Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/6xG5ukRkzzMBXlnZZy53ocnctMY.roa
File: 6xG5ukRkzzMBXlnZZy53ocnctMY.roa (raw, json)
Hash identifier: ZXEM1As/2AJ8CfP7qpymvzpxdyFKaC5Ih6lpsEJq1t8=
Subject key identifier: EB:11:B9:BA:44:64:CF:33:01:5E:59:D9:67:2E:77:A1:C9:DC:B4:C6
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 10172D83
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/6xG5ukRkzzMBXlnZZy53ocnctMY.roa
Signing time: Tue 15 Feb 2022 07:47:38 +0000
ROA not before: Tue 15 Feb 2022 07:47:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 269954435 (0x10172d83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Feb 15 07:47:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb11b9ba4464cf33015e59d9672e77a1c9dcb4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:36:09:f6:d0:7f:e0:b7:f7:a9:14:78:e4:34:
09:70:71:61:dc:81:39:db:57:4a:19:8e:92:36:a6:
04:3f:75:31:9f:c1:64:d5:34:03:b5:da:b5:6b:0f:
3b:ec:b5:ec:be:59:d0:42:ea:b8:39:b4:54:13:37:
4e:18:9a:19:b3:cf:8c:dc:4c:17:c1:1d:f6:6d:ef:
18:d3:4d:8f:71:7d:75:4f:90:39:ae:0a:56:d7:7d:
15:20:82:be:cf:b2:d5:c2:29:75:61:da:f8:6b:a3:
96:91:7e:a6:88:50:5b:bc:89:a2:8d:72:e6:c3:cc:
9e:cf:26:22:5a:7b:99:bd:bf:5d:8c:e6:18:c3:5c:
48:a2:41:74:3f:7b:e8:62:d1:f2:63:36:20:e1:e4:
6a:af:58:eb:72:50:fc:11:32:64:bd:8c:c9:1e:a6:
90:16:01:38:62:98:ea:13:46:c0:43:4e:68:b5:2b:
b7:c5:4e:b6:9b:1d:86:4f:e7:7d:00:4e:71:28:b8:
6d:94:3b:7e:14:0b:d7:77:1b:d1:f4:85:0e:d8:48:
dd:1a:33:09:40:70:c7:3e:59:b1:99:ab:3b:ae:64:
0a:f5:7a:d0:93:0b:00:f7:3e:87:85:9d:06:d2:84:
75:1c:6f:89:54:25:8c:e6:bf:0e:97:43:a4:4d:90:
6b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:11:B9:BA:44:64:CF:33:01:5E:59:D9:67:2E:77:A1:C9:DC:B4:C6
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/6xG5ukRkzzMBXlnZZy53ocnctMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.144.0-212.36.175.255
212.36.184.0/21
212.74.64.0/24
212.74.77.0-212.74.79.255
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/31
2001:924::-2001:926:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
55:14:d4:5b:d3:0c:7b:80:2b:74:34:56:83:19:f5:a4:34:19:
1f:72:38:b6:76:8b:8a:a6:87:06:49:ec:cf:dc:05:a9:83:43:
3a:f0:1f:51:51:85:87:13:5d:e7:ee:58:a2:db:9e:b4:9f:f0:
84:4f:7e:9d:ed:a6:0e:de:5e:59:19:e5:92:df:65:3a:7f:b4:
e7:7d:19:4b:43:be:58:ba:aa:17:1d:97:bc:98:3e:b3:75:3d:
ba:6f:44:6c:6b:d1:de:ca:fd:6e:3b:13:59:f9:fa:7c:f8:55:
c8:f4:e6:81:5a:83:b9:cd:a3:76:03:c2:28:19:7a:ea:d1:a3:
5f:c4:23:75:ff:cb:2f:9e:d8:77:24:04:9d:9e:ea:c8:46:33:
10:c2:02:c0:cd:e1:87:56:42:ba:a7:71:53:5a:e0:fe:55:5b:
07:86:90:1b:ad:b6:15:4f:6c:d0:48:60:f5:23:37:cb:46:da:
e9:bc:2b:35:97:53:95:b9:43:70:f7:02:91:a7:c1:58:ae:af:
58:e9:a2:b2:f0:42:e8:87:13:14:0f:f9:3c:c7:37:b7:d0:35:
d0:b1:da:53:27:41:48:e4:ee:4a:c6:af:62:b9:03:54:c4:4c:
b8:93:b3:31:4d:e6:24:74:fd:f3:49:90:b5:93:1f:65:74:bf:
82:92:30:2c
-----BEGIN CERTIFICATE-----
MIIGeDCCBWCgAwIBAgIEEBctgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDIx
NTA3NDczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWIxMWI5YmE0NDY0
Y2YzMzAxNWU1OWQ5NjcyZTc3YTFjOWRjYjRjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKY2CfbQf+C396kUeOQ0CXBxYdyBOdtXShmOkjamBD91MZ/B
ZNU0A7XatWsPO+y17L5Z0ELquDm0VBM3ThiaGbPPjNxMF8Ed9m3vGNNNj3F9dU+Q
Oa4KVtd9FSCCvs+y1cIpdWHa+GujlpF+pohQW7yJoo1y5sPMns8mIlp7mb2/XYzm
GMNcSKJBdD976GLR8mM2IOHkaq9Y63JQ/BEyZL2MyR6mkBYBOGKY6hNGwENOaLUr
t8VOtpsdhk/nfQBOcSi4bZQ7fhQL13cb0fSFDthI3RozCUBwxz5ZsZmrO65kCvV6
0JMLAPc+h4WdBtKEdRxviVQljOa/DpdDpE2QayUCAwEAAaOCA5IwggOOMB0GA1Ud
DgQWBBTrEbm6RGTPMwFeWdlnLnehydy0xjAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
LzZ4RzV1a1JrenpNQlhsblpaeTUzb2NuY3RNWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AaYGCCsGAQUFBwEHAQH/BIIBlTCCAZEwggFuBAIAATCCAWYwCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAbBUgADBAXB
cqADBAbBdIADBAXBduADBAXC34ADBAfDRAADBAXDbkADBAXUAGADBAXUF+ADBAXU
H+ADBAXUI2AwDAMEBNQkkAMEBNQkoAMEA9QkuAMEANRKQDAMAwQA1EpNAwQE1EpA
AwQF1E6gAwQF1HmAAwQG1HvAAwQH1KEAAwQG1MtAAwQH1RuAAwQH1SkAAwMA1T0D
AwDVVgMEBdWkAAMEBdWtoAMEBdW5oAMEBtXQwAMEB9XXgAMEBtXlgAMEBtX2wAMD
AdluAwQE2a1gMB0EAgACMBcDBQEgAQkgMA4DBQIgAQkkAwUAIAEJJjANBgkqhkiG
9w0BAQsFAAOCAQEAVRTUW9MMe4ArdDRWgxn1pDQZH3I4tnaLiqaHBknsz9wFqYND
OvAfUVGFhxNd5+5YotuetJ/whE9+ne2mDt5eWRnlkt9lOn+0530ZS0O+WLqqFx2X
vJg+s3U9um9EbGvR3sr9bjsTWfn6fPhVyPTmgVqDuc2jdgPCKBl66tGjX8Qjdf/L
L57YdyQEnZ7qyEYzEMICwM3hh1ZCuqdxU1rg/lVbB4aQG622FU9s0Ehg9SM3y0ba
6bwrNZdTlblDcPcCkafBWK6vWOmisvBC6IcTFA/5PMc3t9A10LHaUydBSOTuSsav
YrkDVMRMuJOzMU3mJHT980mQtZMfZXS/gpIwLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org