Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/XUVDtcboJ2bJay8Q_ymmtKroAfM.roa
File: XUVDtcboJ2bJay8Q_ymmtKroAfM.roa (raw, json)
Hash identifier: DS0BZoXH4HHehotibbVosfypWq1MvsKGSM58k6iYxes=
Subject key identifier: 5D:45:43:B5:C6:E8:27:66:C9:6B:2F:10:FF:29:A6:B4:AA:E8:01:F3
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 0807DEFC
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/XUVDtcboJ2bJay8Q_ymmtKroAfM.roa
Signing time: Sat 01 Jan 2022 15:02:54 +0000
ROA not before: Sat 01 Jan 2022 15:02:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15685
IP address blocks: 82.208.56.0/24 maxlen: 24
82.208.58.0/24 maxlen: 24
82.208.60.0/22 maxlen: 22
109.123.202.0/23 maxlen: 23
109.123.205.0/24 maxlen: 24
109.123.206.0/23 maxlen: 23
82.208.4.0/22 maxlen: 22
109.123.209.0/24 maxlen: 24
109.123.208.0/22 maxlen: 22
82.208.8.0/22 maxlen: 22
109.123.216.0/21 maxlen: 21
109.123.214.0/23 maxlen: 23
82.208.14.0/24 maxlen: 24
82.208.16.0/23 maxlen: 23
82.208.17.0/24 maxlen: 24
82.208.16.0/24 maxlen: 24
82.208.12.0/24 maxlen: 24
109.123.224.0/23 maxlen: 23
82.208.18.0/24 maxlen: 24
82.208.20.0/22 maxlen: 22
82.208.28.0/23 maxlen: 23
82.208.26.0/23 maxlen: 23
109.123.232.0/21 maxlen: 21
109.123.227.0/24 maxlen: 24
109.123.228.0/22 maxlen: 22
82.208.32.0/22 maxlen: 22
82.208.44.0/24 maxlen: 24
82.208.39.0/24 maxlen: 24
82.208.40.0/23 maxlen: 23
109.123.240.0/20 maxlen: 20
82.208.50.0/24 maxlen: 24
82.208.46.0/23 maxlen: 23
82.208.48.0/23 maxlen: 23
217.11.254.0/24 maxlen: 24
217.11.224.0/23 maxlen: 23
217.11.230.0/24 maxlen: 24
217.11.232.0/23 maxlen: 23
217.11.227.0/24 maxlen: 24
217.11.228.0/23 maxlen: 23
217.11.236.0/24 maxlen: 24
217.11.235.0/24 maxlen: 24
217.11.245.0/24 maxlen: 24
217.11.246.0/23 maxlen: 23
217.11.242.0/23 maxlen: 23
217.11.251.0/24 maxlen: 24
217.11.248.0/23 maxlen: 23
217.11.249.0/24 maxlen: 24
109.123.192.0/21 maxlen: 21
81.0.217.0/24 maxlen: 24
81.0.218.0/23 maxlen: 23
81.0.214.0/24 maxlen: 24
81.0.225.0/24 maxlen: 24
81.0.220.0/23 maxlen: 23
81.0.226.0/24 maxlen: 24
77.78.96.0/20 maxlen: 20
77.78.94.0/23 maxlen: 23
81.0.230.0/23 maxlen: 23
81.0.232.0/21 maxlen: 21
81.0.228.0/24 maxlen: 24
81.0.240.0/22 maxlen: 22
81.0.246.0/23 maxlen: 23
77.78.112.0/21 maxlen: 21
81.0.248.0/23 maxlen: 23
81.0.250.0/24 maxlen: 24
81.0.254.0/23 maxlen: 23
77.78.123.0/24 maxlen: 24
77.78.124.0/22 maxlen: 22
77.78.120.0/23 maxlen: 23
85.239.230.0/23 maxlen: 23
85.239.227.0/24 maxlen: 24
85.239.232.0/21 maxlen: 21
