Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/RjRDp5v6vKvPQbFcxaJO2NuEvVU.roa
File: RjRDp5v6vKvPQbFcxaJO2NuEvVU.roa (raw, json)
Hash identifier: gP550244VBLz45wGQQ0KpfIUzXZmZkKZzvQvI/nMbQw=
Subject key identifier: 46:34:43:A7:9B:FA:BC:AB:CF:41:B1:5C:C5:A2:4E:D8:DB:84:BD:55
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 0187223CB54CD0FF470C9D6031C5D3601553
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/RjRDp5v6vKvPQbFcxaJO2NuEvVU.roa
Signing time: Mon 27 Mar 2023 08:43:36 +0000
ROA not before: Mon 27 Mar 2023 08:43:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/22 maxlen: 22
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.155.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
77.94.162.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.135.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.70.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
213.135.88.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:3c:b5:4c:d0:ff:47:0c:9d:60:31:c5:d3:60:15:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Mar 27 08:43:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=463443a79bfabcabcf41b15cc5a24ed8db84bd55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:86:7a:71:1f:41:f8:3c:69:e2:3e:a5:05:6a:
c1:5b:00:09:da:ac:2f:3d:5a:a2:70:57:88:61:80:
52:cb:7c:30:c8:7a:3d:cc:06:fb:46:4e:c0:55:d1:
f6:9f:13:76:a0:53:bb:1c:aa:c2:49:91:ca:65:b0:
bf:c7:ef:23:db:d0:3d:59:85:a4:25:b6:20:34:97:
cc:e5:f6:03:52:b3:4a:63:aa:6d:b4:84:0a:5c:6e:
95:42:57:00:0d:9f:e7:29:fc:ea:58:22:7a:d8:c0:
31:d6:9d:1f:5e:4d:58:fc:99:34:05:e5:4e:ef:14:
3f:c9:7b:00:15:f5:59:c9:3e:96:57:26:3e:d2:1f:
cf:a6:ac:73:07:af:cc:f3:ab:50:e4:e7:92:f8:18:
26:b8:4c:af:6b:d0:b7:be:df:74:7f:df:98:c6:93:
04:a0:b2:d5:29:0a:f3:1f:9e:9c:ec:8f:fb:3e:99:
0c:99:16:9d:b0:df:ea:98:fe:32:0b:9c:4f:f9:05:
1a:b6:c5:e7:84:3a:41:3a:ff:97:ec:83:8b:aa:53:
18:f8:07:f4:7e:67:78:e7:a2:ff:1f:e4:63:04:1a:
aa:80:d4:6c:44:9d:ed:af:82:23:c4:eb:98:00:58:
d9:89:47:8d:a9:3f:01:06:6b:c0:44:49:e4:10:25:
e2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:34:43:A7:9B:FA:BC:AB:CF:41:B1:5C:C5:A2:4E:D8:DB:84:BD:55
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/RjRDp5v6vKvPQbFcxaJO2NuEvVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.79.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
75:92:51:c3:dc:c8:41:26:ee:9e:44:11:63:d6:d8:5c:bd:38:
9f:b9:e8:84:3b:b1:ab:00:8f:b0:0e:19:6f:08:52:b9:cc:e8:
bb:e7:07:32:4b:c5:ec:a1:f4:d0:95:5f:37:76:07:de:b7:02:
5f:d8:b2:91:67:da:d8:28:a8:58:ad:b4:93:7c:ec:2d:65:9c:
d7:79:af:99:22:cf:4a:99:69:40:4e:83:f1:2e:8e:da:81:40:
eb:c7:e9:be:31:38:2d:80:44:c4:d4:73:b2:6d:42:38:0a:cb:
c2:05:61:17:90:e8:dd:50:e5:78:ec:9c:88:d9:1f:3c:e1:52:
3a:ec:92:42:e2:c4:4e:86:19:10:90:30:0a:1a:db:a9:48:d3:
fd:a2:9a:35:aa:3e:a1:d5:9f:e3:47:d0:93:5e:50:27:e7:17:
16:9c:e8:77:14:ad:fe:b2:fa:46:c6:b4:58:cd:14:58:fb:10:
68:e7:73:4e:e1:04:89:12:2c:66:62:d4:bc:f3:14:04:6f:0c:
f8:67:f9:3d:af:1a:17:cc:0d:a5:47:15:d7:1b:11:6d:ea:ec:
aa:ae:3f:28:c0:2f:0c:0f:44:af:32:b4:71:94:df:14:93:69:
63:b0:ff:ca:3f:a0:f6:a4:06:78:11:ed:d3:8a:94:3e:f0:6c:
31:94:3b:57
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYciPLVM0P9HDJ1gMcXTYBVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwMzI3MDg0MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjM0NDNhNzliZmFiY2FiY2Y0MWIxNWNjNWEyNGVkOGRiODRiZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIZ6cR9B+Dxp4j6lBWrBWwAJ2qwv
PVqicFeIYYBSy3wwyHo9zAb7Rk7AVdH2nxN2oFO7HKrCSZHKZbC/x+8j29A9WYWk
JbYgNJfM5fYDUrNKY6pttIQKXG6VQlcADZ/nKfzqWCJ62MAx1p0fXk1Y/Jk0BeVO
7xQ/yXsAFfVZyT6WVyY+0h/PpqxzB6/M86tQ5OeS+BgmuEyva9C3vt90f9+YxpME
oLLVKQrzH56c7I/7PpkMmRadsN/qmP4yC5xP+QUatsXnhDpBOv+X7IOLqlMY+Af0
fmd456L/H+RjBBqqgNRsRJ3tr4IjxOuYAFjZiUeNqT8BBmvAREnkECXi8wIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFEY0Q6eb+ryrz0GxXMWiTtjbhL1VMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvUmpSRHA1djZ2S3ZQUWJGY3hhSk8yTnVFdlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCB+QQCAAEwgfID
BAVNXqAwDAMEBFEakAMEAlEamAMEAlQvgDAMAwQBVC+GAwQAVC+IMAwDBAJUL4wD
BAFUL5AwDAMEAFQvkwMEAVQvmDAMAwQCVC+cAwQBVC+kMAwDBANUL6gDBABUL7Iw
DAMEAFQvtQMEA1QvsAMEAVQvugMEAVQvvgMEA1VbYAMEAlVbcDAMAwQBVVt2AwQA
VVt6AwQAuWprAwQC1YdAMAwDBADVh0UDBADVh0YDBAHVh0gDBADVh00wDAMEANWH
TwMEAtWHWDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQugMEBtXQ
gDANBAIAAjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAdZJRw9zIQSbunkQR
Y9bYXL04n7nohDuxqwCPsA4ZbwhSuczou+cHMkvF7KH00JVfN3YH3rcCX9iykWfa
2CioWK20k3zsLWWc13mvmSLPSplpQE6D8S6O2oFA68fpvjE4LYBExNRzsm1COArL
wgVhF5Do3VDleOyciNkfPOFSOuySQuLEToYZEJAwChrbqUjT/aKaNao+odWf40fQ
k15QJ+cXFpzodxSt/rL6Rsa0WM0UWPsQaOdzTuEEiRIsZmLUvPMUBG8M+Gf5Pa8a
F8wNpUcV1xsRbersqq4/KMAvDA9ErzK0cZTfFJNpY7D/yj+g9qQGeBHt04qUPvBs
MZQ7Vw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:32 2025 by rpki-client