Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0DodSn6wFxK9H9osUKAxF1kMgyE.roa
File: 0DodSn6wFxK9H9osUKAxF1kMgyE.roa (raw, json)
Hash identifier: t6hHgr6oFVO2m1j+pemNuT9JRoMhrG13QepYvRYL8ok=
Subject key identifier: D0:3A:1D:4A:7E:B0:17:12:BD:1F:DA:2C:50:A0:31:17:59:0C:83:21
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 1000B819
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0DodSn6wFxK9H9osUKAxF1kMgyE.roa
Signing time: Mon 07 Feb 2022 11:56:08 +0000
ROA not before: Mon 07 Feb 2022 11:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268482585 (0x1000b819)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Feb 7 11:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d03a1d4a7eb01712bd1fda2c50a03117590c8321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d5:ea:8e:70:b9:9c:5f:c8:a0:b7:8c:00:35:
1f:a6:e0:e7:ce:10:70:1f:52:86:90:09:45:9c:6a:
07:58:16:8f:da:5e:ea:2c:98:6f:41:2f:0c:bf:89:
95:36:a4:1c:82:05:3c:ce:63:1c:47:eb:94:f6:1f:
1a:b5:52:50:e4:35:5d:66:4a:e9:ec:aa:75:cb:43:
f4:24:aa:d6:d0:51:73:81:0e:e0:90:7f:0d:f1:51:
6d:69:64:bc:dd:8d:e1:a8:0b:db:55:df:39:87:4e:
35:94:5a:84:0f:05:37:9a:9c:9a:69:f4:ac:2f:a6:
72:b6:f3:15:88:15:5c:90:e5:7d:c2:66:ce:3d:31:
28:82:0c:2f:94:48:95:6a:9a:d8:49:af:1a:56:9e:
65:34:02:f3:ab:ba:fb:8e:81:fb:44:1f:68:ce:78:
6b:7c:2b:d7:61:6f:72:37:6c:c1:29:14:28:be:84:
73:68:cc:21:79:8d:5a:8e:8a:df:4d:ba:78:19:7a:
84:7c:70:dd:bc:ad:d8:00:87:c3:6e:10:82:3c:17:
74:cc:20:99:fb:6d:90:ab:d1:b4:22:70:81:4f:af:
1e:8f:ab:e6:99:78:e9:e0:20:56:00:6e:3a:52:d6:
72:d6:0e:e6:ed:71:45:6d:4e:e3:43:66:db:33:ba:
24:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3A:1D:4A:7E:B0:17:12:BD:1F:DA:2C:50:A0:31:17:59:0C:83:21
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0DodSn6wFxK9H9osUKAxF1kMgyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.144.0-212.36.175.255
212.36.184.0/21
212.74.64.0/24
212.74.77.0-212.74.79.255
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/31
2001:924::-2001:926:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
17:5a:5a:da:0d:83:cc:c1:2a:70:9d:2b:0a:7a:24:61:8d:e0:
1d:25:fc:65:c4:25:d8:d9:f5:86:d3:32:e4:83:ac:f1:55:d4:
58:a3:9b:0a:b0:75:ac:e3:f5:f8:33:36:51:54:62:ea:ff:4a:
cf:66:a9:85:7a:27:20:f1:81:11:10:f3:4d:c8:02:95:4a:b2:
70:46:ba:b0:11:29:c3:e4:a5:d8:05:58:a9:64:16:7b:4f:0b:
