Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/Cmj8ofZ0-FR6H8peC0_D9JgbvHE.roa
File: Cmj8ofZ0-FR6H8peC0_D9JgbvHE.roa (raw, json)
Hash identifier: Pg2YdW++7IFtIMLtgF1j5ulBq0lxoZ51BCslO9NoLRk=
Subject key identifier: 0A:68:FC:A1:F6:74:F8:54:7A:1F:CA:5E:0B:4F:C3:F4:98:1B:BC:71
Certificate issuer: /CN=ec3543aa00373e9e4d10e64c83d3779b378888c1
Certificate serial: 0184CF70189970DB5C80A4FED6F327377FFE
Authority key identifier: EC:35:43:AA:00:37:3E:9E:4D:10:E6:4C:83:D3:77:9B:37:88:88:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DVDqgA3Pp5NEOZMg9N3mzeIiME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/Cmj8ofZ0-FR6H8peC0_D9JgbvHE.roa
Signing time: Thu 01 Dec 2022 20:45:40 +0000
ROA not before: Thu 01 Dec 2022 20:45:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15598
IP address blocks: 62.146.192.0/22 maxlen: 22
62.146.188.0/22 maxlen: 22
62.146.196.0/22 maxlen: 22
62.146.204.0/22 maxlen: 22
62.146.200.0/22 maxlen: 22
62.146.212.0/22 maxlen: 22
62.146.208.0/22 maxlen: 22
62.146.216.0/22 maxlen: 22
62.146.220.0/22 maxlen: 22
62.146.240.0/22 maxlen: 22
62.146.136.0/22 maxlen: 22
62.146.144.0/22 maxlen: 22
212.112.224.0/19 maxlen: 19
62.146.140.0/22 maxlen: 22
62.146.152.0/22 maxlen: 22
62.146.148.0/22 maxlen: 22
62.146.156.0/22 maxlen: 22
62.146.164.0/22 maxlen: 22
62.146.160.0/22 maxlen: 22
62.146.184.0/22 maxlen: 22
62.146.252.0/22 maxlen: 22
62.146.248.0/22 maxlen: 22
62.146.4.0/22 maxlen: 22
62.146.0.0/22 maxlen: 22
62.146.8.0/22 maxlen: 22
62.146.5.0/24 maxlen: 24
62.146.12.0/22 maxlen: 22
62.146.17.0/24 maxlen: 24
62.146.16.0/22 maxlen: 22
62.146.24.0/22 maxlen: 22
62.146.20.0/22 maxlen: 22
62.146.84.0/22 maxlen: 22
62.146.80.0/22 maxlen: 22
62.146.88.0/22 maxlen: 22
62.146.96.0/22 maxlen: 22
62.146.92.0/22 maxlen: 22
62.146.104.0/22 maxlen: 22
62.146.100.0/22 maxlen: 22
62.146.112.0/22 maxlen: 22
62.146.108.0/22 maxlen: 22
62.146.116.0/22 maxlen: 22
62.146.124.0/22 maxlen: 22
62.146.120.0/22 maxlen: 22
62.146.132.0/22 maxlen: 22
62.146.128.0/22 maxlen: 22
62.146.28.0/22 maxlen: 22
62.146.36.0/22 maxlen: 22
62.146.32.0/22 maxlen: 22
62.146.44.0/22 maxlen: 22
62.146.40.0/22 maxlen: 22
62.146.48.0/22 maxlen: 22
62.146.56.0/22 maxlen: 22
62.146.52.0/22 maxlen: 22
62.146.64.0/22 maxlen: 22
62.146.60.0/22 maxlen: 22
62.146.68.0/22 maxlen: 22
62.146.76.0/22 maxlen: 22
62.146.72.0/22 maxlen: 22
81.17.104.0/22 maxlen: 22
81.17.112.0/22 maxlen: 22
81.17.108.0/22 maxlen: 22
81.17.116.0/22 maxlen: 22
81.17.116.0/24 maxlen: 24
81.17.115.0/24 maxlen: 24
81.17.114.0/24 maxlen: 24
81.17.113.0/24 maxlen: 24
80.190.136.0/21 maxlen: 21
80.190.144.0/21 maxlen: 21
80.190.152.0/21 maxlen: 21
80.190.160.0/21 maxlen: 21
80.190.168.0/21 maxlen: 21
