Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/aO-cMeFELA8WD_WUG4WwrBLM-PQ.roa
File: aO-cMeFELA8WD_WUG4WwrBLM-PQ.roa (raw, json)
Hash identifier: fyjLTt4KWe/UbhWLF58RNOIv11MwyUu91dd1ciOnNzc=
Subject key identifier: 68:EF:9C:31:E1:44:2C:0F:16:0F:F5:94:1B:85:B0:AC:12:CC:F8:F4
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0F9786E1
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/aO-cMeFELA8WD_WUG4WwrBLM-PQ.roa
Signing time: Sat 01 Jan 2022 00:51:03 +0000
ROA not before: Sat 01 Jan 2022 00:51:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
193.118.160.0/19 maxlen: 19
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261588705 (0xf9786e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 1 00:51:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68ef9c31e1442c0f160ff5941b85b0ac12ccf8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c7:ba:63:38:02:64:d3:74:5b:5f:a4:e1:a1:
e6:a0:0c:a3:58:58:cd:84:84:50:cd:0b:28:23:56:
90:82:82:fc:1d:e7:6d:27:ce:df:6e:5b:9e:dd:bb:
62:3e:86:28:22:e7:79:19:b8:7a:2b:c7:d0:73:c1:
e1:b7:8d:fb:fa:74:a9:98:7e:60:07:a6:43:85:ae:
3f:ca:83:ff:f8:52:27:99:76:57:7f:1f:8c:19:c1:
38:2a:78:e1:5d:ac:5c:bf:8d:9d:97:a8:cb:0c:f2:
7f:27:21:79:d2:62:e8:4b:ac:84:0c:3c:d1:a5:9b:
fd:ba:4b:ac:97:d9:f2:ac:74:4e:e1:a7:88:0b:8e:
a9:70:1d:6f:1b:aa:d0:0c:64:b9:56:55:a6:be:e6:
5f:ba:77:fa:3b:cd:a7:c7:5d:c6:a8:ca:d1:4f:ba:
be:0e:c9:39:3e:2a:59:a0:5e:ec:20:dc:e0:20:df:
11:b1:68:a9:17:e3:8b:4b:c2:1f:7f:3a:9e:c6:4e:
fd:fa:c9:8a:fb:5f:2b:f1:00:b7:b4:9c:53:c4:17:
0a:71:0c:76:0e:b8:0f:91:88:57:6c:4d:45:ca:05:
ee:5c:81:88:a6:0c:b8:f6:d0:3f:8b:91:cb:b8:86:
2b:01:70:7f:ab:fd:cb:dd:ac:44:9b:14:a7:09:d4:
5a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EF:9C:31:E1:44:2C:0F:16:0F:F5:94:1B:85:B0:AC:12:CC:F8:F4
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/aO-cMeFELA8WD_WUG4WwrBLM-PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.114.160.0/19
193.116.128.0/18
193.118.160.0/19
193.118.224.0/19
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.144.0-212.36.175.255
212.36.184.0/21
212.74.64.0/24
212.74.77.0-212.74.79.255
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/31
2001:924::-2001:926:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:93:56:40:d7:ee:6c:7b:12:51:64:bf:70:c7:5f:d9:5d:b4:
ad:20:fa:b4:fa:19:d8:eb:5e:fc:8a:33:0a:d6:c3:48:9b:05:
c7:5a:28:bc:0b:81:25:23:02:dc:73:8c:5c:79:12:19:54:a0:
af:d3:6e:19:c6:4d:29:c7:bc:03:6c:16:00:4e:f5:ce:fc:f6:
