Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/Qta6udNXmM8bC13DW1abPXnJlOc.roa
File: Qta6udNXmM8bC13DW1abPXnJlOc.roa (raw, json)
Hash identifier: VH04OkweWrWqHDYR7vGOqXzAFfbCzpk0Jzr6dz/7WYo=
Subject key identifier: 42:D6:BA:B9:D3:57:98:CF:1B:0B:5D:C3:5B:56:9B:3D:79:C9:94:E7
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 0184347230D282A46395D1AD4633807BEEBA
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/Qta6udNXmM8bC13DW1abPXnJlOc.roa
Signing time: Tue 01 Nov 2022 18:26:49 +0000
ROA not before: Tue 01 Nov 2022 18:26:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15685
IP address blocks: 82.208.56.0/24 maxlen: 24
82.208.58.0/24 maxlen: 24
82.208.60.0/24 maxlen: 24
82.208.60.0/22 maxlen: 22
109.123.202.0/23 maxlen: 23
109.123.205.0/24 maxlen: 24
109.123.206.0/23 maxlen: 23
82.208.4.0/22 maxlen: 22
82.208.8.0/22 maxlen: 22
109.123.209.0/24 maxlen: 24
109.123.208.0/22 maxlen: 22
82.208.14.0/24 maxlen: 24
109.123.216.0/21 maxlen: 21
82.208.16.0/23 maxlen: 23
82.208.17.0/24 maxlen: 24
82.208.16.0/24 maxlen: 24
109.123.214.0/23 maxlen: 23
82.208.12.0/24 maxlen: 24
82.208.18.0/24 maxlen: 24
82.208.28.0/23 maxlen: 23
82.208.26.0/23 maxlen: 23
82.208.32.0/22 maxlen: 22
82.208.44.0/24 maxlen: 24
82.208.39.0/24 maxlen: 24
82.208.40.0/23 maxlen: 23
82.208.50.0/24 maxlen: 24
82.208.46.0/23 maxlen: 23
82.208.48.0/23 maxlen: 23
217.11.254.0/24 maxlen: 24
217.11.224.0/23 maxlen: 23
217.11.230.0/24 maxlen: 24
217.11.232.0/23 maxlen: 23
217.11.227.0/24 maxlen: 24
217.11.228.0/23 maxlen: 23
217.11.236.0/24 maxlen: 24
217.11.235.0/24 maxlen: 24
217.11.245.0/24 maxlen: 24
217.11.246.0/23 maxlen: 23
217.11.242.0/23 maxlen: 23
217.11.251.0/24 maxlen: 24
217.11.248.0/23 maxlen: 23
217.11.249.0/24 maxlen: 24
109.123.192.0/21 maxlen: 21
81.0.217.0/24 maxlen: 24
81.0.214.0/24 maxlen: 24
81.0.226.0/24 maxlen: 24
81.0.225.0/24 maxlen: 24
81.0.230.0/23 maxlen: 23
77.78.96.0/20 maxlen: 20
81.0.232.0/21 maxlen: 21
77.78.94.0/23 maxlen: 23
81.0.228.0/24 maxlen: 24
81.0.240.0/22 maxlen: 22
77.78.112.0/21 maxlen: 21
81.0.250.0/24 maxlen: 24
77.78.123.0/24 maxlen: 24
77.78.124.0/22 maxlen: 22
81.0.254.0/23 maxlen: 23
77.78.120.0/23 maxlen: 23
85.239.227.0/24 maxlen: 24
81.0.192.0/22 maxlen: 22
81.0.199.0/24 maxlen: 24
81.0.206.0/23 maxlen: 23
77.78.76.0/22 maxlen: 22
85.239.252.0/23 maxlen: 23
81.0.208.0/23 maxlen: 23
81.0.212.0/23 maxlen: 23
