Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/CpZV7_pibhrJrsqg3taRrHtZBGI.roa
File: CpZV7_pibhrJrsqg3taRrHtZBGI.roa (raw, json)
Hash identifier: hYI6p8i1g5CLNEOx4mfYc+7lGCa8anbttsGrVu6whqk=
Subject key identifier: 0A:96:55:EF:FA:62:6E:1A:C9:AE:CA:A0:DE:D6:91:AC:7B:59:04:62
Certificate issuer: /CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Certificate serial: 018CC26D1C67AF0CEC9AF3103EEA4E877D9D
Authority key identifier: 9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/CpZV7_pibhrJrsqg3taRrHtZBGI.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20676
IP address blocks: 194.9.127.0/24 maxlen: 24
92.201.128.0/17 maxlen: 17
92.201.64.0/18 maxlen: 18
212.202.0.0/19 maxlen: 19
195.80.192.0/19 maxlen: 19
185.144.188.0/22 maxlen: 22
212.202.0.0/16 maxlen: 16
212.110.192.0/19 maxlen: 19
84.245.128.0/18 maxlen: 18
92.195.0.0/17 maxlen: 17
62.8.168.0/21 maxlen: 21
62.8.176.0/20 maxlen: 20
92.194.0.0/17 maxlen: 17
213.160.0.0/19 maxlen: 19
213.217.64.0/18 maxlen: 18
212.5.16.0/20 maxlen: 20
92.200.128.0/17 maxlen: 17
62.8.128.0/17 maxlen: 17
85.8.132.0/22 maxlen: 22
195.90.0.0/19 maxlen: 19
195.90.8.0/21 maxlen: 21
92.194.128.0/17 maxlen: 17
212.63.32.0/19 maxlen: 19
92.197.130.0/24 maxlen: 24
195.32.128.0/17 maxlen: 17
194.140.96.0/20 maxlen: 20
92.201.0.0/18 maxlen: 18
92.201.0.0/17 maxlen: 17
92.201.0.0/16 maxlen: 16
92.196.128.0/17 maxlen: 17
62.206.164.0/24 maxlen: 24
62.206.165.0/24 maxlen: 24
62.206.166.0/24 maxlen: 24
92.193.0.0/17 maxlen: 17
87.193.0.0/16 maxlen: 16
92.193.128.0/17 maxlen: 17
87.234.0.0/16 maxlen: 16
212.5.0.0/19 maxlen: 19
217.146.128.0/19 maxlen: 19
212.5.8.0/21 maxlen: 21
212.4.160.0/19 maxlen: 19
92.200.0.0/17 maxlen: 17
92.200.0.0/16 maxlen: 16
212.4.176.0/20 maxlen: 20
92.200.0.0/15 maxlen: 15
212.105.192.0/19 maxlen: 19
92.192.0.0/13 maxlen: 13
83.236.0.0/20 maxlen: 20
83.236.0.0/16 maxlen: 16
83.236.16.0/20 maxlen: 20
213.148.129.0/24 maxlen: 24
213.148.130.0/24 maxlen: 24
213.148.128.0/24 maxlen: 24
213.148.128.0/19 maxlen: 19
195.158.160.0/19 maxlen: 19
213.148.133.0/24 maxlen: 24
83.236.32.0/21 maxlen: 21
92.192.0.0/17 maxlen: 17
92.198.192.0/18 maxlen: 18
212.202.40.0/21 maxlen: 21
212.202.48.0/20 maxlen: 20
212.60.192.0/18 maxlen: 18
92.195.128.0/17 maxlen: 17
62.145.0.0/19 maxlen: 19
92.196.0.0/17 maxlen: 17
212.84.224.0/19 maxlen: 19
92.192.128.0/17 maxlen: 17
62.206.0.0/16 maxlen: 16
212.202.168.0/21 maxlen: 21
212.202.176.0/20 maxlen: 20
212.84.208.0/20 maxlen: 20
2001:1a80:800::/48 maxlen: 48
2001:658::/29 maxlen: 29
