Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/2ftSAHmqEEkdAp7LlsgFcEtzof0.roa
File: 2ftSAHmqEEkdAp7LlsgFcEtzof0.roa (raw, json)
Hash identifier: beIigRnkv7A5fmUeS6c4W9YZw0nzT0QrxvdaEYeRr9U=
Subject key identifier: D9:FB:52:00:79:AA:10:49:1D:02:9E:CB:96:C8:05:70:4B:73:A1:FD
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 1019C9F1
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/2ftSAHmqEEkdAp7LlsgFcEtzof0.roa
Signing time: Tue 15 Feb 2022 10:01:39 +0000
ROA not before: Tue 15 Feb 2022 10:01:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270125553 (0x1019c9f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Feb 15 10:01:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9fb520079aa10491d029ecb96c805704b73a1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:be:a1:67:68:5c:26:2b:ad:f6:cb:99:b7:63:
76:ae:56:91:44:b0:36:62:f1:54:b4:77:2c:82:85:
f2:78:da:0c:80:e0:63:18:96:4e:30:fa:30:d9:f9:
3f:da:23:cd:67:60:f4:2d:69:e8:d8:4f:fd:ca:af:
59:36:18:34:ff:f4:b0:54:a6:0f:79:fa:d9:91:36:
e4:4b:2c:35:75:ee:11:d7:b0:b4:d5:33:c6:4a:a3:
c7:b9:c5:ef:a7:f7:bc:a8:b6:f3:43:19:02:1b:9d:
9c:e0:e6:4a:e6:74:58:6a:46:1e:ff:fe:80:a1:82:
c7:0a:23:5b:9b:9a:ac:da:fc:33:45:6f:26:37:22:
09:59:09:1a:8d:84:97:01:36:4c:b4:7f:4e:9d:2e:
c8:76:f3:37:f4:c6:55:78:c6:ea:77:27:92:7b:77:
f8:24:c7:05:13:a1:fd:02:8b:b5:92:f1:e1:c5:73:
4d:c1:04:3c:99:44:e9:bf:58:ef:eb:76:30:8a:2b:
24:9c:7b:8a:33:5e:90:2d:c9:32:cb:e5:2b:64:a4:
4c:eb:67:91:d6:8f:10:27:19:f1:db:f3:f2:24:6c:
35:3a:88:7a:06:cc:b3:ec:18:38:e0:a8:83:40:66:
33:26:97:ee:94:03:3b:af:f2:d9:ea:d9:60:cc:62:
0b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FB:52:00:79:AA:10:49:1D:02:9E:CB:96:C8:05:70:4B:73:A1:FD
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/2ftSAHmqEEkdAp7LlsgFcEtzof0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/24
212.74.77.0-212.74.79.255
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/31
2001:924::-2001:926:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8d:a9:62:66:34:b2:b8:50:d9:eb:48:cd:77:83:be:e5:1e:65:
b1:a8:af:7e:43:7c:9e:29:af:97:e1:86:f8:ff:54:e5:ea:5e:
a8:da:49:c3:4d:40:ed:f2:d4:d1:0c:24:fc:95:23:0b:a3:7d:
6c:8f:f4:e1:3e:e2:56:8b:cc:07:ec:b7:ca:a5:15:7d:f3:fe:
b5:f0:d0:7a:17:0d:ee:52:88:1c:4b:1e:8d:5b:43:29:8c:4a:
60:3d:1a:3f:5e:2c:8b:cd:79:3c:9a:bc:49:c1:c1:cc:eb:36:
47:80:33:b4:57:32:98:f2:de:2a:d5:98:69:eb:c9:47:4f:e8:
5a:1e:af:0f:42:05:6b:eb:db:87:22:be:aa:80:2f:86:2b:11:
22:78:8f:af:97:03:c0:d0:ec:35:af:b8:a4:98:c8:0c:74:da:
26:b4:39:3a:16:82:d0:49:b0:d6:00:39:d4:51:79:5f:87:ec:
a2:52:11:1a:1f:1b:d0:be:cf:2c:bb:af:2d:81:4b:b3:73:bc:
18:b3:58:09:86:ad:cf:39:d6:15:89:54:ef:e3:ad:e2:5b:05:
18:fc:e2:cd:aa:58:a5:b0:9d:a8:b7:65:cc:3e:46:8e:dd:3f:
3c:ed:b6:2d:99:5e:ab:14:df:13:90:58:94:3e:ea:aa:22:7b:
44:ee:b6:5e
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgIEEBnJ8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDIx
NTEwMDEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlmYjUyMDA3OWFh
MTA0OTFkMDI5ZWNiOTZjODA1NzA0YjczYTFmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMi+oWdoXCYrrfbLmbdjdq5WkUSwNmLxVLR3LIKF8njaDIDg
YxiWTjD6MNn5P9ojzWdg9C1p6NhP/cqvWTYYNP/0sFSmD3n62ZE25EssNXXuEdew
tNUzxkqjx7nF76f3vKi280MZAhudnODmSuZ0WGpGHv/+gKGCxwojW5uarNr8M0Vv
JjciCVkJGo2ElwE2TLR/Tp0uyHbzN/TGVXjG6ncnknt3+CTHBROh/QKLtZLx4cVz
TcEEPJlE6b9Y7+t2MIorJJx7ijNekC3JMsvlK2SkTOtnkdaPECcZ8dvz8iRsNTqI
egbMs+wYOOCog0BmMyaX7pQDO6/y2erZYMxiC58CAwEAAaOCA5AwggOMMB0GA1Ud
DgQWBBTZ+1IAeaoQSR0CnsuWyAVwS3Oh/TAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
LzJmdFNBSG1xRUVrZEFwN0xsc2dGY0V0em9mMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AaQGCCsGAQUFBwEHAQH/BIIBkzCCAY8wggFsBAIAATCCAWQwCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAbBUgADBALB
XVADBAXBcqADBAbBdIADBAXBduADBAHBvIQDBAXC34ADBAfDRAADBAXDbkADBAXU
AGADBAXUF+ADBAXUH+ADBAXUI2ADBAbUJIADBADUSkAwDAMEANRKTQMEBNRKQAME
BdROoAMEBdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA
1VYDBAXVpAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZ
bgMEBNmtYDAdBAIAAjAXAwUBIAEJIDAOAwUCIAEJJAMFACABCSYwDQYJKoZIhvcN
AQELBQADggEBAI2pYmY0srhQ2etIzXeDvuUeZbGor35DfJ4pr5fhhvj/VOXqXqja
ScNNQO3y1NEMJPyVIwujfWyP9OE+4laLzAfst8qlFX3z/rXw0HoXDe5SiBxLHo1b
QymMSmA9Gj9eLIvNeTyavEnBwczrNkeAM7RXMpjy3irVmGnryUdP6Foerw9CBWvr
24civqqAL4YrESJ4j6+XA8DQ7DWvuKSYyAx02ia0OToWgtBJsNYAOdRReV+H7KJS
ERofG9C+zyy7ry2BS7NzvBizWAmGrc851hWJVO/jreJbBRj84s2qWKWwnai3Zcw+
Ro7dPzztti2ZXqsU3xOQWJQ+6qoie0Tutl4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org