Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/JoGtyxA_J6l14gsAHfY38HzQemU.roa
File: JoGtyxA_J6l14gsAHfY38HzQemU.roa (raw, json)
Hash identifier: m9H986BH5wsvZs6hvCIdD4LldKOqCqUK6xndEnHpcsA=
Subject key identifier: 26:81:AD:CB:10:3F:27:A9:75:E2:0B:00:1D:F6:37:F0:7C:D0:7A:65
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 018E6A43FFCB0FBD720BEACA5040FB48D3E5
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/JoGtyxA_J6l14gsAHfY38HzQemU.roa
Signing time: Sat 23 Mar 2024 07:43:45 +0000
ROA not before: Sat 23 Mar 2024 07:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8641
IP address blocks: 77.94.160.0/19 maxlen: 19
77.94.175.0/24 maxlen: 24
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.154.0/24 maxlen: 24
81.26.155.0/24 maxlen: 24
84.47.128.0/23 maxlen: 23
84.47.131.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.135.0/24 maxlen: 24
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.147.0/24 maxlen: 24
84.47.150.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.164.0/23 maxlen: 23
84.47.168.0/22 maxlen: 22
84.47.172.0/24 maxlen: 24
84.47.174.0/23 maxlen: 23
84.47.176.0/23 maxlen: 23
84.47.176.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
84.47.181.0/24 maxlen: 24
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
84.47.190.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
85.91.112.0/22 maxlen: 22
85.91.118.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
85.91.122.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
213.135.64.0/23 maxlen: 23
213.135.67.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.79.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
213.135.82.0/23 maxlen: 23
213.135.84.0/22 maxlen: 22
213.135.88.0/22 maxlen: 22
213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.184.0/24 maxlen: 24
213.208.186.0/23 maxlen: 23
213.208.188.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6a:43:ff:cb:0f:bd:72:0b:ea:ca:50:40:fb:48:d3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Mar 23 07:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2681adcb103f27a975e20b001df637f07cd07a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:f0:f1:73:12:d5:4e:64:97:db:2f:9b:4d:
a1:93:1c:6f:68:fc:60:57:78:4b:5b:ae:a0:43:8e:
a8:15:da:50:1c:47:a5:f7:44:4e:e6:7b:d7:97:1e:
e2:a9:c5:c9:4e:bb:d3:56:a5:eb:c0:71:1e:ab:bb:
43:40:ab:7a:c5:a2:6c:53:65:e3:cd:6b:b9:d5:63:
09:6e:4c:eb:9e:5a:af:87:2e:a6:82:37:07:95:9a:
77:ba:82:88:0a:53:1a:d9:35:60:c2:74:e0:0a:06:
0c:48:99:8a:38:86:a1:bd:37:b0:be:d7:ff:40:a7:
d7:8a:1e:4a:47:22:d4:cd:2d:cc:be:9e:67:23:78:
43:3b:e2:ac:2f:a9:86:78:c0:98:9e:3b:1f:56:60:
0f:cd:3b:a1:a1:c6:0b:68:8e:e8:19:f5:c0:86:0c:
80:81:5a:88:51:fc:22:41:07:79:c9:5d:6f:56:2d:
44:21:02:78:b8:f4:a8:70:71:07:48:ed:69:19:2e:
e4:6b:85:5b:af:3e:cb:0c:15:5f:58:69:f6:e1:8d:
fa:b1:77:fa:61:d8:5b:0d:c4:ca:2b:15:b7:b0:42:
4d:c2:0e:8b:c4:4e:57:b7:48:58:f3:c0:bd:f9:23:
dc:fd:46:08:86:35:10:c0:01:f5:71:af:1c:e6:ca:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:81:AD:CB:10:3F:27:A9:75:E2:0B:00:1D:F6:37:F0:7C:D0:7A:65
