Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/zqU7uIpwIz_AnB4i8ZgFhAUMGX8.roa
File: zqU7uIpwIz_AnB4i8ZgFhAUMGX8.roa (raw, json)
Hash identifier: 2rcFI7NTgDfvT1LtOR0quV/jcURlAEfe8IkqbCLrc7E=
Subject key identifier: CE:A5:3B:B8:8A:70:23:3F:C0:9C:1E:22:F1:98:05:84:05:0C:19:7F
Certificate issuer: /CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Certificate serial: 04EFEF65
Authority key identifier: 06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/zqU7uIpwIz_AnB4i8ZgFhAUMGX8.roa
Signing time: Fri 08 Apr 2022 06:08:30 +0000
ROA not before: Fri 08 Apr 2022 06:08:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25133
IP address blocks: 92.43.80.0/22 maxlen: 22
91.211.136.0/22 maxlen: 22
185.228.100.0/22 maxlen: 22
45.158.48.0/22 maxlen: 22
185.208.112.0/22 maxlen: 22
176.67.0.0/21 maxlen: 21
176.67.8.0/22 maxlen: 22
176.67.17.0/24 maxlen: 24
176.67.16.0/24 maxlen: 24
176.67.12.0/22 maxlen: 22
176.67.24.0/24 maxlen: 24
176.67.23.0/24 maxlen: 24
176.67.22.0/24 maxlen: 24
176.67.21.0/24 maxlen: 24
176.67.20.0/24 maxlen: 24
176.67.19.0/24 maxlen: 24
176.67.18.0/24 maxlen: 24
176.67.30.0/24 maxlen: 24
176.67.29.0/24 maxlen: 24
176.67.28.0/24 maxlen: 24
176.67.27.0/24 maxlen: 24
176.67.26.0/24 maxlen: 24
176.67.25.0/24 maxlen: 24
109.227.96.0/19 maxlen: 19
185.62.96.0/22 maxlen: 22
185.96.28.0/22 maxlen: 22
185.203.244.0/22 maxlen: 22
194.1.220.0/23 maxlen: 23
78.137.33.0/24 maxlen: 24
78.137.32.0/24 maxlen: 24
78.137.36.0/22 maxlen: 22
78.137.35.0/24 maxlen: 24
78.137.34.0/24 maxlen: 24
78.137.40.0/21 maxlen: 21
78.137.48.0/20 maxlen: 20
46.255.32.0/22 maxlen: 22
46.255.36.0/22 maxlen: 22
185.103.42.0/23 maxlen: 23
185.103.40.0/23 maxlen: 23
193.254.197.0/24 maxlen: 24
193.254.196.0/24 maxlen: 24
78.137.0.0/19 maxlen: 19
217.115.96.0/21 maxlen: 21
217.115.104.0/21 maxlen: 21
193.0.240.0/24 maxlen: 24
92.118.220.0/22 maxlen: 22
91.244.0.0/18 maxlen: 18
212.55.92.0/22 maxlen: 22
152.89.20.0/22 maxlen: 22
37.139.160.0/22 maxlen: 22
37.139.164.0/22 maxlen: 22
109.227.64.0/19 maxlen: 19
37.139.172.0/24 maxlen: 24
37.139.171.0/24 maxlen: 24
37.139.170.0/24 maxlen: 24
37.139.169.0/24 maxlen: 24
37.139.168.0/24 maxlen: 24
37.139.179.0/24 maxlen: 24
37.139.178.0/24 maxlen: 24
37.139.177.0/24 maxlen: 24
195.95.232.0/23 maxlen: 23
37.139.176.0/24 maxlen: 24
37.139.175.0/24 maxlen: 24
37.139.174.0/24 maxlen: 24
37.139.173.0/24 maxlen: 24
37.139.184.0/22 maxlen: 22
37.139.180.0/22 maxlen: 22
37.139.188.0/22 maxlen: 22
185.176.112.0/22 maxlen: 22
185.176.108.0/22 maxlen: 22
185.41.192.0/23 maxlen: 23
212.55.64.0/22 maxlen: 22
