Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/DxJ8pAg3XdpG9mP7ZngSHqdxZJM.roa
File: DxJ8pAg3XdpG9mP7ZngSHqdxZJM.roa (raw, json)
Hash identifier: YMY76Ck9dNr8lMlAdXWi+CXSeydHtRxsAxK6fGoD7jo=
Subject key identifier: 0F:12:7C:A4:08:37:5D:DA:46:F6:63:FB:66:78:12:1E:A7:71:64:93
Certificate issuer: /CN=ec3543aa00373e9e4d10e64c83d3779b378888c1
Certificate serial: 0184C78E4775B2F48BFDA6D0DD837190C368
Authority key identifier: EC:35:43:AA:00:37:3E:9E:4D:10:E6:4C:83:D3:77:9B:37:88:88:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DVDqgA3Pp5NEOZMg9N3mzeIiME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/DxJ8pAg3XdpG9mP7ZngSHqdxZJM.roa
Signing time: Wed 30 Nov 2022 08:01:41 +0000
ROA not before: Wed 30 Nov 2022 08:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15598
IP address blocks: 62.146.192.0/22 maxlen: 22
62.146.188.0/22 maxlen: 22
62.146.196.0/22 maxlen: 22
62.146.204.0/22 maxlen: 22
62.146.200.0/22 maxlen: 22
62.146.212.0/22 maxlen: 22
62.146.208.0/22 maxlen: 22
62.146.216.0/22 maxlen: 22
62.146.220.0/22 maxlen: 22
62.146.240.0/22 maxlen: 22
62.146.136.0/22 maxlen: 22
62.146.144.0/22 maxlen: 22
212.112.224.0/19 maxlen: 19
62.146.140.0/22 maxlen: 22
62.146.152.0/22 maxlen: 22
62.146.148.0/22 maxlen: 22
62.146.156.0/22 maxlen: 22
62.146.164.0/22 maxlen: 22
62.146.160.0/22 maxlen: 22
62.146.184.0/22 maxlen: 22
62.146.252.0/22 maxlen: 22
62.146.248.0/22 maxlen: 22
62.146.4.0/22 maxlen: 22
62.146.0.0/22 maxlen: 22
62.146.8.0/22 maxlen: 22
62.146.0.0/16 maxlen: 16
62.146.5.0/24 maxlen: 24
62.146.12.0/22 maxlen: 22
62.146.17.0/24 maxlen: 24
62.146.16.0/22 maxlen: 22
62.146.24.0/22 maxlen: 22
62.146.20.0/22 maxlen: 22
62.146.84.0/22 maxlen: 22
62.146.80.0/22 maxlen: 22
62.146.88.0/22 maxlen: 22
62.146.96.0/22 maxlen: 22
62.146.92.0/22 maxlen: 22
62.146.104.0/22 maxlen: 22
62.146.100.0/22 maxlen: 22
62.146.112.0/22 maxlen: 22
62.146.108.0/22 maxlen: 22
62.146.116.0/22 maxlen: 22
62.146.124.0/22 maxlen: 22
62.146.120.0/22 maxlen: 22
62.146.132.0/22 maxlen: 22
62.146.128.0/22 maxlen: 22
62.146.28.0/22 maxlen: 22
62.146.36.0/22 maxlen: 22
62.146.32.0/22 maxlen: 22
62.146.44.0/22 maxlen: 22
62.146.40.0/22 maxlen: 22
62.146.48.0/22 maxlen: 22
62.146.56.0/22 maxlen: 22
62.146.52.0/22 maxlen: 22
62.146.64.0/22 maxlen: 22
62.146.60.0/22 maxlen: 22
62.146.68.0/22 maxlen: 22
62.146.76.0/22 maxlen: 22
62.146.72.0/22 maxlen: 22
81.17.96.0/20 maxlen: 20
81.17.104.0/22 maxlen: 22
81.17.112.0/24 maxlen: 24
81.17.111.0/24 maxlen: 24
81.17.112.0/22 maxlen: 22
81.17.108.0/22 maxlen: 22
81.17.116.0/22 maxlen: 22
81.17.116.0/24 maxlen: 24
81.17.115.0/24 maxlen: 24
81.17.114.0/24 maxlen: 24
81.17.113.0/24 maxlen: 24
80.190.136.0/21 maxlen: 21
80.190.144.0/21 maxlen: 21
80.190.152.0/21 maxlen: 21
