Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/6BeAmofGaDZ7IsgPESY9sM7jY1A.roa
File: 6BeAmofGaDZ7IsgPESY9sM7jY1A.roa (raw, json)
Hash identifier: 5lq74sU8ZXDyfMlgExCVSgRWQiuKgqx9WYOlgnZ1bpE=
Subject key identifier: E8:17:80:9A:87:C6:68:36:7B:22:C8:0F:11:26:3D:B0:CE:E3:63:50
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01856D01CB7C426047757B6C3EDF89496139
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/6BeAmofGaDZ7IsgPESY9sM7jY1A.roa
Signing time: Sun 01 Jan 2023 11:05:12 +0000
ROA not before: Sun 01 Jan 2023 11:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9119
IP address blocks: 85.208.172.0/24 maxlen: 24
185.175.0.0/22 maxlen: 22
80.65.174.0/24 maxlen: 24
80.65.173.0/24 maxlen: 24
80.65.175.0/24 maxlen: 24
194.39.85.0/24 maxlen: 24
213.253.120.0/22 maxlen: 22
213.253.124.0/22 maxlen: 22
91.132.74.0/23 maxlen: 23
2.58.48.0/22 maxlen: 22
80.65.166.0/24 maxlen: 24
80.65.165.0/24 maxlen: 24
80.65.160.0/24 maxlen: 24
80.65.160.0/20 maxlen: 20
80.65.164.0/24 maxlen: 24
80.65.163.0/24 maxlen: 24
80.65.162.0/24 maxlen: 24
80.65.161.0/24 maxlen: 24
80.65.172.0/24 maxlen: 24
80.65.167.0/24 maxlen: 24
80.65.171.0/24 maxlen: 24
80.65.170.0/24 maxlen: 24
80.65.169.0/24 maxlen: 24
80.65.168.0/24 maxlen: 24
147.78.219.0/24 maxlen: 24
147.78.216.0/24 maxlen: 24
147.78.216.0/22 maxlen: 22
213.253.96.0/20 maxlen: 20
213.253.96.0/21 maxlen: 21
217.199.132.0/24 maxlen: 24
217.199.131.0/24 maxlen: 24
213.253.104.0/22 maxlen: 22
217.199.130.0/24 maxlen: 24
217.199.129.0/24 maxlen: 24
217.199.128.0/20 maxlen: 24
217.199.128.0/24 maxlen: 24
217.199.133.0/24 maxlen: 24
217.199.139.0/24 maxlen: 24
213.253.112.0/22 maxlen: 22
213.253.111.0/24 maxlen: 24
217.199.138.0/24 maxlen: 24
217.199.134.0/24 maxlen: 24
217.199.137.0/24 maxlen: 24
217.199.136.0/24 maxlen: 24
213.253.110.0/24 maxlen: 24
213.253.108.0/22 maxlen: 22
217.199.135.0/24 maxlen: 24
213.253.108.0/24 maxlen: 24
213.253.109.0/24 maxlen: 24
217.199.140.0/24 maxlen: 24
213.253.116.0/22 maxlen: 22
217.199.143.0/24 maxlen: 24
217.199.142.0/24 maxlen: 24
217.199.141.0/24 maxlen: 24
213.253.64.0/19 maxlen: 19
45.15.44.0/22 maxlen: 22
212.103.128.0/19 maxlen: 19
84.41.122.0/23 maxlen: 23
84.41.120.0/23 maxlen: 23
84.41.124.0/22 maxlen: 22
84.41.96.0/21 maxlen: 21
84.41.104.0/22 maxlen: 22
84.41.108.0/23 maxlen: 23
84.41.112.0/23 maxlen: 23
84.41.111.0/24 maxlen: 24
84.41.110.0/24 maxlen: 24
84.41.115.0/24 maxlen: 24
