Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FpRPH50JSQgsGE2OqY94AYChEfg.roa
File: FpRPH50JSQgsGE2OqY94AYChEfg.roa (raw, json)
Hash identifier: 1nMxlnZ0CzMJsohpCqWafj8AHsJsxKBG8LrfVk8kVAc=
Subject key identifier: 16:94:4F:1F:9D:09:49:08:2C:18:4D:8E:A9:8F:78:01:80:A1:11:F8
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 01856EF422272A8F5E3D51843AD6F75F6372
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FpRPH50JSQgsGE2OqY94AYChEfg.roa
Signing time: Sun 01 Jan 2023 20:09:31 +0000
ROA not before: Sun 01 Jan 2023 20:09:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
85.210.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.225.0.0/16 maxlen: 24
79.72.0.0/13 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
89.168.0.0/16 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.66.0.0/15 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:22:27:2a:8f:5e:3d:51:84:3a:d6:f7:5f:63:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jan 1 20:09:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16944f1f9d0949082c184d8ea98f780180a111f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b9:16:db:98:1b:3c:96:59:8d:5b:f3:7c:e1:
f1:b8:d8:4b:ac:f5:96:06:a5:51:e0:28:63:93:c0:
d5:50:ac:03:46:ef:fb:f7:94:f2:1e:1a:ac:8b:da:
42:86:88:02:73:9d:69:12:07:8e:d4:61:fb:1d:a9:
ce:6f:5f:b0:8f:1a:00:f3:fe:bb:06:2a:94:9a:a8:
bf:9d:66:a0:fd:01:77:55:44:7d:e0:da:ee:d7:16:
f1:80:dd:fd:06:cd:36:87:22:b7:2f:e8:44:bc:57:
f1:2f:a2:c5:47:bd:bd:a0:73:15:fa:31:0b:2b:68:
49:c7:dd:58:70:e6:cd:c4:6c:a4:f5:cf:71:b1:a6:
64:75:44:55:6f:d2:87:7a:8e:b6:b3:09:3c:42:2f:
2e:3d:70:92:85:31:2e:f8:9c:03:40:bd:9c:ff:1d:
00:b7:20:16:17:49:ea:b1:61:0e:01:7b:79:e6:df:
81:61:46:f9:31:a9:a1:e5:b1:dc:26:15:18:66:c6:
a0:46:4f:ea:f1:dd:62:6e:7c:30:26:2e:35:d0:b7:
76:86:3c:35:c6:3c:bf:86:4b:87:12:9e:19:92:6b:
4d:15:34:34:ad:41:54:55:71:d7:49:06:8b:2a:1a:
bb:fc:a3:ac:bc:b5:f9:e9:34:46:80:e5:88:d9:45:
01:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:94:4F:1F:9D:09:49:08:2C:18:4D:8E:A9:8F:78:01:80:A1:11:F8
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FpRPH50JSQgsGE2OqY94AYChEfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
79.66.0.0-79.79.255.255
80.40.0.0/13
80.225.0.0/16
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
85.210.0.0/15
88.104.0.0/13
89.168.0.0/16
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
96:90:22:cc:f8:58:2c:85:26:59:c9:e1:ae:4f:1c:cc:f3:4d:
67:5c:5d:39:23:5d:48:0d:8d:99:93:f7:e7:64:f1:e3:fc:7c:
b5:e3:d5:7b:dc:63:c5:9f:df:22:71:3c:33:99:1c:76:dd:a0:
81:5e:1f:00:94:a3:c7:7f:69:6a:a8:9d:1f:cd:a9:29:37:8d:
f3:6c:00:d1:28:5b:71:e7:86:cf:24:57:92:d4:e3:ae:f4:67:
5d:89:cd:9b:4f:60:f8:96:4b:76:dc:34:4a:24:38:d6:b0:d7:
29:17:f6:b4:d2:c8:87:2f:00:c2:f8:36:ec:3c:fa:f9:78:eb:
ce:0a:49:20:64:02:c4:37:77:13:0e:7f:a4:f5:0c:f0:65:0a:
20:ed:2a:0d:32:f6:dd:10:24:de:47:e8:4b:ec:83:4b:36:b4:
4b:c3:fb:95:b3:bb:41:79:40:af:1f:3a:46:48:db:47:df:47:
01:3e:29:cb:ab:02:4e:b1:ec:b9:a4:52:19:96:b6:b7:f6:23:
be:b0:4b:1f:90:67:70:11:c8:df:5a:5d:a2:96:9e:a2:90:be:
46:4f:cf:4e:ed:de:9c:0c:e2:f0:53:2e:ee:3f:fb:e4:0e:4e:
85:47:49:b1:15:1c:52:f0:ea:93:a3:5a:9f:f4:ba:9c:9a:42:
b9:fb:d2:8c
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYVu9CInKo9ePVGEOtb3X2NyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwMTAxMjAwOTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjk0NGYxZjlkMDk0OTA4MmMxODRkOGVhOThmNzgwMTgwYTExMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7kW25gbPJZZjVvzfOHxuNhLrPWW
BqVR4Chjk8DVUKwDRu/795TyHhqsi9pChogCc51pEgeO1GH7HanOb1+wjxoA8/67
BiqUmqi/nWag/QF3VUR94Nru1xbxgN39Bs02hyK3L+hEvFfxL6LFR729oHMV+jEL
K2hJx91YcObNxGyk9c9xsaZkdURVb9KHeo62swk8Qi8uPXCShTEu+JwDQL2c/x0A
tyAWF0nqsWEOAXt55t+BYUb5Mamh5bHcJhUYZsagRk/q8d1ibnwwJi410Ld2hjw1
xjy/hkuHEp4ZkmtNFTQ0rUFUVXHXSQaLKhq7/KOsvLX56TRGgOWI2UUB0wIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFBaUTx+dCUkILBhNjqmPeAGAoRH4MB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvRnBSUEg1MEpTUWdzR0UyT3FZOTRBWUNoRWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAY+
A8AwCgMDAU9CAwMET0ADAwNQKAMDAFDhAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgAD
AwFRsgMEB1KFAAMDAFNDAwMAVAwDAwFV0gMDA1hoAwMAWagDBAK5r5ADBADB2mMD
BAXCaiADBAXC9+ADBAbDcAADBAfDiQADBAbDlQADBAXUAYADBAXUSmADAwDUiwME
BtSfgAMEBtXQQDANBgkqhkiG9w0BAQsFAAOCAQEAlpAizPhYLIUmWcnhrk8czPNN
Z1xdOSNdSA2NmZP352Tx4/x8tePVe9xjxZ/fInE8M5kcdt2ggV4fAJSjx39paqid
H82pKTeN82wA0ShbceeGzyRXktTjrvRnXYnNm09g+JZLdtw0SiQ41rDXKRf2tNLI
hy8Awvg27Dz6+XjrzgpJIGQCxDd3Ew5/pPUM8GUKIO0qDTL23RAk3kfoS+yDSza0
S8P7lbO7QXlArx86RkjbR99HAT4py6sCTrHsuaRSGZa2t/YjvrBLH5BncBHI31pd
opaeopC+Rk/PTu3enAzi8FMu7j/75A5OhUdJsRUcUvDqk6Nan/S6nJpCufvSjA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org