Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/_iWjkytqvrTV7aDUUpc8QfR1SLc.roa
File: _iWjkytqvrTV7aDUUpc8QfR1SLc.roa (raw, json)
Hash identifier: OA8WgUFtTNnFNyUe4EO9dbcRwcrg6lDtkq5aJLssbh0=
Subject key identifier: FE:25:A3:93:2B:6A:BE:B4:D5:ED:A0:D4:52:97:3C:41:F4:75:48:B7
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 01881FD1680C6409895216D6BB2E7FFAA57C
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/_iWjkytqvrTV7aDUUpc8QfR1SLc.roa
Signing time: Mon 15 May 2023 14:29:57 +0000
ROA not before: Mon 15 May 2023 14:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.248.0/21 maxlen: 21
37.228.131.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
82.99.192.0/24 maxlen: 24
82.99.192.0/19 maxlen: 22
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.146.0/23 maxlen: 23
31.214.154.0/24 maxlen: 24
31.214.172.0/22 maxlen: 22
31.214.170.0/23 maxlen: 23
31.214.168.0/23 maxlen: 23
31.214.168.0/21 maxlen: 21
82.99.204.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.233.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
31.214.132.0/23 maxlen: 23
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
91.98.192.0/20 maxlen: 20
91.98.192.0/19 maxlen: 19
91.98.208.0/20 maxlen: 20
91.98.226.0/23 maxlen: 23
91.98.224.0/19 maxlen: 19
91.98.224.0/24 maxlen: 24
91.98.144.0/23 maxlen: 23
91.98.152.0/22 maxlen: 22
91.98.160.0/20 maxlen: 20
91.98.160.0/19 maxlen: 19
91.98.240.0/21 maxlen: 21
91.98.252.0/23 maxlen: 23
91.98.0.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
91.98.0.0/20 maxlen: 20
37.10.117.0/24 maxlen: 24
91.98.0.0/16 maxlen: 24
91.98.16.0/24 maxlen: 24
91.98.19.0/24 maxlen: 24
37.10.64.0/22 maxlen: 22
185.10.71.0/24 maxlen: 24
91.98.84.0/22 maxlen: 22
91.98.82.0/24 maxlen: 24
91.98.88.0/24 maxlen: 24
91.98.111.0/24 maxlen: 24
91.98.57.0/24 maxlen: 24
91.98.64.0/19 maxlen: 19
91.98.68.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.224.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
109.230.251.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
95.156.233.0/24 maxlen: 24
95.156.236.0/23 maxlen: 23
95.156.234.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.223.0/24 maxlen: 24
109.230.221.0/24 maxlen: 24
213.217.32.0/20 maxlen: 24
213.217.32.0/19 maxlen: 19
213.217.36.0/22 maxlen: 22
213.217.41.0/24 maxlen: 24
213.217.46.0/24 maxlen: 24
213.217.47.0/24 maxlen: 24
213.217.48.0/20 maxlen: 20
213.217.55.0/24 maxlen: 24
213.217.56.0/24 maxlen: 24
213.217.57.0/24 maxlen: 24
213.217.54.0/24 maxlen: 24
213.217.52.0/22 maxlen: 22
213.217.62.0/24 maxlen: 24
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.192.0/18 maxlen: 18
46.41.224.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
185.13.228.0/22 maxlen: 22
178.169.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:d1:68:0c:64:09:89:52:16:d6:bb:2e:7f:fa:a5:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: May 15 14:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe25a3932b6abeb4d5eda0d452973c41f47548b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5e:99:37:4e:45:aa:f6:84:e5:33:6a:bf:8f:
1b:22:84:3d:d8:77:db:7e:e0:84:6b:a7:96:86:06:
a9:4e:fb:e6:91:d8:c3:84:65:cf:71:d9:78:5e:cc:
9e:50:61:4e:18:2c:e0:d6:1f:46:4d:e0:74:64:26:
a5:80:d3:e4:1f:d3:1d:a8:d2:8e:44:6b:7b:47:9d:
93:01:86:55:69:1c:cd:95:48:42:23:f9:6f:80:8d:
7a:9d:7b:7b:da:4a:fd:b3:a5:5d:78:f2:25:cb:87:
9e:ea:a0:f8:1f:95:0c:eb:6a:25:d8:37:b4:81:19:
e4:70:e3:d9:07:c0:90:ad:97:51:51:c7:53:99:e1:
3b:1f:ef:dc:c4:61:09:2c:ad:80:94:b8:cb:c4:6c:
49:6a:f6:10:50:be:eb:77:32:0f:17:af:28:6a:ee:
9a:eb:e9:33:a9:00:34:b8:19:a6:e0:38:54:84:43:
8a:d8:cd:8a:d9:e6:fc:0a:d5:bb:ee:83:cc:d5:1c:
68:ac:57:c5:9a:26:52:2e:4f:d9:02:50:98:5b:c5:
66:38:0e:b1:e8:be:17:ee:4d:e1:7b:1b:0e:c0:46:
9c:4c:81:33:07:8d:02:30:d5:5c:6b:b2:f6:b2:80:
ab:61:0c:71:71:3f:c5:ab:1f:28:4d:4d:77:82:1f:
3e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:25:A3:93:2B:6A:BE:B4:D5:ED:A0:D4:52:97:3C:41:F4:75:48:B7
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/_iWjkytqvrTV7aDUUpc8QfR1SLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
91.98.0.0/16
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
178.169.0.0/19
185.10.71.0/24
185.13.228.0/22
213.217.32.0/19
Signature Algorithm: sha256WithRSAEncryption
51:8e:b4:5b:bd:4b:21:a5:98:9b:43:14:f3:e8:4d:46:6d:d7:
85:c1:1f:7d:da:95:6e:d2:fa:83:b1:71:07:a6:a4:92:e5:0c:
3f:3a:75:be:95:9d:f9:2b:20:17:1d:22:75:6e:12:75:18:4e:
0c:76:29:26:0c:fe:6b:b7:58:a0:43:ff:ac:17:5f:a2:8c:b2:
15:4b:af:23:81:84:9c:8d:01:81:e9:e3:c4:af:03:cb:86:4e:
3e:22:4e:9f:21:76:10:55:96:b5:fd:30:db:8d:89:bb:14:9a:
5a:7e:9a:21:d2:37:88:3d:26:45:49:8e:f4:bf:67:fd:7e:72:
52:d8:4f:71:9f:2f:88:1d:ce:d8:de:ea:31:14:f2:e3:0d:82:
3a:d8:a8:08:58:dd:9c:53:c7:0c:3b:50:87:14:bc:51:ff:b3:
16:63:10:08:60:bf:31:da:44:7c:d3:90:63:dd:05:fb:b6:98:
19:5c:3a:e1:3b:a8:9b:a0:d5:80:93:50:32:fe:04:95:3b:7a:
5a:1c:77:b4:1f:16:0d:e3:41:71:6b:a6:3c:7e:80:94:93:4a:
15:ee:25:ce:57:2c:35:ee:5b:4d:12:70:22:57:9d:cd:13:89:
40:06:a3:be:29:de:48:7f:c7:4c:49:c1:ae:dd:01:ed:6e:ad:
cf:cb:f1:e9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgISAYgf0WgMZAmJUhbWuy5/+qV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjMwNTE1MTQyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTI1YTM5MzJiNmFiZWI0ZDVlZGEwZDQ1Mjk3M2M0MWY0NzU0OGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF6ZN05FqvaE5TNqv48bIoQ92Hfb
fuCEa6eWhgapTvvmkdjDhGXPcdl4XsyeUGFOGCzg1h9GTeB0ZCalgNPkH9MdqNKO
RGt7R52TAYZVaRzNlUhCI/lvgI16nXt72kr9s6VdePIly4ee6qD4H5UM62ol2De0
gRnkcOPZB8CQrZdRUcdTmeE7H+/cxGEJLK2AlLjLxGxJavYQUL7rdzIPF68oau6a
6+kzqQA0uBmm4DhUhEOK2M2K2eb8CtW77oPM1RxorFfFmiZSLk/ZAlCYW8VmOA6x
6L4X7k3hexsOwEacTIEzB40CMNVca7L2soCrYQxxcT/Fqx8oTU13gh8+MQIDAQAB
o4IDBzCCAwMwHQYDVR0OBBYEFP4lo5Mrar601e2g1FKXPEH0dUi3MB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvX2lXamt5dHF2clRWN2FEVVVwYzhRZlIxU0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGwYIKwYBBQUHAQcBAf8EggEKMIIBBjCCAQIEAgABMIH7
AwQBH9aEAwQBH9aSAwQAH9aaAwQDH9aoAwQBH9bIAwQCH9bkAwQDH9b4AwQCJQpA
AwQAJQptAwQAJQp1AwQAJeSDAwQAJeSFMAwDBAAl5IcDBAIl5IgDBAYuKcADBAAu
++ADBAAu++IDBAAu++0DBAZSY8ADAwBbYgMEAV+c3jAMAwQAX5zpAwQBX5zsAwQB
X5z4AwQBbebAAwQAbebIAwQCbebMAwQAbebdAwQAbebfAwQAbebyAwQBbeb2AwQA
beb7AwQBhv/EAwQDhv/IMAwDBACG//UDBACG//YDBACG//kDBAWyqQADBAC5CkcD
BAK5DeQDBAXV2SAwDQYJKoZIhvcNAQELBQADggEBAFGOtFu9SyGlmJtDFPPoTUZt
14XBH33alW7S+oOxcQempJLlDD86db6VnfkrIBcdInVuEnUYTgx2KSYM/mu3WKBD
/6wXX6KMshVLryOBhJyNAYHp48SvA8uGTj4iTp8hdhBVlrX9MNuNibsUmlp+miHS
N4g9JkVJjvS/Z/1+clLYT3GfL4gdztje6jEU8uMNgjrYqAhY3ZxTxww7UIcUvFH/
sxZjEAhgvzHaRHzTkGPdBfu2mBlcOuE7qJug1YCTUDL+BJU7elocd7QfFg3jQXFr
pjx+gJSTShXuJc5XLDXuW00ScCJXnc0TiUAGo74p3kh/x0xJwa7dAe1urc/L8ek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:42 2024 by rpki-client on console-fra.rpki-client.org