Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/z7FyshYi6h_viocZNdc4g_nABlA.roa
File: z7FyshYi6h_viocZNdc4g_nABlA.roa (raw, json)
Hash identifier: 66C1D+b0KQRerT4RdgU7LBYz3nbwKf5gVq27eQRHXTE=
Subject key identifier: CF:B1:72:B2:16:22:EA:1F:EF:8A:87:19:35:D7:38:83:F9:C0:06:50
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 01853ED31FA6767026B104085D9EB0A672B6
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/z7FyshYi6h_viocZNdc4g_nABlA.roa
Signing time: Fri 23 Dec 2022 11:51:41 +0000
ROA not before: Fri 23 Dec 2022 11:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/22 maxlen: 22
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.155.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
77.94.162.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.135.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.70.0/23 maxlen: 23
84.47.178.0/24 maxlen: 24
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
213.135.88.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:d3:1f:a6:76:70:26:b1:04:08:5d:9e:b0:a6:72:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Dec 23 11:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfb172b21622ea1fef8a871935d73883f9c00650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:91:9f:1e:82:a2:2e:4a:d7:26:b8:a4:9e:67:
8a:6f:56:9e:2c:e0:02:dc:ff:46:c6:c9:04:a7:c5:
10:6f:e5:b7:e7:75:f4:c2:96:ac:16:e7:10:51:7e:
80:a9:80:a8:69:f7:1b:17:e2:b7:14:19:94:c3:f9:
86:87:e2:33:4c:91:ae:42:22:a4:89:b6:7b:0d:79:
2a:99:68:11:44:f8:0e:9d:6c:68:c2:7a:0a:f2:8f:
a7:57:48:3e:c5:bc:ea:2a:23:33:d2:82:95:86:12:
f7:29:15:bb:49:72:68:35:d2:73:3e:81:d6:a8:ae:
b4:86:4e:2b:8f:6e:9a:f0:ff:f0:54:84:50:64:a5:
44:74:f2:12:e3:3a:57:9c:5c:bb:6a:0d:e3:23:6b:
92:44:16:c9:87:fd:ea:dc:52:15:b2:0c:18:80:d3:
7e:f5:b6:28:55:4e:b5:01:15:86:18:ed:91:0a:36:
f2:f2:26:70:dd:92:30:96:fa:17:6c:47:6a:86:8b:
1f:64:8c:53:9d:f7:a3:f5:1a:a5:8a:2e:ba:f3:3c:
cc:0f:b9:47:7d:22:9a:b0:99:85:d7:53:c2:79:4a:
b1:fd:d8:62:07:07:cc:72:38:54:8d:5c:b7:b8:09:
8b:6f:19:85:2f:9a:9d:20:84:1f:4e:b6:a0:a8:c8:
c8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B1:72:B2:16:22:EA:1F:EF:8A:87:19:35:D7:38:83:F9:C0:06:50
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/z7FyshYi6h_viocZNdc4g_nABlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.73.255
213.135.77.0/24
213.135.79.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
60:d7:54:95:c7:32:02:4d:9f:83:5a:82:10:0c:6e:b4:0e:ee:
e4:a4:5a:57:7f:13:4c:76:f8:d3:f5:c3:b0:69:11:ba:fa:53:
3e:4b:40:0b:1c:42:97:5e:dc:1e:2a:3e:76:0a:68:26:ca:25:
44:49:7c:a7:3c:44:a2:7c:e3:fd:ca:3c:12:ce:53:70:fd:f1:
14:ae:6b:d6:ac:41:5b:51:68:de:e1:ed:aa:c9:d4:67:0d:a7:
70:1e:77:7e:26:0c:1c:21:8d:4a:ee:36:87:03:16:37:cb:65:
2a:c7:ba:fa:9a:8c:83:92:3b:16:73:d8:90:ea:47:8b:15:38:
73:e9:fd:27:e6:bd:4c:d1:98:7c:5c:06:de:b9:b9:f8:12:97:
44:4f:2f:98:38:68:b6:6d:f5:67:04:fe:9c:5c:5d:04:68:2c:
cf:5e:eb:d9:dc:b4:39:5f:42:58:f1:a8:24:7b:b2:70:de:07:
c5:d2:2c:1f:ee:7e:56:c1:60:ea:22:78:8c:d3:0a:35:ee:fc:
49:8b:63:50:8f:49:13:2f:67:8d:45:0f:46:ce:38:2e:ab:38:
76:63:1d:d0:d0:6e:ac:92:68:6f:30:24:8c:49:ee:b6:de:09:
b5:57:17:fb:07:ef:13:40:11:01:14:96:87:bd:61:c2:1e:b8:
6b:2e:fc:4b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYU+0x+mdnAmsQQIXZ6wpnK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjIxMjIzMTE1MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmIxNzJiMjE2MjJlYTFmZWY4YTg3MTkzNWQ3Mzg4M2Y5YzAwNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZGfHoKiLkrXJriknmeKb1aeLOAC
3P9GxskEp8UQb+W353X0wpasFucQUX6AqYCoafcbF+K3FBmUw/mGh+IzTJGuQiKk
ibZ7DXkqmWgRRPgOnWxownoK8o+nV0g+xbzqKiMz0oKVhhL3KRW7SXJoNdJzPoHW
qK60hk4rj26a8P/wVIRQZKVEdPIS4zpXnFy7ag3jI2uSRBbJh/3q3FIVsgwYgNN+
9bYoVU61ARWGGO2RCjby8iZw3ZIwlvoXbEdqhosfZIxTnfej9Rqlii668zzMD7lH
fSKasJmF11PCeUqx/dhiBwfMcjhUjVy3uAmLbxmFL5qdIIQfTragqMjIiwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFM+xcrIWIuof74qHGTXXOIP5wAZQMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvejdGeXNoWWk2aF92aW9jWk5kYzRnX25BQmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCB8wQCAAEwgewD
BAVNXqAwDAMEBFEakAMEAlEamAMEAlQvgDAMAwQBVC+GAwQAVC+IMAwDBAJUL4wD
BAFUL5AwDAMEAFQvkwMEAVQvmDAMAwQCVC+cAwQBVC+kMAwDBANUL6gDBABUL7Iw
DAMEAFQvtQMEA1QvsAMEAVQvugMEAVQvvgMEA1VbYAMEAlVbcDAMAwQBVVt2AwQA
VVt6AwQAuWprAwQC1YdAMAwDBADVh0UDBAHVh0gDBADVh00wDAMEANWHTwMEAtWH
WDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQugMEBtXQgDANBAIA
AjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAYNdUlccyAk2fg1qCEAxutA7u
5KRaV38TTHb40/XDsGkRuvpTPktACxxCl17cHio+dgpoJsolREl8pzxEonzj/co8
Es5TcP3xFK5r1qxBW1Fo3uHtqsnUZw2ncB53fiYMHCGNSu42hwMWN8tlKse6+pqM
g5I7FnPYkOpHixU4c+n9J+a9TNGYfFwG3rm5+BKXRE8vmDhotm31ZwT+nFxdBGgs
z17r2dy0OV9CWPGoJHuycN4HxdIsH+5+VsFg6iJ4jNMKNe78SYtjUI9JEy9njUUP
Rs44Lqs4dmMd0NBurJJobzAkjEnutt4JtVcX+wfvE0ARARSWh71hwh64ay78Sw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:15 2025 by rpki-client