83:f1:cf:29:c7:49:d8:d1:59:30:be:c8:ef:ce:17:c9:84:fe:
7e:da:3f:a2:e5:e1:f3:85:03:0b:2c:dd:39:e8:6d:0e:06:a3:
b0:79:60:10:33:27:53:3a:3c:fb:1d:40:35:a8:c8:c0:f8:fd:
4d:39:c4:a7:07:b6:35:09:f3:6c:bf:e6:4d:87:ef:00:ae:b9:
16:78:b7:1e:88:a1:7b:94:23:9d:eb:8f:fe:58:cd:52:ba:47:
24:9a:84:3b:c0:35:af:8a:02:a0:7c:23:9c:2e:19:ec:cb:68:
52:80:51:89:9c:ae:b1:eb:4e:e8:25:db:52:1a:85:78:9b:90:
b5:ab:23:f8:8e:cc:de:f9:b5:83:0f:b6:2f:da:12:29:ae:fd:
c7:81:64:00:36:71:4a:06:c9:39:13:ea:4f:11:e8:93:c5:56:
83:59:b5:94:e1:0d:c3:4c:15:6f:b2:a2:f6:7f:c2:f3:b5:9d:
7f:5d:84:0b
-----BEGIN CERTIFICATE-----
MIIGeTCCBWGgAwIBAgIED5eG4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDEw
MTAwNTEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhlZjljMzFlMTQ0
MmMwZjE2MGZmNTk0MWI4NWIwYWMxMmNjZjhmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHHumM4AmTTdFtfpOGh5qAMo1hYzYSEUM0LKCNWkIKC/B3n
bSfO325bnt27Yj6GKCLneRm4eivH0HPB4beN+/p0qZh+YAemQ4WuP8qD//hSJ5l2
V38fjBnBOCp44V2sXL+NnZeoywzyfychedJi6EushAw80aWb/bpLrJfZ8qx0TuGn
iAuOqXAdbxuq0AxkuVZVpr7mX7p3+jvNp8ddxqjK0U+6vg7JOT4qWaBe7CDc4CDf
EbFoqRfji0vCH386nsZO/frJivtfK/EAt7ScU8QXCnEMdg64D5GIV2xNRcoF7lyB
iKYMuPbQP4uRy7iGKwFwf6v9y92sRJsUpwnUWsUCAwEAAaOCA5MwggOPMB0GA1Ud
DgQWBBRo75wx4UQsDxYP9ZQbhbCsEsz49DAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L2FPLWNNZUZFTEE4V0RfV1VHNFd3ckJMTS1QUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AacGCCsGAQUFBwEHAQH/BIIBljCCAZIwggFvBAIAATCCAWcwCwMDARtuAwQCG24Q
AwQFLviAAwMAPhcDBAU+SGADBAU+VMADAwA+YAMEBj5hQAMEBT6YYAMEBT7AAAME
Bk6PAAMEBU6cQAMEBVBQAAMDAFCpAwQFUPugAwQFUnDAAwMAVA4DBAVUEKADBAVV
WIADBAZX8QADBAV2Q+ADBAOdeOAwCwMEAp147AMDAJ14AwQGwVIAAwQFwXKgAwQG
wXSAAwQFwXagAwQFwXbgAwQFwt+AAwQHw0QAAwQFw25AAwQF1ABgAwQF1BfgAwQF
1B/gAwQF1CNgMAwDBATUJJADBATUJKADBAPUJLgDBADUSkAwDAMEANRKTQMEBNRK
QAMEBdROoAMEBdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9
AwMA1VYDBAXVpAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sAD
AwHZbgMEBNmtYDAdBAIAAjAXAwUBIAEJIDAOAwUCIAEJJAMFACABCSYwDQYJKoZI
hvcNAQELBQADggEBACqTVkDX7mx7ElFkv3DHX9ldtK0g+rT6GdjrXvyKMwrWw0ib
BcdaKLwLgSUjAtxzjFx5EhlUoK/TbhnGTSnHvANsFgBO9c789oPxzynHSdjRWTC+
yO/OF8mE/n7aP6Ll4fOFAwss3TnobQ4Go7B5YBAzJ1M6PPsdQDWoyMD4/U05xKcH
tjUJ82y/5k2H7wCuuRZ4tx6IoXuUI53rj/5YzVK6RySahDvANa+KAqB8I5wuGezL
aFKAUYmcrrHrTugl21IahXibkLWrI/iOzN75tYMPti/aEimu/ceBZAA2cUoGyTkT
6k8R6JPFVoNZtZThDcNMFW+yovZ/wvO1nX9dhAs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org