Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/7uu2Rfk6Fg4ULs1T7GxuEm2B76g.roa
File: 7uu2Rfk6Fg4ULs1T7GxuEm2B76g.roa (raw, json)
Hash identifier: CLKGXYtlJ2cFHO3PDVA3YzW1bm/YRODXS+OnQETjjyo=
Subject key identifier: EE:EB:B6:45:F9:3A:16:0E:14:2E:CD:53:EC:6C:6E:12:6D:81:EF:A8
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018BC9BC865499A4BFAF913DAF5844130F98
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/7uu2Rfk6Fg4ULs1T7GxuEm2B76g.roa
Signing time: Mon 13 Nov 2023 17:30:57 +0000
ROA not before: Mon 13 Nov 2023 17:30:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1680
IP address blocks: 212.29.192.0/18 maxlen: 18
176.13.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
89.138.0.0/16 maxlen: 16
207.232.0.0/18 maxlen: 18
62.90.135.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
147.234.26.0/24 maxlen: 24
147.234.28.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
82.166.201.128/25 maxlen: 25
147.234.43.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
176.12.128.0/17 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.0.0/16 maxlen: 24
62.90.0.0/16 maxlen: 24
46.117.0.0/16 maxlen: 16
212.143.194.0/24 maxlen: 24
46.210.0.0/16 maxlen: 24
93.173.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
82.166.0.0/16 maxlen: 24
199.203.21.0/24 maxlen: 24
85.65.0.0/16 maxlen: 16
46.116.0.0/16 maxlen: 16
212.143.0.0/16 maxlen: 24
147.234.17.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
95.35.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
192.118.30.0/23 maxlen: 23
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
93.172.0.0/16 maxlen: 16
62.0.88.0/22 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.92.0/23 maxlen: 24
109.253.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
85.64.0.0/16 maxlen: 16
217.132.0.0/16 maxlen: 16
109.186.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
62.0.116.0/22 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
2001:4df0::/32 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2001:4df0::/29 maxlen: 32
2001:4df1::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:bc:86:54:99:a4:bf:af:91:3d:af:58:44:13:0f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Nov 13 17:30:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eeebb645f93a160e142ecd53ec6c6e126d81efa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7d:b7:a2:8d:bd:bb:e4:28:b4:1c:d3:a7:38:
86:97:91:94:1e:e4:27:01:b6:ff:b7:40:c7:76:25:
cf:b8:5b:d6:e4:ff:d8:e9:a0:d9:e5:b3:d7:46:b4:
08:8e:32:00:38:d7:eb:fa:2d:d0:ad:59:e2:99:97:
0c:2d:40:57:76:64:5e:ad:ab:19:9b:91:e5:fd:41:
30:4d:6e:90:a4:8d:af:24:be:45:9e:b3:1d:44:fd:
8c:16:f7:a8:0b:61:06:25:b4:fc:6e:06:ca:95:10:
93:ed:73:56:0b:31:6c:4a:8c:3f:28:1c:77:a0:47:
a4:09:93:8b:f1:7c:24:c6:3c:20:c9:fd:81:18:89:
3c:26:7d:cf:af:f3:b6:ed:af:56:dc:64:b1:7a:c3:
57:08:91:61:92:99:6a:0d:b7:ad:3e:7a:62:09:b5:
a9:a0:8a:c7:27:0c:86:82:46:85:6d:d0:ec:25:b5:
c9:bc:2a:e1:14:ae:24:3e:60:e1:f6:07:c3:2f:ce:
e3:2d:2b:4f:ba:28:2b:cc:13:19:92:15:61:2c:40:
52:80:07:0e:70:a2:91:f5:dd:b0:8d:f9:17:e5:9c:
50:93:2c:b5:f5:fa:68:fc:15:a2:38:f0:16:4f:15:
40:3e:41:f8:ee:0f:4c:e0:b9:d2:8a:c4:a5:34:1c:
c5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:EB:B6:45:F9:3A:16:0E:14:2E:CD:53:EC:6C:6E:12:6D:81:EF:A8
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/7uu2Rfk6Fg4ULs1T7GxuEm2B76g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
147.234.17.0/24
147.234.22.0/24
147.234.26.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
Signature Algorithm: sha256WithRSAEncryption
86:34:f6:8f:f4:c8:e0:37:ce:6f:bb:14:2c:06:b2:e2:1a:8c:
de:da:06:bf:55:81:23:ed:0b:b0:b8:54:10:1c:dd:fe:37:f9:
72:11:41:e2:9e:79:d1:10:1d:30:17:e2:48:fd:cc:85:54:ee:
dc:36:04:82:04:6f:51:78:12:e1:44:a9:f6:f6:f5:26:be:b3:
b5:a1:74:b3:00:5c:ce:88:e4:a2:ee:2f:53:a3:ba:a5:09:c0:
8b:7a:4b:9d:b5:23:37:1e:33:5f:03:b4:07:54:c3:0f:cc:26:
c5:1f:ba:ed:de:80:06:ee:63:fa:3b:56:f2:e1:d4:70:28:3f:
f7:b5:e4:3c:48:a3:2f:3a:48:77:b7:83:48:24:03:df:29:71:
e8:d2:a1:6b:cb:3c:68:3e:9c:b1:ee:84:c5:b0:fb:65:dc:82:
d9:47:35:38:05:59:3b:70:f2:74:11:5e:57:8f:32:50:3c:35:
61:e2:5a:20:0c:aa:fd:77:71:3c:49:4c:c7:8d:19:53:bd:e8:
34:6f:5b:80:0d:0d:df:0e:c5:85:87:bc:e4:61:24:08:19:77:
76:f8:bb:18:ad:be:45:f7:5f:12:9c:a8:d6:4c:20:54:89:e5:
4f:a8:6a:59:b1:4c:54:6b:ad:ce:3f:28:28:c5:93:26:6c:72:
83:99:0f:73
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYvJvIZUmaS/r5E9r1hEEw+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMxMTEzMTczMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWViYjY0NWY5M2ExNjBlMTQyZWNkNTNlYzZjNmUxMjZkODFlZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX23oo29u+QotBzTpziGl5GUHuQn
Abb/t0DHdiXPuFvW5P/Y6aDZ5bPXRrQIjjIAONfr+i3QrVnimZcMLUBXdmRerasZ
m5Hl/UEwTW6QpI2vJL5FnrMdRP2MFveoC2EGJbT8bgbKlRCT7XNWCzFsSow/KBx3
oEekCZOL8Xwkxjwgyf2BGIk8Jn3Pr/O27a9W3GSxesNXCJFhkplqDbetPnpiCbWp
oIrHJwyGgkaFbdDsJbXJvCrhFK4kPmDh9gfDL87jLStPuigrzBMZkhVhLEBSgAcO
cKKR9d2wjfkX5ZxQkyy19fpo/BWiOPAWTxVAPkH47g9M4LnSisSlNBzFJQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFO7rtkX5OhYOFC7NU+xsbhJtge+oMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvN3V1MlJmazZGZzRVTHMxVDdHeHVFbTJCNzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBuwQCAAEwgbQDAwEu
dAMDAC7SAwMAPgADAwA+WgMEBFD6kAMDAFKmAwMBVUADAwBV+gMDAVmKAwMBXawD
AwBfIwMDAG26AwMAbf0DBACT6hEDBACT6hYwDAMEAZPqGgMEAJPqHAMEAJPqKzAM
AwQAk+pTAwQAk+pUAwQAk+pWMAsDBAewDIADAwGwDAMEAsB2HAMDAMJaAwMAx8sD
BAbP6AADBAbUHcADAwDUjwMDANSWAwQH1OsAAwMA2YQwFAQCAAIwDgMFAyABTfAD
BQMqAgFIMA0GCSqGSIb3DQEBCwUAA4IBAQCGNPaP9MjgN85vuxQsBrLiGoze2ga/
VYEj7QuwuFQQHN3+N/lyEUHinnnREB0wF+JI/cyFVO7cNgSCBG9ReBLhRKn29vUm
vrO1oXSzAFzOiOSi7i9To7qlCcCLekudtSM3HjNfA7QHVMMPzCbFH7rt3oAG7mP6
O1by4dRwKD/3teQ8SKMvOkh3t4NIJAPfKXHo0qFryzxoPpyx7oTFsPtl3ILZRzU4
BVk7cPJ0EV5XjzJQPDVh4logDKr9d3E8SUzHjRlTveg0b1uADQ3fDsWFh7zkYSQI
GXd2+LsYrb5F918SnKjWTCBUieVPqGpZsUxUa63OPygoxZMmbHKDmQ9z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:22 2025 by rpki-client