80.190.176.0/21 maxlen: 21
80.190.184.0/21 maxlen: 21
80.190.88.0/21 maxlen: 21
80.190.96.0/21 maxlen: 21
80.190.104.0/21 maxlen: 21
80.190.112.0/21 maxlen: 21
80.190.120.0/21 maxlen: 21
80.190.128.0/21 maxlen: 21
80.190.240.0/21 maxlen: 21
80.190.248.0/21 maxlen: 21
80.190.192.0/21 maxlen: 21
212.123.96.0/19 maxlen: 19
80.190.200.0/21 maxlen: 21
80.190.208.0/21 maxlen: 21
80.190.216.0/21 maxlen: 21
80.190.224.0/21 maxlen: 21
80.190.232.0/21 maxlen: 21
82.149.68.0/22 maxlen: 22
82.149.84.0/22 maxlen: 22
82.149.88.0/22 maxlen: 22
82.149.92.0/22 maxlen: 22
82.149.64.0/22 maxlen: 22
80.190.32.0/21 maxlen: 21
80.190.40.0/21 maxlen: 21
80.190.48.0/21 maxlen: 21
80.190.56.0/21 maxlen: 21
80.190.64.0/21 maxlen: 21
80.190.0.0/21 maxlen: 21
80.190.8.0/21 maxlen: 21
80.190.16.0/21 maxlen: 21
80.190.24.0/21 maxlen: 21
2a01:138::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cf:70:18:99:70:db:5c:80:a4:fe:d6:f3:27:37:7f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3543aa00373e9e4d10e64c83d3779b378888c1
Validity
Not Before: Dec 1 20:45:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a68fca1f674f8547a1fca5e0b4fc3f4981bbc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d7:c4:7f:f8:fc:34:8e:11:e6:c6:f2:cd:3b:
20:a1:21:8d:77:58:12:7d:f2:63:30:95:7f:8c:b6:
51:74:89:41:0a:00:07:0a:c0:3d:b8:3c:03:a6:5e:
17:03:36:6f:1c:80:8b:15:a2:89:6e:c1:44:9e:1b:
d7:9f:45:c9:b0:83:cf:0b:fa:4c:62:32:f3:2b:87:
51:36:30:97:a8:69:d8:b8:f5:94:e1:a2:e3:e9:a8:
ca:3e:6a:37:61:1a:53:7f:66:57:33:c8:f6:39:00:
ab:aa:f8:68:93:8b:2b:1b:93:65:d3:1b:9e:2a:4c:
b0:b4:ae:da:05:2b:a2:5d:f5:cc:88:d9:d5:8b:5c:
b7:1b:2d:b2:f7:a7:af:5c:ce:bc:6a:30:67:0b:ba:
34:0c:e9:48:39:d6:39:46:3e:16:27:e3:4a:47:13:
e4:97:ae:23:3a:50:24:48:16:89:64:43:f2:ad:e2:
4c:2d:78:c4:17:02:d9:8d:2a:29:a5:c1:de:cb:be:
89:8c:e6:3b:bb:93:f6:73:0f:11:fc:44:3f:8b:78:
5b:8a:2d:b9:12:9e:21:b7:e9:8b:b1:c4:70:64:77:
1c:dd:1a:dd:61:21:72:59:70:5d:3c:f0:8f:a5:c9:
ff:4c:72:49:f2:42:7c:89:ae:a0:24:b8:9b:bb:86:
a6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:68:FC:A1:F6:74:F8:54:7A:1F:CA:5E:0B:4F:C3:F4:98:1B:BC:71
X509v3 Authority Key Identifier:
keyid:EC:35:43:AA:00:37:3E:9E:4D:10:E6:4C:83:D3:77:9B:37:88:88:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DVDqgA3Pp5NEOZMg9N3mzeIiME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/Cmj8ofZ0-FR6H8peC0_D9JgbvHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/7DVDqgA3Pp5NEOZMg9N3mzeIiME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.0.0-62.146.167.255
62.146.184.0-62.146.223.255
62.146.240.0/22
62.146.248.0/21
80.190.0.0-80.190.71.255
80.190.88.0-80.190.255.255
81.17.104.0-81.17.119.255
82.149.64.0/21
82.149.84.0-82.149.95.255
212.112.224.0/19
212.123.96.0/19
IPv6:
2a01:138::/32
Signature Algorithm: sha256WithRSAEncryption
31:0c:d5:68:20:33:14:60:fb:20:61:81:16:85:fd:36:a9:c6:
b8:08:8e:19:c8:86:28:5c:d7:15:56:b6:99:12:27:2b:a7:5e:
76:29:9f:58:98:78:f8:e8:3e:ba:a5:13:51:09:f9:d2:83:aa:
24:53:23:6d:4e:f2:01:4f:68:a6:20:50:27:9b:68:ee:32:c0:
7a:3a:8e:61:37:d6:a0:89:31:6f:16:5b:ba:df:e5:25:c7:bc:
e5:12:c9:ab:d3:8e:19:3d:c1:81:57:45:30:8f:87:c3:6f:41:
fc:aa:1c:4f:51:f8:48:16:0f:79:1e:43:93:f4:21:c1:33:3a:
42:4a:c7:71:37:26:f5:c4:56:35:cf:29:44:a7:45:e0:c1:5d:
97:e2:f1:80:d0:49:33:a9:51:4f:ce:58:ce:87:06:f6:92:e6:
13:47:f1:8d:83:ff:d0:a0:18:62:f9:43:86:6a:97:a8:06:d0:
66:08:98:7c:90:d1:81:6b:5f:9c:cf:ba:ae:46:95:d3:93:48:
21:96:13:4a:55:48:3b:ce:6f:be:f2:19:93:17:07:ee:0b:48:
a6:b5:cc:e2:9f:0e:79:9f:87:f2:a9:71:45:79:6b:7d:d1:77:
57:e0:0f:81:b8:65:d8:fd:5b:43:ce:25:60:f9:1c:04:6d:22:
5f:28:50:6b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYTPcBiZcNtcgKT+1vMnN3/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMzU0M2FhMDAzNzNlOWU0ZDEwZTY0YzgzZDM3NzliMzc4
ODg4YzEwHhcNMjIxMjAxMjA0NTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTY4ZmNhMWY2NzRmODU0N2ExZmNhNWUwYjRmYzNmNDk4MWJiYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitfEf/j8NI4R5sbyzTsgoSGNd1gS
ffJjMJV/jLZRdIlBCgAHCsA9uDwDpl4XAzZvHICLFaKJbsFEnhvXn0XJsIPPC/pM
YjLzK4dRNjCXqGnYuPWU4aLj6ajKPmo3YRpTf2ZXM8j2OQCrqvhok4srG5Nl0xue
KkywtK7aBSuiXfXMiNnVi1y3Gy2y96evXM68ajBnC7o0DOlIOdY5Rj4WJ+NKRxPk
l64jOlAkSBaJZEPyreJMLXjEFwLZjSoppcHey76JjOY7u5P2cw8R/EQ/i3hbii25
Ep4ht+mLscRwZHcc3RrdYSFyWXBdPPCPpcn/THJJ8kJ8ia6gJLibu4amzQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFApo/KH2dPhUeh/KXgtPw/SYG7xxMB8GA1UdIwQY
MBaAFOw1Q6oANz6eTRDmTIPTd5s3iIjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RWRHFnQTNQcDVORU9aTWc5TjNtemVJaU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xOWU3MTUtZmZhYS00YzQzLWI3OWEt
NTZmNmVjYzFjMTIxLzEvQ21qOG9mWjAtRlI2SDhwZUMwX0Q5SmdidkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xOWU3MTUtZmZhYS00YzQzLWI3OWEtNTZmNmVjYzFjMTIx
LzEvN0RWRHFnQTNQcDVORU9aTWc5TjNtemVJaU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvMAsDAwE+
kgMEAz6SoDAMAwQDPpK4AwQFPpLAAwQCPpLwAwQDPpL4MAsDAwFQvgMEA1C+QDAL
AwQDUL5YAwMAUL4wDAMEA1ERaAMEA1ERcAMEA1KVQDAMAwQCUpVUAwQFUpVAAwQF
1HDgAwQF1HtgMA0EAgACMAcDBQAqAQE4MA0GCSqGSIb3DQEBCwUAA4IBAQAxDNVo
IDMUYPsgYYEWhf02qca4CI4ZyIYoXNcVVraZEicrp152KZ9YmHj46D66pRNRCfnS
g6okUyNtTvIBT2imIFAnm2juMsB6Oo5hN9agiTFvFlu63+Ulx7zlEsmr044ZPcGB
V0Uwj4fDb0H8qhxPUfhIFg95HkOT9CHBMzpCSsdxNyb1xFY1zylEp0XgwV2X4vGA
0EkzqVFPzljOhwb2kuYTR/GNg//QoBhi+UOGapeoBtBmCJh8kNGBa1+cz7quRpXT
k0ghlhNKVUg7zm++8hmTFwfuC0imtczinw55n4fyqXFFeWt90XdX4A+BuGXY/VtD
ziVg+RwEbSJfKFBr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:02 2025 by rpki-client