Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0l8_jStWiNDhBkI_PM6x-8yEpX4.roa
File: 0l8_jStWiNDhBkI_PM6x-8yEpX4.roa (raw, json)
Hash identifier: OURvFo1vgkQUp9vS+BY+Y5gf3Kl5jwHlQ2fYP4cquH0=
Subject key identifier: D2:5F:3F:8D:2B:56:88:D0:E1:06:42:3F:3C:CE:B1:FB:CC:84:A5:7E
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 102CAF8F
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0l8_jStWiNDhBkI_PM6x-8yEpX4.roa
Signing time: Mon 21 Feb 2022 13:01:42 +0000
ROA not before: Mon 21 Feb 2022 13:01:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
62.97.64.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271363983 (0x102caf8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Feb 21 13:01:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d25f3f8d2b5688d0e106423f3cceb1fbcc84a57e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:92:1a:d3:8a:31:a8:81:40:41:47:a5:0c:a9:
b2:d9:17:37:43:27:4b:6e:68:2c:54:97:3b:d6:e9:
59:04:18:5e:0c:e3:90:ee:10:c6:18:13:d8:46:0d:
70:56:11:b2:0c:4c:60:4d:22:b5:86:2f:d2:3d:a0:
bd:b1:da:13:9f:ba:db:ec:71:59:a9:b1:6e:7d:d3:
97:a0:1c:b2:a7:1d:cc:99:bd:e6:b8:53:36:6e:4c:
46:02:ff:13:0f:e4:19:a8:b5:cc:d1:31:f2:6a:94:
55:58:e9:e9:31:e7:9f:24:dc:ef:06:be:fb:e7:98:
d5:41:72:62:26:fd:b1:a0:38:ce:25:fd:f2:fd:d3:
53:bd:3c:4f:92:bc:11:6b:9e:1d:25:ec:e2:57:62:
7e:f4:db:c5:4c:60:b3:26:92:32:35:41:c6:d0:06:
7d:fb:8f:a5:2b:36:8e:80:89:75:35:1c:56:77:4b:
40:06:23:88:3b:0f:15:5c:d0:ce:36:01:61:2e:e3:
e6:7d:db:9d:4f:f5:a9:a4:53:1c:ef:aa:b5:86:09:
3f:48:87:44:90:b1:84:b4:33:34:c8:94:03:fb:06:
b0:b4:1e:cc:d6:76:7e:27:b1:b2:69:b1:c0:f1:2d:
09:3a:e6:d0:e3:d0:19:9d:63:24:8e:73:d4:8d:bf:
04:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5F:3F:8D:2B:56:88:D0:E1:06:42:3F:3C:CE:B1:FB:CC:84:A5:7E
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0l8_jStWiNDhBkI_PM6x-8yEpX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/24
212.74.77.0-212.74.79.255
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
13:38:65:1b:9e:90:de:af:84:75:c6:21:16:d2:79:52:49:af:
f0:bd:b4:10:ed:4d:5a:c4:d0:f6:73:5e:be:0f:cf:c1:33:e2:
ba:34:fd:b3:ed:0d:50:91:53:ef:05:d8:7e:b5:18:70:d3:cc:
64:78:d5:2e:9b:e7:06:11:30:f0:fe:cb:49:7a:a2:a4:5d:52:
73:37:4a:04:36:43:e2:b4:a1:65:c2:c1:d7:db:bb:d0:8a:5f:
8b:71:21:f4:5d:ea:a3:5c:5f:10:f9:36:3f:f2:fc:18:e8:fe:
35:f2:07:7b:6e:49:49:54:90:e2:51:84:93:37:45:21:23:96:
30:1f:a2:d1:f5:cf:a8:a8:ab:6a:db:88:dd:9d:ea:47:21:45:
aa:af:28:d2:b9:9e:50:eb:e3:e3:07:5a:06:5d:04:92:70:b2:
53:ae:8f:c5:52:88:34:84:cf:aa:49:2e:6a:f4:e2:43:52:3f:
7b:81:1a:d0:18:34:c8:07:42:20:8e:fb:50:49:4c:0a:fa:65:
6a:05:78:db:ca:66:40:87:b0:6c:b2:13:25:51:8b:57:1f:0f:
14:12:a0:4d:9f:01:1b:f5:b5:08:be:54:75:b4:24:33:51:b4:
43:aa:8c:52:7a:f6:16:db:80:db:02:85:cd:54:63:a2:85:81:
31:ad:ab:c1
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgIEECyvjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDIy
MTEzMDE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI1ZjNmOGQyYjU2
ODhkMGUxMDY0MjNmM2NjZWIxZmJjYzg0YTU3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSSGtOKMaiBQEFHpQypstkXN0MnS25oLFSXO9bpWQQYXgzj
kO4QxhgT2EYNcFYRsgxMYE0itYYv0j2gvbHaE5+62+xxWamxbn3Tl6AcsqcdzJm9
5rhTNm5MRgL/Ew/kGai1zNEx8mqUVVjp6THnnyTc7wa+++eY1UFyYib9saA4ziX9
8v3TU708T5K8EWueHSXs4ldifvTbxUxgsyaSMjVBxtAGffuPpSs2joCJdTUcVndL
QAYjiDsPFVzQzjYBYS7j5n3bnU/1qaRTHO+qtYYJP0iHRJCxhLQzNMiUA/sGsLQe
zNZ2fiexsmmxwPEtCTrm0OPQGZ1jJI5z1I2/BFECAwEAAaOCA4AwggN8MB0GA1Ud
DgQWBBTSXz+NK1aI0OEGQj88zrH7zISlfjAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
LzBsOF9qU3RXaU5EaEJrSV9QTTZ4LTh5RXBYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AZQGCCsGAQUFBwEHAQH/BIIBgzCCAX8wggFsBAIAATCCAWQwCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAbBUgADBALB
XVADBAXBcqADBAbBdIADBAXBduADBAHBvIQDBAXC34ADBAfDRAADBAXDbkADBAXU
AGADBAXUF+ADBAXUH+ADBAXUI2ADBAbUJIADBADUSkAwDAMEANRKTQMEBNRKQAME
BdROoAMEBdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA
1VYDBAXVpAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZ
bgMEBNmtYDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAEzhlG56Q
3q+EdcYhFtJ5Ukmv8L20EO1NWsTQ9nNevg/PwTPiujT9s+0NUJFT7wXYfrUYcNPM
ZHjVLpvnBhEw8P7LSXqipF1SczdKBDZD4rShZcLB19u70Ipfi3Eh9F3qo1xfEPk2
P/L8GOj+NfIHe25JSVSQ4lGEkzdFISOWMB+i0fXPqKiratuI3Z3qRyFFqq8o0rme
UOvj4wdaBl0EknCyU66PxVKINITPqkkuavTiQ1I/e4Ea0Bg0yAdCII77UElMCvpl
agV428pmQIewbLITJVGLVx8PFBKgTZ8BG/W1CL5UdbQkM1G0Q6qMUnr2FtuA2wKF
zVRjooWBMa2rwQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org