Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/C79ePmxgLaVdOu_LKcinD4vBJrg.roa
File: C79ePmxgLaVdOu_LKcinD4vBJrg.roa (raw, json)
Hash identifier: Si0RHl0A2nsDfmXrrYjit3ja0hWihXvnoZ3w/+5Zin0=
Subject key identifier: 0B:BF:5E:3E:6C:60:2D:A5:5D:3A:EF:CB:29:C8:A7:0F:8B:C1:26:B8
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 018750B46E0CD9F312F002C367F84C626F9B
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/C79ePmxgLaVdOu_LKcinD4vBJrg.roa
Signing time: Wed 05 Apr 2023 09:16:54 +0000
ROA not before: Wed 05 Apr 2023 09:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/22 maxlen: 22
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.155.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
77.94.162.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.135.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.64.0/23 maxlen: 23
213.135.67.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.82.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
213.135.84.0/22 maxlen: 22
213.135.88.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:b4:6e:0c:d9:f3:12:f0:02:c3:67:f8:4c:62:6f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Apr 5 09:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bbf5e3e6c602da55d3aefcb29c8a70f8bc126b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e0:84:03:f4:ea:fc:25:35:4c:ee:c5:02:34:
0a:e3:a3:50:00:40:5c:99:66:2b:fc:fa:10:97:33:
8d:c8:53:ee:25:c7:c5:64:92:cc:75:36:f2:ba:d2:
90:bf:6b:82:31:6c:09:e9:84:85:5a:69:ec:6f:93:
ff:7b:ce:30:b6:5a:75:e9:f9:49:34:90:88:9a:d3:
57:35:f4:db:95:60:27:3f:3c:6a:cf:f3:a0:db:2b:
fe:4c:a5:58:cd:f3:0a:62:cd:7c:d2:2f:d6:e0:28:
99:5e:86:27:61:9c:1d:a9:8f:d3:08:4e:7f:11:df:
1c:28:8f:24:de:64:d5:0a:d1:d8:8b:7d:96:97:59:
78:71:39:34:93:49:02:2b:88:7a:91:76:34:55:03:
d4:af:46:59:f2:75:fe:05:cd:c7:63:f0:98:a3:94:
6e:1a:cb:86:9a:f1:01:31:5e:70:05:8a:11:1f:7c:
b8:19:4a:7d:a4:19:1a:c9:42:29:c5:ab:2a:bf:0b:
fc:f9:8d:23:da:a5:eb:29:4f:2a:d8:0f:71:0b:9e:
f9:b6:92:8f:52:3e:be:e3:63:5e:c9:37:c0:bf:1d:
36:b8:a9:e2:45:5a:49:de:36:f6:df:97:18:1c:2d:
0c:ef:15:55:fc:b2:c0:e8:35:ee:f6:55:1f:04:09:
96:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BF:5E:3E:6C:60:2D:A5:5D:3A:EF:CB:29:C8:A7:0F:8B:C1:26:B8
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/C79ePmxgLaVdOu_LKcinD4vBJrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.79.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
bf:1a:9e:6d:5b:cc:4f:ba:46:ac:ab:54:75:55:b6:a0:8f:4a:
bd:97:1d:9f:18:76:52:0c:31:9b:43:7c:9d:8b:43:8c:a4:84:
4f:e3:dd:44:aa:55:b4:2d:0e:b3:5f:07:06:bc:48:f6:2a:ac:
ae:2b:fc:30:d4:0c:dc:8c:80:d2:cc:43:04:04:81:0a:ad:70:
23:7c:de:00:f6:dc:06:b5:52:fe:18:98:20:fd:b1:1b:fe:d5:
84:2f:92:e9:ae:18:e4:57:4c:38:cc:a6:ec:ff:35:1c:15:00:
7f:64:27:8f:d8:9d:76:6c:04:c9:d5:3f:8f:8e:8b:c3:8a:f0:
ab:a4:fe:3c:ba:3b:b7:8a:22:20:58:26:9c:b0:bd:4b:ec:bb:
ad:da:7f:72:28:ef:b6:6e:84:bb:b7:17:26:b2:53:0c:02:1d:
8d:1f:a4:aa:63:6a:00:f0:f7:e1:10:6f:d3:77:bf:ea:e8:bc:
05:10:8e:04:98:8f:53:25:bb:b1:b9:98:f2:90:1d:f3:e0:91:
06:87:90:d6:9c:12:49:6e:23:45:19:f8:ad:09:1d:93:b5:56:
ae:a4:3f:3c:ed:59:1c:5f:d9:76:81:27:38:92:42:b6:3a:51:
cc:1b:9c:4e:b6:cd:4b:aa:a4:ac:28:57:95:29:1c:62:5d:c9:
ca:af:67:86
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYdQtG4M2fMS8ALDZ/hMYm+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwNDA1MDkxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJmNWUzZTZjNjAyZGE1NWQzYWVmY2IyOWM4YTcwZjhiYzEyNmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOCEA/Tq/CU1TO7FAjQK46NQAEBc
mWYr/PoQlzONyFPuJcfFZJLMdTbyutKQv2uCMWwJ6YSFWmnsb5P/e84wtlp16flJ
NJCImtNXNfTblWAnPzxqz/Og2yv+TKVYzfMKYs180i/W4CiZXoYnYZwdqY/TCE5/
Ed8cKI8k3mTVCtHYi32Wl1l4cTk0k0kCK4h6kXY0VQPUr0ZZ8nX+Bc3HY/CYo5Ru
GsuGmvEBMV5wBYoRH3y4GUp9pBkayUIpxasqvwv8+Y0j2qXrKU8q2A9xC575tpKP
Uj6+42NeyTfAvx02uKniRVpJ3jb235cYHC0M7xVV/LLA6DXu9lUfBAmWZQIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFAu/Xj5sYC2lXTrvyynIpw+LwSa4MB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvQzc5ZVBteGdMYVZkT3VfTEtjaW5ENHZCSnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCB+QQCAAEwgfID
BAVNXqAwDAMEBFEakAMEAlEamAMEAlQvgDAMAwQBVC+GAwQAVC+IMAwDBAJUL4wD
BAFUL5AwDAMEAFQvkwMEAVQvmDAMAwQCVC+cAwQBVC+kMAwDBANUL6gDBABUL7Iw
DAMEAFQvtQMEA1QvsAMEAVQvugMEAVQvvgMEA1VbYAMEAlVbcDAMAwQBVVt2AwQA
VVt6AwQAuWprAwQC1YdAMAwDBADVh0UDBADVh0YDBAHVh0gDBADVh00wDAMEANWH
TwMEAtWHWDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQugMEBtXQ
gDANBAIAAjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAvxqebVvMT7pGrKtU
dVW2oI9KvZcdnxh2Ugwxm0N8nYtDjKSET+PdRKpVtC0Os18HBrxI9iqsriv8MNQM
3IyA0sxDBASBCq1wI3zeAPbcBrVS/hiYIP2xG/7VhC+S6a4Y5FdMOMym7P81HBUA
f2Qnj9iddmwEydU/j46Lw4rwq6T+PLo7t4oiIFgmnLC9S+y7rdp/cijvtm6Eu7cX
JrJTDAIdjR+kqmNqAPD34RBv03e/6ui8BRCOBJiPUyW7sbmY8pAd8+CRBoeQ1pwS
SW4jRRn4rQkdk7VWrqQ/PO1ZHF/ZdoEnOJJCtjpRzBucTrbNS6qkrChXlSkcYl3J
yq9nhg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:17:57 2025 by rpki-client