Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/j9JH-WIXLnMT56KJCwACqyPCYQg.roa
File: j9JH-WIXLnMT56KJCwACqyPCYQg.roa (raw, json)
Hash identifier: 9nZmnLTElIXLambJp9eMOwhCNdg1NK97HorXM/E2dkg=
Subject key identifier: 8F:D2:47:F9:62:17:2E:73:13:E7:A2:89:0B:00:02:AB:23:C2:61:08
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 019173F63BB8BDDDA9E34994DE96ED1CAB6E
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/j9JH-WIXLnMT56KJCwACqyPCYQg.roa
Signing time: Wed 21 Aug 2024 08:03:22 +0000
ROA not before: Wed 21 Aug 2024 08:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8641
IP address blocks: 77.73.24.0/21 maxlen: 21
77.94.160.0/19 maxlen: 19
77.94.175.0/24 maxlen: 24
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.154.0/24 maxlen: 24
81.26.155.0/24 maxlen: 24
84.47.128.0/23 maxlen: 23
84.47.131.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.135.0/24 maxlen: 24
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.147.0/24 maxlen: 24
84.47.150.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.164.0/23 maxlen: 23
84.47.168.0/22 maxlen: 22
84.47.172.0/24 maxlen: 24
84.47.174.0/23 maxlen: 23
84.47.176.0/23 maxlen: 23
84.47.176.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
84.47.181.0/24 maxlen: 24
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
84.47.190.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
85.91.112.0/22 maxlen: 22
85.91.118.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
85.91.122.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
213.135.64.0/23 maxlen: 23
213.135.67.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.79.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
213.135.82.0/23 maxlen: 23
213.135.84.0/22 maxlen: 22
213.135.88.0/22 maxlen: 22
213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.184.0/24 maxlen: 24
213.208.186.0/23 maxlen: 23
213.208.188.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:73:f6:3b:b8:bd:dd:a9:e3:49:94:de:96:ed:1c:ab:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Aug 21 08:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fd247f962172e7313e7a2890b0002ab23c26108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:27:77:05:57:a9:06:d3:19:e7:3b:83:7e:d9:
67:38:dc:51:a0:0d:1b:aa:95:a5:a8:bb:5b:a6:46:
4d:77:f2:8e:35:3f:86:df:69:5c:f2:fa:b7:04:bf:
48:c5:bd:39:fd:c4:71:49:0f:9e:fe:62:c4:63:f8:
8d:3e:23:87:a1:a1:32:83:30:be:9b:ed:70:72:e7:
95:f7:5a:6f:21:8e:bd:21:fd:e1:fd:14:b4:06:56:
1b:ea:8a:bb:4c:69:39:fb:8b:af:99:60:ff:01:5b:
62:61:50:9d:f7:7c:3a:37:69:70:86:d2:74:98:0e:
15:cd:ad:35:88:4d:cf:ba:b1:37:3e:43:04:84:76:
fd:e6:6c:0c:04:e9:f0:ad:33:41:a4:96:00:e0:2a:
3e:c0:20:50:01:1c:6c:35:1a:04:bf:91:9d:8d:e1:
ed:fa:bf:fb:91:05:eb:c4:51:8d:25:80:e9:5a:b5:
d4:ae:83:48:ad:e3:e5:f9:be:8d:ce:35:15:2f:7e:
28:8f:6e:e6:81:1d:13:31:5e:a8:e1:8a:ec:3b:62:
33:9c:26:c8:61:d9:9c:3a:3e:ab:97:da:a7:7d:12:
19:c3:cd:f5:43:fd:3c:8f:f7:d3:74:0c:23:c9:ba:
04:4c:4f:dc:22:1e:24:d2:53:c1:82:fd:50:7a:5e:
99:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D2:47:F9:62:17:2E:73:13:E7:A2:89:0B:00:02:AB:23:C2:61:08
