Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/9Re4eXg34DMdnnuqVAkNQ8H0Iv0.roa
File: 9Re4eXg34DMdnnuqVAkNQ8H0Iv0.roa (raw, json)
Hash identifier: kEG3S/1CClwneVnjiAF0cRHn1uy5uV6rokiw6jL15cc=
Subject key identifier: F5:17:B8:79:78:37:E0:33:1D:9E:7B:AA:54:09:0D:43:C1:F4:22:FD
Certificate issuer: /CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Certificate serial: 0189BC20CE936CAF6752C8284276995EB1F7
Authority key identifier: 9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/9Re4eXg34DMdnnuqVAkNQ8H0Iv0.roa
Signing time: Thu 03 Aug 2023 16:00:13 +0000
ROA not before: Thu 03 Aug 2023 16:00:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20676
IP address blocks: 194.9.127.0/24 maxlen: 24
92.201.128.0/17 maxlen: 17
92.201.64.0/18 maxlen: 18
212.202.0.0/19 maxlen: 19
195.80.192.0/19 maxlen: 19
185.144.188.0/22 maxlen: 22
212.202.0.0/16 maxlen: 16
212.110.192.0/19 maxlen: 19
84.245.128.0/18 maxlen: 18
92.195.0.0/17 maxlen: 17
62.8.168.0/21 maxlen: 21
62.8.176.0/20 maxlen: 20
92.194.0.0/17 maxlen: 17
213.160.0.0/19 maxlen: 19
213.217.64.0/18 maxlen: 18
212.5.16.0/20 maxlen: 20
92.200.128.0/17 maxlen: 17
62.8.128.0/17 maxlen: 17
85.8.132.0/22 maxlen: 22
195.90.0.0/19 maxlen: 19
195.90.8.0/21 maxlen: 21
92.194.128.0/17 maxlen: 17
212.63.32.0/19 maxlen: 19
92.197.130.0/24 maxlen: 24
195.32.128.0/17 maxlen: 17
194.140.96.0/20 maxlen: 20
92.201.0.0/18 maxlen: 18
92.201.0.0/17 maxlen: 17
92.196.128.0/17 maxlen: 17
62.206.164.0/24 maxlen: 24
62.206.165.0/24 maxlen: 24
62.206.166.0/24 maxlen: 24
92.193.0.0/17 maxlen: 17
87.193.0.0/16 maxlen: 16
92.193.128.0/17 maxlen: 17
87.234.0.0/16 maxlen: 16
212.5.0.0/19 maxlen: 19
217.146.128.0/19 maxlen: 19
212.5.8.0/21 maxlen: 21
212.4.160.0/19 maxlen: 19
92.200.0.0/17 maxlen: 17
92.200.0.0/16 maxlen: 16
212.4.176.0/20 maxlen: 20
92.200.0.0/15 maxlen: 15
212.105.192.0/19 maxlen: 19
92.192.0.0/13 maxlen: 13
83.236.0.0/20 maxlen: 20
83.236.0.0/16 maxlen: 16
83.236.16.0/20 maxlen: 20
213.148.129.0/24 maxlen: 24
213.148.130.0/24 maxlen: 24
213.148.128.0/24 maxlen: 24
213.148.128.0/19 maxlen: 19
195.158.160.0/19 maxlen: 19
213.148.133.0/24 maxlen: 24
83.236.32.0/21 maxlen: 21
92.192.0.0/17 maxlen: 17
92.198.192.0/18 maxlen: 18
212.202.40.0/21 maxlen: 21
212.202.48.0/20 maxlen: 20
212.60.192.0/18 maxlen: 18
92.195.128.0/17 maxlen: 17
62.145.0.0/19 maxlen: 19
92.196.0.0/17 maxlen: 17
212.84.224.0/19 maxlen: 19
92.192.128.0/17 maxlen: 17
62.206.0.0/16 maxlen: 16
212.202.168.0/21 maxlen: 21
212.202.176.0/20 maxlen: 20
212.84.208.0/20 maxlen: 20
2001:1a80:800::/48 maxlen: 48
