Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/z5lrqddwdQJ3QjJuAv_xZxKFRv0.roa
File: z5lrqddwdQJ3QjJuAv_xZxKFRv0.roa (raw, json)
Hash identifier: 6A1EJV0qheMINsVzRL4jADmh0cPFswIKUy5Ta9dCBXU=
Subject key identifier: CF:99:6B:A9:D7:70:75:02:77:42:32:6E:02:FF:F1:67:12:85:46:FD
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 10CBB9EB
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/z5lrqddwdQJ3QjJuAv_xZxKFRv0.roa
Signing time: Sat 01 Jan 2022 02:51:05 +0000
ROA not before: Sat 01 Jan 2022 02:51:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
85.210.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.225.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
81.1.64.0/18 maxlen: 24
89.168.0.0/16 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
195.149.0.0/18 maxlen: 24
79.64.0.0/12 maxlen: 24
62.64.128.0/17 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 281786859 (0x10cbb9eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jan 1 02:51:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf996ba9d77075027742326e02fff167128546fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ba:26:06:78:42:f8:91:30:84:4f:b3:c7:33:
52:f0:bb:79:40:cb:70:f8:20:83:0a:b5:e6:9b:4f:
7c:ae:0d:17:55:3a:86:f0:7a:78:41:da:97:76:e5:
35:36:1e:ac:78:ef:fd:5a:6b:04:83:ad:50:30:9b:
4f:c1:79:ea:6a:52:6e:bb:10:40:04:6f:f1:ef:1e:
2b:ae:74:26:37:e0:9e:73:ff:07:57:a7:e1:73:45:
f8:b4:0d:e2:b0:fb:50:fd:49:35:2d:4d:48:f4:97:
f5:6c:ee:d8:10:81:4e:3f:d4:a7:1e:d5:f5:92:00:
35:f8:a8:ca:38:db:ef:38:9e:45:b9:5b:22:d9:46:
6c:dc:99:11:75:59:33:d0:da:3f:71:af:0a:42:44:
29:cd:cf:6a:f0:59:80:7e:01:e3:4d:9a:d2:33:68:
d9:27:c8:24:cf:38:29:71:9e:bc:14:e7:dc:61:57:
fb:94:8f:1f:d2:af:4a:bb:b4:1f:bc:12:5f:be:04:
0d:76:11:65:db:42:aa:ae:21:f0:46:d0:84:46:16:
27:04:90:bf:24:74:62:35:64:d0:9d:5d:80:0f:ef:
5c:18:99:67:22:81:5e:28:0f:24:3b:bf:ec:be:28:
35:b2:c1:d5:14:a6:63:6d:09:e5:d8:e3:b5:28:81:
7c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:99:6B:A9:D7:70:75:02:77:42:32:6E:02:FF:F1:67:12:85:46:FD
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/z5lrqddwdQJ3QjJuAv_xZxKFRv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
62.64.128.0/17
79.64.0.0/12
80.40.0.0/13
80.225.0.0/16
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
85.210.0.0/15
88.104.0.0/13
89.168.0.0/16
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
21:7d:70:ab:e8:da:79:f0:f1:da:5f:4d:e3:a7:07:a6:08:16:
89:59:78:29:21:05:46:c0:08:a0:26:a4:ec:2e:93:c2:bb:8d:
41:92:48:70:ba:b6:ee:d4:26:e9:50:9b:e1:c9:29:e9:20:e9:
