwLeM6kKkuI5eJO+i
n4C9WYaGSPXojIQKDIjfkc8nzWJJqW7Uf4Y+GwYRdGRgJpzvIoAP0PFnZXY0t69e
tgM6a3+riAW44ksbarKGlP3KUHvtJ8SgYrGbI+ge8P11LF3DJatXWTy/EZRgrctJ
7y/xEgcsqAbCuI0UVS/tv5AzcpdthGWb82cKWzU14TxZVLyLmSQhvwKAfB+ja+01
+4gRx8OubW+nrB3427q/Gu0+B8S7GJc/K6dxR5A+BSiBTyBh4bH7bITXzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFR45jkt6hcQyFRKZWvaOmdnobayMB8GA1UdIwQY
MBaAFGbTN9MwukTvz+9VU1UTKmosaXg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRNMzB6QzZST19QNzFWVFZSTXFhaXhwZUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYjVlN2MtNjdiMS00NzdkLTg5NWYt
OGY1ZmM5MjEyNWRiLzEvVkhqbU9TM3FGeERJVkVwbGE5bzZaMmVodHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYjVlN2MtNjdiMS00NzdkLTg5NWYtOGY1ZmM5MjEyNWRi
LzEvWnRNMzB6QzZST19QNzFWVFZSTXFhaXhwZUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTh/oAwQC
uXfwAwQCubA4AwQF1FZAMA0GCSqGSIb3DQEBCwUAA4IBAQBtqkZf4nDuES9EhgUv
iHPKRNHYu7g+GRJTisrdqD7GhG8GM/uNfF2yIpHoca28RP+wmw6niRpgXGdt3xLS
TCZeQ4sFWp7h8FDYEWQus19XmqMk7sE7xSK821MYAdqTDAl7kKhJ05RCVLVYjevX
NxcfuUWENyoJCdioa/F6i+EzjPh1KlUz/4ojBTdXIBTpJFdX9jpIh14AixRT0PIQ
YB64Fb0szB+t32NL80RHpxNetzPHJNn/aL83YO2gfD3pffU18tDEdEAIz2/YWUJz
XMMdHs0+N57zDUSiodatVpZN73yJ6YHRl70y85gNX+jrslhRQ3X7ejIiActwD7wV
InNp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:20 2025 by rpki-client