2001:658::/29 maxlen: 29
2001:1a80:801::/48 maxlen: 48
2001:1a81:2000::/36 maxlen: 40
2001:1a81:4000::/36 maxlen: 40
2001:1a81:3000::/36 maxlen: 40
2001:1a81:6000::/40 maxlen: 48
2001:1a81:1000::/40 maxlen: 48
2001:1a81:1000::/36 maxlen: 40
2001:1a81:6000::/36 maxlen: 40
2001:1a81:4000::/40 maxlen: 48
2001:1a81:7000::/40 maxlen: 48
2001:1a81:5000::/36 maxlen: 40
2001:1a81:7000::/36 maxlen: 40
2001:1a81:5000::/40 maxlen: 48
2001:1a81:2000::/40 maxlen: 48
2001:1a81:3000::/40 maxlen: 48
2001:1a80:802::/48 maxlen: 48
2001:1a80::/29 maxlen: 29
2a09:7100::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:20:ce:93:6c:af:67:52:c8:28:42:76:99:5e:b1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Validity
Not Before: Aug 3 16:00:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f517b8797837e0331d9e7baa54090d43c1f422fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e0:96:56:3f:39:1e:55:32:ca:47:71:bc:d0:
ad:fa:0e:8a:5f:b5:3b:26:db:cf:cd:1c:cf:89:1c:
bd:c1:87:33:82:b8:cf:f0:76:4a:07:bc:c2:30:27:
fe:89:bf:a9:be:aa:d6:95:93:e2:e3:c2:29:25:cb:
b2:30:06:ab:3f:d7:3c:6a:ce:45:2d:cc:2b:80:ee:
1e:9e:fb:7a:78:a7:09:d4:ea:da:f2:94:f3:f6:5e:
a3:61:f2:93:15:54:ba:58:f3:25:9a:e3:eb:1d:2a:
d9:11:9b:2d:90:fb:78:aa:e2:f0:8a:0e:fa:72:5e:
8b:d6:1d:70:70:5d:a0:d1:b3:21:95:13:f6:7a:79:
eb:a6:de:ce:5d:b7:fe:83:37:3b:3c:ae:bc:c4:52:
7b:09:e1:00:7a:51:ed:32:db:e4:ef:0a:7e:d0:ca:
6a:d2:ca:64:27:65:59:36:4a:00:f4:49:bd:20:7d:
1d:49:92:2d:02:8b:90:39:22:fb:8d:0d:5e:49:e6:
60:36:5a:b7:f2:af:47:8e:a9:55:cc:a2:44:43:fa:
a0:e4:75:79:c2:33:ed:7a:9e:7e:58:e6:75:69:1b:
b3:c9:1c:ce:50:a9:11:ab:26:ae:17:96:d8:c4:83:
34:e7:02:05:04:d9:ff:02:28:ff:7d:1b:c0:40:53:
8b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:17:B8:79:78:37:E0:33:1D:9E:7B:AA:54:09:0D:43:C1:F4:22:FD
X509v3 Authority Key Identifier:
keyid:9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/9Re4eXg34DMdnnuqVAkNQ8H0Iv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/nQZsuEiNrn5CNKp8iSQw2tEf5bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.8.128.0/17
62.145.0.0/19
62.206.0.0/16
83.236.0.0/16
84.245.128.0/18
85.8.132.0/22
87.193.0.0/16
87.234.0.0/16
92.192.0.0-92.201.255.255
185.144.188.0/22
194.9.127.0/24
194.140.96.0/20
195.32.128.0/17
195.80.192.0/19
195.90.0.0/19
195.158.160.0/19
212.4.160.0/19
212.5.0.0/19
212.60.192.0/18
212.63.32.0/19
212.84.208.0-212.84.255.255
212.105.192.0/19
212.110.192.0/19
212.202.0.0/16
213.148.128.0/19
213.160.0.0/19
213.217.64.0/18
217.146.128.0/19
IPv6:
2001:658::/29
2001:1a80::/29
2a09:7100::/29
Signature Algorithm: sha256WithRSAEncryption