185.41.194.0/23 maxlen: 23
212.55.68.0/22 maxlen: 22
212.55.76.0/22 maxlen: 22
212.55.74.0/23 maxlen: 23
212.55.72.0/23 maxlen: 23
212.55.84.0/23 maxlen: 23
212.55.80.0/22 maxlen: 22
185.220.94.0/23 maxlen: 23
212.55.88.0/22 maxlen: 22
212.55.86.0/23 maxlen: 23
185.3.149.0/24 maxlen: 24
185.3.148.0/24 maxlen: 24
185.3.151.0/24 maxlen: 24
185.128.92.0/22 maxlen: 22
83.142.48.0/22 maxlen: 22
213.108.52.0/22 maxlen: 22
178.216.16.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82833253 (0x4efef65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Validity
Not Before: Apr 8 06:08:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cea53bb88a70233fc09c1e22f1980584050c197f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c5:1d:db:13:14:2a:c4:34:68:2e:a3:eb:c0:
74:c6:fc:eb:36:41:e3:01:a3:09:32:33:ed:9e:92:
c5:4c:ef:56:cc:e7:55:12:fa:59:c1:fa:85:0f:de:
ad:37:b8:37:11:77:b8:3f:9b:4b:4f:76:81:9b:9a:
5d:ae:5b:f6:3e:9c:09:09:45:93:c0:24:8a:56:9b:
e4:68:ce:c8:fc:ea:15:68:8d:b7:a5:ed:6b:72:58:
6a:ef:a0:4d:cd:d0:0f:e4:8b:e8:95:56:29:da:a3:
c1:30:43:8b:8a:45:e9:f1:8d:86:51:19:b4:cc:2a:
8f:09:a1:35:ad:44:42:48:89:1b:31:0d:c5:f0:db:
04:3a:0d:43:ed:2f:a7:b7:71:13:aa:ae:40:d2:a2:
d3:83:ad:43:84:bb:95:f5:d5:cc:b8:43:fe:9b:0a:
39:6a:c9:13:34:7e:71:6a:f3:5f:8c:e9:52:eb:7a:
47:c7:c9:c1:b5:ff:d9:d3:1c:2b:c8:31:98:37:a1:
32:ec:63:1d:f5:f7:ea:d6:47:e6:b6:40:cd:e8:f7:
95:f0:40:79:73:26:ab:f3:83:43:cd:7b:4d:b3:f7:
69:db:fa:24:d6:0b:29:73:33:db:52:b2:e3:6d:5b:
87:60:25:0e:e7:90:0b:04:ef:4b:fd:a2:e8:39:53:
bd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A5:3B:B8:8A:70:23:3F:C0:9C:1E:22:F1:98:05:84:05:0C:19:7F
X509v3 Authority Key Identifier:
keyid:06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/zqU7uIpwIz_AnB4i8ZgFhAUMGX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.160.0/19
45.158.48.0/22
46.255.32.0/21
78.137.0.0/18
83.142.48.0/22
91.211.136.0/22
91.244.0.0/18
92.43.80.0/22
92.118.220.0/22
109.227.64.0/18
152.89.20.0/22
176.67.0.0-176.67.30.255
178.216.16.0/21
185.3.148.0/23
185.3.151.0/24
185.41.192.0/22
185.62.96.0/22
185.96.28.0/22
185.103.40.0/22
185.128.92.0/22
185.176.108.0-185.176.115.255
185.203.244.0/22
185.208.112.0/22
185.220.94.0/23
185.228.100.0/22
193.0.240.0/24
193.254.196.0/23
194.1.220.0/23
195.95.232.0/23
212.55.64.0/19
213.108.52.0/22
217.115.96.0/20
Signature Algorithm: sha256WithRSAEncryption
67:7b:d5:ab:0c:92:15:2a:25:8a:dc:48:94:1b:92:89:31:33:
63:43:4c:83:8f:88:aa:c4:07:97:43:83:1f:10:2d:1d:f0:d9:
b4:b4:77:bb:1f:14:75:d9:d8:2b:85:27:4a:1e:b6:03:41:1f:
c8:17:c3:e1:d3:60:df:0f:09:10:78:6e:85:78:9d:5b:a3:5c:
