Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/SVKFdSkl5bTSBx3rfqLmSHrM2Kw.roa
File: SVKFdSkl5bTSBx3rfqLmSHrM2Kw.roa (raw, json)
Hash identifier: dZBgTVsx3m1VFdawkrpLKfX9+A9qXpwC0TdMKspEnPQ=
Subject key identifier: 49:52:85:75:29:25:E5:B4:D2:07:1D:EB:7E:A2:E6:48:7A:CC:D8:AC
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 10C03E88
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/SVKFdSkl5bTSBx3rfqLmSHrM2Kw.roa
Signing time: Thu 28 Apr 2022 06:39:17 +0000
ROA not before: Thu 28 Apr 2022 06:39:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
62.97.64.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/19 maxlen: 19
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
194.223.140.0/22 maxlen: 22
194.223.144.0/20 maxlen: 20
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
193.82.32.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 281034376 (0x10c03e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Apr 28 06:39:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=495285752925e5b4d2071deb7ea2e6487accd8ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:92:90:c6:48:d0:4d:34:49:8b:d8:65:11:0e:
ce:48:ea:94:ca:c0:37:47:19:60:7f:e5:ed:1d:08:
55:a9:67:0b:ec:83:f2:8b:76:9d:2c:5e:5a:d8:4c:
b4:5d:93:64:7b:4f:c1:6d:de:16:2a:0b:05:77:fa:
94:20:d6:fe:a4:ac:ed:3f:9b:71:c6:d2:b7:00:36:
92:06:80:73:77:60:c5:41:e2:d6:5e:9a:f7:a6:e5:
23:36:da:5d:4f:2b:7f:29:f1:a9:a9:e3:2e:2b:1e:
49:a9:c6:65:99:d0:b0:d8:9d:48:1c:27:97:53:ad:
9b:6b:9e:ad:2b:b4:46:02:b5:5e:ac:a7:48:4c:e2:
ac:9b:12:a9:1a:40:ee:83:20:6b:77:44:97:47:14:
1d:06:cf:64:e7:d6:5a:69:4a:1e:f3:f2:87:16:fa:
ba:f3:31:93:64:f1:2b:d9:ce:38:f5:44:df:3b:a5:
87:ee:28:ec:99:02:c6:eb:68:9f:81:be:b6:cb:b7:
35:7f:6c:9e:0d:52:fe:96:1d:0e:5f:83:a1:b9:23:
82:6d:d5:7c:00:5c:c3:14:13:d7:1b:eb:23:28:d7:
b7:43:05:1f:dc:4e:6b:f1:e1:68:df:77:39:38:53:
7f:6f:92:16:96:80:64:59:1b:51:8b:28:ce:59:0d:
d1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:52:85:75:29:25:E5:B4:D2:07:1D:EB:7E:A2:E6:48:7A:CC:D8:AC
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/SVKFdSkl5bTSBx3rfqLmSHrM2Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
0c:31:9a:6c:38:20:3a:44:6b:45:0d:c3:08:e0:e5:4c:be:6e:
77:72:2a:55:6c:61:3f:3a:c4:6c:22:0b:e3:4f:0e:28:82:a3:
bf:f8:1d:56:fa:27:a2:18:10:ce:62:be:0a:43:b2:20:11:40:
4c:e9:30:fe:ed:e6:46:44:9e:11:e0:a1:28:c2:86:0b:04:06:
5e:b8:35:18:7d:b8:df:e7:c9:eb:9a:a6:49:48:15:07:20:c0:
07:e8:d1:c7:19:eb:35:ce:44:e0:ff:f1:70:b3:36:9f:79:51:
d4:66:4b:07:b7:1d:1d:c6:07:53:81:9f:ef:49:ee:ff:40:f7:
d8:02:04:2f:5b:ab:45:b0:55:51:43:51:6a:b5:18:5e:23:4f:
12:b9:20:c4:f8:0b:88:64:8c:4a:22:3c:44:ce:7d:73:9e:67:
a3:25:32:2c:f3:fa:29:73:da:cb:75:16:71:22:86:80:ac:8a:
bd:46:c8:cd:78:20:e7:3f:d8:b6:7b:d4:41:8a:44:10:48:06:
2a:ef:a3:6f:2e:6a:df:59:e8:86:96:87:84:ee:63:d2:c6:20:
ef:ca:e7:25:6a:d4:2e:e7:4f:75:ab:ec:42:c2:df:59:91:d6:
a5:6a:4d:09:91:84:ed:f2:11:aa:1d:a8:0f:a8:f8:28:4c:03:
d1:ba:a9:4b
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgIEEMA+iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDQy
ODA2MzkxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk1Mjg1NzUyOTI1
ZTViNGQyMDcxZGViN2VhMmU2NDg3YWNjZDhhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6SkMZI0E00SYvYZREOzkjqlMrAN0cZYH/l7R0IValnC+yD
8ot2nSxeWthMtF2TZHtPwW3eFioLBXf6lCDW/qSs7T+bccbStwA2kgaAc3dgxUHi
1l6a96blIzbaXU8rfynxqanjLiseSanGZZnQsNidSBwnl1Otm2uerSu0RgK1Xqyn
SEzirJsSqRpA7oMga3dEl0cUHQbPZOfWWmlKHvPyhxb6uvMxk2TxK9nOOPVE3zul
h+4o7JkCxuton4G+tsu3NX9sng1S/pYdDl+Dobkjgm3VfABcwxQT1xvrIyjXt0MF
H9xOa/HhaN93OThTf2+SFpaAZFkbUYsozlkN0csCAwEAAaOCA3IwggNuMB0GA1Ud
DgQWBBRJUoV1KSXltNIHHet+ouZIeszYrDAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L1NWS0ZkU2tsNWJUU0J4M3JmcUxtU0hyTTJLdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AYYGCCsGAQUFBwEHAQH/BIIBdTCCAXEwggFeBAIAATCCAVYwCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAbBUgADBALB
XVADBAXBcqADBAbBdIADBAXBduADBAHBvIQDBAXC34ADBAfDRAADBAXDbkADBAXU
AGADBAXUF+ADBAXUH+ADBAXUI2ADBAbUJIADBAXUSkADBAXUTqADBAXUeYADBAbU
e8ADBAfUoQADBAbUy0ADBAfVG4ADBAfVKQADAwDVPQMDANVWAwQF1aQAAwQF1a2g
AwQF1bmgAwQG1dDAAwQH1deAAwQG1eWAAwQG1fbAAwMB2W4DBATZrWAwDQQCAAIw
BwMFAyABCSAwDQYJKoZIhvcNAQELBQADggEBAAwxmmw4IDpEa0UNwwjg5Uy+bndy
KlVsYT86xGwiC+NPDiiCo7/4HVb6J6IYEM5ivgpDsiARQEzpMP7t5kZEnhHgoSjC
hgsEBl64NRh9uN/nyeuapklIFQcgwAfo0ccZ6zXOROD/8XCzNp95UdRmSwe3HR3G
B1OBn+9J7v9A99gCBC9bq0WwVVFDUWq1GF4jTxK5IMT4C4hkjEoiPETOfXOeZ6Ml
Mizz+ilz2st1FnEihoCsir1GyM14IOc/2LZ71EGKRBBIBirvo28uat9Z6IaWh4Tu
Y9LGIO/K5yVq1C7nT3Wr7ELC31mR1qVqTQmRhO3yEaodqA+o+ChMA9G6qUs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org