b3:8f:a0:63:18:7d:24:28:99:ed:da:02:26:59:3f:32:d7:a6:
d2:98:44:e4:fc:e2:bf:cd:b8:e3:82:14:fa:c1:e6:1f:d7:6a:
2c:9f:48:25:c8:55:d5:24:9d:2f:70:43:8b:35:16:18:72:94:
01:f1:38:79:91:91:4b:22:a4:ae:3a:cb:c2:6a:30:4d:cd:64:
37:89:ad:16:05:d3:e7:53:73:91:8f:b4:a0:ce:57:88:9a:53:
af:49:3d:f1:b1:a7:83:89:ad:49:43:56:f1:ec:af:67:a9:36:
39:5b:93:ef:64:c4:3d:61:25:31:92:9c:a7:af:c4:5d:4d:e0:
95:fb:3b:d3:bb:8a:ec:25:18:37:38:c6:06:26:13:dd:d9:70:
fa:c3:40:e7:de:fe:b4:bf:48:8c:4e:6d:ba:7f:4b:e4:44:c4:
b2:8a:30:37
-----BEGIN CERTIFICATE-----
MIIGczCCBVugAwIBAgIEEAC4GTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDIw
NzExNTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAzYTFkNGE3ZWIw
MTcxMmJkMWZkYTJjNTBhMDMxMTc1OTBjODMyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPV6o5wuZxfyKC3jAA1H6bg584QcB9ShpAJRZxqB1gWj9pe
6iyYb0EvDL+JlTakHIIFPM5jHEfrlPYfGrVSUOQ1XWZK6eyqdctD9CSq1tBRc4EO
4JB/DfFRbWlkvN2N4agL21XfOYdONZRahA8FN5qcmmn0rC+mcrbzFYgVXJDlfcJm
zj0xKIIML5RIlWqa2EmvGlaeZTQC86u6+46B+0QfaM54a3wr12FvcjdswSkUKL6E
c2jMIXmNWo6K3026eBl6hHxw3byt2ACHw24QgjwXdMwgmfttkKvRtCJwgU+vHo+r
5pl46eAgVgBuOlLWctYO5u1xRW1O40Nm2zO6JMECAwEAAaOCA40wggOJMB0GA1Ud
DgQWBBTQOh1KfrAXEr0f2ixQoDEXWQyDITAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
LzBEb2RTbjZ3RnhLOUg5b3NVS0F4RjFrTWd5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AaEGCCsGAQUFBwEHAQH/BIIBkDCCAYwwggFpBAIAATCCAWEwCwMDARtuAwQCG24Q
AwQFLviAAwMAPhcDBAU+SGADBAU+VMADAwA+YAMEBj5hQAMEBT6YYAMEBT7AAAME
Bk6PAAMEBU6cQAMEBVBQAAMDAFCpAwQFUPugAwQFUnDAAwMAVA4DBAVUEKADBAVV
WIADBAZX8QADBAV2Q+ADBAOdeOAwCwMEAp147AMDAJ14AwQGwVIAAwQFwXKgAwQG
wXSAAwQFwXbgAwQFwt+AAwQHw0QAAwQFw25AAwQF1ABgAwQF1BfgAwQF1B/gAwQF
1CNgMAwDBATUJJADBATUJKADBAPUJLgDBADUSkAwDAMEANRKTQMEBNRKQAMEBdRO
oAMEBdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA1VYD
BAXVpAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZbgME
BNmtYDAdBAIAAjAXAwUBIAEJIDAOAwUCIAEJJAMFACABCSYwDQYJKoZIhvcNAQEL
BQADggEBABdaWtoNg8zBKnCdKwp6JGGN4B0l/GXEJdjZ9YbTMuSDrPFV1Fijmwqw
dazj9fgzNlFUYur/Ss9mqYV6JyDxgREQ803IApVKsnBGurARKcPkpdgFWKlkFntP
C7OPoGMYfSQome3aAiZZPzLXptKYROT84r/NuOOCFPrB5h/XaiyfSCXIVdUknS9w
Q4s1FhhylAHxOHmRkUsipK46y8JqME3NZDeJrRYF0+dTc5GPtKDOV4iaU69JPfGx
p4OJrUlDVvHsr2epNjlbk+9kxD1hJTGSnKevxF1N4JX7O9O7iuwlGDc4xgYmE93Z
cPrDQOfe/rS/SIxObbp/S+RExLKKMDc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org