Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/jvOBw0JBKMKDb-1En-bOEALuzhI.roa
File: jvOBw0JBKMKDb-1En-bOEALuzhI.roa (raw, json)
Hash identifier: g5pp4vuEhKLw0MVuChAJhuxk3mL26nAzyHB0Duj+SYA=
Subject key identifier: 8E:F3:81:C3:42:41:28:C2:83:6F:ED:44:9F:E6:CE:10:02:EE:CE:12
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 10B85D69
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/jvOBw0JBKMKDb-1En-bOEALuzhI.roa
Signing time: Mon 25 Apr 2022 07:22:19 +0000
ROA not before: Mon 25 Apr 2022 07:22:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
62.97.64.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
27.110.0.0/20 maxlen: 20
217.110.0.0/15 maxlen: 15
27.110.16.0/22 maxlen: 22
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
194.223.140.0/22 maxlen: 22
194.223.144.0/20 maxlen: 20
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
193.82.32.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280517993 (0x10b85d69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Apr 25 07:22:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ef381c3424128c2836fed449fe6ce1002eece12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d9:ac:1d:37:02:0e:da:c1:60:97:bb:f3:95:
bb:4f:82:3e:ef:75:39:34:15:ca:70:a5:d2:ed:6d:
b8:4d:6b:c2:e7:0f:94:f3:18:1c:85:08:c0:e4:eb:
61:8b:4d:99:7a:72:30:1b:2d:5d:33:2f:09:12:21:
f3:2a:11:ad:d3:95:07:29:0b:04:59:4e:4a:47:87:
91:fe:fa:28:37:ce:af:88:71:de:fe:0a:f3:93:19:
5f:fe:ab:3c:c7:bd:fc:24:d7:5a:ac:2b:e3:92:ae:
d5:93:cb:1c:7e:ab:20:ac:93:b6:57:87:69:76:f3:
e2:8d:62:80:94:86:3e:3c:7d:0e:5f:6b:37:2a:6d:
37:8c:b9:b7:68:63:18:fe:7c:5e:c6:6c:81:2e:cb:
48:70:a2:fd:3a:d7:d0:9c:b5:42:a4:63:4a:fa:ae:
e0:5d:6b:37:33:f1:08:d5:af:04:1d:7d:d8:e5:2b:
71:b9:d4:bd:ad:26:3d:63:5c:4d:62:bb:bb:1c:be:
16:bc:f8:05:5d:8a:62:72:ec:50:69:a3:28:dc:c4:
aa:f5:b8:f1:b2:7f:54:03:95:cf:7d:0a:ac:c2:0f:
1c:e5:b2:7e:a3:48:18:1d:a0:39:c2:43:3a:a8:d6:
3d:c4:f3:e7:b4:08:d1:59:b4:03:73:c8:21:58:1e:
e1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F3:81:C3:42:41:28:C2:83:6F:ED:44:9F:E6:CE:10:02:EE:CE:12
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/jvOBw0JBKMKDb-1En-bOEALuzhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.110.0.0-27.110.19.255
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0/19
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
42:eb:43:da:06:6f:f6:80:32:f4:0f:e1:5c:1c:3b:3c:8f:92:
cc:7c:99:bf:dd:44:66:08:f4:81:02:ad:62:6b:de:d3:9e:a5:
e5:8d:40:85:93:41:6d:59:5d:29:8c:9a:39:4c:78:38:43:d5:
85:e2:c9:a7:82:04:b5:b7:15:60:a6:18:05:9f:9e:92:f3:1d:
dc:84:7e:0a:43:51:48:7b:6e:9b:e8:f0:b8:be:00:a8:cc:b6:
f5:0f:d5:d3:69:d2:ec:c3:b6:c7:46:e9:45:3d:6c:34:86:1f:
58:21:40:6b:67:d4:9d:53:23:e1:be:32:fe:ec:78:78:a8:1a:
ce:2e:fd:99:5e:9b:47:d4:2c:c3:0c:85:2b:21:d5:72:04:06:
6c:46:b9:c0:a7:40:16:38:b3:c5:e3:43:ad:ed:49:23:7c:96:
87:88:94:31:f6:73:58:4f:69:0b:a3:d4:e4:6d:ae:a5:40:89:
68:0e:54:6e:50:d4:23:9b:6a:ce:9a:e8:d7:88:78:20:8e:d4:
69:13:6a:ad:3e:ee:e5:7c:0f:53:03:58:9c:3b:7d:b8:99:06:
ec:68:8f:fe:63:7f:57:53:61:ee:cb:a7:fa:26:4c:9e:dc:6e:
52:e6:e0:6e:76:bb:62:62:93:0c:6a:14:08:e3:0b:e2:04:c3:
71:25:06:94
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgIEELhdaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDQy
NTA3MjIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVmMzgxYzM0MjQx
MjhjMjgzNmZlZDQ0OWZlNmNlMTAwMmVlY2UxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPZrB03Ag7awWCXu/OVu0+CPu91OTQVynCl0u1tuE1rwucP
lPMYHIUIwOTrYYtNmXpyMBstXTMvCRIh8yoRrdOVBykLBFlOSkeHkf76KDfOr4hx
3v4K85MZX/6rPMe9/CTXWqwr45Ku1ZPLHH6rIKyTtleHaXbz4o1igJSGPjx9Dl9r
NyptN4y5t2hjGP58XsZsgS7LSHCi/TrX0Jy1QqRjSvqu4F1rNzPxCNWvBB192OUr
cbnUva0mPWNcTWK7uxy+Frz4BV2KYnLsUGmjKNzEqvW48bJ/VAOVz30KrMIPHOWy
fqNIGB2gOcJDOqjWPcTz57QI0Vm0A3PIIVge4ckCAwEAAaOCA3IwggNuMB0GA1Ud
DgQWBBSO84HDQkEowoNv7USf5s4QAu7OEjAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L2p2T0J3MEpCS01LRGItMUVuLWJPRUFMdXpoSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AYYGCCsGAQUFBwEHAQH/BIIBdTCCAXEwggFeBAIAATCCAVYwCwMDARtuAwQCG24Q
AwQFLviAAwMAOYUDAwA+FwMEBT5IYAMEBT5UwAMDAD5gAwQGPmFAAwQFPphgAwQF
PsAAAwQGTo8AAwQFTpxAAwQFUFAAAwMAUKkDBAVQ+6ADBAVScMADAwBUDgMEBVQQ
oAMEBVVYgAMEBlfxAAMEBXZD4AMEA5144DALAwQCnXjsAwMAnXgDBAXBUiADBALB
XVADBAXBcqADBAbBdIADBAXBduADBAHBvIQDBAXC34ADBAfDRAADBAXDbkADBAXU
AGADBAXUF+ADBAXUH+ADBAXUI2ADBAbUJIADBAXUSkADBAXUTqADBAXUeYADBAbU
e8ADBAfUoQADBAbUy0ADBAfVG4ADBAfVKQADAwDVPQMDANVWAwQF1aQAAwQF1a2g
AwQF1bmgAwQG1dDAAwQH1deAAwQG1eWAAwQG1fbAAwMB2W4DBATZrWAwDQQCAAIw
BwMFAyABCSAwDQYJKoZIhvcNAQELBQADggEBAELrQ9oGb/aAMvQP4VwcOzyPksx8
mb/dRGYI9IECrWJr3tOepeWNQIWTQW1ZXSmMmjlMeDhD1YXiyaeCBLW3FWCmGAWf
npLzHdyEfgpDUUh7bpvo8Li+AKjMtvUP1dNp0uzDtsdG6UU9bDSGH1ghQGtn1J1T
I+G+Mv7seHioGs4u/Zlem0fULMMMhSsh1XIEBmxGucCnQBY4s8XjQ63tSSN8loeI
lDH2c1hPaQuj1ORtrqVAiWgOVG5Q1CObas6a6NeIeCCO1GkTaq0+7uV8D1MDWJw7
fbiZBuxoj/5jf1dTYe7Lp/omTJ7cblLm4G52u2JikwxqFAjjC+IEw3ElBpQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org