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/JoGtyxA_J6l14gsAHfY38HzQemU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/23
84.47.131.0/24
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0/24
84.47.150.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.172.255
84.47.174.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/23
213.135.67.0/24
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.79.0-213.135.80.255
213.135.82.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
41:b9:b9:ae:a7:eb:7f:18:16:0a:60:b2:0b:7d:17:2f:13:65:
9d:01:8c:1c:93:19:c0:82:1b:04:1b:99:ea:5f:3c:88:f5:da:
eb:1b:fa:47:86:72:f9:4f:b1:a5:8d:52:65:a2:1b:e6:ac:0f:
cf:2b:99:89:41:2b:79:89:1a:f2:9e:aa:f9:f6:f0:96:e9:a3:
89:16:59:35:79:85:38:f7:49:33:62:79:7c:b6:99:49:f9:a1:
29:eb:79:ba:59:da:d2:62:b3:8c:01:4c:c1:9e:e0:07:cd:a1:
4c:ed:d6:69:6c:70:4d:79:86:c6:23:97:fa:61:14:b1:3e:25:
13:d1:c1:97:8f:e7:58:48:87:45:5d:13:58:d6:83:a2:bb:37:
3c:69:9b:82:25:46:35:02:ce:69:e8:d5:0c:29:c1:b6:57:b0:
39:ce:7e:90:e9:87:c9:5b:05:1d:b3:4b:a9:8d:2c:cd:c1:27:
1c:17:c4:7a:a8:16:64:3f:7d:51:39:f3:58:21:3f:50:2d:bd:
fb:3d:4a:5a:d1:69:e1:42:25:69:27:a4:3f:69:cb:5f:0a:06:
8b:21:52:05:e1:25:bf:09:33:3c:9f:49:21:8f:4f:3b:c3:04:
6d:eb:04:d1:d5:d3:fe:7a:69:20:f6:e7:78:c6:a5:30:0a:30:
e7:01:23:03
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgISAY5qQ//LD71yC+rKUED7SNPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjQwMzIzMDc0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgxYWRjYjEwM2YyN2E5NzVlMjBiMDAxZGY2MzdmMDdjZDA3YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP/w8XMS1U5kl9svm02hkxxvaPxg
V3hLW66gQ46oFdpQHEel90RO5nvXlx7iqcXJTrvTVqXrwHEeq7tDQKt6xaJsU2Xj
zWu51WMJbkzrnlqvhy6mgjcHlZp3uoKIClMa2TVgwnTgCgYMSJmKOIahvTewvtf/
QKfXih5KRyLUzS3Mvp5nI3hDO+KsL6mGeMCYnjsfVmAPzTuhocYLaI7oGfXAhgyA
gVqIUfwiQQd5yV1vVi1EIQJ4uPSocHEHSO1pGS7ka4Vbrz7LDBVfWGn24Y36sXf6
YdhbDcTKKxW3sEJNwg6LxE5Xt0hY88C9+SPc/UYIhjUQwAH1ca8c5squMQIDAQAB
o4IDPDCCAzgwHQYDVR0OBBYEFCaBrcsQPyepdeILAB32N/B80HplMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvSm9HdHl4QV9KNmwxNGdzQUhmWTM4SHpRZW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUAYIKwYBBQUHAQcBAf8EggE/MIIBOzCCASgEAgABMIIB
IAMEBU1eoDAMAwQEURqQAwQCURqYAwQBVC+AAwQAVC+DMAwDBAFUL4YDBABUL4gw
DAMEAlQvjAMEAVQvkAMEAFQvkzAMAwQBVC+WAwQBVC+YMAwDBAJUL5wDBAFUL6Qw
DAMEA1QvqAMEAFQvrDAMAwQBVC+uAwQAVC+yMAwDBABUL7UDBANUL7ADBAFUL7oD
BAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAdWHQAMEANWH
QzAMAwQA1YdFAwQA1YdGAwQB1YdIAwQA1YdNMAwDBADVh08DBADVh1AwDAMEAdWH
UgMEAtWHWDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQugMEBtXQ
gDANBAIAAjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAQbm5rqfrfxgWCmCy
C30XLxNlnQGMHJMZwIIbBBuZ6l88iPXa6xv6R4Zy+U+xpY1SZaIb5qwPzyuZiUEr
eYka8p6q+fbwlumjiRZZNXmFOPdJM2J5fLaZSfmhKet5ulna0mKzjAFMwZ7gB82h
TO3WaWxwTXmGxiOX+mEUsT4lE9HBl4/nWEiHRV0TWNaDors3PGmbgiVGNQLOaejV
DCnBtlewOc5+kOmHyVsFHbNLqY0szcEnHBfEeqgWZD99UTnzWCE/UC29+z1KWtFp
4UIlaSekP2nLXwoGiyFSBeElvwkzPJ9JIY9PO8MEbesE0dXT/nppIPbneMalMAow
5wEjAw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:25 2025 by rpki-client