Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/0RyWAKZX-hPEUnLO-HwhzVtvBCY.roa
File: 0RyWAKZX-hPEUnLO-HwhzVtvBCY.roa (raw, json)
Hash identifier: nlKP1Ch62YDU7Ka/GuGWFdhmWIw+UT0KHuyWOH/c9n4=
Subject key identifier: D1:1C:96:00:A6:57:FA:13:C4:52:72:CE:F8:7C:21:CD:5B:6F:04:26
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 165638BF
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/0RyWAKZX-hPEUnLO-HwhzVtvBCY.roa
Signing time: Fri 03 Jun 2022 15:23:20 +0000
ROA not before: Fri 03 Jun 2022 15:23:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/22 maxlen: 22
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
185.106.107.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.135.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.70.0/23 maxlen: 23
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
213.135.88.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 374749375 (0x165638bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Jun 3 15:23:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d11c9600a657fa13c45272cef87c21cd5b6f0426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0c:f6:13:40:62:25:31:ee:b9:8e:2b:e6:17:
7e:b2:f9:76:01:5c:31:6a:71:7b:b4:be:d6:b1:2a:
da:f7:d7:b2:c5:48:3b:8e:57:6b:22:b3:0d:1f:d9:
ab:64:60:ec:7a:8d:25:4f:24:33:1b:97:a3:31:3d:
68:f8:90:da:39:50:f4:f7:dc:4f:38:6c:84:87:83:
d7:ee:87:8b:c6:92:60:bf:41:42:4e:34:65:86:35:
4a:d7:dd:cc:cf:ba:8b:61:21:e0:2c:07:cf:e7:18:
62:c7:4f:f9:65:1d:f7:e9:4e:45:09:0a:ee:f2:67:
2c:98:a1:d1:69:46:42:a6:72:15:48:fe:fc:8d:a3:
74:e0:0d:9d:cb:41:e9:0f:78:b5:7b:86:00:04:4f:
9e:d7:fd:22:12:fc:ab:2d:14:01:d2:7e:43:46:45:
e0:be:0a:9d:eb:be:a4:b0:ac:78:86:ed:43:6e:9a:
49:e8:16:b7:78:d1:3d:35:90:90:dc:9a:0d:ca:b1:
06:d0:91:6f:e9:f1:3d:50:4d:70:74:b5:71:71:90:
86:73:28:72:b3:27:d7:1f:44:d3:04:36:91:22:f6:
be:82:cc:4e:1d:bc:63:71:e0:ef:28:92:19:cf:92:
83:80:46:36:9c:73:22:fc:39:fe:eb:79:e0:5e:7a:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1C:96:00:A6:57:FA:13:C4:52:72:CE:F8:7C:21:CD:5B:6F:04:26
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/0RyWAKZX-hPEUnLO-HwhzVtvBCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.177.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.73.255
213.135.77.0/24
213.135.79.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
84:c3:d7:79:8f:a6:c0:ae:fa:ce:08:00:f8:19:df:b5:d4:b5:
5d:35:21:fb:0b:ff:e1:e2:f8:39:4a:dc:f2:46:4b:3e:ec:f5:
a3:2c:da:46:90:2b:cb:9a:8f:0b:c6:08:54:e6:e5:30:fa:11:
13:49:54:e2:9f:02:9e:79:11:d2:a7:1b:88:35:1b:38:c5:6e:
f4:b0:9a:f6:5f:6b:87:0f:29:69:81:3e:18:fb:9a:41:87:0d:
b4:f2:bd:3e:e0:ce:39:dc:d6:45:22:c3:24:0b:84:af:47:b0:
bb:a8:b5:0f:41:9b:68:5e:dd:d4:1f:9d:36:be:b6:0a:55:91:
bd:d4:8c:ed:32:28:aa:34:41:8d:ec:56:49:1a:b8:53:d4:0a:
cb:fe:6a:9a:40:bf:54:fe:be:98:ef:12:bd:44:fc:6a:de:b6:
0a:38:b5:3e:e9:73:ee:0e:96:5b:da:f9:68:31:5f:14:3a:e0:
80:63:67:c5:af:6f:a7:a6:33:89:92:d1:cb:f6:41:e6:e5:ea:
9c:61:da:12:11:0d:83:50:88:8a:35:37:2a:b9:62:e5:bc:7a:
e0:2b:dc:4e:3e:74:49:27:d2:b9:3d:a6:9d:07:2d:a8:c3:44:
de:ac:1c:4b:9c:56:2b:8b:77:68:05:c4:b1:10:c9:a0:40:95:
ca:0f:59:2a
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIEFlY4vzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjM4MTg1NTRhNTE4MDhlZWZiODI5ZWM3NDY1YTMyMjJmMjcwMTIzMB4XDTIyMDYw
MzE1MjMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDExYzk2MDBhNjU3
ZmExM2M0NTI3MmNlZjg3YzIxY2Q1YjZmMDQyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgM9hNAYiUx7rmOK+YXfrL5dgFcMWpxe7S+1rEq2vfXssVI
O45XayKzDR/Zq2Rg7HqNJU8kMxuXozE9aPiQ2jlQ9PfcTzhshIeD1+6Hi8aSYL9B
Qk40ZYY1StfdzM+6i2Eh4CwHz+cYYsdP+WUd9+lORQkK7vJnLJih0WlGQqZyFUj+
/I2jdOANnctB6Q94tXuGAARPntf9IhL8qy0UAdJ+Q0ZF4L4Kneu+pLCseIbtQ26a
SegWt3jRPTWQkNyaDcqxBtCRb+nxPVBNcHS1cXGQhnMocrMn1x9E0wQ2kSL2voLM
Th28Y3Hg7yiSGc+Sg4BGNpxzIvw5/ut54F56/tUCAwEAAaOCAwYwggMCMB0GA1Ud
DgQWBBTRHJYAplf6E8RScs74fCHNW28EJjAfBgNVHSMEGDAWgBSPOBhVSlGAju+4
Kex0ZaMiLycBIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p6Z1lWVXBSZ0k3dnVDbnNkR1dqSWk4bkFTTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvMDlkYmE0LTFjOTMtNDlkNi04ODg4LWJmYjRiYTMwZTQ1YS8x
LzBSeVdBS1pYLWhQRVVuTE8tSHdoelZ0dkJDWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
MDlkYmE0LTFjOTMtNDlkNi04ODg4LWJmYjRiYTMwZTQ1YS8xL2p6Z1lWVXBSZ0k3
dnVDbnNkR1dqSWk4bkFTTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ARoGCCsGAQUFBwEHAQH/BIIBCTCCAQUwgfMEAgABMIHsAwQFTV6gMAwDBARRGpAD
BAJRGpgDBAJUL4AwDAMEAVQvhgMEAFQviDAMAwQCVC+MAwQBVC+QMAwDBABUL5MD
BAFUL5gwDAMEAlQvnAMEAVQvpDAMAwQDVC+oAwQBVC+wMAwDBABUL7UDBANUL7AD
BAFUL7oDBAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAtWH
QDAMAwQA1YdFAwQB1YdIAwQA1YdNMAwDBADVh08DBALVh1gwDAMEBdXQoAMEANXQ
qjAMAwQC1dCsAwQA1dC4MAwDBAHV0LoDBAbV0IAwDQQCAAIwBwMFAyoCC8gwDQYJ
KoZIhvcNAQELBQADggEBAITD13mPpsCu+s4IAPgZ37XUtV01IfsL/+Hi+DlK3PJG
Sz7s9aMs2kaQK8uajwvGCFTm5TD6ERNJVOKfAp55EdKnG4g1GzjFbvSwmvZfa4cP
KWmBPhj7mkGHDbTyvT7gzjnc1kUiwyQLhK9HsLuotQ9Bm2he3dQfnTa+tgpVkb3U
jO0yKKo0QY3sVkkauFPUCsv+appAv1T+vpjvEr1E/Gretgo4tT7pc+4Ollva+Wgx
XxQ64IBjZ8Wvb6emM4mS0cv2Qebl6pxh2hIRDYNQiIo1Nyq5YuW8euAr3E4+dEkn
0rk9pp0HLajDRN6sHEucViuLd2gFxLEQyaBAlcoPWSo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:25:52 2025 by rpki-client