80.190.160.0/21 maxlen: 21
80.190.168.0/21 maxlen: 21
80.190.176.0/21 maxlen: 21
80.190.184.0/21 maxlen: 21
80.190.88.0/21 maxlen: 21
80.190.96.0/19 maxlen: 19
80.190.96.0/21 maxlen: 21
80.190.104.0/21 maxlen: 21
80.190.112.0/21 maxlen: 21
80.190.120.0/21 maxlen: 21
80.190.128.0/21 maxlen: 21
80.190.128.0/19 maxlen: 19
80.190.240.0/21 maxlen: 21
80.190.240.0/20 maxlen: 20
80.190.248.0/21 maxlen: 21
80.190.192.0/21 maxlen: 21
212.123.96.0/19 maxlen: 19
80.190.200.0/21 maxlen: 21
80.190.208.0/21 maxlen: 21
80.190.216.0/21 maxlen: 21
80.190.224.0/21 maxlen: 21
80.190.232.0/21 maxlen: 21
82.149.68.0/22 maxlen: 22
82.149.84.0/22 maxlen: 22
82.149.88.0/22 maxlen: 22
82.149.92.0/22 maxlen: 22
82.149.64.0/22 maxlen: 22
80.190.32.0/21 maxlen: 21
80.190.32.0/19 maxlen: 19
80.190.40.0/21 maxlen: 21
80.190.48.0/21 maxlen: 21
80.190.56.0/21 maxlen: 21
80.190.64.0/21 maxlen: 21
80.190.64.0/19 maxlen: 19
80.190.0.0/21 maxlen: 21
80.190.8.0/21 maxlen: 21
80.190.0.0/16 maxlen: 16
80.190.16.0/21 maxlen: 21
80.190.24.0/21 maxlen: 21
2a01:138::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:8e:47:75:b2:f4:8b:fd:a6:d0:dd:83:71:90:c3:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3543aa00373e9e4d10e64c83d3779b378888c1
Validity
Not Before: Nov 30 08:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f127ca408375dda46f663fb6678121ea7716493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:10:5e:e9:9e:c6:4a:ce:3b:6c:bd:e8:3e:8a:
c0:83:31:42:f9:bb:12:15:85:2e:1e:85:ea:48:db:
95:db:60:12:79:b2:ac:2a:4f:6b:9e:93:1c:c2:c2:
e1:81:88:95:08:de:b6:ed:71:4a:fe:15:3f:7d:f8:
05:c0:11:3f:21:14:22:4e:9e:ae:ef:e4:90:5c:28:
42:8f:d6:ae:8c:c8:6b:d8:ec:1b:d7:a7:8f:2d:67:
7c:be:fa:82:ff:6a:d8:7b:69:68:ad:ed:01:ad:c3:
7f:a2:39:4e:6d:be:2b:0c:7c:c0:5f:56:62:e3:e1:
93:3a:85:22:c0:f3:ca:58:14:87:ac:94:05:ed:76:
a0:21:47:a6:12:52:0d:43:76:68:f4:1c:cf:a7:39:
41:08:06:c2:a2:00:63:0c:ba:96:8d:29:05:78:e7:
b3:43:16:5f:05:4d:57:ea:56:3c:2e:f8:56:93:10:
97:27:85:39:38:6f:47:86:04:6e:89:21:81:2a:d0:
e1:c2:38:01:00:c0:5e:b0:c6:24:df:8b:49:02:1c:
c6:51:7b:52:76:e2:6a:2c:2b:d0:5e:c2:d6:4b:19:
c0:96:ad:86:58:77:3c:d8:90:7a:6f:f4:57:16:42:
53:c5:e6:39:7c:28:70:ee:cb:84:a6:29:df:0b:34:
36:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:12:7C:A4:08:37:5D:DA:46:F6:63:FB:66:78:12:1E:A7:71:64:93
X509v3 Authority Key Identifier:
keyid:EC:35:43:AA:00:37:3E:9E:4D:10:E6:4C:83:D3:77:9B:37:88:88:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DVDqgA3Pp5NEOZMg9N3mzeIiME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/DxJ8pAg3XdpG9mP7ZngSHqdxZJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/19e715-ffaa-4c43-b79a-56f6ecc1c121/1/7DVDqgA3Pp5NEOZMg9N3mzeIiME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.0.0/16
80.190.0.0/16
81.17.96.0-81.17.119.255
