Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/MiSqjGgs7EvwESvN43Zu4fbZWqo.roa
File: MiSqjGgs7EvwESvN43Zu4fbZWqo.roa (raw, json)
Hash identifier: J0l4z1OuQxnJLEJX2A3QII0e6TOvaLJbAs2ap9cOjII=
Subject key identifier: 32:24:AA:8C:68:2C:EC:4B:F0:11:2B:CD:E3:76:6E:E1:F6:D9:5A:AA
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018615219E2E789DD3F11B7FE9E3A87507E1
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/MiSqjGgs7EvwESvN43Zu4fbZWqo.roa
Signing time: Fri 03 Feb 2023 02:36:09 +0000
ROA not before: Fri 03 Feb 2023 02:36:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 78.144.0.0/13 maxlen: 24
213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
217.68.128.0/20 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
92.0.0.0/11 maxlen: 24
84.43.0.0/17 maxlen: 24
62.24.128.0/17 maxlen: 24
212.139.0.0/16 maxlen: 24
79.75.0.0/16 maxlen: 24
89.240.0.0/14 maxlen: 24
88.104.0.0/13 maxlen: 24
80.40.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
91.146.112.0/21 maxlen: 24
82.133.0.0/17 maxlen: 24
87.242.128.0/17 maxlen: 24
185.173.116.0/22 maxlen: 24
217.8.0.0/19 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
2.96.0.0/13 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
79.66.0.0/15 maxlen: 24
185.175.144.0/22 maxlen: 24
62.3.192.0/18 maxlen: 24
212.67.96.0/19 maxlen: 24
185.173.120.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
185.175.48.0/22 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
79.68.0.0/14 maxlen: 24
62.241.160.0/19 maxlen: 24
195.149.0.0/18 maxlen: 24
213.78.0.0/16 maxlen: 24
195.137.0.0/17 maxlen: 24
79.73.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:15:21:9e:2e:78:9d:d3:f1:1b:7f:e9:e3:a8:75:07:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Feb 3 02:36:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3224aa8c682cec4bf0112bcde3766ee1f6d95aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e9:76:62:9b:78:3d:d6:dc:11:0c:9e:d1:c9:
7e:5c:e3:b6:bc:a8:b7:63:37:25:36:de:5f:18:a3:
86:7a:d8:f2:ad:23:a0:8c:5d:3a:17:4c:a0:e4:12:
c9:b4:49:fc:60:48:ca:39:93:1e:6e:e7:e5:8d:59:
5f:71:25:c5:62:80:3b:4e:e3:4a:e8:32:eb:3f:58:
4b:bd:48:2b:8a:60:76:f9:cf:c1:80:cb:ac:85:49:
71:a4:26:42:16:7c:fc:60:e0:9f:11:ee:d0:d0:2d:
1b:db:55:2c:2f:3a:94:7d:35:f0:9c:b0:6f:96:0a:
4c:ac:46:4e:50:5f:94:cd:68:14:bc:fb:ee:88:63:
54:dc:ff:43:e3:46:e0:74:aa:40:de:1c:a3:72:06:
77:14:89:50:bd:9d:ba:56:0c:28:f9:43:be:32:d8:
3f:c0:24:bd:5e:d3:e1:f5:11:87:5e:1b:29:20:d7:
79:90:03:36:4d:ab:4a:3b:d1:2c:18:6c:38:30:52:
47:3e:08:84:72:08:77:47:15:7e:91:db:51:f3:67:
e3:4b:34:c2:97:0f:16:f4:21:60:1f:f9:39:be:78:
ef:e1:1f:b4:81:85:48:a6:b7:30:db:5c:eb:80:3c:
39:d8:91:e6:ac:11:b5:6b:99:1c:23:a3:ce:ac:35:
06:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:24:AA:8C:68:2C:EC:4B:F0:11:2B:CD:E3:76:6E:E1:F6:D9:5A:AA
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/MiSqjGgs7EvwESvN43Zu4fbZWqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
