Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/3WRuCnNh4x7Pka58F9OuQz0NZBg.roa
File: 3WRuCnNh4x7Pka58F9OuQz0NZBg.roa (raw, json)
Hash identifier: oDt0wOzcFB3iDHElJlpOHm6/83eZmHa+c05e2tya+u8=
Subject key identifier: DD:64:6E:0A:73:61:E3:1E:CF:91:AE:7C:17:D3:AE:43:3D:0D:64:18
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 018B089CED38C3E04F6B33D9C0050BC42FA1
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/3WRuCnNh4x7Pka58F9OuQz0NZBg.roa
Signing time: Sat 07 Oct 2023 05:29:43 +0000
ROA not before: Sat 07 Oct 2023 05:29:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.248.0/21 maxlen: 21
37.228.131.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
82.99.192.0/24 maxlen: 24
82.99.192.0/19 maxlen: 22
82.99.192.0/18 maxlen: 18
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.172.0/22 maxlen: 22
31.214.170.0/23 maxlen: 23
31.214.168.0/23 maxlen: 23
31.214.168.0/21 maxlen: 21
82.99.204.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.225.0/24 maxlen: 24
82.99.224.0/19 maxlen: 19
82.99.233.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
31.214.132.0/23 maxlen: 23
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
91.98.192.0/20 maxlen: 20
91.98.192.0/19 maxlen: 19
91.98.208.0/20 maxlen: 20
91.98.224.0/24 maxlen: 24
91.98.226.0/23 maxlen: 23
91.98.224.0/19 maxlen: 19
91.98.144.0/23 maxlen: 23
91.98.152.0/22 maxlen: 22
91.98.160.0/20 maxlen: 20
91.98.160.0/19 maxlen: 19
91.98.240.0/21 maxlen: 21
91.98.252.0/23 maxlen: 23
91.98.0.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
91.98.0.0/20 maxlen: 20
37.10.117.0/24 maxlen: 24
91.98.0.0/16 maxlen: 24
91.98.16.0/24 maxlen: 24
91.98.19.0/24 maxlen: 24
37.10.64.0/22 maxlen: 22
185.10.71.0/24 maxlen: 24
91.98.82.0/24 maxlen: 24
91.98.84.0/22 maxlen: 22
91.98.88.0/24 maxlen: 24
91.98.111.0/24 maxlen: 24
91.98.57.0/24 maxlen: 24
91.98.64.0/19 maxlen: 19
91.98.68.0/24 maxlen: 24
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
109.230.251.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
95.156.233.0/24 maxlen: 24
95.156.236.0/23 maxlen: 23
95.156.234.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.223.0/24 maxlen: 24
109.230.221.0/24 maxlen: 24
213.217.32.0/20 maxlen: 24
213.217.32.0/19 maxlen: 19
213.217.36.0/22 maxlen: 22
213.217.41.0/24 maxlen: 24
213.217.46.0/24 maxlen: 24
213.217.47.0/24 maxlen: 24
213.217.48.0/20 maxlen: 20
213.217.55.0/24 maxlen: 24
213.217.56.0/24 maxlen: 24
213.217.57.0/24 maxlen: 24
213.217.54.0/24 maxlen: 24
213.217.52.0/22 maxlen: 22
213.217.62.0/24 maxlen: 24
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.192.0/18 maxlen: 18
46.41.224.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
185.13.228.0/22 maxlen: 22
178.169.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:08:9c:ed:38:c3:e0:4f:6b:33:d9:c0:05:0b:c4:2f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Oct 7 05:29:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd646e0a7361e31ecf91ae7c17d3ae433d0d6418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:8c:52:f1:11:c7:69:88:da:8e:34:d5:f8:
47:72:02:14:2b:30:fd:5d:75:8c:35:85:70:87:2c:
96:c1:8b:80:89:dc:30:0f:f4:78:51:da:a1:8e:80:
b1:1b:b4:fe:ec:5e:07:be:db:3f:1f:e0:6e:61:f0:
cb:49:c4:a9:1b:58:1c:27:a0:b8:0f:b2:89:6c:5f:
a2:b7:94:4d:5a:d5:e1:bd:a9:29:ec:a1:0a:68:b5:
55:be:e7:24:a7:99:4e:55:a7:68:30:f7:19:eb:4e:
05:3f:c2:ef:89:48:81:90:d3:d0:17:77:e2:bf:8e:
13:98:1a:e8:46:27:81:be:89:c3:24:ef:5c:d9:10:
06:bc:8f:53:07:5f:3a:b9:70:70:4e:71:5e:cf:54:
81:84:a1:d7:7a:75:16:8f:f9:d0:aa:b2:ba:a5:60:
48:96:5b:c8:50:75:66:6c:f2:37:fd:d2:30:38:2b:
5a:7f:b7:34:f4:99:3b:bf:8c:6e:2f:e9:0c:de:7d:
7b:7b:fa:76:92:59:46:60:dd:9a:f2:93:91:7e:f7:
7e:39:f2:75:b1:e0:3f:61:ed:8a:91:10:76:d3:4b:
c2:00:d3:5f:0f:3b:14:f7:41:a2:88:a4:bd:15:ab:
ab:ad:54:bb:d4:08:fa:3d:ac:be:5e:4e:52:35:5f:
81:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:64:6E:0A:73:61:E3:1E:CF:91:AE:7C:17:D3:AE:43:3D:0D:64:18
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/3WRuCnNh4x7Pka58F9OuQz0NZBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
91.98.0.0/16
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
178.169.0.0/19
185.10.71.0/24
185.13.228.0/22
213.217.32.0/19
Signature Algorithm: sha256WithRSAEncryption
34:b9:01:5f:2d:13:65:4d:81:1f:ba:c9:63:94:7e:f6:84:99:
de:bb:b4:83:25:3b:41:62:8d:83:be:ea:52:56:d6:a6:46:77:
4e:46:92:09:e7:d8:ae:76:a1:14:36:dc:96:aa:16:a0:7f:8d:
cc:ce:08:c1:bb:ef:19:4c:05:ba:78:3c:21:94:de:53:84:dc:
ed:67:d7:cb:be:da:f4:4b:a6:93:62:42:76:8f:af:cb:75:11:
01:5d:15:95:45:81:ba:14:92:dd:1b:37:3e:bb:f1:98:38:33:
e9:29:25:6c:b9:fe:70:3c:6f:38:10:9a:b2:f2:dd:69:67:03:
e1:34:b2:50:d2:3c:a7:56:50:de:dc:7d:23:37:aa:70:13:45:
68:49:bf:d7:8b:68:af:8c:62:d2:2e:18:35:4c:e5:f9:ec:17:
dd:b7:e8:1b:9d:5d:8d:7e:1e:c3:41:90:47:f5:1e:33:2e:81:
1c:3a:83:21:68:50:b6:6a:1f:0f:4d:73:3e:0d:3a:46:d7:c7:
a1:5f:e8:f7:52:a1:19:d3:51:4a:2b:bc:d9:a6:f0:46:5b:34:
3b:11:06:ae:a5:ef:85:6a:a0:4f:83:8e:75:e0:b2:3f:16:13:
cc:2f:9e:d3:65:e7:d4:15:d7:34:72:e1:af:d8:33:2e:ec:68:
f9:7d:82:93
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgISAYsInO04w+BPazPZwAULxC+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjMxMDA3MDUyOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY0NmUwYTczNjFlMzFlY2Y5MWFlN2MxN2QzYWU0MzNkMGQ2NDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn6MUvERx2mI2o401fhHcgIUKzD9
XXWMNYVwhyyWwYuAidwwD/R4UdqhjoCxG7T+7F4Hvts/H+BuYfDLScSpG1gcJ6C4
D7KJbF+it5RNWtXhvakp7KEKaLVVvuckp5lOVadoMPcZ604FP8LviUiBkNPQF3fi
v44TmBroRieBvonDJO9c2RAGvI9TB186uXBwTnFez1SBhKHXenUWj/nQqrK6pWBI
llvIUHVmbPI3/dIwOCtaf7c09Jk7v4xuL+kM3n17e/p2kllGYN2a8pORfvd+OfJ1
seA/Ye2KkRB200vCANNfDzsU90GiiKS9FaurrVS71Aj6Pay+Xk5SNV+B/wIDAQAB
o4IDBzCCAwMwHQYDVR0OBBYEFN1kbgpzYeMez5GufBfTrkM9DWQYMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvM1dSdUNuTmg0eDdQa2E1OEY5T3VRejBOWkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGwYIKwYBBQUHAQcBAf8EggEKMIIBBjCCAQIEAgABMIH7
AwQBH9aEAwQBH9aSAwQAH9aaAwQDH9aoAwQBH9bIAwQCH9bkAwQDH9b4AwQCJQpA
AwQAJQptAwQAJQp1AwQAJeSDAwQAJeSFMAwDBAAl5IcDBAIl5IgDBAYuKcADBAAu
++ADBAAu++IDBAAu++0DBAZSY8ADAwBbYgMEAV+c3jAMAwQAX5zpAwQBX5zsAwQB
X5z4AwQBbebAAwQAbebIAwQCbebMAwQAbebdAwQAbebfAwQAbebyAwQBbeb2AwQA
beb7AwQBhv/EAwQDhv/IMAwDBACG//UDBACG//YDBACG//kDBAWyqQADBAC5CkcD
BAK5DeQDBAXV2SAwDQYJKoZIhvcNAQELBQADggEBADS5AV8tE2VNgR+6yWOUfvaE
md67tIMlO0FijYO+6lJW1qZGd05Gkgnn2K52oRQ23JaqFqB/jczOCMG77xlMBbp4
PCGU3lOE3O1n18u+2vRLppNiQnaPr8t1EQFdFZVFgboUkt0bNz678Zg4M+kpJWy5
/nA8bzgQmrLy3WlnA+E0slDSPKdWUN7cfSM3qnATRWhJv9eLaK+MYtIuGDVM5fns
F9236BudXY1+HsNBkEf1HjMugRw6gyFoULZqHw9Ncz4NOkbXx6Ff6PdSoRnTUUor
vNmm8EZbNDsRBq6l74VqoE+DjnXgsj8WE8wvntNl59QV1zRy4a/YMy7saPl9gpM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:06 2024 by rpki-client on console-ams.rpki-client.org