93:52:68:1c:e4:a0:12:7f:87:2d:cf:b2:b1:d8:95:30:bd:74:
65:c4:6e:f1:74:08:4d:6e:a9:96:ef:8a:8c:66:df:a2:25:b8:
88:20:29:31:8c:04:01:8b:3b:15:5e:e9:9e:0e:9f:f9:24:01:
c5:e4:d2:63:5c:f4:42:c7:84:79:f6:2c:40:47:26:83:95:3c:
ec:b5:74:1f:57:ff:e0:79:3d:e3:30:89:10:40:ea:c8:8f:6e:
37:f9:5a:88:95:1a:d7:f2:a6:46:4e:1d:26:d1:f3:d4:3f:b1:
e6:3f:71:73:99:3d:b4:06:bf:6b:bc:cc:cf:f4:9b:a5:ab:af:
ee:fc:04:1f:bc:ed:99:92:f8:bf:ca:3b:2b:27:43:f0:0f:1a:
c2:1c:46:11:6e:da:dd:5e:f1:e2:16:01:80:fc:d1:56:c8:30:
83:80:e8:f5:78:8e:af:85:64:c1:a6:47:5f:38:75:55:fb:6b:
f2:37:0d:99:9d:db:9d:13:00:b7:ef:a6:88:1c:b0:90:ad:27:
14:fe:da:bd
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIEEMu56zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OTgwN2Y2ZDUwZDk3ZDk3MWRjZjJlMmU1MDY0ZTliOTA3YWRiM2VjMB4XDTIyMDEw
MTAyNTEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y5OTZiYTlkNzcw
NzUwMjc3NDIzMjZlMDJmZmYxNjcxMjg1NDZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy6JgZ4QviRMIRPs8czUvC7eUDLcPgggwq15ptPfK4NF1U6
hvB6eEHal3blNTYerHjv/VprBIOtUDCbT8F56mpSbrsQQARv8e8eK650JjfgnnP/
B1en4XNF+LQN4rD7UP1JNS1NSPSX9Wzu2BCBTj/Upx7V9ZIANfioyjjb7zieRblb
ItlGbNyZEXVZM9DaP3GvCkJEKc3PavBZgH4B402a0jNo2SfIJM84KXGevBTn3GFX
+5SPH9KvSru0H7wSX74EDXYRZdtCqq4h8EbQhEYWJwSQvyR0YjVk0J1dgA/vXBiZ
ZyKBXigPJDu/7L4oNbLB1RSmY20J5djjtSiBfPMCAwEAAaOCAqUwggKhMB0GA1Ud
DgQWBBTPmWup13B1AndCMm4C//FnEoVG/TAfBgNVHSMEGDAWgBSpgH9tUNl9lx3P
Li5QZOm5B62z7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FZQl9iVkRaZlpjZHp5NHVVR1RwdVFldHMtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvY2E5ZGJlLTAwOTUtNDBmMy1iOTMyLTBkOGY3ZGQ4Y2NlNi8x
L3o1bHJxZGR3ZFFKM1FqSnVBdl94WnhLRlJ2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
Y2E5ZGJlLTAwOTUtNDBmMy1iOTMyLTBkOGY3ZGQ4Y2NlNi8xL3FZQl9iVkRaZlpj
ZHp5NHVVR1RwdVFldHMtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ugYIKwYBBQUHAQcBAf8EgaowgacwgaQEAgABMIGdAwQGPgPAAwQHPkCAAwMET0AD
AwNQKAMDAFDhAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgADAwFRsgMEB1KFAAMDAFND
AwMAVAwDAwFV0gMDA1hoAwMAWagDBAK5r5ADBADB2mMDBAXCaiADBAXC9+ADBAbD
cAADBAfDiQADBAbDlQADBAXUAYADBAXUSmADAwDUiwMEBtSfgAMEBtXQQDANBgkq
hkiG9w0BAQsFAAOCAQEAIX1wq+jaefDx2l9N46cHpggWiVl4KSEFRsAIoCak7C6T
wruNQZJIcLq27tQm6VCb4ckp6SDpk1JoHOSgEn+HLc+ysdiVML10ZcRu8XQITW6p
lu+KjGbfoiW4iCApMYwEAYs7FV7png6f+SQBxeTSY1z0QseEefYsQEcmg5U87LV0
H1f/4Hk94zCJEEDqyI9uN/laiJUa1/KmRk4dJtHz1D+x5j9xc5k9tAa/a7zMz/Sb
pauv7vwEH7ztmZL4v8o7KydD8A8awhxGEW7a3V7x4hYBgPzRVsgwg4Do9XiOr4Vk
waZHXzh1Vftr8jcNmZ3bnRMAt++miBywkK0nFP7avQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org