84:3f:a8:07:30:1a:20:1b:e7:24:69:0e:8e:19:d8:57:d3:e7:
5a:d3:73:a2:2f:23:06:16:3a:a8:63:69:07:91:1e:a7:3a:71:
ee:71:34:42:ec:f6:ad:9f:a8:6d:59:d4:c0:a6:dc:77:9a:5b:
23:9b:ef:e5:df:87:ab:b6:4a:2f:99:66:58:4d:cd:09:bc:36:
d6:ae:4d:e0:99:64:13:79:03:6a:9c:67:65:a7:b1:4b:ca:98:
d0:7b:28:51:79:62:00:ed:95:fb:9e:52:31:e6:3c:0b:e7:93:
e3:5d:4b:f7:82:e1:6c:16:53:6f:b3:ab:8f:7f:72:bb:21:a4:
b7:c0:41:46:08:56:84:d9:99:ee:35:ac:24:5a:af:3a:0c:fb:
a6:fc:e1:43:20:00:23:5f:ee:5a:c1:34:52:d5:d6:80:9c:26:
7b:88:bc:7b:0b:84:02:37:29:f5:f2:16:f6:90:06:4c:24:29:
22:42:73:ef:c9:c1:93:43:2a:af:eb:e8:e2:8f:0e:c2:95:fd:
5e:8e:68:24:68:77:5e:b0:22:a2:cd:16:10:38:4d:1c:fb:ec:
c4:75:d7:c4:b2:df:6d:7a:e8:4d:9b:80:cb:78:be:d7:46:6e:
01:91:0c:01:79:79:a3:30:9a:8f:e8:5c:06:f7:70:7a:c8:22:
08:5a:ba:4a
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYm8IM6TbK9nUsgoQnaZXrH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDY2Y2I4NDg4ZGFlN2U0MjM0YWE3Yzg5MjQzMGRhZDEx
ZmU1YjEwHhcNMjMwODAzMTYwMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTE3Yjg3OTc4MzdlMDMzMWQ5ZTdiYWE1NDA5MGQ0M2MxZjQyMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+CWVj85HlUyykdxvNCt+g6KX7U7
JtvPzRzPiRy9wYczgrjP8HZKB7zCMCf+ib+pvqrWlZPi48IpJcuyMAarP9c8as5F
LcwrgO4envt6eKcJ1Ora8pTz9l6jYfKTFVS6WPMlmuPrHSrZEZstkPt4quLwig76
cl6L1h1wcF2g0bMhlRP2ennrpt7OXbf+gzc7PK68xFJ7CeEAelHtMtvk7wp+0Mpq
0spkJ2VZNkoA9Em9IH0dSZItAouQOSL7jQ1eSeZgNlq38q9HjqlVzKJEQ/qg5HV5
wjPtep5+WOZ1aRuzyRzOUKkRqyauF5bYxIM05wIFBNn/Aij/fRvAQFOLZwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFPUXuHl4N+AzHZ57qlQJDUPB9CL9MB8GA1UdIwQY
MBaAFJ0GbLhIja5+QjSqfIkkMNrRH+WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQt
M2VmMDJkNTE0MGI3LzEvOVJlNGVYZzM0RE1kbm51cVZBa05ROEgwSXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQtM2VmMDJkNTE0MGI3
LzEvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbADBAc+
CIADBAU+kQADAwA+zgMDAFPsAwQGVPWAAwQCVQiEAwMAV8EDAwBX6jAKAwMGXMAD
AwFcyAMEArmQvAMEAMIJfwMEBMKMYAMEB8MggAMEBcNQwAMEBcNaAAMEBcOeoAME
BdQEoAMEBdQFAAMEBtQ8wAMEBdQ/IDALAwQE1FTQAwMA1FQDBAXUacADBAXUbsAD
AwDUygMEBdWUgAMEBdWgAAMEBtXZQAMEBdmSgDAbBAIAAjAVAwUDIAEGWAMFAyAB
GoADBQMqCXEAMA0GCSqGSIb3DQEBCwUAA4IBAQCEP6gHMBogG+ckaQ6OGdhX0+da
03OiLyMGFjqoY2kHkR6nOnHucTRC7Patn6htWdTAptx3mlsjm+/l34ertkovmWZY
Tc0JvDbWrk3gmWQTeQNqnGdlp7FLypjQeyhReWIA7ZX7nlIx5jwL55PjXUv3guFs
FlNvs6uPf3K7IaS3wEFGCFaE2ZnuNawkWq86DPum/OFDIAAjX+5awTRS1daAnCZ7
iLx7C4QCNyn18hb2kAZMJCkiQnPvycGTQyqv6+jijw7Clf1ejmgkaHdesCKizRYQ
OE0c++zEddfEst9teuhNm4DLeL7XRm4BkQwBeXmjMJqP6FwG93B6yCIIWrpK
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:37:55 2025 by rpki-client