Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6m3AZYa72D5bavwGdmxn9NOoA24.roa
File: 6m3AZYa72D5bavwGdmxn9NOoA24.roa (raw, json)
Hash identifier: wGb/JfXV50Q0I1x+a0uWYQsQ/zDnG3XMgQ5C0XmDDaE=
Subject key identifier: EA:6D:C0:65:86:BB:D8:3E:5B:6A:FC:06:76:6C:67:F4:D3:A8:03:6E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01891C8C5686EB4C237826B64685F0DB82B6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6m3AZYa72D5bavwGdmxn9NOoA24.roa
Signing time: Mon 03 Jul 2023 16:18:26 +0000
ROA not before: Mon 03 Jul 2023 16:18:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.33.14.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.248.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
103.205.26.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.74.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
185.115.147.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
77.75.63.0/24 maxlen: 24
194.4.158.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
89.40.160.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
185.245.239.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
185.121.229.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:8c:56:86:eb:4c:23:78:26:b6:46:85:f0:db:82:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 3 16:18:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea6dc06586bbd83e5b6afc06766c67f4d3a8036e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:54:3d:61:df:f9:d3:c8:bb:61:de:bf:55:03:
c9:84:d8:75:90:27:06:5f:6d:16:fc:1f:95:a2:31:
c5:b6:04:23:69:0b:cc:62:c1:9a:e0:59:39:80:12:
00:3a:03:58:0b:55:d4:bf:4b:24:e5:1f:2d:86:6f:
6e:82:36:94:7d:78:d9:e0:33:42:52:90:55:30:88:
55:b9:99:45:5c:83:3f:0f:5c:84:b8:eb:fd:8a:76:
62:a3:a1:09:f6:5c:9d:de:b4:28:f5:bf:02:86:0d:
e9:87:ee:b2:34:fa:b4:a0:2f:38:49:b0:6e:15:06:
d1:e4:fb:f0:1d:14:ad:f1:72:a8:20:cf:bf:14:ef:
bf:7e:70:f7:50:a6:01:3c:34:1c:b0:53:1a:41:87:
c7:f8:ec:96:ea:5e:ba:96:8a:3f:16:d2:7b:80:13:
52:a2:07:b7:f8:a9:1f:72:ea:4e:2a:51:5a:d6:0a:
af:f7:1a:90:0a:5c:8c:f5:a7:87:d1:ea:4e:74:99:
78:ad:7e:1e:09:8f:1d:aa:9a:6f:2b:4a:b5:6f:e5:
6c:45:82:91:a9:4a:47:34:f3:29:1d:79:09:a8:41:
ff:d7:71:14:9c:2d:b5:2b:91:ae:9d:bc:bd:e4:77:
c5:40:81:25:49:a3:d2:ee:ac:24:69:33:d4:8f:83:
e4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:6D:C0:65:86:BB:D8:3E:5B:6A:FC:06:76:6C:67:F4:D3:A8:03:6E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6m3AZYa72D5bavwGdmxn9NOoA24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
77.75.60.0/24
77.75.62.0/23
78.142.242.0/23
89.33.14.0/24
89.40.160.0/24
89.43.208.0/24
89.43.210.0/23
89.47.89.0/24
93.114.246.0/24
103.205.25.0-103.205.27.255
178.239.192.0-178.239.194.255
178.239.200.0/23
178.239.203.0/24
185.9.54.0/24
