Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/WFhp3yqgYt7skgNvVbwRlxsAYpU.roa
File: WFhp3yqgYt7skgNvVbwRlxsAYpU.roa (raw, json)
Hash identifier: pLcviT6PC3JlNyeA+8CtSrR520iu/ROwQt07L37ZaME=
Subject key identifier: 58:58:69:DF:2A:A0:62:DE:EC:92:03:6F:55:BC:11:97:1B:00:62:95
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0185734CAC1EA90C641074002D3207678D3E
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/WFhp3yqgYt7skgNvVbwRlxsAYpU.roa
Signing time: Mon 02 Jan 2023 16:24:42 +0000
ROA not before: Mon 02 Jan 2023 16:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
136.225.0.0/16 maxlen: 16
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
62.97.64.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
217.110.0.0/15 maxlen: 15
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
193.82.32.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:ac:1e:a9:0c:64:10:74:00:2d:32:07:67:8d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 16:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=585869df2aa062deec92036f55bc11971b006295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6b:96:d1:0a:d9:7d:f2:e5:18:ac:4d:65:80:
2b:31:b1:4a:8b:13:7a:a0:47:8f:fb:9a:a0:73:1c:
26:c1:d3:fd:7a:14:dd:b3:fb:c5:24:67:42:4f:99:
5e:62:c9:02:32:6b:f3:2c:01:25:6e:4f:b9:e8:f7:
d3:ac:ad:bc:be:19:c3:bd:3b:35:2b:8b:3a:00:4f:
03:4a:66:7f:5e:73:63:d8:a1:fe:ab:c7:03:83:0f:
3b:69:6e:0a:78:12:5f:21:54:c5:84:cd:ac:f4:da:
a8:77:50:c4:69:7e:c0:8f:d9:b5:6d:d3:e3:13:52:
eb:98:ef:fd:a1:c4:4b:d4:dc:68:19:97:39:1f:05:
38:e6:03:cb:db:57:2a:e0:de:ca:e7:b4:5e:43:ba:
98:21:37:99:ed:31:50:38:89:da:10:7e:92:f8:49:
a8:bb:26:75:22:16:20:26:4a:d6:90:47:55:56:bb:
82:5e:1e:64:3b:ec:2a:cc:53:11:3a:ff:11:94:c5:
b9:d0:ad:49:cf:c3:f8:6b:93:fb:5c:b8:ba:94:86:
12:b8:bb:a5:e4:f7:e0:20:85:91:d7:21:56:24:53:
57:79:f8:6f:1d:7a:f7:21:6f:e8:5b:de:76:09:bb:
55:3a:2c:b4:c8:6d:7d:f5:4d:8d:4e:1b:b7:7c:6b:
a1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:58:69:DF:2A:A0:62:DE:EC:92:03:6F:55:BC:11:97:1B:00:62:95
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/WFhp3yqgYt7skgNvVbwRlxsAYpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
136.225.0.0/16
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
3f:c4:a3:75:03:77:59:19:d8:c4:9d:d2:9c:d1:59:d0:f1:ed:
fc:f5:05:5b:37:2e:7e:56:9f:3b:a0:66:6a:16:03:8e:6c:61:
ba:ef:81:3e:4b:36:74:95:18:6d:cf:0c:86:2f:91:b4:b3:9b:
4d:77:f9:2f:af:20:e0:8c:da:7b:39:af:6c:41:e1:b3:51:32:
b4:54:13:bd:b7:b3:07:a2:64:34:ab:6c:3f:75:14:71:d8:87:
18:80:27:e7:26:f7:cc:1c:a9:a2:76:60:4d:83:48:73:76:93:
3c:a3:00:4a:01:05:95:0c:dc:90:2f:b1:85:43:c1:71:62:53:
19:f2:85:45:0e:ae:52:07:60:db:84:d4:4f:5a:24:8c:d2:27:
06:a6:1d:ed:1e:86:d5:69:c1:ac:a9:df:63:35:74:64:91:b0:
72:7c:4b:f4:68:fa:f6:5b:91:0e:3e:f0:6c:20:4b:d2:56:98:
21:5f:e9:fe:7b:10:14:5d:6b:bd:ea:26:97:6a:06:6e:73:24:
30:57:98:e6:15:80:fa:f2:bb:c6:2a:ef:89:61:ba:d0:1d:f5:
52:0d:1e:3f:3d:9c:11:49:67:a1:09:49:35:ab:24:db:ce:06:
2d:37:96:ec:12:91:65:ad:7f:d5:69:3e:a5:54:db:5f:f1:79:
1d:cc:2f:60
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgISAYVzTKweqQxkEHQALTIHZ40+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODU4NjlkZjJhYTA2MmRlZWM5MjAzNmY1NWJjMTE5NzFiMDA2Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWuW0QrZffLlGKxNZYArMbFKixN6
oEeP+5qgcxwmwdP9ehTds/vFJGdCT5leYskCMmvzLAElbk+56PfTrK28vhnDvTs1
K4s6AE8DSmZ/XnNj2KH+q8cDgw87aW4KeBJfIVTFhM2s9Nqod1DEaX7Aj9m1bdPj
E1LrmO/9ocRL1NxoGZc5HwU45gPL21cq4N7K57ReQ7qYITeZ7TFQOInaEH6S+Emo
uyZ1IhYgJkrWkEdVVruCXh5kO+wqzFMROv8RlMW50K1Jz8P4a5P7XLi6lIYSuLul
5PfgIIWR1yFWJFNXefhvHXr3IW/oW952CbtVOiy0yG199U2NThu3fGuhhwIDAQAB
o4IDcjCCA24wHQYDVR0OBBYEFFhYad8qoGLe7JIDb1W8EZcbAGKVMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvV0ZocDN5cWdZdDdza2dOdlZid1JseHNBWXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhgYIKwYBBQUHAQcBAf8EggF1MIIBcTCCAV4EAgABMIIB
VgMEBS74gAMDADmFAwMAPhcDBAU+SGADBAU+VMADAwA+YAMEBj5hQAMEBT6YYAME
BT7AAAMEBk6PAAMEBU6cQAMEBVBQAAMDAFCpAwQFUPugAwQFUnDAAwMAVA4DBAVU
EKADBAVVWIADBAZX8QADBAV2Q+ADAwCI4QMEA5144DALAwQCnXjsAwMAnXgDBAXB
UiADBALBXVADBAXBcqADBAbBdIADBAXBduADBAHBvIQwDAMEB8LfgAMEAsLfiAME
B8NEAAMEBcNuQAMEBdQAYAMEBdQX4AMEBdQf4AMEBdQjYAMEBtQkgAMEBdRKQAME
BdROoAMEBdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA
1VYDBAXVpAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZ
bgMEBNmtYDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAP8SjdQN3
WRnYxJ3SnNFZ0PHt/PUFWzcuflafO6BmahYDjmxhuu+BPks2dJUYbc8Mhi+RtLOb
TXf5L68g4IzaezmvbEHhs1EytFQTvbezB6JkNKtsP3UUcdiHGIAn5yb3zByponZg
TYNIc3aTPKMASgEFlQzckC+xhUPBcWJTGfKFRQ6uUgdg24TUT1okjNInBqYd7R6G
1WnBrKnfYzV0ZJGwcnxL9Gj69luRDj7wbCBL0laYIV/p/nsQFF1rveoml2oGbnMk
MFeY5hWA+vK7xirviWG60B31Ug0ePz2cEUlnoQlJNask284GLTeW7BKRZa1/1Wk+
pVTbX/F5HcwvYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:28 2024 by rpki-client on console-ams.rpki-client.org