Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/MEq7ozTr4xaREtHyNSTfPqOnS_k.roa
File: MEq7ozTr4xaREtHyNSTfPqOnS_k.roa (raw, json)
Hash identifier: 8ZzikWv4aJpKcpIWvuR2r/zg0kqGFT8MSRZebajaGAk=
Subject key identifier: 30:4A:BB:A3:34:EB:E3:16:91:12:D1:F2:35:24:DF:3E:A3:A7:4B:F9
Certificate issuer: /CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Certificate serial: 018CC8DF5014C2D1AF32631A21297780C9C0
Authority key identifier: 06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/MEq7ozTr4xaREtHyNSTfPqOnS_k.roa
Signing time: Tue 02 Jan 2024 06:32:07 +0000
ROA not before: Tue 02 Jan 2024 06:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25133
IP address blocks: 92.43.80.0/22 maxlen: 22
91.211.136.0/22 maxlen: 22
185.228.100.0/22 maxlen: 22
45.158.48.0/22 maxlen: 22
185.208.112.0/22 maxlen: 22
176.67.0.0/21 maxlen: 21
176.67.8.0/22 maxlen: 22
176.67.17.0/24 maxlen: 24
176.67.16.0/24 maxlen: 24
176.67.12.0/22 maxlen: 22
176.67.24.0/24 maxlen: 24
176.67.23.0/24 maxlen: 24
176.67.22.0/24 maxlen: 24
176.67.21.0/24 maxlen: 24
176.67.20.0/24 maxlen: 24
176.67.19.0/24 maxlen: 24
176.67.18.0/24 maxlen: 24
176.67.30.0/24 maxlen: 24
176.67.29.0/24 maxlen: 24
176.67.28.0/24 maxlen: 24
176.67.27.0/24 maxlen: 24
176.67.26.0/24 maxlen: 24
176.67.25.0/24 maxlen: 24
109.227.96.0/19 maxlen: 19
185.62.96.0/22 maxlen: 22
185.96.28.0/22 maxlen: 22
185.203.244.0/22 maxlen: 22
194.1.220.0/23 maxlen: 23
78.137.33.0/24 maxlen: 24
78.137.32.0/24 maxlen: 24
78.137.36.0/22 maxlen: 22
78.137.35.0/24 maxlen: 24
78.137.34.0/24 maxlen: 24
78.137.40.0/21 maxlen: 21
78.137.48.0/20 maxlen: 20
46.255.32.0/22 maxlen: 22
46.255.36.0/22 maxlen: 22
185.103.42.0/23 maxlen: 23
185.103.40.0/23 maxlen: 23
193.254.197.0/24 maxlen: 24
193.254.196.0/24 maxlen: 24
78.137.0.0/19 maxlen: 19
217.115.96.0/21 maxlen: 21
217.115.104.0/21 maxlen: 21
193.0.240.0/24 maxlen: 24
92.118.220.0/22 maxlen: 22
91.244.0.0/18 maxlen: 18
212.55.92.0/22 maxlen: 22
152.89.20.0/22 maxlen: 22
37.139.160.0/22 maxlen: 22
37.139.164.0/22 maxlen: 22
109.227.64.0/19 maxlen: 19
37.139.172.0/24 maxlen: 24
37.139.171.0/24 maxlen: 24
37.139.170.0/24 maxlen: 24
37.139.169.0/24 maxlen: 24
37.139.168.0/24 maxlen: 24
37.139.179.0/24 maxlen: 24
37.139.178.0/24 maxlen: 24
37.139.177.0/24 maxlen: 24
195.95.232.0/23 maxlen: 23
37.139.176.0/24 maxlen: 24
37.139.175.0/24 maxlen: 24
37.139.174.0/24 maxlen: 24
37.139.173.0/24 maxlen: 24
37.139.184.0/22 maxlen: 22
37.139.180.0/22 maxlen: 22
37.139.188.0/22 maxlen: 22
185.176.112.0/22 maxlen: 22
185.176.108.0/22 maxlen: 22
185.41.192.0/23 maxlen: 23
