Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/6dFnSUa1eA7GYU-VVTfsA5FIotw.roa
File: 6dFnSUa1eA7GYU-VVTfsA5FIotw.roa (raw, json)
Hash identifier: tAKc3FM6pWFGMitToPgeQ58VHYYKh7Oz1SM7d/x2/PE=
Subject key identifier: E9:D1:67:49:46:B5:78:0E:C6:61:4F:95:55:37:EC:03:91:48:A2:DC
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 156E6AA8
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/6dFnSUa1eA7GYU-VVTfsA5FIotw.roa
Signing time: Mon 21 Feb 2022 11:16:25 +0000
ROA not before: Mon 21 Feb 2022 11:16:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/22 maxlen: 22
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
185.106.107.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.70.0/23 maxlen: 23
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359557800 (0x156e6aa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Feb 21 11:16:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9d1674946b5780ec6614f955537ec039148a2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:a4:dc:70:1d:41:e5:df:4d:86:71:10:26:1d:
34:a5:44:72:bf:b5:d1:e6:79:1d:52:a8:85:af:5f:
bb:2d:9a:82:28:11:92:9b:72:51:b2:5d:98:dd:0e:
b9:69:4e:db:0f:c8:98:68:7a:c8:2f:28:d0:22:2c:
8e:22:af:79:6d:c1:d9:f8:6c:39:9f:bb:03:ee:a9:
46:2a:03:1a:95:a4:ef:87:fe:79:99:af:13:22:8f:
32:3c:2d:78:64:4e:a7:b6:60:a7:51:f3:41:54:c4:
d9:d5:b5:83:3e:bc:1e:dc:b0:2e:32:3c:db:d3:b4:
cb:a5:fa:5a:f7:70:08:cf:b5:55:1f:90:f4:ad:90:
c2:09:aa:00:c4:bb:bb:19:2d:55:35:78:cd:7d:ea:
93:00:d7:c8:21:5a:2e:81:f8:f8:2e:3d:04:ea:b5:
40:00:48:37:8a:94:90:f1:9f:6f:fe:d1:46:2a:b7:
72:db:68:79:9e:28:18:16:35:2e:b5:f2:cc:12:14:
af:dd:12:60:e4:cc:53:54:c3:e5:ad:e4:71:24:0a:
41:15:fa:0b:ae:65:65:e7:81:f3:9d:8d:f5:84:d3:
44:01:83:63:e1:e3:76:f9:3a:15:53:02:7b:c4:69:
64:19:84:5c:09:51:81:12:4a:e0:f6:bf:51:32:0d:
ee:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D1:67:49:46:B5:78:0E:C6:61:4F:95:55:37:EC:03:91:48:A2:DC
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/6dFnSUa1eA7GYU-VVTfsA5FIotw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.177.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.73.255
213.135.77.0/24
213.135.79.0-213.135.87.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
6a:ef:82:bc:17:48:71:c7:3d:98:5e:4c:1b:4e:34:05:d3:f3:
12:ad:ec:ed:99:0e:18:3d:27:e7:c7:43:e0:ed:c7:9d:fe:ce:
8d:ab:21:86:46:e5:1e:1a:88:a5:90:f6:91:54:d6:75:e9:b6:
f3:e4:6c:c3:f6:10:51:5b:1a:f2:e7:9a:d6:00:5b:ca:8d:e2:
6f:62:0d:89:9c:d9:e0:79:26:f7:18:59:14:22:ab:3a:65:ae:
26:51:0e:2d:eb:d1:c3:6a:9f:6d:ce:21:23:2f:c7:01:e0:3f:
a1:9b:c0:3e:a6:6d:08:7a:f4:d1:d7:eb:83:22:ab:8c:24:37:
a4:86:c9:37:fa:2e:c4:d7:39:f1:c2:f0:bb:e7:3d:e6:16:c1:
8f:5a:57:ac:4d:7b:d1:99:ce:47:00:79:64:c8:fc:5a:a1:13:
46:b0:73:e9:bf:14:dc:8d:39:38:06:15:88:74:e2:3f:1b:b0:
26:53:a2:af:d4:2a:a0:ca:c7:0a:5e:f9:44:ca:50:3a:b5:93:
65:31:89:6f:da:31:af:9a:0d:ba:48:6c:85:db:8a:bb:53:a1:
21:11:b7:76:28:c7:24:94:88:6c:32:ee:d6:2d:2a:db:92:ce:
d1:4c:2e:8e:43:1c:3c:a1:54:bd:a1:31:e8:f5:79:4a:cf:d3:
d8:cb:2e:b6
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIEFW5qqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjM4MTg1NTRhNTE4MDhlZWZiODI5ZWM3NDY1YTMyMjJmMjcwMTIzMB4XDTIyMDIy
MTExMTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTlkMTY3NDk0NmI1
NzgwZWM2NjE0Zjk1NTUzN2VjMDM5MTQ4YTJkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPmk3HAdQeXfTYZxECYdNKVEcr+10eZ5HVKoha9fuy2agigR
kptyUbJdmN0OuWlO2w/ImGh6yC8o0CIsjiKveW3B2fhsOZ+7A+6pRioDGpWk74f+
eZmvEyKPMjwteGROp7Zgp1HzQVTE2dW1gz68HtywLjI829O0y6X6WvdwCM+1VR+Q
9K2QwgmqAMS7uxktVTV4zX3qkwDXyCFaLoH4+C49BOq1QABIN4qUkPGfb/7RRiq3
cttoeZ4oGBY1LrXyzBIUr90SYOTMU1TD5a3kcSQKQRX6C65lZeeB852N9YTTRAGD
Y+Hjdvk6FVMCe8RpZBmEXAlRgRJK4Pa/UTIN7sMCAwEAAaOCAwYwggMCMB0GA1Ud
DgQWBBTp0WdJRrV4DsZhT5VVN+wDkUii3DAfBgNVHSMEGDAWgBSPOBhVSlGAju+4
Kex0ZaMiLycBIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p6Z1lWVXBSZ0k3dnVDbnNkR1dqSWk4bkFTTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvMDlkYmE0LTFjOTMtNDlkNi04ODg4LWJmYjRiYTMwZTQ1YS8x
LzZkRm5TVWExZUE3R1lVLVZWVGZzQTVGSW90dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
MDlkYmE0LTFjOTMtNDlkNi04ODg4LWJmYjRiYTMwZTQ1YS8xL2p6Z1lWVXBSZ0k3
dnVDbnNkR1dqSWk4bkFTTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ARoGCCsGAQUFBwEHAQH/BIIBCTCCAQUwgfMEAgABMIHsAwQFTV6gMAwDBARRGpAD
BAJRGpgDBAJUL4AwDAMEAVQvhgMEAFQviDAMAwQCVC+MAwQBVC+QMAwDBABUL5MD
BAFUL5gwDAMEAlQvnAMEAVQvpDAMAwQDVC+oAwQBVC+wMAwDBABUL7UDBANUL7AD
BAFUL7oDBAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAtWH
QDAMAwQA1YdFAwQB1YdIAwQA1YdNMAwDBADVh08DBAPVh1AwDAMEBdXQoAMEANXQ
qjAMAwQC1dCsAwQA1dC4MAwDBAHV0LoDBAbV0IAwDQQCAAIwBwMFAyoCC8gwDQYJ
KoZIhvcNAQELBQADggEBAGrvgrwXSHHHPZheTBtONAXT8xKt7O2ZDhg9J+fHQ+Dt
x53+zo2rIYZG5R4aiKWQ9pFU1nXptvPkbMP2EFFbGvLnmtYAW8qN4m9iDYmc2eB5
JvcYWRQiqzplriZRDi3r0cNqn23OISMvxwHgP6GbwD6mbQh69NHX64Miq4wkN6SG
yTf6LsTXOfHC8LvnPeYWwY9aV6xNe9GZzkcAeWTI/FqhE0awc+m/FNyNOTgGFYh0
4j8bsCZToq/UKqDKxwpe+UTKUDq1k2UxiW/aMa+aDbpIbIXbirtToSERt3YoxySU
iGwy7tYtKtuSztFMLo5DHDyhVL2hMej1eUrP09jLLrY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:15 2025 by rpki-client