71:97:dc:f0:02:59:ee:75:71:e8:1b:1a:63:91:87:cf:61:c6:
9f:aa:f7:5f:27:a8:b1:00:e2:06:a3:a6:99:23:81:e0:d5:a0:
54:0a:ed:ff:16:1d:39:70:be:08:b7:83:6d:2b:d3:71:ea:73:
1f:de:a5:ac:34:29:7e:e5:32:a1:9e:8f:e4:fa:24:44:22:ad:
3a:77:58:15:20:2f:4e:75:98:e0:b0:82:88:33:12:88:68:06:
de:ef:00:30:7f:e9:33:dc:c9:33:67:6d:64:9f:88:79:c1:f8:
26:79:c2:6d:67:0c:6c:df:b6:f3:d7:2e:9a:7d:fe:41:35:12:
c5:89:70:5f:c2:b3:73:08:fc:61:70:8b:2c:39:ff:b7:0e:a3:
41:29:f0:e8:c0:15:5a:39:73:ce:40:d8:4c:b4:95:19:6c:93:
88:eb:03:24:40:35:e6:b9:73:9b:0f:e9:7a:a1:2f:d4:3a:19:
25:be:a3:91
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIEBO/vZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjhjYzhmNTdhMmIzYzIyOTliMWY0ODJiNjdlMTVkOWRlNDNhZDNjMB4XDTIyMDQw
ODA2MDgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VhNTNiYjg4YTcw
MjMzZmMwOWMxZTIyZjE5ODA1ODQwNTBjMTk3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/FHdsTFCrENGguo+vAdMb86zZB4wGjCTIz7Z6SxUzvVszn
VRL6WcH6hQ/erTe4NxF3uD+bS092gZuaXa5b9j6cCQlFk8Akilab5GjOyPzqFWiN
t6Xta3JYau+gTc3QD+SL6JVWKdqjwTBDi4pF6fGNhlEZtMwqjwmhNa1EQkiJGzEN
xfDbBDoNQ+0vp7dxE6quQNKi04OtQ4S7lfXVzLhD/psKOWrJEzR+cWrzX4zpUut6
R8fJwbX/2dMcK8gxmDehMuxjHfX36tZH5rZAzej3lfBAeXMmq/ODQ817TbP3adv6
JNYLKXMz21Ky421bh2AlDueQCwTvS/2i6DlTvf8CAwEAAaOCAtcwggLTMB0GA1Ud
DgQWBBTOpTu4inAjP8CcHiLxmAWEBQwZfzAfBgNVHSMEGDAWgBQGjMj1eis8Ipmx
9IK2fhXZ3kOtPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Jvekk5WG9yUENLWnNmU0N0bjRWMmQ1RHJUdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvZGJkZThjLWEwZmMtNDRkNy05OTNiLTJhMjg0MTZkNDViMi8x
L3pxVTd1SXB3SXpfQW5CNGk4WmdGaEFVTUdYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
ZGJkZThjLWEwZmMtNDRkNy05OTNiLTJhMjg0MTZkNDViMi8xL0Jvekk5WG9yUENL
WnNmU0N0bjRWMmQ1RHJUdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
7AYIKwYBBQUHAQcBAf8EgdwwgdkwgdYEAgABMIHPAwQFJYugAwQCLZ4wAwQDLv8g
AwQGTokAAwQCU44wAwQCW9OIAwQGW/QAAwQCXCtQAwQCXHbcAwQGbeNAAwQCmFkU
MAsDAwCwQwMEALBDHgMEA7LYEAMEAbkDlAMEALkDlwMEArkpwAMEArk+YAMEArlg
HAMEArlnKAMEArmAXDAMAwQCubBsAwQCubBwAwQCucv0AwQCudBwAwQBudxeAwQC
ueRkAwQAwQDwAwQBwf7EAwQBwgHcAwQBw1/oAwQF1DdAAwQC1Ww0AwQE2XNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBne9WrDJIVKiWK3EiUG5KJMTNjQ0yDj4iqxAeXQ4Mf
EC0d8Nm0tHe7HxR12dgrhSdKHrYDQR/IF8Ph02DfDwkQeG6FeJ1bo1xxl9zwAlnu
dXHoGxpjkYfPYcafqvdfJ6ixAOIGo6aZI4Hg1aBUCu3/Fh05cL4It4NtK9Nx6nMf
3qWsNCl+5TKhno/k+iREIq06d1gVIC9OdZjgsIKIMxKIaAbe7wAwf+kz3MkzZ21k
n4h5wfgmecJtZwxs37bz1y6aff5BNRLFiXBfwrNzCPxhcIssOf+3DqNBKfDowBVa
OXPOQNhMtJUZbJOI6wMkQDXmuXObD+l6oS/UOhklvqOR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:04 2024 by rpki-client on console-fra.rpki-client.org