Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FcVIoQK_T9ED7u2XWodugELBsSU.roa
File: FcVIoQK_T9ED7u2XWodugELBsSU.roa (raw, json)
Hash identifier: aY8q24ZFnjilFubMZf0r/3++3Z8D1EJ3Cf6Niqk6oNM=
Subject key identifier: 15:C5:48:A1:02:BF:4F:D1:03:EE:ED:97:5A:87:6E:80:42:C1:B1:25
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018614A084F6F0AE58BE6114818AFDD1EC42
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FcVIoQK_T9ED7u2XWodugELBsSU.roa
Signing time: Fri 03 Feb 2023 00:15:09 +0000
ROA not before: Fri 03 Feb 2023 00:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 78.144.0.0/13 maxlen: 24
213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
217.68.128.0/20 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
85.210.0.0/15 maxlen: 24
92.0.0.0/11 maxlen: 24
195.112.0.0/18 maxlen: 24
84.43.0.0/17 maxlen: 24
79.75.0.0/16 maxlen: 24
62.24.128.0/17 maxlen: 24
212.139.0.0/16 maxlen: 24
89.240.0.0/14 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
91.146.112.0/21 maxlen: 24
82.133.0.0/17 maxlen: 24
87.242.128.0/17 maxlen: 24
185.173.116.0/22 maxlen: 24
217.8.0.0/19 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
2.96.0.0/13 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
79.66.0.0/15 maxlen: 24
185.175.144.0/22 maxlen: 24
62.3.192.0/18 maxlen: 24
212.67.96.0/19 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.48.0/22 maxlen: 24
81.6.192.0/18 maxlen: 24
194.106.32.0/19 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
62.241.160.0/19 maxlen: 24
195.149.0.0/18 maxlen: 24
213.78.0.0/16 maxlen: 24
195.137.0.0/17 maxlen: 24
79.73.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:14:a0:84:f6:f0:ae:58:be:61:14:81:8a:fd:d1:ec:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Feb 3 00:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15c548a102bf4fd103eeed975a876e8042c1b125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:bd:6e:94:48:73:ec:80:2b:02:b3:81:17:a6:
10:38:ad:cf:da:d9:01:e3:03:fd:4c:c4:84:fc:2a:
4b:07:0f:f2:50:9a:ab:e8:b1:f5:06:fb:3c:f8:36:
0f:59:85:69:09:89:e1:e0:56:29:71:4a:11:bb:be:
09:46:74:8d:f8:cb:5f:16:30:e1:c9:ed:ab:76:80:
8a:2e:a3:bf:98:3b:73:53:c4:04:23:85:33:7d:f4:
83:b0:0d:9b:c8:ea:30:a6:ee:02:c4:2c:8e:cf:d0:
b3:b1:b7:a8:93:7f:5b:64:f5:04:b5:ba:2f:13:35:
b3:20:77:b0:bc:0b:19:62:0f:24:af:2d:29:40:f2:
35:b2:ba:3b:1e:ab:30:73:be:93:fa:da:cf:c0:ce:
ae:71:e1:55:e8:26:9f:1c:2d:f0:dc:7b:d8:0e:5b:
0d:71:06:83:88:b5:d6:ee:3f:58:bb:20:f7:81:e4:
67:2a:18:ba:e2:7b:00:fd:e3:b0:7d:6e:03:2f:d5:
3f:f1:71:b8:ac:cc:b4:f6:9e:24:a2:df:99:94:e2:
48:1a:2d:8f:4f:78:5a:42:54:93:5f:e1:f9:7d:25:
31:96:94:28:11:96:9d:39:78:5f:d4:32:bf:57:70:
67:d7:4b:74:c3:97:98:62:3b:d9:25:83:26:fb:80:
d6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C5:48:A1:02:BF:4F:D1:03:EE:ED:97:5A:87:6E:80:42:C1:B1:25
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FcVIoQK_T9ED7u2XWodugELBsSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
