Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/lXItyJBajz_U-89eqY4WKrelZ9M.roa
File: lXItyJBajz_U-89eqY4WKrelZ9M.roa (raw, json)
Hash identifier: 5LMm9P8SQrI942voxijLGIeWPAWom0RC9YruNJt35f8=
Subject key identifier: 95:72:2D:C8:90:5A:8F:3F:D4:FB:CF:5E:A9:8E:16:2A:B7:A5:67:D3
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 0A32C033
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/lXItyJBajz_U-89eqY4WKrelZ9M.roa
Signing time: Sat 01 Jan 2022 06:58:22 +0000
ROA not before: Sat 01 Jan 2022 06:58:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44285
IP address blocks: 185.18.213.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
37.32.32.0/24 maxlen: 24
37.32.32.0/21 maxlen: 21
37.32.33.0/24 maxlen: 24
37.32.32.0/22 maxlen: 22
37.32.36.0/22 maxlen: 22
37.32.37.0/24 maxlen: 24
37.32.38.0/24 maxlen: 24
37.32.36.0/24 maxlen: 24
37.32.35.0/24 maxlen: 24
37.32.34.0/24 maxlen: 24
37.32.39.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
86.57.120.0/23 maxlen: 23
86.57.122.0/23 maxlen: 23
86.57.96.0/20 maxlen: 20
86.57.112.0/23 maxlen: 23
86.57.114.0/23 maxlen: 23
86.57.116.0/22 maxlen: 22
217.172.124.0/23 maxlen: 23
217.172.120.0/24 maxlen: 24
217.172.120.0/21 maxlen: 21
217.172.127.0/24 maxlen: 24
217.172.126.0/23 maxlen: 23
85.198.48.0/20 maxlen: 20
37.75.246.0/24 maxlen: 24
37.75.245.0/24 maxlen: 24
37.75.244.0/24 maxlen: 24
37.75.244.0/22 maxlen: 22
37.75.243.0/24 maxlen: 24
37.75.247.0/24 maxlen: 24
195.110.38.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
195.110.39.0/24 maxlen: 24
185.182.248.0/22 maxlen: 22
95.82.0.0/21 maxlen: 21
95.82.0.0/20 maxlen: 20
95.82.0.0/18 maxlen: 18
95.82.8.0/21 maxlen: 21
95.82.16.0/21 maxlen: 21
95.82.16.0/20 maxlen: 20
95.82.24.0/21 maxlen: 21
91.236.168.0/23 maxlen: 23
91.236.169.0/24 maxlen: 24
91.236.168.0/24 maxlen: 24
95.82.32.0/21 maxlen: 21
95.82.40.0/21 maxlen: 21
46.28.74.0/24 maxlen: 24
95.82.48.0/21 maxlen: 21
46.28.73.0/24 maxlen: 24
46.28.72.0/24 maxlen: 24
46.28.72.0/21 maxlen: 24
95.82.56.0/21 maxlen: 21
185.121.128.0/22 maxlen: 24
185.121.128.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.129.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
84.47.226.0/24 maxlen: 24
84.47.224.0/22 maxlen: 22
84.47.225.0/24 maxlen: 24
84.47.224.0/21 maxlen: 21
84.47.224.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
84.47.231.0/24 maxlen: 24
84.47.227.0/24 maxlen: 24
84.47.230.0/24 maxlen: 24
84.47.229.0/24 maxlen: 24
84.47.228.0/24 maxlen: 24
84.47.228.0/22 maxlen: 22
88.135.39.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
2a02:828::/32 maxlen: 32
2a02:829::/32 maxlen: 32
2a02:82b::/32 maxlen: 32
2a02:82f::/32 maxlen: 32
2a02:828:1::/48 maxlen: 48
2a02:82a::/32 maxlen: 32
2a02:828::/29 maxlen: 29
2a02:828::/64 maxlen: 64
2a02:828::/48 maxlen: 48
2a02:82e::/32 maxlen: 32
2a02:82c::/32 maxlen: 32
2a02:82d::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171098163 (0xa32c033)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 1 06:58:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95722dc8905a8f3fd4fbcf5ea98e162ab7a567d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fd:5b:4d:14:af:30:94:05:98:4d:0c:28:62:
37:ee:89:52:25:9a:19:f7:87:19:74:d6:02:b2:bd:
45:3a:3a:8a:b3:7d:f8:7b:6a:bc:db:79:80:35:cb:
1d:a8:a4:2e:a9:f5:72:24:3d:9d:c0:d5:c1:00:37:
c0:aa:8c:8c:3e:4e:ce:fa:0b:02:97:47:30:a2:d6:
9b:20:65:f1:7d:4e:61:9e:31:d3:46:43:ac:77:46:
73:6e:49:70:ca:2b:71:32:66:7e:7a:b6:5d:74:13:
b6:d4:09:79:b2:29:b4:ac:dd:58:ca:05:c3:47:cb:
34:38:3e:98:92:d5:92:32:4c:68:d4:74:aa:f1:40:
ea:48:b4:dc:fc:44:83:70:63:29:4a:fe:b1:f1:42:
5f:4e:8a:09:43:38:d7:46:b4:2d:e8:1d:7f:84:d4:
2a:e7:d0:04:43:f0:b6:06:40:eb:d9:ff:25:50:a0:
77:2d:5d:6b:a0:b7:41:ea:34:bf:c4:23:d2:d0:b8:
3f:f9:90:22:7e:b5:8b:41:1e:cc:89:67:41:d7:88:
36:96:a8:ac:e2:11:85:fe:c6:a6:b5:da:7e:79:04:
3d:aa:a1:73:f1:fa:69:94:34:a1:42:74:71:04:eb:
5d:96:5d:fa:c6:4e:5f:8f:79:0b:4e:14:b9:31:38:
e6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:72:2D:C8:90:5A:8F:3F:D4:FB:CF:5E:A9:8E:16:2A:B7:A5:67:D3
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/lXItyJBajz_U-89eqY4WKrelZ9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.32.0/21
37.75.243.0-37.75.247.255
46.28.72.0/21
84.47.224.0/21
85.198.48.0/20
86.57.96.0-86.57.123.255
88.135.37.0-88.135.39.255
91.236.168.0/23
95.82.0.0/18
185.18.212.0/22
185.51.200.0/22
185.121.128.0/22
185.128.136.0/22
185.141.132.0/22
185.182.248.0/22
188.209.152.0/23
195.110.38.0/23
217.172.120.0/21
IPv6:
2a02:828::/29
Signature Algorithm: sha256WithRSAEncryption
99:6d:e4:08:19:b6:be:3d:44:17:39:c0:a8:25:d3:ca:86:77:
48:00:b1:97:4e:27:0b:90:41:69:fa:c1:61:d9:e1:80:82:8d:
23:e0:06:00:bb:8f:69:89:9f:c7:36:c6:ce:48:cc:e5:a9:79:
1a:0b:a0:0f:88:03:2b:31:60:97:61:98:34:53:c0:d5:56:86:
a8:10:f1:a3:a3:36:da:3d:fb:41:72:26:30:14:00:3d:03:ac:
3c:07:93:c1:e6:78:8d:85:06:02:65:b1:06:b3:c0:de:44:b4:
03:7d:26:ac:4e:d8:0a:b5:45:f6:a4:34:77:6e:3f:07:8c:68:
d6:4c:11:cb:46:16:0a:c8:01:5a:08:21:36:7c:4c:db:6c:8e:
b6:05:37:b6:b1:13:59:dc:b1:f1:58:4c:40:9c:46:f0:c9:01:
2b:a7:1f:2d:f7:3b:a7:a7:f2:27:bf:42:78:14:dd:5a:83:26:
79:d5:7a:81:2b:e0:91:44:80:e3:b7:af:17:41:df:14:66:ba:
8c:0c:f6:b8:37:c7:de:c0:75:8e:d6:ee:f8:78:f9:a1:b7:ef:
3e:3b:cb:6d:b0:44:c4:a3:65:44:f0:e0:b4:45:fb:98:4e:4a:
a0:65:56:59:0d:a9:f2:09:f1:14:03:2f:fc:69:da:53:77:80:
bc:78:78:20
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIECjLAMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODFiN2EyMmU1MWNmYjljZjg0MjA1ZTQ0NDk5OThhZDU1ZDhmMDY1MB4XDTIyMDEw
MTA2NTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU3MjJkYzg5MDVh
OGYzZmQ0ZmJjZjVlYTk4ZTE2MmFiN2E1NjdkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIf9W00UrzCUBZhNDChiN+6JUiWaGfeHGXTWArK9RTo6irN9
+HtqvNt5gDXLHaikLqn1ciQ9ncDVwQA3wKqMjD5OzvoLApdHMKLWmyBl8X1OYZ4x
00ZDrHdGc25JcMorcTJmfnq2XXQTttQJebIptKzdWMoFw0fLNDg+mJLVkjJMaNR0
qvFA6ki03PxEg3BjKUr+sfFCX06KCUM410a0Legdf4TUKufQBEPwtgZA69n/JVCg
dy1da6C3Qeo0v8Qj0tC4P/mQIn61i0EezIlnQdeINpaorOIRhf7GprXafnkEPaqh
c/H6aZQ0oUJ0cQTrXZZd+sZOX495C04UuTE45gMCAwEAAaOCApswggKXMB0GA1Ud
DgQWBBSVci3IkFqPP9T7z16pjhYqt6Vn0zAfBgNVHSMEGDAWgBQIG3oi5Rz7nPhC
BeREmZitVdjwZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NCdDZJdVVjLTV6NFFnWGtSSm1ZclZYWThHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvYzUxNWM5LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8x
L2xYSXR5SkJhanpfVS04OWVxWTRXS3JlbFo5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
YzUxNWM5LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8xL0NCdDZJdVVjLTV6
NFFnWGtSSm1ZclZYWThHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sAYIKwYBBQUHAQcBAf8EgaAwgZ0wgYsEAgABMIGEAwQDJSAgMAwDBAAlS/MDBAMl
S/ADBAMuHEgDBANUL+ADBARVxjAwDAMEBVY5YAMEAlY5eDAMAwQAWIclAwQDWIcg
AwQBW+yoAwQGX1IAAwQCuRLUAwQCuTPIAwQCuXmAAwQCuYCIAwQCuY2EAwQCubb4
AwQBvNGYAwQBw24mAwQD2ax4MA0EAgACMAcDBQMqAggoMA0GCSqGSIb3DQEBCwUA
A4IBAQCZbeQIGba+PUQXOcCoJdPKhndIALGXTicLkEFp+sFh2eGAgo0j4AYAu49p
iZ/HNsbOSMzlqXkaC6APiAMrMWCXYZg0U8DVVoaoEPGjozbaPftBciYwFAA9A6w8
B5PB5niNhQYCZbEGs8DeRLQDfSasTtgKtUX2pDR3bj8HjGjWTBHLRhYKyAFaCCE2
fEzbbI62BTe2sRNZ3LHxWExAnEbwyQErpx8t9zunp/Inv0J4FN1agyZ51XqBK+CR
RIDjt68XQd8UZrqMDPa4N8fewHWO1u74ePmht+8+O8ttsETEo2VE8OC0RfuYTkqg
ZVZZDanyCfEUAy/8adpTd4C8eHgg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:26 2025 by rpki-client