2001:1a80:801::/48 maxlen: 48
2001:1a81:2000::/36 maxlen: 40
2001:1a81:4000::/36 maxlen: 40
2001:1a81:3000::/36 maxlen: 40
2001:1a81:6000::/40 maxlen: 48
2001:1a81:1000::/40 maxlen: 48
2001:1a81:1000::/36 maxlen: 40
2001:1a81:6000::/36 maxlen: 40
2001:1a81:4000::/40 maxlen: 48
2001:1a81:7000::/40 maxlen: 48
2001:1a81:5000::/36 maxlen: 40
2001:1a81:7000::/36 maxlen: 40
2001:1a81:5000::/40 maxlen: 48
2001:1a81:2000::/40 maxlen: 48
2001:1a81:3000::/40 maxlen: 48
2001:1a80:802::/48 maxlen: 48
2001:1a80::/29 maxlen: 29
2a09:7100::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1c:67:af:0c:ec:9a:f3:10:3e:ea:4e:87:7d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a9655effa626e1ac9aecaa0ded691ac7b590462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:af:87:7c:a5:99:0a:86:71:80:4f:8d:9f:9e:
57:f7:8b:5b:de:b4:20:e9:32:77:d1:66:1b:16:e9:
98:f5:09:4e:87:e8:c1:7b:27:ca:d2:02:f8:e5:7e:
d0:0d:00:57:02:17:a6:3c:12:8b:d5:33:af:26:61:
f3:d2:97:21:ac:fc:69:c3:54:62:2f:d3:70:38:dd:
80:ef:62:f9:aa:ef:c7:14:f1:5e:ed:6d:49:5b:9f:
6d:e2:b5:02:eb:64:c4:72:79:5d:09:b3:3d:95:04:
06:5a:ba:2f:bf:aa:7a:38:83:76:cd:56:2d:0f:9c:
b1:ff:cd:56:e3:5b:f5:c9:a6:e6:84:18:6f:f3:fe:
c4:5b:c9:76:8b:d3:4d:c3:6b:4d:8d:3e:bd:02:98:
cc:77:a5:42:91:2e:47:66:4e:c8:02:71:dd:4f:b4:
f1:46:85:43:ae:99:e7:d6:2e:8c:e9:19:c8:80:63:
b0:0c:b1:79:a4:a3:89:de:11:ec:66:04:19:28:4a:
02:0a:3d:19:2b:f4:32:75:64:68:32:7f:84:39:0a:
27:6b:69:79:0c:a2:59:36:b5:bc:86:a5:ea:6a:20:
6b:62:5a:e5:7c:99:e8:4f:fe:1e:87:39:53:e4:94:
16:1f:1e:37:ec:2c:93:43:11:15:60:4e:88:05:8e:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:96:55:EF:FA:62:6E:1A:C9:AE:CA:A0:DE:D6:91:AC:7B:59:04:62
X509v3 Authority Key Identifier:
keyid:9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/CpZV7_pibhrJrsqg3taRrHtZBGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/nQZsuEiNrn5CNKp8iSQw2tEf5bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.8.128.0/17
62.145.0.0/19
62.206.0.0/16
83.236.0.0/16
84.245.128.0/18
85.8.132.0/22
87.193.0.0/16
87.234.0.0/16
92.192.0.0-92.201.255.255
185.144.188.0/22
194.9.127.0/24
194.140.96.0/20
195.32.128.0/17
195.80.192.0/19
195.90.0.0/19
195.158.160.0/19
212.4.160.0/19
212.5.0.0/19
212.60.192.0/18
212.63.32.0/19
212.84.208.0-212.84.255.255
212.105.192.0/19
212.110.192.0/19
212.202.0.0/16
213.148.128.0/19
213.160.0.0/19
213.217.64.0/18
217.146.128.0/19
IPv6:
2001:658::/29
2001:1a80::/29
2a09:7100::/29
Signature Algorithm: sha256WithRSAEncryption
46:7e:04:be:d4:ec:fa:e7:07:1b:4f:d0:4d:cd:23:31:67:c6:
a4:0b:96:37:0e:54:ce:97:33:df:e3:d9:cb:a5:ec:b3:4e:13:
e8:9b:c1:02:54:1e:fb:52:bb:0c:6a:4e:4b:65:28:6a:8f:95:
f9:3a:95:d0:86:03:cf:09:a3:f9:d9:7e:33:10:67:8b:61:76:
fc:d0:0b:85:da:30:d3:b5:4b:52:e0:11:3f:cc:f7:a8:f2:45:
41:b4:8f:76:a2:49:29:e2:fb:11:87:26:7f:9d:6b:7a:1b:03:
52:da:ca:f3:8f:f7:90:61:17:1f:fe:0a:96:73:91:40:c9:2a:
30:df:bc:19:c4:31:e3:e6:74:3d:23:a2:45:71:b7:b1:a6:56:
ab:60:2e:06:1f:ce:b5:14:ba:c4:b1:b6:9b:18:29:bf:5a:b1:
46:27:47:10:d9:44:26:15:02:b5:8c:17:d4:29:c3:1f:50:58:
6d:03:8b:5b:a9:f4:0a:f4:3b:2c:05:c6:24:d3:0e:18:3f:92:
fb:74:5c:ab:89:a0:92:d4:3e:01:35:50:eb:bb:8b:58:d1:29:
0e:4e:c1:c6:17:97:0e:16:0c:d7:cd:7c:e7:6f:c3:4c:b1:ac:
b6:1b:dd:ea:36:7b:69:0e:57:3a:8f:92:18:59:73:e2:16:6c:
0b:e6:24:f0
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYzCbRxnrwzsmvMQPupOh32dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDY2Y2I4NDg4ZGFlN2U0MjM0YWE3Yzg5MjQzMGRhZDEx
ZmU1YjEwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk2NTVlZmZhNjI2ZTFhYzlhZWNhYTBkZWQ2OTFhYzdiNTkwNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK+HfKWZCoZxgE+Nn55X94tb3rQg
6TJ30WYbFumY9QlOh+jBeyfK0gL45X7QDQBXAhemPBKL1TOvJmHz0pchrPxpw1Ri
L9NwON2A72L5qu/HFPFe7W1JW59t4rUC62TEcnldCbM9lQQGWrovv6p6OIN2zVYt
D5yx/81W41v1yabmhBhv8/7EW8l2i9NNw2tNjT69ApjMd6VCkS5HZk7IAnHdT7Tx
RoVDrpnn1i6M6RnIgGOwDLF5pKOJ3hHsZgQZKEoCCj0ZK/QydWRoMn+EOQona2l5
DKJZNrW8hqXqaiBrYlrlfJnoT/4ehzlT5JQWHx437CyTQxEVYE6IBY5R0wIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFAqWVe/6Ym4aya7KoN7Wkax7WQRiMB8GA1UdIwQY
MBaAFJ0GbLhIja5+QjSqfIkkMNrRH+WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQt
M2VmMDJkNTE0MGI3LzEvQ3BaVjdfcGliaHJKcnNxZzN0YVJySHRaQkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQtM2VmMDJkNTE0MGI3
LzEvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbADBAc+
CIADBAU+kQADAwA+zgMDAFPsAwQGVPWAAwQCVQiEAwMAV8EDAwBX6jAKAwMGXMAD
AwFcyAMEArmQvAMEAMIJfwMEBMKMYAMEB8MggAMEBcNQwAMEBcNaAAMEBcOeoAME
BdQEoAMEBdQFAAMEBtQ8wAMEBdQ/IDALAwQE1FTQAwMA1FQDBAXUacADBAXUbsAD
AwDUygMEBdWUgAMEBdWgAAMEBtXZQAMEBdmSgDAbBAIAAjAVAwUDIAEGWAMFAyAB
GoADBQMqCXEAMA0GCSqGSIb3DQEBCwUAA4IBAQBGfgS+1Oz65wcbT9BNzSMxZ8ak
C5Y3DlTOlzPf49nLpeyzThPom8ECVB77UrsMak5LZShqj5X5OpXQhgPPCaP52X4z
EGeLYXb80AuF2jDTtUtS4BE/zPeo8kVBtI92okkp4vsRhyZ/nWt6GwNS2srzj/eQ
YRcf/gqWc5FAySow37wZxDHj5nQ9I6JFcbexplarYC4GH861FLrEsbabGCm/WrFG
J0cQ2UQmFQK1jBfUKcMfUFhtA4tbqfQK9DssBcYk0w4YP5L7dFyriaCS1D4BNVDr
u4tY0SkOTsHGF5cOFgzXzXznb8NMsay2G93qNntpDlc6j5IYWXPiFmwL5iTw
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:50:23 2025 by rpki-client