82.149.64.0/21
82.149.84.0-82.149.95.255
212.112.224.0/19
212.123.96.0/19
IPv6:
2a01:138::/32
Signature Algorithm: sha256WithRSAEncryption
0d:14:53:4c:0b:62:83:15:23:e1:05:18:47:ee:5e:5d:65:a5:
5b:f3:30:06:b7:9a:43:bb:3e:b3:2c:de:d7:dc:c8:1d:45:23:
08:66:b4:58:5c:ef:a4:c8:30:52:ae:45:8b:52:ca:d7:76:a8:
ec:0e:a2:10:bb:96:06:14:90:25:63:46:3f:90:7d:60:e8:10:
75:d0:f3:f2:1e:55:4a:58:9d:a8:a6:e1:c8:12:36:04:e4:86:
77:ac:cd:7e:5c:71:15:7a:a4:13:a4:60:57:85:c2:4e:59:39:
13:da:a1:20:92:2e:fa:29:3a:2a:a7:bf:7a:fb:5a:5a:de:86:
a7:bf:d2:9b:e1:b1:89:cb:e2:98:5b:6c:0b:d2:9d:79:b9:93:
73:87:cb:89:75:01:39:d2:6c:37:97:7d:45:45:6d:1d:ad:e2:
0e:77:3b:9a:d7:d0:6a:51:3a:09:12:d5:0b:d0:ac:24:81:f6:
ea:f8:78:86:72:fd:a3:03:d9:a1:69:8a:c4:3e:2b:04:df:a4:
98:e9:8b:58:ae:6e:1d:7d:c8:8c:8b:dd:a0:5e:ee:45:49:22:
8b:c9:b1:79:8e:ee:ef:75:6b:5a:89:13:80:c6:3e:59:b8:3a:
08:b3:37:6f:55:58:0c:eb:a8:f2:5f:7c:2c:7a:20:c0:4f:bb:
ca:08:f3:6d
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYTHjkd1svSL/abQ3YNxkMNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMzU0M2FhMDAzNzNlOWU0ZDEwZTY0YzgzZDM3NzliMzc4
ODg4YzEwHhcNMjIxMTMwMDgwMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjEyN2NhNDA4Mzc1ZGRhNDZmNjYzZmI2Njc4MTIxZWE3NzE2NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRBe6Z7GSs47bL3oPorAgzFC+bsS
FYUuHoXqSNuV22ASebKsKk9rnpMcwsLhgYiVCN627XFK/hU/ffgFwBE/IRQiTp6u
7+SQXChCj9aujMhr2Owb16ePLWd8vvqC/2rYe2lore0BrcN/ojlObb4rDHzAX1Zi
4+GTOoUiwPPKWBSHrJQF7XagIUemElINQ3Zo9BzPpzlBCAbCogBjDLqWjSkFeOez
QxZfBU1X6lY8LvhWkxCXJ4U5OG9HhgRuiSGBKtDhwjgBAMBesMYk34tJAhzGUXtS
duJqLCvQXsLWSxnAlq2GWHc82JB6b/RXFkJTxeY5fChw7suEpinfCzQ2jwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFA8SfKQIN13aRvZj+2Z4Eh6ncWSTMB8GA1UdIwQY
MBaAFOw1Q6oANz6eTRDmTIPTd5s3iIjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RWRHFnQTNQcDVORU9aTWc5TjNtemVJaU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xOWU3MTUtZmZhYS00YzQzLWI3OWEt
NTZmNmVjYzFjMTIxLzEvRHhKOHBBZzNYZHBHOW1QN1puZ1NIcWR4WkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xOWU3MTUtZmZhYS00YzQzLWI3OWEtNTZmNmVjYzFjMTIx
LzEvN0RWRHFnQTNQcDVORU9aTWc5TjNtemVJaU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwMAPpIDAwBQ
vjAMAwQFURFgAwQDURFwAwQDUpVAMAwDBAJSlVQDBAVSlUADBAXUcOADBAXUe2Aw
DQQCAAIwBwMFACoBATgwDQYJKoZIhvcNAQELBQADggEBAA0UU0wLYoMVI+EFGEfu
Xl1lpVvzMAa3mkO7PrMs3tfcyB1FIwhmtFhc76TIMFKuRYtSytd2qOwOohC7lgYU
kCVjRj+QfWDoEHXQ8/IeVUpYnaim4cgSNgTkhneszX5ccRV6pBOkYFeFwk5ZORPa
oSCSLvopOiqnv3r7Wlrehqe/0pvhsYnL4phbbAvSnXm5k3OHy4l1ATnSbDeXfUVF
bR2t4g53O5rX0GpROgkS1QvQrCSB9ur4eIZy/aMD2aFpisQ+KwTfpJjpi1iubh19
yIyL3aBe7kVJIovJsXmO7u91a1qJE4DGPlm4OgizN29VWAzrqPJffCx6IMBPu8oI
820=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:38 2023 by rpki-client on console-ams.rpki-client.org