79.66.0.0-79.71.255.255
79.73.0.0/16
79.75.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
84.43.0.0/17
85.210.0.0/15
87.242.128.0/17
88.104.0.0/13
89.168.128.0/17
89.240.0.0/14
91.146.112.0/21
92.0.0.0/11
185.173.116.0-185.173.123.255
185.175.48.0/22
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.67.96.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.78.0.0/16
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b7:69:33:00:6d:8a:4c:09:27:6c:39:a6:f7:0b:1f:a8:eb:3a:
29:fc:33:c4:51:9d:62:9f:cc:c3:c1:cd:88:5f:b5:ee:e5:65:
f4:30:bb:52:f0:b8:08:a5:b8:4e:57:88:0c:f5:3a:75:47:b8:
7e:ae:fa:b2:14:17:04:0f:97:99:85:ae:ab:9b:ef:82:dc:09:
6a:a0:97:26:68:50:37:a3:26:fa:33:8b:ae:f1:6e:a6:a8:af:
a5:de:b4:49:44:49:b5:48:24:4d:38:e4:93:b8:8b:fd:2f:66:
0c:73:1b:34:68:92:fd:7f:27:25:7c:41:ef:fb:7c:1b:28:f7:
d1:7a:72:13:d2:ea:f0:9f:47:34:59:00:f7:a8:eb:80:ec:11:
eb:0e:2e:15:66:75:67:db:36:20:c3:8c:d2:4f:47:2f:79:5b:
5b:3a:09:f3:26:c3:3c:4f:c1:de:1b:ba:45:13:53:af:8d:53:
f6:87:75:41:d6:85:e6:45:4b:dc:13:8c:55:07:fe:17:d2:b2:
57:9e:b8:26:e1:6e:db:d5:40:c7:67:53:5b:00:69:cf:19:91:
25:7f:ae:cf:be:d6:59:da:e8:e5:4f:f0:55:c7:ee:f3:63:82:
15:67:04:f2:8f:b0:2b:69:c4:55:bb:30:65:54:c0:d7:57:2b:
d4:5e:9f:d5
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAYYUoIT28K5YvmEUgYr90exCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwMjAzMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWM1NDhhMTAyYmY0ZmQxMDNlZWVkOTc1YTg3NmU4MDQyYzFiMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+71ulEhz7IArArOBF6YQOK3P2tkB
4wP9TMSE/CpLBw/yUJqr6LH1Bvs8+DYPWYVpCYnh4FYpcUoRu74JRnSN+MtfFjDh
ye2rdoCKLqO/mDtzU8QEI4UzffSDsA2byOowpu4CxCyOz9Czsbeok39bZPUEtbov
EzWzIHewvAsZYg8kry0pQPI1sro7Hqswc76T+trPwM6uceFV6CafHC3w3HvYDlsN
cQaDiLXW7j9YuyD3geRnKhi64nsA/eOwfW4DL9U/8XG4rMy09p4kot+ZlOJIGi2P
T3haQlSTX+H5fSUxlpQoEZadOXhf1DK/V3Bn10t0w5eYYjvZJYMm+4DWVwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFBXFSKECv0/RA+7tl1qHboBCwbElMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvRmNWSW9RS19UOUVEN3UyWFdvZHVnRUxCc1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMDAwJgAwQGPgPAAwQHPhiAAwQFPvGgAwMDTpAwCgMDAU9CAwMDT0ADAwBPSTAK
AwMAT0sDAwRPQAMDA1AoAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgADAwFRsgMEB1KF
AAMDAFNDAwMAVAwDBAdUKwADAwFV0gMEB1fygAMDA1hoAwQHWaiAAwMCWfADBANb
knADAwVcADAMAwQCua10AwQCua14AwQCua8wAwQCua+QAwQAwdpjAwQFwmogAwQF
wvfgAwQGw3AAAwQHw4kAAwQGw5UAAwQF1AGAAwQF1ENgAwQF1EpgAwMA1IsDBAbU
n4ADAwDVTgMEBtXQQAMEBdkIAAMEBNlEgDANBgkqhkiG9w0BAQsFAAOCAQEAt2kz
AG2KTAknbDmm9wsfqOs6KfwzxFGdYp/Mw8HNiF+17uVl9DC7UvC4CKW4TleIDPU6
dUe4fq76shQXBA+XmYWuq5vvgtwJaqCXJmhQN6Mm+jOLrvFupqivpd60SURJtUgk
TTjkk7iL/S9mDHMbNGiS/X8nJXxB7/t8Gyj30XpyE9Lq8J9HNFkA96jrgOwR6w4u
FWZ1Z9s2IMOM0k9HL3lbWzoJ8ybDPE/B3hu6RRNTr41T9od1QdaF5kVL3BOMVQf+
F9KyV564JuFu29VAx2dTWwBpzxmRJX+uz77WWdro5U/wVcfu82OCFWcE8o+wK2nE
VbswZVTA11cr1F6f1Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:31 2025 by rpki-client