Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ftVL_8Wx2wt-lJAyytd5H2uwXqs.roa
File: ftVL_8Wx2wt-lJAyytd5H2uwXqs.roa (raw, json)
Hash identifier: F70j20QvQfEMFywNgwGwuttEiey0jbG8Zu292otejVI=
Subject key identifier: 7E:D5:4B:FF:C5:B1:DB:0B:7E:94:90:32:CA:D7:79:1F:6B:B0:5E:AB
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 1043F74B
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ftVL_8Wx2wt-lJAyytd5H2uwXqs.roa
Signing time: Wed 02 Mar 2022 13:12:22 +0000
ROA not before: Wed 02 Mar 2022 13:12:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
193.82.0.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 272889675 (0x1043f74b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Mar 2 13:12:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ed54bffc5b1db0b7e949032cad7791f6bb05eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:69:54:8d:95:ff:37:5e:0f:21:79:5d:19:
85:f6:22:2d:dc:28:25:9f:fd:c0:5e:e1:e7:5c:80:
1d:82:13:79:28:41:1c:2e:a6:70:45:d0:c7:07:72:
25:a9:ec:2b:bd:1a:1f:44:3b:15:17:59:d1:56:8a:
3d:f6:ed:e7:6a:33:6f:fc:b3:8d:b6:41:05:73:ae:
68:98:f4:49:39:96:5a:11:e7:38:fa:6b:13:34:28:
d4:8f:c7:d6:cb:e7:74:a9:ea:6a:03:19:69:1b:d8:
cd:c0:c2:80:ed:01:57:ea:c6:a6:b9:d1:cc:dc:33:
3a:99:4a:cf:19:e0:8e:9c:8d:d1:b1:7e:ea:35:f8:
c3:0f:e4:ee:31:72:67:0f:a9:2a:21:cc:ad:59:d4:
08:fe:a5:de:cd:69:57:d3:c1:00:4c:84:16:d1:9b:
b8:48:75:ac:bd:64:84:8d:da:33:36:2e:ff:cd:9b:
7d:8a:50:ad:0c:8d:fb:71:80:dc:74:dc:62:b2:77:
19:07:e6:04:39:61:3e:4e:dd:09:5f:99:0f:7a:4f:
20:5e:01:09:1a:6a:57:08:2c:23:03:09:e0:1b:3c:
43:0f:6b:84:95:b2:30:d6:39:a2:10:54:59:7e:40:
6e:18:e5:c1:ef:b4:64:3b:e3:dc:c3:9b:ed:ee:68:
7e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D5:4B:FF:C5:B1:DB:0B:7E:94:90:32:CA:D7:79:1F:6B:B0:5E:AB
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ftVL_8Wx2wt-lJAyytd5H2uwXqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.0.0/18
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
27:fe:31:6c:41:80:26:1d:ee:8d:a2:22:9a:6e:a0:a6:b3:46:
e9:37:aa:6f:b9:91:84:78:ea:f2:08:58:cf:ab:4d:9c:c8:2e:
94:47:fe:27:10:d3:c0:0f:42:b2:63:24:4d:66:17:63:d6:48:
2f:d4:09:5d:53:5a:f8:6f:71:fe:ee:f4:68:92:e4:1a:37:2b:
b3:ad:c2:0f:30:d5:e1:a2:26:ff:bd:22:0e:d9:62:e8:d0:3e:
1f:17:79:3e:bd:bb:69:53:ec:a3:6c:91:7c:48:ae:4b:bb:24:
95:40:4a:5c:f6:89:ee:19:61:0c:43:be:61:38:e4:ad:aa:c4:
27:2d:ab:52:9a:51:8d:39:19:9e:8b:d3:97:9d:cd:73:fd:3a:
d7:b2:f9:da:71:93:dd:ed:ee:a2:fe:52:e2:fb:df:c8:66:dc:
4a:e4:b2:8e:81:4c:3b:e4:0c:ab:bb:b1:4b:31:d2:e0:b1:2a:
86:df:0a:da:58:b3:2e:72:5f:61:56:98:55:f8:17:8c:09:5a:
d2:1f:3b:2c:bc:1e:34:11:84:33:fb:64:e2:2c:f7:fe:45:79:
d2:e4:5d:00:51:1c:7d:b9:b5:bd:a7:94:b7:31:a8:a3:31:7d:
5f:94:dc:13:5e:e4:33:0d:02:f7:77:bb:ee:b4:6d:97:ab:c3:
d5:c0:8d:c2
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgIEEEP3SzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDMw
MjEzMTIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VkNTRiZmZjNWIx
ZGIwYjdlOTQ5MDMyY2FkNzc5MWY2YmIwNWVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMJaVSNlf83Xg8heV0ZhfYiLdwoJZ/9wF7h51yAHYITeShB
HC6mcEXQxwdyJansK70aH0Q7FRdZ0VaKPfbt52ozb/yzjbZBBXOuaJj0STmWWhHn
OPprEzQo1I/H1svndKnqagMZaRvYzcDCgO0BV+rGprnRzNwzOplKzxngjpyN0bF+
6jX4ww/k7jFyZw+pKiHMrVnUCP6l3s1pV9PBAEyEFtGbuEh1rL1khI3aMzYu/82b
fYpQrQyN+3GA3HTcYrJ3GQfmBDlhPk7dCV+ZD3pPIF4BCRpqVwgsIwMJ4Bs8Qw9r
hJWyMNY5ohBUWX5Abhjlwe+0ZDvj3MOb7e5oft8CAwEAAaOCA3IwggNuMB0GA1Ud
DgQWBBR+1Uv/xbHbC36UkDLK13kfa7BeqzAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L2Z0VkxfOFd4Mnd0LWxKQXl5dGQ1SDJ1d1hxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AYYGCCsGAQUFBwEHAQH/BIIBdTCCAXEwggFeBAIAATCCAVYwCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAbBUgADBALB
XVADBAXBcqADBAbBdIADBAXBduADBAHBvIQDBAXC34ADBAfDRAADBAXDbkADBAXU
AGADBAXUF+ADBAXUH+ADBAXUI2ADBAbUJIADBAXUSkADBAXUTqADBAXUeYADBAbU
e8ADBAfUoQADBAbUy0ADBAfVG4ADBAfVKQADAwDVPQMDANVWAwQF1aQAAwQF1a2g
AwQF1bmgAwQG1dDAAwQH1deAAwQG1eWAAwQG1fbAAwMB2W4DBATZrWAwDQQCAAIw
BwMFAyABCSAwDQYJKoZIhvcNAQELBQADggEBACf+MWxBgCYd7o2iIppuoKazRuk3
qm+5kYR46vIIWM+rTZzILpRH/icQ08APQrJjJE1mF2PWSC/UCV1TWvhvcf7u9GiS
5Bo3K7Otwg8w1eGiJv+9Ig7ZYujQPh8XeT69u2lT7KNskXxIrku7JJVASlz2ie4Z
YQxDvmE45K2qxCctq1KaUY05GZ6L05edzXP9Otey+dpxk93t7qL+UuL738hm3Erk
so6BTDvkDKu7sUsx0uCxKobfCtpYsy5yX2FWmFX4F4wJWtIfOyy8HjQRhDP7ZOIs
9/5FedLkXQBRHH25tb2nlLcxqKMxfV+U3BNe5DMNAvd3u+60bZerw9XAjcI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org