Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/TIMQsOym-P3QeBXDyAaSBhrLuX4.roa
File: TIMQsOym-P3QeBXDyAaSBhrLuX4.roa (raw, json)
Hash identifier: a88Se7NoKINya2eOtCz2yznmksKiOyUvfrdRLP3ZfYw=
Subject key identifier: 4C:83:10:B0:EC:A6:F8:FD:D0:78:15:C3:C8:06:92:06:1A:CB:B9:7E
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 018750D38F391E53FAFF0E94499308AE1909
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/TIMQsOym-P3QeBXDyAaSBhrLuX4.roa
Signing time: Wed 05 Apr 2023 09:50:54 +0000
ROA not before: Wed 05 Apr 2023 09:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.155.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
77.94.162.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.135.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.67.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.82.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
213.135.84.0/22 maxlen: 22
213.135.88.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:d3:8f:39:1e:53:fa:ff:0e:94:49:93:08:ae:19:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Apr 5 09:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c8310b0eca6f8fdd07815c3c80692061acbb97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:75:3d:c4:d1:3e:cf:f8:86:10:86:a4:e3:e5:
47:9d:92:8b:f3:8e:28:2f:d6:d2:62:3c:c1:44:0d:
10:f8:82:23:4a:86:30:b1:4a:00:5f:7c:49:d4:08:
8d:57:d4:e7:69:fd:44:94:df:4e:b9:95:03:59:c9:
ea:c5:47:b6:74:d4:a0:ba:37:7c:87:e5:1f:5f:79:
33:b7:16:ed:cf:0c:08:f4:ae:18:76:e2:5b:3a:8a:
d3:b2:0d:91:63:ef:a4:99:61:ea:b4:8d:62:39:9d:
6f:46:28:69:96:e2:0c:b1:56:8f:77:03:cc:ca:93:
0f:83:a1:a6:74:f9:b8:24:2a:2b:d0:c1:d7:74:ce:
3d:3c:50:54:4c:da:0f:0f:e7:54:91:f4:5f:13:e6:
9a:cc:c6:9d:b4:f1:84:58:75:6a:e9:a2:95:8b:10:
bb:cf:69:ff:c4:d9:0d:c7:71:70:4f:28:3e:43:b7:
9c:77:7d:b9:ba:25:a5:43:5a:4a:97:01:99:8e:8d:
e5:f1:41:50:39:72:1d:47:5d:13:be:d7:95:b3:67:
a5:f1:cc:82:1d:07:aa:35:b7:b5:4c:75:bd:da:39:
83:f1:4e:b1:1b:4e:49:92:21:68:da:27:e2:24:ec:
15:42:02:04:08:d2:ec:88:e5:2c:59:fb:d3:2c:7c:
66:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:83:10:B0:EC:A6:F8:FD:D0:78:15:C3:C8:06:92:06:1A:CB:B9:7E
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/TIMQsOym-P3QeBXDyAaSBhrLuX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.79.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
2b:b5:bd:74:85:ab:88:39:46:ba:48:0c:28:f5:12:c4:71:b6:
1f:41:23:30:bd:23:5f:a3:9b:08:a8:0b:16:0d:15:09:2c:bd:
25:9d:1f:80:47:9a:96:b5:d7:5d:ff:22:cb:8a:f7:9f:05:42:
99:77:07:c3:fb:dc:26:8f:b3:00:2c:9e:6d:36:a9:2c:e6:af:
7b:1a:8e:80:40:19:c9:f2:c5:08:10:d1:3a:9b:6f:e4:61:3c:
ee:93:97:03:94:66:bc:c8:fa:e6:5d:22:65:60:ce:17:e3:c4:
cf:bd:1d:a6:7f:a2:12:c7:07:37:18:26:c2:16:d8:ab:ff:39:
45:c0:69:c7:83:fd:0b:a2:0e:c6:52:10:9a:3a:96:51:d4:18:
e1:3a:33:74:d3:fd:71:bb:59:3a:bd:c4:0c:14:84:86:cf:87:
1d:c6:8d:2c:d1:4a:fe:2a:65:71:2c:55:f5:72:44:75:3d:45:
d0:e0:25:f3:a5:92:90:8b:a6:3f:e7:43:80:2e:c5:3b:03:5e:
79:35:da:62:cf:13:de:9c:ad:3b:bb:38:a1:2a:c1:61:ec:9e:
5d:d3:69:dc:bc:9a:fc:1c:bc:a3:56:a2:49:2c:7d:e6:2e:36:
b8:65:46:ed:e6:ab:7a:e4:fd:09:1a:22:62:c2:9f:b4:59:c8:
60:2c:49:ba
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYdQ0485HlP6/w6USZMIrhkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwNDA1MDk1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzgzMTBiMGVjYTZmOGZkZDA3ODE1YzNjODA2OTIwNjFhY2JiOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXU9xNE+z/iGEIak4+VHnZKL844o
L9bSYjzBRA0Q+IIjSoYwsUoAX3xJ1AiNV9Tnaf1ElN9OuZUDWcnqxUe2dNSgujd8
h+UfX3kztxbtzwwI9K4YduJbOorTsg2RY++kmWHqtI1iOZ1vRihpluIMsVaPdwPM
ypMPg6GmdPm4JCor0MHXdM49PFBUTNoPD+dUkfRfE+aazMadtPGEWHVq6aKVixC7
z2n/xNkNx3FwTyg+Q7ecd325uiWlQ1pKlwGZjo3l8UFQOXIdR10TvteVs2el8cyC
HQeqNbe1THW92jmD8U6xG05JkiFo2ifiJOwVQgIECNLsiOUsWfvTLHxmSwIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFEyDELDspvj90HgVw8gGkgYay7l+MB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvVElNUXNPeW0tUDNRZUJYRHlBYVNCaHJMdVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCB+QQCAAEwgfID
BAVNXqAwDAMEBFEakAMEAlEamAMEAlQvgDAMAwQBVC+GAwQAVC+IMAwDBAJUL4wD
BAFUL5AwDAMEAFQvkwMEAVQvmDAMAwQCVC+cAwQBVC+kMAwDBANUL6gDBABUL7Iw
DAMEAFQvtQMEA1QvsAMEAVQvugMEAVQvvgMEA1VbYAMEAlVbcDAMAwQBVVt2AwQA
VVt6AwQAuWprAwQC1YdAMAwDBADVh0UDBADVh0YDBAHVh0gDBADVh00wDAMEANWH
TwMEAtWHWDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQugMEBtXQ
gDANBAIAAjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAK7W9dIWriDlGukgM
KPUSxHG2H0EjML0jX6ObCKgLFg0VCSy9JZ0fgEealrXXXf8iy4r3nwVCmXcHw/vc
Jo+zACyebTapLOavexqOgEAZyfLFCBDROptv5GE87pOXA5RmvMj65l0iZWDOF+PE
z70dpn+iEscHNxgmwhbYq/85RcBpx4P9C6IOxlIQmjqWUdQY4TozdNP9cbtZOr3E
DBSEhs+HHcaNLNFK/iplcSxV9XJEdT1F0OAl86WSkIumP+dDgC7FOwNeeTXaYs8T
3pytO7s4oSrBYeyeXdNp3Lya/By8o1aiSSx95i42uGVG7eareuT9CRoiYsKftFnI
YCxJug==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:50 2025 by rpki-client