Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/D08itN4j-t_PIC0aUElWUxCRHGk.roa
File: D08itN4j-t_PIC0aUElWUxCRHGk.roa (raw, json)
Hash identifier: r/CdhOwPXJt57ifjyxRpIfjQQaznriRLzxNpthLew4c=
Subject key identifier: 0F:4F:22:B4:DE:23:FA:DF:CF:20:2D:1A:50:49:56:53:10:91:1C:69
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 019222FE5EE9722C75AF45FD8FA64DFE861E
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/D08itN4j-t_PIC0aUElWUxCRHGk.roa
Signing time: Tue 24 Sep 2024 07:45:48 +0000
ROA not before: Tue 24 Sep 2024 07:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8641
IP address blocks: 77.73.24.0/21 maxlen: 21
77.94.160.0/19 maxlen: 19
77.94.175.0/24 maxlen: 24
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.154.0/24 maxlen: 24
81.26.155.0/24 maxlen: 24
84.47.128.0/23 maxlen: 23
84.47.131.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.135.0/24 maxlen: 24
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.147.0/24 maxlen: 24
84.47.150.0/23 maxlen: 32
84.47.152.0/23 maxlen: 23
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.164.0/23 maxlen: 23
84.47.168.0/22 maxlen: 22
84.47.172.0/24 maxlen: 24
84.47.174.0/23 maxlen: 23
84.47.176.0/23 maxlen: 23
84.47.176.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
84.47.181.0/24 maxlen: 24
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
84.47.190.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
85.91.112.0/22 maxlen: 22
85.91.118.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
85.91.122.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
213.135.64.0/23 maxlen: 23
213.135.67.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.79.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
213.135.82.0/23 maxlen: 23
213.135.84.0/22 maxlen: 22
213.135.88.0/22 maxlen: 22
213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.184.0/24 maxlen: 24
213.208.186.0/23 maxlen: 23
213.208.188.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:fe:5e:e9:72:2c:75:af:45:fd:8f:a6:4d:fe:86:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Sep 24 07:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f4f22b4de23fadfcf202d1a5049565310911c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:66:ca:5d:25:bd:8e:ae:4b:9d:db:5c:5f:47:
ef:24:51:6c:ec:b2:00:7a:0a:8b:e6:4d:6f:54:47:
8d:40:20:8c:06:87:6e:65:83:4d:d5:5a:c3:c4:18:
f8:50:18:0a:42:80:5b:4a:2c:1e:76:36:c1:b9:47:
2e:94:d7:86:ca:6c:94:71:55:ed:79:84:47:f3:ba:
11:33:87:66:79:02:44:c2:3c:47:4d:82:12:0e:f4:
e4:03:df:82:60:7d:9e:04:93:75:79:ab:9e:5f:7c:
a3:9d:8a:1e:c9:1c:31:c8:8a:7a:19:4c:db:47:5e:
cc:63:6a:b3:40:0d:66:bd:f7:b2:87:87:b7:74:94:
8a:d6:b4:c8:c2:6e:97:53:67:1f:f2:7e:db:70:d7:
31:b6:a4:10:b8:24:fa:d9:7c:03:1e:06:1d:e3:ab:
04:ae:76:e7:97:b1:5a:b6:d5:b4:0f:9c:36:04:03:
5e:de:91:dd:fc:ae:dc:5a:81:db:d6:b7:a3:c0:b3:
2d:e2:93:c4:6c:a0:73:b8:ba:e6:5f:f1:8b:88:89:
ec:bb:54:80:9b:d5:45:29:e1:6c:2e:38:68:33:49:
5b:d5:26:0e:8c:78:2d:4d:27:e1:2d:4f:a0:40:ab:
eb:e9:d3:60:0b:0c:2c:34:c2:2b:38:4f:d4:7a:b9:
45:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:4F:22:B4:DE:23:FA:DF:CF:20:2D:1A:50:49:56:53:10:91:1C:69