45.95.164.0/22 maxlen: 22
212.55.64.0/22 maxlen: 22
185.41.194.0/23 maxlen: 23
212.55.68.0/22 maxlen: 22
212.55.76.0/22 maxlen: 22
212.55.74.0/23 maxlen: 23
212.55.72.0/23 maxlen: 23
212.55.84.0/23 maxlen: 23
212.55.80.0/22 maxlen: 22
185.220.94.0/23 maxlen: 23
212.55.88.0/22 maxlen: 22
212.55.86.0/23 maxlen: 23
185.3.149.0/24 maxlen: 24
185.3.148.0/24 maxlen: 24
185.3.151.0/24 maxlen: 24
185.128.92.0/22 maxlen: 22
83.142.48.0/22 maxlen: 22
213.108.52.0/22 maxlen: 22
178.216.16.0/21 maxlen: 21
2a02:c080::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:50:14:c2:d1:af:32:63:1a:21:29:77:80:c9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Validity
Not Before: Jan 2 06:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=304abba334ebe3169112d1f23524df3ea3a74bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8e:0f:b8:e0:9c:4b:78:e8:d8:f4:81:12:70:
84:6b:5e:91:19:1b:be:e4:6b:f6:00:0c:67:a0:8a:
24:71:06:43:36:25:b4:e9:5c:c1:1f:d9:ce:46:d6:
bd:e4:ed:09:99:48:3d:53:94:ea:36:6e:32:fc:2a:
e1:c2:36:8d:81:4a:1a:76:e4:6d:87:86:f5:8c:c6:
9e:0e:90:ad:6d:99:b4:54:23:56:47:97:66:99:96:
ff:5c:8b:f3:ff:a1:52:82:e5:e7:9d:8a:c2:dc:5a:
d9:94:55:03:d1:e4:0b:bf:c8:d5:bd:71:dd:f6:cd:
c1:be:86:16:06:3b:3a:72:9b:71:08:dd:5e:91:e2:
4f:b7:69:72:d5:b4:24:0f:c6:04:31:40:04:b9:c5:
c0:d5:aa:33:1e:0b:b2:80:33:dd:18:f1:c3:5d:23:
41:f5:44:08:be:d3:62:c7:77:01:db:de:a7:b6:d1:
1d:bf:6d:4d:c9:50:7c:bf:70:4c:af:77:0c:07:de:
07:41:01:0a:0e:ca:b6:3f:66:5b:bd:ea:47:d0:03:
34:20:2d:0c:70:2c:35:18:b0:10:93:29:97:f8:c4:
b7:e5:c8:8d:56:36:26:19:0f:83:e3:95:c7:6a:c2:
3a:b6:59:d7:51:99:35:fd:bc:f5:db:74:10:5b:ee:
2b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4A:BB:A3:34:EB:E3:16:91:12:D1:F2:35:24:DF:3E:A3:A7:4B:F9
X509v3 Authority Key Identifier:
keyid:06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/MEq7ozTr4xaREtHyNSTfPqOnS_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.160.0/19
45.95.164.0/22
45.158.48.0/22
46.255.32.0/21
78.137.0.0/18
83.142.48.0/22
91.211.136.0/22
91.244.0.0/18
92.43.80.0/22
92.118.220.0/22
109.227.64.0/18
152.89.20.0/22
176.67.0.0-176.67.30.255
178.216.16.0/21
185.3.148.0/23
185.3.151.0/24
185.41.192.0/22
185.62.96.0/22
185.96.28.0/22
185.103.40.0/22
185.128.92.0/22
185.176.108.0-185.176.115.255
185.203.244.0/22
185.208.112.0/22
185.220.94.0/23
185.228.100.0/22
193.0.240.0/24
193.254.196.0/23
194.1.220.0/23
195.95.232.0/23
212.55.64.0/19
213.108.52.0/22
217.115.96.0/20
IPv6:
2a02:c080::/29
Signature Algorithm: sha256WithRSAEncryption
08:11:21:51:64:54:78:d3:a8:e9:76:8e:ca:3b:3a:d1:9f:14:
e8:64:ea:4c:d7:ea:e6:dd:73:85:a3:db:7d:8d:3b:ea:0a:1f:
0a:2f:1c:d1:4a:73:34:1b:a8:c8:5e:6e:d3:8b:68:f2:6b:e2:
67:52:ea:69:c8:b3:64:d9:2d:f6:00:d6:99:e7:de:29:fc:dd:
1e:19:a4:2c:f7:43:31:57:33:69:c3:6a:10:5b:03:3b:97:63:
19:7c:1f:ed:1f:2b:3b:91:db:a1:4d:b3:3c:92:59:8e:64:cc:
07:dd:64:71:8d:30:d4:57:a1:e3:a1:ad:cf:26:00:f5:b2:5b:
1c:d7:cf:6e:3f:e3:10:35:37:ed:66:84:e4:76:b9:c0:e8:b0:
50:ef:21:ac:7a:55:e8:eb:e2:7b:30:b0:cb:f5:5a:ee:67:c7:
85:23:ab:3b:c2:46:3c:d8:65:40:94:35:2a:64:4f:6a:8f:6a:
ba:25:2a:45:59:1c:da:ab:16:b4:47:7f:6a:e0:39:87:34:7a:
27:f0:67:d6:0a:a1:fd:a2:ec:d3:ce:da:9a:84:40:3b:34:a0:
2f:b5:ec:a6:ad:31:56:24:03:e9:39:ab:63:2c:89:53:4d:6f:
81:63:7e:88:92:aa:29:6c:e6:a5:70:6f:16:a9:34:99:4d:f6:
8d:53:ca:8c
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYzI31AUwtGvMmMaISl3gMnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OGNjOGY1N2EyYjNjMjI5OWIxZjQ4MmI2N2UxNWQ5ZGU0
M2FkM2MwHhcNMjQwMTAyMDYzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDRhYmJhMzM0ZWJlMzE2OTExMmQxZjIzNTI0ZGYzZWEzYTc0YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho4PuOCcS3jo2PSBEnCEa16RGRu+
5Gv2AAxnoIokcQZDNiW06VzBH9nORta95O0JmUg9U5TqNm4y/CrhwjaNgUoaduRt
h4b1jMaeDpCtbZm0VCNWR5dmmZb/XIvz/6FSguXnnYrC3FrZlFUD0eQLv8jVvXHd
9s3BvoYWBjs6cptxCN1ekeJPt2ly1bQkD8YEMUAEucXA1aozHguygDPdGPHDXSNB
9UQIvtNix3cB296nttEdv21NyVB8v3BMr3cMB94HQQEKDsq2P2ZbvepH0AM0IC0M
cCw1GLAQkymX+MS35ciNVjYmGQ+D45XHasI6tlnXUZk1/bz123QQW+4rnwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFDBKu6M06+MWkRLR8jUk3z6jp0v5MB8GA1UdIwQY
MBaAFAaMyPV6KzwimbH0grZ+FdneQ608MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2It
MmEyODQxNmQ0NWIyLzEvTUVxN296VHI0eGFSRXRIeU5TVGZQcU9uU19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2ItMmEyODQxNmQ0NWIy
LzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgdwEAgABMIHVAwQF
JYugAwQCLV+kAwQCLZ4wAwQDLv8gAwQGTokAAwQCU44wAwQCW9OIAwQGW/QAAwQC
XCtQAwQCXHbcAwQGbeNAAwQCmFkUMAsDAwCwQwMEALBDHgMEA7LYEAMEAbkDlAME
ALkDlwMEArkpwAMEArk+YAMEArlgHAMEArlnKAMEArmAXDAMAwQCubBsAwQCubBw
AwQCucv0AwQCudBwAwQBudxeAwQCueRkAwQAwQDwAwQBwf7EAwQBwgHcAwQBw1/o
AwQF1DdAAwQC1Ww0AwQE2XNgMA0EAgACMAcDBQMqAsCAMA0GCSqGSIb3DQEBCwUA
A4IBAQAIESFRZFR406jpdo7KOzrRnxToZOpM1+rm3XOFo9t9jTvqCh8KLxzRSnM0
G6jIXm7Ti2jya+JnUuppyLNk2S32ANaZ594p/N0eGaQs90MxVzNpw2oQWwM7l2MZ
fB/tHys7kduhTbM8klmOZMwH3WRxjTDUV6Hjoa3PJgD1slsc189uP+MQNTftZoTk
drnA6LBQ7yGselXo6+J7MLDL9VruZ8eFI6s7wkY82GVAlDUqZE9qj2q6JSpFWRza
qxa0R39q4DmHNHon8GfWCqH9ouzTztqahEA7NKAvteymrTFWJAPpOatjLIlTTW+B
Y36IkqopbOalcG8WqTSZTfaNU8qM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:58 2024 by rpki-client on console-ams.rpki-client.org