Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/BRxrdQdQknw3spSXo48G_gbUfAU.roa
File: BRxrdQdQknw3spSXo48G_gbUfAU.roa (raw, json)
Hash identifier: qPpZPm+6DMhpzOZYdto/UF3r8pDUWqULCpf6ujQTrfI=
Subject key identifier: 05:1C:6B:75:07:50:92:7C:37:B2:94:97:A3:8F:06:FE:06:D4:7C:05
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 10AE9F4A
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/BRxrdQdQknw3spSXo48G_gbUfAU.roa
Signing time: Thu 21 Apr 2022 13:34:33 +0000
ROA not before: Thu 21 Apr 2022 13:34:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279879498 (0x10ae9f4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Apr 21 13:34:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=051c6b750750927c37b29497a38f06fe06d47c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:8e:88:b4:b2:b9:20:aa:ec:ae:31:34:5a:
f0:35:d3:58:fd:a1:6a:7b:76:3f:a1:c2:1f:d6:34:
b4:c2:97:57:94:bd:fb:03:f8:03:31:09:80:9f:13:
8c:18:d1:82:dc:1c:b8:b5:35:20:83:40:4b:69:c1:
c0:01:e8:29:b8:9d:9c:aa:4f:6e:fb:43:83:70:04:
a4:d9:82:ad:84:e2:6e:b4:2c:6a:8a:8f:c1:2a:5e:
f0:b5:e7:55:c6:39:22:0e:f5:5c:47:0c:0d:de:89:
53:49:fe:bc:e5:17:1e:f2:c2:5b:92:6b:56:b0:7c:
5c:23:21:13:86:e9:b1:a4:9a:35:98:9d:e2:6b:a0:
88:03:b7:ab:ce:2b:88:81:ee:a7:46:cd:76:b7:56:
7c:40:ad:55:6c:8f:92:60:04:09:5d:c8:cf:45:46:
7e:21:c9:43:dd:ff:4b:8c:b9:1f:e6:ec:77:fa:41:
82:82:68:c8:a8:cb:53:ea:c3:81:e6:0a:19:06:72:
44:73:9a:a9:6f:2b:09:92:f0:0a:90:46:0d:35:60:
cf:e6:79:43:00:00:e7:1f:d1:2b:ac:0e:05:01:de:
94:24:18:77:b2:a3:a3:ed:0f:15:85:75:8b:ac:0e:
c7:f4:8b:8e:b8:b8:27:23:6e:5c:fc:fb:d8:99:48:
e4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:1C:6B:75:07:50:92:7C:37:B2:94:97:A3:8F:06:FE:06:D4:7C:05
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/BRxrdQdQknw3spSXo48G_gbUfAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
26:d8:6e:82:9c:88:05:68:fa:06:85:d7:ac:7f:6f:c0:31:0d:
13:73:3c:18:14:c3:f3:40:a5:3c:51:f9:f9:20:4f:3c:09:b9:
7f:bb:3f:06:8a:80:9e:68:a9:b1:c7:3c:59:be:55:b3:f4:cf:
66:51:31:b3:84:a2:08:fd:cf:c5:e5:fd:31:59:ab:9f:fa:eb:
46:d0:d9:17:3f:fa:82:20:23:8d:0e:5c:4f:37:5e:84:81:c7:
6c:5c:3d:99:fb:19:da:0e:2f:81:7a:a2:cd:90:ac:c2:fd:a8:
70:c2:61:11:a7:0b:66:70:ae:5d:43:43:7c:0d:7d:a7:49:25:
e3:6e:f3:12:bb:29:d2:11:7e:ae:07:12:e7:72:74:a7:09:a5:
86:b1:cf:4e:92:4d:3a:79:70:4c:ee:03:aa:51:cd:7b:c5:90:
d2:77:e4:2b:f6:48:5a:ec:e0:1c:7b:2d:3e:2d:e0:91:69:a0:
5b:4f:e8:03:d3:63:65:05:b4:0f:b5:52:22:5a:6d:54:d6:68:
63:09:bf:e0:39:54:ef:2b:f7:1d:f2:1e:d1:fc:37:21:c0:43:
85:f0:3b:82:6a:03:ef:f2:18:32:da:66:ed:50:7b:6a:44:b2:
07:54:8b:d4:4c:ed:8d:ec:29:2a:61:fa:9d:df:64:e9:b7:f3:
4b:3e:38:e0
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgIEEK6fSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDQy
MTEzMzQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDUxYzZiNzUwNzUw
OTI3YzM3YjI5NDk3YTM4ZjA2ZmUwNmQ0N2MwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi7joi0srkgquyuMTRa8DXTWP2hant2P6HCH9Y0tMKXV5S9
+wP4AzEJgJ8TjBjRgtwcuLU1IINAS2nBwAHoKbidnKpPbvtDg3AEpNmCrYTibrQs
aoqPwSpe8LXnVcY5Ig71XEcMDd6JU0n+vOUXHvLCW5JrVrB8XCMhE4bpsaSaNZid
4mugiAO3q84riIHup0bNdrdWfECtVWyPkmAECV3Iz0VGfiHJQ93/S4y5H+bsd/pB
goJoyKjLU+rDgeYKGQZyRHOaqW8rCZLwCpBGDTVgz+Z5QwAA5x/RK6wOBQHelCQY
d7Kjo+0PFYV1i6wOx/SLjri4JyNuXPz72JlI5EkCAwEAAaOCA2YwggNiMB0GA1Ud
DgQWBBQFHGt1B1CSfDeylJejjwb+BtR8BTAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L0JSeHJkUWRRa253M3NwU1hvNDhHX2diVWZBVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AXoGCCsGAQUFBwEHAQH/BIIBaTCCAWUwggFSBAIAATCCAUowCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBALBXVADBAXB
cqADBAbBdIADBAXBduADBAHBvIQDBAfDRAADBAXDbkADBAXUAGADBAXUF+ADBAXU
H+ADBAXUI2ADBAbUJIADBAXUSkADBAXUTqADBAXUeYADBAbUe8ADBAfUoQADBAbU
y0ADBAfVG4ADBAfVKQADAwDVPQMDANVWAwQF1aQAAwQF1a2gAwQF1bmgAwQG1dDA
AwQH1deAAwQG1eWAAwQG1fbAAwMB2W4DBATZrWAwDQQCAAIwBwMFAyABCSAwDQYJ
KoZIhvcNAQELBQADggEBACbYboKciAVo+gaF16x/b8AxDRNzPBgUw/NApTxR+fkg
TzwJuX+7PwaKgJ5oqbHHPFm+VbP0z2ZRMbOEogj9z8Xl/TFZq5/660bQ2Rc/+oIg
I40OXE83XoSBx2xcPZn7GdoOL4F6os2QrML9qHDCYRGnC2Zwrl1DQ3wNfadJJeNu
8xK7KdIRfq4HEudydKcJpYaxz06STTp5cEzuA6pRzXvFkNJ35Cv2SFrs4Bx7LT4t
4JFpoFtP6APTY2UFtA+1UiJabVTWaGMJv+A5VO8r9x3yHtH8NyHAQ4XwO4JqA+/y
GDLaZu1Qe2pEsgdUi9RM7Y3sKSph+p3fZOm380s+OOA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org