Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/32cYU6gU7M32HD2ePS5VKoXeRZs.roa
File: 32cYU6gU7M32HD2ePS5VKoXeRZs.roa (raw, json)
Hash identifier: 4FLhV5CAoRcLGM3OUMeTiuTKvx2Dh/tfODU5abZUtGs=
Subject key identifier: DF:67:18:53:A8:14:EC:CD:F6:1C:3D:9E:3D:2E:55:2A:85:DE:45:9B
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 10C1AD6D
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/32cYU6gU7M32HD2ePS5VKoXeRZs.roa
Signing time: Thu 28 Apr 2022 11:48:04 +0000
ROA not before: Thu 28 Apr 2022 11:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
193.82.32.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 281128301 (0x10c1ad6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Apr 28 11:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df671853a814eccdf61c3d9e3d2e552a85de459b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:33:29:c2:0e:d9:63:87:8c:a9:d4:ab:37:6d:
d9:fb:31:5f:57:56:cb:29:db:09:a9:b8:2d:9f:06:
08:db:31:ef:7b:73:7c:0f:ff:be:7f:8d:95:37:ea:
e6:1c:36:06:c6:f6:69:67:8a:a7:92:09:2a:bc:68:
a7:e1:15:c8:22:03:6e:95:98:96:cb:6d:60:e6:62:
a4:c6:9f:72:55:e2:80:ae:7d:63:1f:77:70:6c:bb:
f0:37:fb:3d:12:77:8a:83:02:d1:0f:0e:48:60:00:
e2:49:dc:65:03:e3:f8:25:13:8a:a8:8c:93:82:5d:
4e:d5:1c:89:87:1f:94:e6:53:25:dd:da:aa:70:ef:
91:ea:0c:0e:81:e8:47:c4:98:19:1a:ac:2d:8f:3b:
8d:c9:c2:78:2e:c1:44:45:36:86:bc:bc:48:09:b7:
25:d3:66:4c:02:d7:6e:f0:0a:2c:46:fa:86:f5:17:
e8:f4:4f:0c:4d:13:85:de:07:56:bc:da:9c:8f:1e:
ac:9f:b5:0e:55:5f:46:1d:dc:8c:1d:03:96:26:d6:
bf:6f:44:44:5e:88:a7:fd:ba:7e:d8:7e:93:0b:30:
c9:a1:fa:b8:d9:71:6d:96:ba:80:11:df:2c:66:58:
90:52:e9:52:78:bd:29:5c:3e:39:a3:58:c6:2d:4a:
81:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:67:18:53:A8:14:EC:CD:F6:1C:3D:9E:3D:2E:55:2A:85:DE:45:9B
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/32cYU6gU7M32HD2ePS5VKoXeRZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
7d:a4:51:e5:4f:9c:d0:ff:28:10:38:8d:2c:31:00:87:cb:82:
41:ed:5f:d5:4b:b7:22:83:44:7a:fd:04:57:77:b4:2a:98:66:
84:4c:be:a1:e3:80:67:73:88:59:e6:70:4e:55:8d:26:7f:1b:
30:81:06:42:d1:cc:24:b4:e2:0a:27:b8:eb:43:3a:43:ed:f3:
8c:8a:33:8b:29:66:c9:b6:08:ae:80:d9:e6:c7:b3:38:b5:8f:
fe:f7:86:1b:47:8e:a0:d4:8c:44:3b:af:d4:e6:bf:40:cb:f6:
24:dc:72:55:52:8b:78:7a:ea:9f:f9:c4:0c:96:5c:90:a9:c0:
04:53:e0:7a:e1:65:d4:27:cf:07:2e:7b:e4:c4:e4:39:a3:9c:
7e:60:67:d7:58:b2:f4:5c:7e:fa:e8:01:af:52:e9:1b:78:ef:
b7:c3:b0:c2:9c:2f:14:b0:fe:71:4a:7d:f8:c4:ed:72:de:d3:
7d:4d:95:a1:4a:bf:de:7b:d1:73:81:ea:68:c6:e9:4c:79:3e:
89:89:67:78:d9:fb:90:ca:18:07:66:1c:84:2c:35:ac:62:bc:
c1:9b:a8:70:a2:b8:1d:53:77:ea:fb:6a:23:3e:e1:aa:b2:e8:
da:c5:9f:9e:a9:57:3b:e8:28:fa:b0:16:aa:bb:ee:7b:e9:f5:
e8:ce:20:fa
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgIEEMGtbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDQy
ODExNDgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY2NzE4NTNhODE0
ZWNjZGY2MWMzZDllM2QyZTU1MmE4NWRlNDU5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgzKcIO2WOHjKnUqzdt2fsxX1dWyynbCam4LZ8GCNsx73tz
fA//vn+NlTfq5hw2Bsb2aWeKp5IJKrxop+EVyCIDbpWYlsttYOZipMafclXigK59
Yx93cGy78Df7PRJ3ioMC0Q8OSGAA4kncZQPj+CUTiqiMk4JdTtUciYcflOZTJd3a
qnDvkeoMDoHoR8SYGRqsLY87jcnCeC7BREU2hry8SAm3JdNmTALXbvAKLEb6hvUX
6PRPDE0Thd4HVrzanI8erJ+1DlVfRh3cjB0DlibWv29ERF6Ip/26fth+kwswyaH6
uNlxbZa6gBHfLGZYkFLpUni9KVw+OaNYxi1KgQMCAwEAAaOCA3owggN2MB0GA1Ud
DgQWBBTfZxhTqBTszfYcPZ49LlUqhd5FmzAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
LzMyY1lVNmdVN00zMkhEMmVQUzVWS29YZVJacy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AY4GCCsGAQUFBwEHAQH/BIIBfTCCAXkwggFmBAIAATCCAV4wCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAXBUiADBALB
XVADBAXBcqADBAbBdIADBAXBduADBAHBvIQwDAMEB8LfgAMEAsLfiAMEB8NEAAME
BcNuQAMEBdQAYAMEBdQX4AMEBdQf4AMEBdQjYAMEBtQkgAMEBdRKQAMEBdROoAME
BdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA1VYDBAXV
pAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZbgMEBNmt
YDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAfaRR5U+c0P8oEDiN
LDEAh8uCQe1f1Uu3IoNEev0EV3e0KphmhEy+oeOAZ3OIWeZwTlWNJn8bMIEGQtHM
JLTiCie460M6Q+3zjIoziylmybYIroDZ5sezOLWP/veGG0eOoNSMRDuv1Oa/QMv2
JNxyVVKLeHrqn/nEDJZckKnABFPgeuFl1CfPBy575MTkOaOcfmBn11iy9Fx++ugB
r1LpG3jvt8OwwpwvFLD+cUp9+MTtct7TfU2VoUq/3nvRc4HqaMbpTHk+iYlneNn7
kMoYB2YchCw1rGK8wZuocKK4HVN36vtqIz7hqrLo2sWfnqlXO+go+rAWqrvue+n1
6M4g+g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org