185.103.73.0-185.103.74.255
185.115.144.0/22
185.121.228.0/22
185.229.104.0/22
185.230.248.0-185.230.250.255
185.236.62.0/23
185.245.236.0/22
188.214.27.0/24
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/22
203.0.8.0/24
213.32.248.0/23
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:b0:da:8b:dc:79:60:d5:32:97:4d:06:7f:c3:3f:aa:ac:bf:
f8:2e:15:37:89:11:ee:21:76:4f:25:63:01:fd:f4:34:d3:26:
17:b0:21:a2:47:ee:8c:13:00:9e:55:c8:90:36:70:25:d0:57:
d7:ef:d0:e9:40:f9:dd:89:b3:2b:fc:e6:ef:e1:68:ef:4b:9a:
b2:0b:8a:f8:42:63:2b:0a:4b:df:f8:72:ef:91:77:bf:a0:8e:
79:c7:8d:80:fb:81:ea:8b:cd:fe:95:10:0e:6b:57:8b:cf:e2:
2c:8b:80:7c:20:73:c5:e9:8d:dd:8a:69:f2:ca:d9:9a:12:60:
01:9b:84:5a:e6:2f:61:20:0c:14:58:3f:39:10:6f:57:50:b1:
b8:0a:0e:85:72:6c:5e:2e:be:df:61:91:da:19:8c:de:b5:ac:
35:de:9a:57:cd:6d:21:bc:0a:55:6b:a9:96:63:5b:0b:a0:4e:
5c:d2:06:b7:09:26:86:f8:69:2d:a0:95:6e:3a:39:be:0d:03:
34:0d:c2:2d:ef:6d:aa:8e:72:32:5d:75:99:2f:d6:72:85:c5:
68:5d:b1:85:cb:a3:50:be:50:fb:45:b9:94:1f:57:e5:6f:d9:
6a:a8:7d:31:3f:8a:c5:79:d2:cb:e0:a2:8a:e8:87:fa:f5:d8:
1f:c0:f6:43
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYkcjFaG60wjeCa2RoXw24K2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzAzMTYxODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTZkYzA2NTg2YmJkODNlNWI2YWZjMDY3NjZjNjdmNGQzYTgwMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VQ9Yd/508i7Yd6/VQPJhNh1kCcG
X20W/B+VojHFtgQjaQvMYsGa4Fk5gBIAOgNYC1XUv0sk5R8thm9ugjaUfXjZ4DNC
UpBVMIhVuZlFXIM/D1yEuOv9inZio6EJ9lyd3rQo9b8Chg3ph+6yNPq0oC84SbBu
FQbR5PvwHRSt8XKoIM+/FO+/fnD3UKYBPDQcsFMaQYfH+OyW6l66loo/FtJ7gBNS
oge3+KkfcupOKlFa1gqv9xqQClyM9aeH0epOdJl4rX4eCY8dqppvK0q1b+VsRYKR
qUpHNPMpHXkJqEH/13EUnC21K5Gunby95HfFQIElSaPS7qwkaTPUj4PkQQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFOptwGWGu9g+W2r8BnZsZ/TTqANuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNm0zQVpZYTcyRDViYXZ3R2RteG45Tk9vQTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuMAwD
BAMtn5gDBAAtn5oDBAA+xYQDBAA+xYcDBABNSzwDBAFNSz4DBAFOjvIDBABZIQ4D
BABZKKADBABZK9ADBAFZK9IDBABZL1kDBABdcvYwDAMEAGfNGQMEAmfNGDAMAwQG
su/AAwQAsu/CAwQBsu/IAwQAsu/LAwQAuQk2MAwDBAC5Z0kDBAC5Z0oDBAK5c5AD
BAK5eeQDBAK55WgwDAMEA7nm+AMEALnm+gMEAbnsPgMEArn17AMEALzWGwMEAsCm
1AMEAMETagMEAMEqNAMEAcEqNgMEAsIEnAMEAMsACAMEAdUg+AMEAN8bcDANBgkq
hkiG9w0BAQsFAAOCAQEAf7Dai9x5YNUyl00Gf8M/qqy/+C4VN4kR7iF2TyVjAf30
NNMmF7AhokfujBMAnlXIkDZwJdBX1+/Q6UD53YmzK/zm7+Fo70uasguK+EJjKwpL
3/hy75F3v6COeceNgPuB6ovN/pUQDmtXi8/iLIuAfCBzxemN3Ypp8srZmhJgAZuE
WuYvYSAMFFg/ORBvV1CxuAoOhXJsXi6+32GR2hmM3rWsNd6aV81tIbwKVWuplmNb
C6BOXNIGtwkmhvhpLaCVbjo5vg0DNA3CLe9tqo5yMl11mS/WcoXFaF2xhcujUL5Q
+0W5lB9X5W/Zaqh9MT+KxXnSy+CiiuiH+vXYH8D2Qw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:57:30 2025 by rpki-client