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/D08itN4j-t_PIC0aUElWUxCRHGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.24.0/21
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/23
84.47.131.0/24
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0/24
84.47.150.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.172.255
84.47.174.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/23
213.135.67.0/24
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.79.0-213.135.80.255
213.135.82.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
bf:5f:41:7d:af:3a:f1:d3:88:fb:01:fa:f2:1a:66:06:b1:93:
98:ff:e7:c4:9a:aa:2d:f5:92:45:76:42:10:8d:4f:13:5a:0d:
b0:79:d5:46:94:d6:70:48:36:30:4f:ba:2a:ea:52:a9:a5:55:
74:80:77:b1:d3:34:fe:83:61:2f:3b:d0:e5:46:9d:c2:6f:17:
b8:80:cc:75:9d:04:99:37:9b:28:a7:6f:3a:48:ed:5e:fc:f9:
2c:1e:7a:17:21:3c:0f:e2:53:19:d7:27:80:b0:1d:57:fd:71:
32:ba:1f:15:d2:fe:ba:e0:85:3b:62:5c:eb:42:33:28:09:d6:
ab:7f:22:ea:35:7e:20:e6:8f:d0:49:4a:a5:b6:b6:f0:b9:52:
26:82:7c:fa:66:55:6f:ca:7a:3c:8e:52:04:d4:2a:85:96:b1:
25:9c:c6:58:94:31:c6:22:0d:90:25:29:bb:0b:f5:2a:aa:9a:
9c:8d:e8:01:7f:bc:7f:00:38:a5:e6:e6:62:e0:e6:c3:8e:a5:
ea:13:9d:ac:2d:eb:f7:76:d7:4c:b5:4f:62:61:c4:95:2d:39:
dc:a8:06:8c:f2:ba:cb:a7:7e:ca:cb:cb:11:3d:5a:3f:e9:e2:
82:61:9a:28:ab:12:02:0e:ac:29:25:be:f5:d5:ab:94:cb:54:
2e:af:c1:21
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAZIi/l7pcix1r0X9j6ZN/oYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjQwOTI0MDc0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjRmMjJiNGRlMjNmYWRmY2YyMDJkMWE1MDQ5NTY1MzEwOTExYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2bKXSW9jq5LndtcX0fvJFFs7LIA
egqL5k1vVEeNQCCMBoduZYNN1VrDxBj4UBgKQoBbSiwedjbBuUculNeGymyUcVXt
eYRH87oRM4dmeQJEwjxHTYISDvTkA9+CYH2eBJN1eaueX3yjnYoeyRwxyIp6GUzb
R17MY2qzQA1mvfeyh4e3dJSK1rTIwm6XU2cf8n7bcNcxtqQQuCT62XwDHgYd46sE
rnbnl7FattW0D5w2BANe3pHd/K7cWoHb1rejwLMt4pPEbKBzuLrmX/GLiInsu1SA
m9VFKeFsLjhoM0lb1SYOjHgtTSfhLU+gQKvr6dNgCwwsNMIrOE/UerlFvwIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFA9PIrTeI/rfzyAtGlBJVlMQkRxpMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvRDA4aXRONGotdF9QSUMwYVVFbFdVeENSSEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCAS4EAgABMIIB
JgMEA01JGAMEBU1eoDAMAwQEURqQAwQCURqYAwQBVC+AAwQAVC+DMAwDBAFUL4YD
BABUL4gwDAMEAlQvjAMEAVQvkAMEAFQvkzAMAwQBVC+WAwQBVC+YMAwDBAJUL5wD
BAFUL6QwDAMEA1QvqAMEAFQvrDAMAwQBVC+uAwQAVC+yMAwDBABUL7UDBANUL7AD
BAFUL7oDBAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAdWH
QAMEANWHQzAMAwQA1YdFAwQA1YdGAwQB1YdIAwQA1YdNMAwDBADVh08DBADVh1Aw
DAMEAdWHUgMEAtWHWDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQ
ugMEBtXQgDANBAIAAjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAv19Bfa86
8dOI+wH68hpmBrGTmP/nxJqqLfWSRXZCEI1PE1oNsHnVRpTWcEg2ME+6KupSqaVV
dIB3sdM0/oNhLzvQ5Uadwm8XuIDMdZ0EmTebKKdvOkjtXvz5LB56FyE8D+JTGdcn
gLAdV/1xMrofFdL+uuCFO2Jc60IzKAnWq38i6jV+IOaP0ElKpba28LlSJoJ8+mZV
b8p6PI5SBNQqhZaxJZzGWJQxxiINkCUpuwv1KqqanI3oAX+8fwA4pebmYuDmw46l
6hOdrC3r93bXTLVPYmHElS053KgGjPK6y6d+ysvLET1aP+nigmGaKKsSAg6sKSW+
9dWrlMtULq/BIQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:56 2025 by rpki-client