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/j9JH-WIXLnMT56KJCwACqyPCYQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.24.0/21
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/23
84.47.131.0/24
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0/24
84.47.150.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.172.255
84.47.174.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/23
213.135.67.0/24
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.79.0-213.135.80.255
213.135.82.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
79:1c:c9:6f:30:44:19:a3:67:08:c5:5e:2c:19:90:ab:34:10:
0f:b4:10:e7:cf:9d:c5:84:0b:42:3f:1f:5e:3d:37:b9:7e:af:
27:6a:6b:fe:01:6f:4a:e5:48:6d:c2:63:f3:31:dc:d9:23:c9:
d6:6a:1d:17:51:54:d5:9b:e2:cf:ab:fa:ff:13:d6:16:7c:5b:
d6:dd:4a:0e:06:96:30:0b:54:ba:2d:b1:de:f0:b4:25:cd:5f:
27:21:f8:91:1a:67:c0:d8:00:c7:5d:d8:df:c8:be:20:3f:50:
99:2c:88:84:55:79:bf:a5:39:33:ec:f7:c9:02:5e:5e:4c:b8:
3d:7c:28:8e:75:fc:4b:16:65:8c:3e:54:23:64:06:c0:46:49:
31:88:2e:8b:4a:38:12:c0:ca:25:e1:8d:8b:84:ce:23:62:cb:
90:19:cf:b0:b4:3d:e3:0f:fd:74:e6:c7:01:a8:ca:74:d7:98:
dc:3f:8e:6b:7e:ef:51:6d:21:c6:ad:b5:97:d6:63:3b:cc:af:
54:a7:e1:83:f2:2b:8b:b2:9b:ae:8d:a7:00:af:a4:93:29:d4:
75:1a:5f:b7:5b:61:da:38:57:81:ae:a8:06:04:ea:07:5b:35:
a5:41:85:64:72:82:4a:c6:5e:70:b2:e1:a9:a5:24:0d:ba:c7:
53:88:04:e7
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAZFz9ju4vd2p40mU3pbtHKtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjQwODIxMDgwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQyNDdmOTYyMTcyZTczMTNlN2EyODkwYjAwMDJhYjIzYzI2MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyd3BVepBtMZ5zuDftlnONxRoA0b
qpWlqLtbpkZNd/KONT+G32lc8vq3BL9Ixb05/cRxSQ+e/mLEY/iNPiOHoaEygzC+
m+1wcueV91pvIY69If3h/RS0BlYb6oq7TGk5+4uvmWD/AVtiYVCd93w6N2lwhtJ0
mA4Vza01iE3PurE3PkMEhHb95mwMBOnwrTNBpJYA4Co+wCBQARxsNRoEv5GdjeHt
+r/7kQXrxFGNJYDpWrXUroNIrePl+b6NzjUVL34oj27mgR0TMV6o4YrsO2IznCbI
YdmcOj6rl9qnfRIZw831Q/08j/fTdAwjyboETE/cIh4k0lPBgv1Qel6ZAQIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFI/SR/liFy5zE+eiiQsAAqsjwmEIMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvajlKSC1XSVhMbk1UNTZLSkN3QUNxeVBDWVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCAS4EAgABMIIB
JgMEA01JGAMEBU1eoDAMAwQEURqQAwQCURqYAwQBVC+AAwQAVC+DMAwDBAFUL4YD
BABUL4gwDAMEAlQvjAMEAVQvkAMEAFQvkzAMAwQBVC+WAwQBVC+YMAwDBAJUL5wD
BAFUL6QwDAMEA1QvqAMEAFQvrDAMAwQBVC+uAwQAVC+yMAwDBABUL7UDBANUL7AD
BAFUL7oDBAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAdWH
QAMEANWHQzAMAwQA1YdFAwQA1YdGAwQB1YdIAwQA1YdNMAwDBADVh08DBADVh1Aw
DAMEAdWHUgMEAtWHWDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQ
ugMEBtXQgDANBAIAAjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAeRzJbzBE
GaNnCMVeLBmQqzQQD7QQ58+dxYQLQj8fXj03uX6vJ2pr/gFvSuVIbcJj8zHc2SPJ
1modF1FU1Zviz6v6/xPWFnxb1t1KDgaWMAtUui2x3vC0Jc1fJyH4kRpnwNgAx13Y
38i+ID9QmSyIhFV5v6U5M+z3yQJeXky4PXwojnX8SxZljD5UI2QGwEZJMYgui0o4
EsDKJeGNi4TOI2LLkBnPsLQ94w/9dObHAajKdNeY3D+Oa37vUW0hxq21l9ZjO8yv
VKfhg/Iri7Kbro2nAK+kkynUdRpft1th2jhXga6oBgTqB1s1pUGFZHKCSsZecLLh
qaUkDbrHU4gE5w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:20 2025 by rpki-client