Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/S4Fj1hspuYPt2nylvWe3ofstyrI.roa
File: S4Fj1hspuYPt2nylvWe3ofstyrI.roa (raw, json)
Hash identifier: zSXezADCQMATP3umDCDvZ45zS/UXqt+dnaOgLxXa+Nc=
Subject key identifier: 4B:81:63:D6:1B:29:B9:83:ED:DA:7C:A5:BD:67:B7:A1:FB:2D:CA:B2
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 11033391
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/S4Fj1hspuYPt2nylvWe3ofstyrI.roa
Signing time: Wed 25 May 2022 09:11:13 +0000
ROA not before: Wed 25 May 2022 09:11:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
62.97.64.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
217.110.0.0/15 maxlen: 15
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
193.82.32.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 285422481 (0x11033391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: May 25 09:11:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b8163d61b29b983edda7ca5bd67b7a1fb2dcab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c7:a3:6a:6d:fc:66:53:32:50:a0:f8:77:6a:
ca:5c:7a:17:3b:80:2f:0d:a4:4b:65:ec:ab:79:ab:
e4:2e:c1:90:14:84:bf:9b:69:89:24:39:a3:9d:c5:
77:29:7b:38:8a:16:aa:c0:3b:4c:3e:4c:5e:27:9d:
5f:e4:44:fc:68:da:14:c9:fe:a5:fd:12:18:5b:09:
56:56:1a:be:17:12:5d:7e:ef:ba:88:2e:16:e7:41:
a5:97:15:80:3e:02:93:00:83:6f:b9:a0:65:15:25:
19:c0:db:e3:e6:10:e8:b4:53:f3:0b:84:9b:6a:e6:
63:e8:06:c1:dd:62:f8:4d:3c:2e:3a:e2:be:14:80:
90:2a:c8:ef:a5:ae:aa:64:a7:ff:f5:53:26:1c:19:
9b:c2:f9:22:d6:1b:3a:11:86:c8:24:bc:eb:24:f0:
43:8d:e8:c2:3e:72:bc:d6:54:d0:d9:9d:21:6f:7c:
85:b3:d2:93:cd:99:6b:61:63:27:c1:60:4e:44:5a:
de:17:d7:74:1a:cb:06:91:b9:d0:7f:8e:fc:f9:d8:
81:c1:a5:e7:39:67:14:29:37:bf:a1:73:71:01:9a:
7f:8f:69:7c:cc:39:5e:ec:82:50:bf:b2:fb:8d:5c:
77:fa:f0:29:36:41:98:66:2d:ab:95:31:52:92:74:
70:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:81:63:D6:1B:29:B9:83:ED:DA:7C:A5:BD:67:B7:A1:FB:2D:CA:B2
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/S4Fj1hspuYPt2nylvWe3ofstyrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
78:5d:90:f3:6f:ca:66:8a:b1:a0:3d:c7:3f:90:6c:ce:12:cf:
5d:c1:6c:7a:d4:44:49:bb:9d:bb:97:12:71:e5:5a:b5:d6:4a:
f3:cc:a3:f3:eb:91:59:f6:8e:9b:c9:a1:14:36:e0:6b:7f:81:
08:d5:8a:bc:3a:8a:c2:69:b8:32:8a:50:fd:78:0f:c3:dc:8e:
3e:84:f4:c7:c7:00:cd:56:9d:85:f1:70:cd:22:c0:44:5c:d0:
38:79:af:1b:a9:37:63:14:0a:96:7a:2d:8c:ae:5d:d7:cd:bc:
20:79:27:b5:d4:61:63:27:b6:db:cb:a1:3e:c3:6e:ed:ea:7e:
3a:1e:48:59:ac:a3:f5:6a:a2:6c:cb:45:83:4b:9f:98:a5:4e:
7a:0f:da:66:ee:e0:df:80:8a:77:2e:67:39:1a:63:94:f5:75:
b1:82:10:7f:45:14:2d:c5:06:c8:cd:f3:0f:82:7d:51:d6:eb:
2a:0f:26:88:40:62:f3:00:03:0d:db:eb:54:85:c1:ec:8e:65:
f8:82:42:13:e5:ba:5d:a3:f6:53:ab:39:fe:d1:2d:eb:a9:ad:
a8:07:71:f3:43:59:b9:01:1a:e1:3f:c0:97:ea:cc:0e:52:c7:
7c:ae:62:97:74:24:71:5d:0a:51:b2:94:ad:42:39:93:f7:74:
31:61:5b:5d
-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgIEEQMzkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDUy
NTA5MTExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI4MTYzZDYxYjI5
Yjk4M2VkZGE3Y2E1YmQ2N2I3YTFmYjJkY2FiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzHo2pt/GZTMlCg+Hdqylx6FzuALw2kS2Xsq3mr5C7BkBSE
v5tpiSQ5o53Fdyl7OIoWqsA7TD5MXiedX+RE/GjaFMn+pf0SGFsJVlYavhcSXX7v
uoguFudBpZcVgD4CkwCDb7mgZRUlGcDb4+YQ6LRT8wuEm2rmY+gGwd1i+E08Ljri
vhSAkCrI76WuqmSn//VTJhwZm8L5ItYbOhGGyCS86yTwQ43owj5yvNZU0NmdIW98
hbPSk82Za2FjJ8FgTkRa3hfXdBrLBpG50H+O/PnYgcGl5zlnFCk3v6FzcQGaf49p
fMw5XuyCUL+y+41cd/rwKTZBmGYtq5UxUpJ0cMkCAwEAAaOCA20wggNpMB0GA1Ud
DgQWBBRLgWPWGym5g+3afKW9Z7eh+y3KsjAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L1M0RmoxaHNwdVlQdDJueWx2V2Uzb2ZzdHlySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AYEGCCsGAQUFBwEHAQH/BIIBcDCCAWwwggFZBAIAATCCAVEDBAUu+IADAwA5hQMD
AD4XAwQFPkhgAwQFPlTAAwMAPmADBAY+YUADBAU+mGADBAU+wAADBAZOjwADBAVO
nEADBAVQUAADAwBQqQMEBVD7oAMEBVJwwAMDAFQOAwQFVBCgAwQFVViAAwQGV/EA
AwQFdkPgAwQDnXjgMAsDBAKdeOwDAwCdeAMEBcFSIAMEAsFdUAMEBcFyoAMEBsF0
gAMEBcF24AMEAcG8hDAMAwQHwt+AAwQCwt+IAwQHw0QAAwQFw25AAwQF1ABgAwQF
1BfgAwQF1B/gAwQF1CNgAwQG1CSAAwQF1EpAAwQF1E6gAwQF1HmAAwQG1HvAAwQH
1KEAAwQG1MtAAwQH1RuAAwQH1SkAAwMA1T0DAwDVVgMEBdWkAAMEBdWtoAMEBdW5
oAMEBtXQwAMEB9XXgAMEBtXlgAMEBtX2wAMDAdluAwQE2a1gMA0EAgACMAcDBQMg
AQkgMA0GCSqGSIb3DQEBCwUAA4IBAQB4XZDzb8pmirGgPcc/kGzOEs9dwWx61ERJ
u527lxJx5Vq11krzzKPz65FZ9o6byaEUNuBrf4EI1Yq8OorCabgyilD9eA/D3I4+
hPTHxwDNVp2F8XDNIsBEXNA4ea8bqTdjFAqWei2Mrl3XzbwgeSe11GFjJ7bby6E+
w27t6n46HkhZrKP1aqJsy0WDS5+YpU56D9pm7uDfgIp3Lmc5GmOU9XWxghB/RRQt
xQbIzfMPgn1R1usqDyaIQGLzAAMN2+tUhcHsjmX4gkIT5bpdo/ZTqzn+0S3rqa2o
B3HzQ1m5ARrhP8CX6swOUsd8rmKXdCRxXQpRspStQjmT93QxYVtd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org