84.41.114.0/24 maxlen: 24
84.41.116.0/22 maxlen: 22
46.163.48.0/21 maxlen: 21
46.163.58.0/24 maxlen: 24
46.163.58.0/23 maxlen: 23
46.163.56.0/23 maxlen: 23
46.163.56.0/24 maxlen: 24
46.163.59.0/24 maxlen: 24
46.163.60.0/22 maxlen: 22
45.156.140.0/24 maxlen: 24
45.8.0.0/22 maxlen: 22
46.163.0.0/19 maxlen: 19
46.163.32.0/20 maxlen: 20
212.13.224.0/19 maxlen: 19
84.41.32.0/19 maxlen: 19
84.41.64.0/19 maxlen: 19
84.41.0.0/18 maxlen: 18
84.41.0.0/19 maxlen: 19
84.41.0.0/21 maxlen: 21
185.54.131.0/24 maxlen: 24
185.54.130.0/24 maxlen: 24
185.54.128.0/24 maxlen: 24
185.54.128.0/23 maxlen: 23
2a0b:c300::/29 maxlen: 29
2a02:805::/33 maxlen: 33
2a0b:c306::/32 maxlen: 32
2a02:801::/33 maxlen: 33
2a02:800::/32 maxlen: 32
2a0e:2e00::/29 maxlen: 29
2a0e:1e80::/29 maxlen: 29
2a09:e140::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:cb:7c:42:60:47:75:7b:6c:3e:df:89:49:61:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 11:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e817809a87c668367b22c80f11263db0cee36350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:76:64:b1:50:11:d4:1f:b0:1a:d5:1d:b6:78:
44:d8:37:b5:14:09:38:ef:c6:ba:64:47:09:05:1b:
4d:46:8f:fb:19:43:55:f1:3c:29:60:66:a3:7f:ea:
b0:d1:12:12:16:38:83:5e:b1:8a:ab:8b:1c:78:e6:
3a:35:58:fb:9c:01:68:4a:ac:11:78:17:48:f7:e8:
c5:23:16:6b:96:b7:db:a3:79:32:83:8b:13:17:80:
55:11:3a:bc:79:18:9b:66:15:1b:b2:ae:03:23:70:
ce:50:8a:67:8a:14:ce:d2:fa:e4:56:03:6c:5a:f5:
dd:70:9d:8a:42:0a:f9:75:55:eb:b3:50:69:8c:a3:
a1:52:ec:bd:11:65:e4:b0:7d:98:72:c2:41:ef:08:
42:94:83:6b:e2:49:e4:26:89:2e:85:50:0e:a1:1f:
3b:3f:2d:f8:ae:61:ca:e3:ef:30:ee:71:1e:7a:77:
fb:0c:29:1b:f5:8b:7e:92:08:7f:99:e0:95:c3:e3:
4f:e0:31:26:7a:78:37:63:16:25:5e:8f:2d:a5:bb:
d2:5d:ef:12:c4:34:28:f6:5e:6f:40:e0:bb:a2:26:
28:54:18:33:3c:71:2f:e7:12:c5:6b:c0:ef:1f:a0:
93:4a:4a:bf:aa:36:e8:2b:2c:e4:96:fc:b1:d6:fe:
5a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:17:80:9A:87:C6:68:36:7B:22:C8:0F:11:26:3D:B0:CE:E3:63:50
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/6BeAmofGaDZ7IsgPESY9sM7jY1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.48.0/22
45.8.0.0/22
45.15.44.0/22
45.156.140.0/24
46.163.0.0/18
80.65.160.0/20
84.41.0.0/17
85.208.172.0/24
91.132.74.0/23
147.78.216.0/22
185.54.128.0/22
185.175.0.0/22
194.39.85.0/24
212.13.224.0/19
212.103.128.0/19
213.253.64.0/18
217.199.128.0/20
IPv6:
2a02:800::-2a02:801:7fff:ffff:ffff:ffff:ffff:ffff
2a02:805::/33
2a09:e140::/29
