Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/EqoZWCwBMMoYscV0wQkCz9Je5gc.roa
File: EqoZWCwBMMoYscV0wQkCz9Je5gc.roa (raw, json)
Hash identifier: 8ottFV15eqlZqVcw6rCZwOB84gApe16kwBU7Wy9VRL8=
Subject key identifier: 12:AA:19:58:2C:01:30:CA:18:B1:C5:74:C1:09:02:CF:D2:5E:E6:07
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 101B105A
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/EqoZWCwBMMoYscV0wQkCz9Je5gc.roa
Signing time: Tue 15 Feb 2022 10:36:46 +0000
ROA not before: Tue 15 Feb 2022 10:36:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
62.97.64.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270209114 (0x101b105a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Feb 15 10:36:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=12aa19582c0130ca18b1c574c10902cfd25ee607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dc:c2:e4:69:87:45:83:e9:e3:e2:13:81:40:
88:6f:26:e2:b5:69:6c:ca:4a:a0:5a:30:1d:5f:aa:
c3:28:00:39:41:a9:ad:f7:18:8e:1a:2f:92:60:3e:
45:8d:63:0f:4a:ec:7f:59:84:9c:0c:a6:1f:41:0d:
ff:56:53:7f:03:b7:77:57:97:cd:0d:1d:5f:91:8c:
df:e8:98:f4:5a:71:1f:dc:e7:4b:4e:67:35:cf:c0:
be:9f:4a:32:c4:21:ef:3c:5e:db:25:66:08:fe:0e:
43:f8:e0:aa:fb:51:77:92:b9:4b:a8:58:8b:c1:8b:
ba:fc:b5:53:d8:dd:99:7a:3b:6f:68:24:d5:2a:2e:
f8:1f:29:07:0e:68:3c:0a:44:fe:60:f5:ae:b9:4c:
90:19:6b:49:51:2d:55:84:f9:d2:90:ba:89:c9:02:
e2:33:0e:9e:95:51:4a:25:44:8a:f2:1a:33:4f:cd:
e4:92:e1:2e:13:28:9b:06:b1:a1:51:bf:01:38:2a:
7c:c9:1e:a3:5c:48:51:21:9f:79:71:c4:89:e7:42:
19:65:09:b0:51:87:ca:99:e0:5b:3f:80:53:fc:7c:
b0:dd:a9:e9:72:61:b8:f8:bd:d6:3e:04:df:74:cf:
07:4f:05:f4:e0:4c:da:ae:c5:73:f2:a9:c8:77:0b:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:AA:19:58:2C:01:30:CA:18:B1:C5:74:C1:09:02:CF:D2:5E:E6:07
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/EqoZWCwBMMoYscV0wQkCz9Je5gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/24
212.74.77.0-212.74.79.255
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
7b:9f:12:65:3e:ab:10:53:67:af:6a:aa:6a:58:52:82:6f:cf:
01:93:f3:e0:ef:7f:b8:9f:80:3e:23:31:be:a4:ac:6a:b1:2f:
ba:fa:c0:70:97:ee:31:96:5b:5f:95:82:c5:58:fb:bb:79:79:
23:ab:24:be:fa:3e:13:f9:b0:f8:9b:7f:bf:31:eb:da:64:62:
7b:ee:8c:de:cb:1a:7a:01:14:20:d7:a9:0c:96:34:9d:99:ea:
e0:37:ea:fc:0f:79:5d:e6:ae:24:54:81:88:62:f8:06:66:c5:
7a:1b:bd:e2:eb:46:01:16:e8:ff:1d:a4:46:e6:b8:f3:e2:8a:
34:24:87:61:96:34:68:0c:d9:3b:9a:37:3c:e0:4d:65:ea:b7:
db:64:87:d1:75:75:16:b2:b8:32:b6:12:99:f8:fe:e8:06:48:
0d:cd:0a:f7:4c:0d:ea:8d:c6:36:20:8e:40:ba:3c:4b:16:79:
4e:02:85:47:b6:f4:ee:38:c3:ed:d7:90:e4:ee:1d:2d:63:a4:
0f:27:e1:f7:49:0b:1e:09:c8:d3:86:8f:da:17:38:fe:78:39:
20:2a:35:df:16:ed:13:38:b5:96:b1:4e:18:6f:55:f2:62:41:
1e:0a:f8:f9:59:22:57:30:81:de:02:0c:97:20:12:57:84:4a:
e9:c3:31:34
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgIEEBsQWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDIx
NTEwMzY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJhYTE5NTgyYzAx
MzBjYTE4YjFjNTc0YzEwOTAyY2ZkMjVlZTYwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/cwuRph0WD6ePiE4FAiG8m4rVpbMpKoFowHV+qwygAOUGp
rfcYjhovkmA+RY1jD0rsf1mEnAymH0EN/1ZTfwO3d1eXzQ0dX5GM3+iY9FpxH9zn
S05nNc/Avp9KMsQh7zxe2yVmCP4OQ/jgqvtRd5K5S6hYi8GLuvy1U9jdmXo7b2gk
1Sou+B8pBw5oPApE/mD1rrlMkBlrSVEtVYT50pC6ickC4jMOnpVRSiVEivIaM0/N
5JLhLhMomwaxoVG/ATgqfMkeo1xIUSGfeXHEiedCGWUJsFGHypngWz+AU/x8sN2p
6XJhuPi91j4E33TPB08F9OBM2q7Fc/KpyHcLC38CAwEAAaOCA4AwggN8MB0GA1Ud
DgQWBBQSqhlYLAEwyhixxXTBCQLP0l7mBzAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L0Vxb1pXQ3dCTU1vWXNjVjB3UWtDejlKZTVnYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AZQGCCsGAQUFBwEHAQH/BIIBgzCCAX8wggFsBAIAATCCAWQwCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAbBUgADBALB
XVADBAXBcqADBAbBdIADBAXBduADBAHBvIQDBAXC34ADBAfDRAADBAXDbkADBAXU
AGADBAXUF+ADBAXUH+ADBAXUI2ADBAbUJIADBADUSkAwDAMEANRKTQMEBNRKQAME
BdROoAMEBdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA
1VYDBAXVpAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZ
bgMEBNmtYDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAe58SZT6r
EFNnr2qqalhSgm/PAZPz4O9/uJ+APiMxvqSsarEvuvrAcJfuMZZbX5WCxVj7u3l5
I6skvvo+E/mw+Jt/vzHr2mRie+6M3ssaegEUINepDJY0nZnq4Dfq/A95XeauJFSB
iGL4BmbFehu94utGARbo/x2kRua48+KKNCSHYZY0aAzZO5o3POBNZeq322SH0XV1
FrK4MrYSmfj+6AZIDc0K90wN6o3GNiCOQLo8SxZ5TgKFR7b07jjD7deQ5O4dLWOk
Dyfh90kLHgnI04aP2hc4/ng5ICo13xbtEzi1lrFOGG9V8mJBHgr4+VkiVzCB3gIM
lyASV4RK6cMxNA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org