2001:1528::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:34:72:30:d2:82:a4:63:95:d1:ad:46:33:80:7b:ee:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Nov 1 18:26:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42d6bab9d35798cf1b0b5dc35b569b3d79c994e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:9b:46:6d:74:79:9b:4b:39:b3:bc:ce:66:
98:fd:b0:ed:9e:7b:4a:2a:77:df:bb:c4:06:49:50:
9e:65:f0:e6:86:99:ba:2f:be:68:2e:dd:ba:17:ef:
42:c0:01:f3:01:4a:5c:79:ab:c2:46:8c:4c:07:f3:
45:0d:83:b1:c8:6a:bd:f3:22:fd:d4:19:57:f5:e4:
b8:f6:ca:b9:55:3f:bb:66:f7:55:89:98:4e:04:09:
cf:da:cc:99:29:f9:bf:02:9f:93:d3:91:f0:78:88:
06:f1:0d:6f:19:fd:04:8c:41:92:83:0d:d6:19:2e:
51:fc:54:d7:73:f5:3b:92:5d:21:4c:5e:f9:85:a7:
c8:b7:69:63:60:e0:4d:02:40:30:99:a0:e7:74:f0:
7a:c5:c8:d7:42:95:5c:43:71:9c:3e:20:30:4c:ea:
2a:36:df:ca:70:f4:2c:5f:cc:2c:f6:4a:7e:aa:ef:
cc:05:c4:1a:0a:54:ff:b4:d9:4f:67:5c:55:3e:55:
43:87:fd:ca:66:b6:67:a4:2c:45:41:35:71:79:0f:
96:2b:50:80:37:3f:5a:95:21:35:45:ec:f1:fc:91:
36:cf:e6:e9:98:ad:3d:65:83:87:d4:42:cf:d8:8d:
f1:68:cd:c1:b5:15:0b:4b:5a:bd:f0:9d:b1:f5:96:
7a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D6:BA:B9:D3:57:98:CF:1B:0B:5D:C3:5B:56:9B:3D:79:C9:94:E7
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/Qta6udNXmM8bC13DW1abPXnJlOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.76.0/22
77.78.94.0-77.78.121.255
77.78.123.0-77.78.127.255
81.0.192.0/22
81.0.199.0/24
81.0.206.0-81.0.209.255
81.0.212.0-81.0.214.255
81.0.217.0/24
81.0.225.0-81.0.226.255
81.0.228.0/24
81.0.230.0-81.0.243.255
81.0.250.0/24
81.0.254.0/23
82.208.4.0-82.208.12.255
82.208.14.0/24
82.208.16.0-82.208.18.255
82.208.26.0-82.208.29.255
82.208.32.0/22
82.208.39.0-82.208.41.255
82.208.44.0/24
82.208.46.0-82.208.50.255
82.208.56.0/24
82.208.58.0/24
82.208.60.0/22
85.239.227.0/24
85.239.252.0/23
109.123.192.0/21
109.123.202.0/23
109.123.205.0-109.123.211.255
109.123.214.0-109.123.223.255
217.11.224.0/23
217.11.227.0-217.11.230.255
217.11.232.0/23
217.11.235.0-217.11.236.255
217.11.242.0/23
217.11.245.0-217.11.249.255
217.11.251.0/24
217.11.254.0/24
IPv6:
2001:1528::/32
Signature Algorithm: sha256WithRSAEncryption
2a:69:f4:de:48:33:3f:d3:1a:b7:25:69:73:ed:ff:e9:79:95:
93:53:d4:45:d9:a8:e4:e6:92:6e:c8:2f:16:b6:ef:f3:9e:1c:
b2:ea:c4:9d:92:2b:64:30:f1:fb:58:21:3b:76:34:31:01:91:
d6:c0:4e:72:ef:b7:4c:f0:b8:08:d6:b3:2e:9b:35:61:64:ac:
5b:e2:b0:04:68:33:96:84:fc:b6:3d:a7:84:d2:10:84:a6:c9:
3a:8f:23:50:6b:47:cb:87:95:42:b0:ee:d2:55:a8:d1:77:a9:
cd:58:85:bb:57:7c:ba:4c:29:cb:c9:ec:1d:12:5e:f8:08:0e:
e1:7e:19:73:6c:12:42:39:1e:66:7d:f4:60:30:c6:67:ea:2b:
0e:d5:15:3e:7f:46:3e:28:4b:78:0a:4e:9f:53:9e:c7:e0:1d:
40:1f:fe:59:16:2f:93:be:75:56:f6:cf:e4:25:7a:e9:ec:ab:
da:02:25:18:a6:f4:56:33:2c:b5:d7:1c:79:98:f8:f8:b4:20:
9e:1b:59:79:4d:2b:d7:60:24:7b:00:46:f1:f2:04:80:8b:57:
93:8d:58:b2:fd:5e:e7:0d:0d:65:f3:40:04:df:c8:cb:c0:c3:
35:8b:32:13:47:02:f3:2a:9a:06:44:97:d9:fc:4a:6f:ca:2c:
93:bd:9f:80
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgISAYQ0cjDSgqRjldGtRjOAe+66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjIxMTAxMTgyNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ2YmFiOWQzNTc5OGNmMWIwYjVkYzM1YjU2OWIzZDc5Yzk5NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlGbRm10eZtLObO8zmaY/bDtnntK
Knffu8QGSVCeZfDmhpm6L75oLt26F+9CwAHzAUpceavCRoxMB/NFDYOxyGq98yL9
1BlX9eS49sq5VT+7ZvdViZhOBAnP2syZKfm/Ap+T05HweIgG8Q1vGf0EjEGSgw3W
GS5R/FTXc/U7kl0hTF75hafIt2ljYOBNAkAwmaDndPB6xcjXQpVcQ3GcPiAwTOoq
Nt/KcPQsX8ws9kp+qu/MBcQaClT/tNlPZ1xVPlVDh/3KZrZnpCxFQTVxeQ+WK1CA
Nz9alSE1Rezx/JE2z+bpmK09ZYOH1ELP2I3xaM3BtRULS1q98J2x9ZZ6IwIDAQAB
o4IDgDCCA3wwHQYDVR0OBBYEFELWurnTV5jPGwtdw1tWmz15yZTnMB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvUXRhNnVkTlhtTThiQzEzRFcxYWJQWG5KbE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlAYIKwYBBQUHAQcBAf8EggGDMIIBfzCCAWwEAgABMIIB
ZAMEAk1OTDAMAwQBTU5eAwQBTU54MAwDBABNTnsDBAdNTgADBAJRAMADBABRAMcw
DAMEAVEAzgMEAVEA0DAMAwQCUQDUAwQAUQDWAwQAUQDZMAwDBABRAOEDBABRAOID
BABRAOQwDAMEAVEA5gMEAlEA8AMEAFEA+gMEAVEA/jAMAwQCUtAEAwQAUtAMAwQA
UtAOMAwDBARS0BADBABS0BIwDAMEAVLQGgMEAVLQHAMEAlLQIDAMAwQAUtAnAwQB
UtAoAwQAUtAsMAwDBAFS0C4DBABS0DIDBABS0DgDBABS0DoDBAJS0DwDBABV7+MD
BAFV7/wDBANte8ADBAFte8owDAMEAG17zQMEAm170DAMAwQBbXvWAwQFbXvAAwQB
2QvgMAwDBADZC+MDBADZC+YDBAHZC+gwDAMEANkL6wMEANkL7AMEAdkL8jAMAwQA
2Qv1AwQB2Qv4AwQA2Qv7AwQA2Qv+MA0EAgACMAcDBQAgARUoMA0GCSqGSIb3DQEB
CwUAA4IBAQAqafTeSDM/0xq3JWlz7f/peZWTU9RF2ajk5pJuyC8Wtu/znhyy6sSd
kitkMPH7WCE7djQxAZHWwE5y77dM8LgI1rMumzVhZKxb4rAEaDOWhPy2PaeE0hCE
psk6jyNQa0fLh5VCsO7SVajRd6nNWIW7V3y6TCnLyewdEl74CA7hfhlzbBJCOR5m
ffRgMMZn6isO1RU+f0Y+KEt4Ck6fU57H4B1AH/5ZFi+TvnVW9s/kJXrp7KvaAiUY
pvRWMyy11xx5mPj4tCCeG1l5TSvXYCR7AEbx8gSAi1eTjViy/V7nDQ1l80AE38jL
wMM1izITRwLzKpoGRJfZ/EpvyiyTvZ+A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:38 2024 by rpki-client on console-ams.rpki-client.org