2a0b:c300::/29
2a0e:1e80::/29
2a0e:2e00::/29
Signature Algorithm: sha256WithRSAEncryption
b6:02:71:7a:ed:8e:73:41:5b:fc:16:7a:4a:9c:0f:68:13:b0:
b6:46:3e:ad:2a:f7:78:f8:87:a1:35:35:63:1d:38:c8:3a:aa:
6b:85:12:da:c0:ed:a3:ad:be:b3:c4:c1:0a:62:ee:0b:d2:23:
9c:fe:02:74:17:e0:6e:94:d8:b4:5b:d6:a9:12:4e:f8:99:bf:
c9:c9:05:20:79:6b:10:cc:61:de:59:51:36:b5:8a:b8:dd:ed:
d1:0d:98:a2:aa:fe:3f:ed:05:6a:34:0d:ab:6c:d0:40:4f:cc:
8e:f2:7d:db:8a:97:a4:d5:f4:b9:1d:f8:4b:74:86:9c:7e:5e:
95:d6:b0:e3:3f:54:94:4c:8e:1a:12:cc:01:9b:3d:c3:c0:4c:
9d:20:a4:52:00:61:26:75:eb:1b:09:06:7c:0f:42:db:5a:0a:
7b:a2:2f:b1:4e:01:6c:66:17:8c:3b:ae:c5:d6:99:24:54:ad:
6e:50:ce:b5:31:44:06:9f:74:da:fb:cf:c9:b7:be:51:8e:3e:
59:50:87:9b:8d:95:d4:55:db:66:80:66:3a:ef:73:db:93:b8:
20:bb:77:22:7c:60:5a:33:e9:fc:b9:37:fa:03:12:3b:eb:8f:
80:fb:70:19:3f:95:31:29:61:0c:30:2e:96:5c:3c:e2:3b:0a:
bf:72:85:f7
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYVtAct8QmBHdXtsPt+JSWE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwMTAxMTEwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODE3ODA5YTg3YzY2ODM2N2IyMmM4MGYxMTI2M2RiMGNlZTM2MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3ZksVAR1B+wGtUdtnhE2De1FAk4
78a6ZEcJBRtNRo/7GUNV8TwpYGajf+qw0RISFjiDXrGKq4sceOY6NVj7nAFoSqwR
eBdI9+jFIxZrlrfbo3kyg4sTF4BVETq8eRibZhUbsq4DI3DOUIpnihTO0vrkVgNs
WvXdcJ2KQgr5dVXrs1BpjKOhUuy9EWXksH2YcsJB7whClINr4knkJokuhVAOoR87
Py34rmHK4+8w7nEeenf7DCkb9Yt+kgh/meCVw+NP4DEmeng3YxYlXo8tpbvSXe8S
xDQo9l5vQOC7oiYoVBgzPHEv5xLFa8DvH6CTSkq/qjboKyzklvyx1v5aEQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFOgXgJqHxmg2eyLIDxEmPbDO42NQMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvNkJlQW1vZkdhRFo3SXNnUEVTWTlzTTdqWTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjBsBAIAATBmAwQCAjow
AwQCLQgAAwQCLQ8sAwQALZyMAwQGLqMAAwQEUEGgAwQHVCkAAwQAVdCsAwQBW4RK
AwQCk07YAwQCuTaAAwQCua8AAwQAwidVAwQF1A3gAwQF1GeAAwQG1f1AAwQE2ceA
MDoEAgACMDQwDgMEAyoCCAMGByoCCAEAAwYHKgIIBQADBQMqCeFAAwUDKgvDAAMF
AyoOHoADBQMqDi4AMA0GCSqGSIb3DQEBCwUAA4IBAQC2AnF67Y5zQVv8FnpKnA9o
E7C2Rj6tKvd4+IehNTVjHTjIOqprhRLawO2jrb6zxMEKYu4L0iOc/gJ0F+BulNi0
W9apEk74mb/JyQUgeWsQzGHeWVE2tYq43e3RDZiiqv4/7QVqNA2rbNBAT8yO8n3b
ipek1fS5HfhLdIacfl6V1rDjP1SUTI4aEswBmz3DwEydIKRSAGEmdesbCQZ8D0Lb
Wgp7oi+xTgFsZheMO67F1pkkVK1uUM61MUQGn3Ta+8/Jt75Rjj5ZUIebjZXUVdtm
gGY673Pbk7ggu3cifGBaM+n8uTf6AxI764+A+3AZP5UxKWEMMC6WXDziOwq/coX3
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:21:34 2025 by rpki-client