Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/gsp6ATPszLEBcKcb4g21Um4lh3o.roa
File: gsp6ATPszLEBcKcb4g21Um4lh3o.roa (raw, json)
Hash identifier: BAsThfmnIASXm0ebIQPAeEqbZ8/hT/DReQozfmyX8FM=
Subject key identifier: 82:CA:7A:01:33:EC:CC:B1:01:70:A7:1B:E2:0D:B5:52:6E:25:87:7A
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 018750780B65B851A447C587C6C11D04A006
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/gsp6ATPszLEBcKcb4g21Um4lh3o.roa
Signing time: Wed 05 Apr 2023 08:10:57 +0000
ROA not before: Wed 05 Apr 2023 08:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/22 maxlen: 22
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.155.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
77.94.162.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.135.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.64.0/23 maxlen: 23
213.135.67.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
213.135.88.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:78:0b:65:b8:51:a4:47:c5:87:c6:c1:1d:04:a0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Apr 5 08:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82ca7a0133ecccb10170a71be20db5526e25877a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c6:39:66:55:78:6c:3b:57:67:7c:93:41:83:
db:76:88:9f:67:3c:11:b2:99:fb:a2:96:ca:4b:a7:
9d:3e:fc:4d:87:45:37:1a:a9:cb:7b:94:0d:9c:cf:
7b:b8:ef:31:6b:28:a9:f7:0b:b9:74:f4:a2:56:f4:
8a:0d:9e:3c:c1:56:93:58:4b:01:26:91:41:6f:95:
d7:07:1e:d0:83:db:36:11:0f:a8:30:b8:e0:de:1a:
94:da:1e:6e:7d:02:4b:89:81:43:1b:0d:93:8c:6f:
70:83:9a:ea:31:e0:93:c7:ce:51:02:e7:36:1a:68:
fe:c1:76:7c:5a:3e:83:af:a7:76:e6:ca:96:cf:e4:
ab:d2:cb:86:e2:24:52:d6:26:dc:67:6b:0f:f0:5d:
f2:e8:6b:1b:b2:66:88:5c:6a:2d:7d:94:18:f2:fc:
c7:ec:f7:f8:eb:fc:97:ca:16:31:7f:0b:fe:b9:f3:
ca:26:dd:f6:d2:d4:69:02:99:bf:7b:ec:ff:e5:a1:
44:bf:7e:ea:1c:25:61:91:d8:66:6b:a4:40:7b:24:
c4:a5:0d:ff:c2:a3:ae:7d:db:2d:40:04:89:67:23:
41:94:0e:17:75:db:40:46:23:3c:a8:67:f1:0d:90:
23:46:29:25:9e:3e:dc:7a:37:59:7d:00:45:42:a9:
92:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CA:7A:01:33:EC:CC:B1:01:70:A7:1B:E2:0D:B5:52:6E:25:87:7A
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/gsp6ATPszLEBcKcb4g21Um4lh3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.79.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
b2:f3:8a:d7:16:6a:b4:09:ca:02:4b:1d:b9:4f:7a:39:c8:05:
d7:88:1b:28:df:95:24:9c:91:22:74:14:5c:4b:f9:92:8e:47:
2a:5b:f5:ae:63:bd:b2:23:0f:5b:af:d1:41:f6:bd:9b:36:25:
27:3c:61:9c:bc:85:e6:8b:d5:73:43:e8:f2:37:37:c4:4c:54:
52:a9:de:b0:06:d3:29:80:7f:23:c7:10:6b:63:87:42:93:01:
21:fe:3e:3b:ee:e9:29:15:0e:79:7d:83:af:5c:9e:e4:91:83:
0a:d1:83:52:09:cf:52:5a:6a:dd:33:62:9b:4e:5b:95:bc:9c:
85:3e:33:31:26:33:87:5f:77:2c:dd:d1:e1:e5:ad:bd:d2:1b:
48:0b:92:ff:ab:01:35:ab:c0:70:ff:86:e7:0b:3d:bb:0e:02:
2a:ad:67:b0:c5:e2:57:f1:b3:d9:b5:75:27:6e:50:a2:ee:ea:
33:49:b9:bb:60:54:15:fc:89:ae:67:e7:73:7a:23:56:f2:c6:
ec:ae:6c:c8:7d:79:d9:f6:db:6f:a5:7a:ab:f3:96:8c:61:83:
44:de:cd:dd:c4:f7:f9:09:eb:d0:0e:b5:a5:b7:d2:21:ef:b3:
c6:54:e9:01:dc:d5:fa:d0:29:41:4a:8d:fa:7e:74:0a:20:6e:
61:f0:26:b9
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYdQeAtluFGkR8WHxsEdBKAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwNDA1MDgxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNhN2EwMTMzZWNjY2IxMDE3MGE3MWJlMjBkYjU1MjZlMjU4NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncY5ZlV4bDtXZ3yTQYPbdoifZzwR
spn7opbKS6edPvxNh0U3GqnLe5QNnM97uO8xayip9wu5dPSiVvSKDZ48wVaTWEsB
JpFBb5XXBx7Qg9s2EQ+oMLjg3hqU2h5ufQJLiYFDGw2TjG9wg5rqMeCTx85RAuc2
Gmj+wXZ8Wj6Dr6d25sqWz+Sr0suG4iRS1ibcZ2sP8F3y6GsbsmaIXGotfZQY8vzH
7Pf46/yXyhYxfwv+ufPKJt320tRpApm/e+z/5aFEv37qHCVhkdhma6RAeyTEpQ3/
wqOufdstQASJZyNBlA4XddtARiM8qGfxDZAjRiklnj7cejdZfQBFQqmSTQIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFILKegEz7MyxAXCnG+INtVJuJYd6MB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvZ3NwNkFUUHN6TEVCY0tjYjRnMjFVbTRsaDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCB+QQCAAEwgfID
BAVNXqAwDAMEBFEakAMEAlEamAMEAlQvgDAMAwQBVC+GAwQAVC+IMAwDBAJUL4wD
BAFUL5AwDAMEAFQvkwMEAVQvmDAMAwQCVC+cAwQBVC+kMAwDBANUL6gDBABUL7Iw
DAMEAFQvtQMEA1QvsAMEAVQvugMEAVQvvgMEA1VbYAMEAlVbcDAMAwQBVVt2AwQA
VVt6AwQAuWprAwQC1YdAMAwDBADVh0UDBADVh0YDBAHVh0gDBADVh00wDAMEANWH
TwMEAtWHWDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQugMEBtXQ
gDANBAIAAjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAsvOK1xZqtAnKAksd
uU96OcgF14gbKN+VJJyRInQUXEv5ko5HKlv1rmO9siMPW6/RQfa9mzYlJzxhnLyF
5ovVc0Po8jc3xExUUqnesAbTKYB/I8cQa2OHQpMBIf4+O+7pKRUOeX2Dr1ye5JGD
CtGDUgnPUlpq3TNim05blbychT4zMSYzh193LN3R4eWtvdIbSAuS/6sBNavAcP+G
5ws9uw4CKq1nsMXiV/Gz2bV1J25Qou7qM0m5u2BUFfyJrmfnc3ojVvLG7K5syH15
2fbbb6V6q/OWjGGDRN7N3cT3+Qnr0A61pbfSIe+zxlTpAdzV+tApQUqN+n50CiBu
YfAmuQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:39 2025 by rpki-client