79.66.0.0-79.71.255.255
79.73.0.0/16
79.75.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
84.43.0.0/17
87.242.128.0/17
88.104.0.0/13
89.168.128.0/17
89.240.0.0/14
91.146.112.0/21
92.0.0.0/11
185.173.116.0-185.173.123.255
185.175.48.0/22
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.67.96.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.78.0.0/16
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:c6:9a:66:5a:0d:23:08:b4:c9:34:e4:27:87:f0:2a:25:09:
6e:a6:77:2f:a8:d8:c5:11:ef:a7:e3:11:23:06:ad:31:7a:a8:
05:b0:5a:f9:76:1c:96:2a:69:6f:44:e4:1b:67:14:08:08:18:
89:a2:34:62:14:84:84:4c:fb:73:78:2d:37:9f:02:19:f0:cb:
41:52:85:40:38:6c:aa:bc:75:bb:ad:da:36:16:7f:a4:b5:c2:
78:2c:61:12:4f:2a:9b:3d:c2:4d:71:f4:9f:d7:a7:ce:f2:f8:
1a:98:09:60:9a:5d:24:4c:b8:ac:f0:32:be:15:0b:ed:fe:33:
5d:28:91:85:b8:e8:3a:7f:cd:b9:57:54:d6:47:6e:95:a6:7c:
31:2c:a8:46:9e:b7:fc:27:0e:a4:93:d8:a4:80:36:7c:f9:a3:
f1:8d:b2:db:dc:68:19:a0:e6:13:63:e4:70:47:42:18:26:45:
8a:b7:58:c0:3e:8a:ec:0e:93:50:20:e9:fc:d6:0e:f3:49:27:
82:91:9a:ae:a8:58:aa:f0:fc:e8:9e:2b:4b:f3:95:19:6c:6a:
88:7f:10:ab:f0:35:23:b2:65:6c:eb:c2:88:60:67:03:b9:a9:
4e:3d:86:b2:31:a2:43:d6:77:44:12:2a:1a:58:ed:aa:60:12:
23:b7:f5:5c
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAYYVIZ4ueJ3T8Rt/6eOodQfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwMjAzMDIzNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI0YWE4YzY4MmNlYzRiZjAxMTJiY2RlMzc2NmVlMWY2ZDk1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiel2Ypt4PdbcEQye0cl+XOO2vKi3
YzclNt5fGKOGetjyrSOgjF06F0yg5BLJtEn8YEjKOZMebufljVlfcSXFYoA7TuNK
6DLrP1hLvUgrimB2+c/BgMushUlxpCZCFnz8YOCfEe7Q0C0b21UsLzqUfTXwnLBv
lgpMrEZOUF+UzWgUvPvuiGNU3P9D40bgdKpA3hyjcgZ3FIlQvZ26Vgwo+UO+Mtg/
wCS9XtPh9RGHXhspINd5kAM2TatKO9EsGGw4MFJHPgiEcgh3RxV+kdtR82fjSzTC
lw8W9CFgH/k5vnjv4R+0gYVIprcw21zrgDw52JHmrBG1a5kcI6POrDUGawIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFDIkqoxoLOxL8BErzeN2buH22VqqMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvTWlTcWpHZ3M3RXZ3RVN2TjQzWnU0ZmJaV3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCCAQsEAgABMIIB
AwMDAwJgAwQGPgPAAwQHPhiAAwQFPvGgAwMDTpAwCgMDAU9CAwMDT0ADAwBPSTAK
AwMAT0sDAwRPQAMDA1AoAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgADAwFRsgMEB1KF
AAMDAFNDAwMAVAwDBAdUKwADBAdX8oADAwNYaAMEB1mogAMDAlnwAwQDW5JwAwMF
XAAwDAMEArmtdAMEArmteAMEArmvMAMEArmvkAMEAMHaYwMEBcJqIAMEBcL34AME
BsNwAAMEB8OJAAMEBsOVAAMEBdQBgAMEBdRDYAMEBdRKYAMDANSLAwQG1J+AAwMA
1U4DBAbV0EADBAXZCAADBATZRIAwDQYJKoZIhvcNAQELBQADggEBAKbGmmZaDSMI
tMk05CeH8ColCW6mdy+o2MUR76fjESMGrTF6qAWwWvl2HJYqaW9E5BtnFAgIGImi
NGIUhIRM+3N4LTefAhnwy0FShUA4bKq8dbut2jYWf6S1wngsYRJPKps9wk1x9J/X
p87y+BqYCWCaXSRMuKzwMr4VC+3+M10okYW46Dp/zblXVNZHbpWmfDEsqEaet/wn
DqST2KSANnz5o/GNstvcaBmg5hNj5HBHQhgmRYq3WMA+iuwOk1Ag6fzWDvNJJ4KR
mq6oWKrw/OieK0vzlRlsaoh/EKvwNSOyZWzrwohgZwO5qU49hrIxokPWd0QSKhpY
7apgEiO39Vw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:44 2024 by rpki-client on console-fra.rpki-client.org