81.0.192.0/22 maxlen: 22
81.0.199.0/24 maxlen: 24
81.0.206.0/23 maxlen: 23
77.78.70.0/23 maxlen: 23
85.239.240.0/21 maxlen: 21
81.0.208.0/23 maxlen: 23
81.0.212.0/23 maxlen: 23
85.239.250.0/24 maxlen: 24
77.78.76.0/22 maxlen: 22
85.239.252.0/23 maxlen: 23
77.78.72.0/23 maxlen: 23
85.239.248.0/23 maxlen: 23
2001:1528::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134733564 (0x807defc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Jan 1 15:02:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d4543b5c6e82766c96b2f10ff29a6b4aae801f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1a:26:32:56:1f:4a:cd:ea:8d:ff:d9:0f:4e:
cb:e1:37:0a:08:ce:cb:1d:7a:87:0a:de:c3:88:25:
84:d2:a7:9d:9a:f4:fa:99:15:0a:c4:6d:24:d7:2e:
58:1a:61:70:a6:2b:d2:43:c5:8c:69:dc:e2:f8:2f:
06:18:31:f5:f7:57:58:69:9a:ca:94:9e:ad:41:18:
3d:0c:68:ae:52:4d:98:90:e4:a6:71:05:31:61:f2:
d9:f7:26:0a:49:a2:93:79:56:5a:42:8a:50:b3:2b:
e2:34:da:8a:95:f1:10:6e:fa:3a:56:ff:69:4a:35:
b1:b8:68:c0:b9:7d:bc:d2:ce:7a:72:dd:0f:f3:0b:
96:28:7c:42:6d:42:6a:0b:0c:dc:20:38:ac:fa:d3:
a6:6e:5e:b1:a2:f5:3d:2b:5c:d3:9d:f0:fe:d5:ad:
1f:87:8e:b2:3b:2e:74:38:ff:23:e1:a3:d9:30:ad:
e0:13:6b:d7:3b:46:95:ba:e4:3b:6f:01:b3:4c:00:
24:0e:5b:8d:57:40:2e:5f:55:76:02:92:9e:22:b0:
59:37:21:0d:32:f7:22:6b:85:cf:50:11:f8:4a:8f:
19:e6:d3:8e:2e:9b:37:3c:9d:e1:7e:fc:bd:30:53:
26:0b:b6:ee:3d:05:38:81:5c:a7:bb:c2:1b:31:a0:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:45:43:B5:C6:E8:27:66:C9:6B:2F:10:FF:29:A6:B4:AA:E8:01:F3
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/XUVDtcboJ2bJay8Q_ymmtKroAfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.70.0-77.78.73.255
77.78.76.0/22
77.78.94.0-77.78.121.255
77.78.123.0-77.78.127.255
81.0.192.0/22
81.0.199.0/24
81.0.206.0-81.0.209.255
81.0.212.0-81.0.214.255
81.0.217.0-81.0.221.255
81.0.225.0-81.0.226.255
81.0.228.0/24
81.0.230.0-81.0.243.255
81.0.246.0-81.0.250.255
81.0.254.0/23
82.208.4.0-82.208.12.255
82.208.14.0/24
82.208.16.0-82.208.18.255
82.208.20.0/22
82.208.26.0-82.208.29.255
82.208.32.0/22
82.208.39.0-82.208.41.255
82.208.44.0/24
82.208.46.0-82.208.50.255
82.208.56.0/24
82.208.58.0/24
82.208.60.0/22
85.239.227.0/24
85.239.230.0-85.239.250.255
85.239.252.0/23
109.123.192.0/21
109.123.202.0/23
109.123.205.0-109.123.211.255
109.123.214.0-109.123.225.255
109.123.227.0-109.123.255.255
217.11.224.0/23
217.11.227.0-217.11.230.255
217.11.232.0/23
217.11.235.0-217.11.236.255
217.11.242.0/23
217.11.245.0-217.11.249.255
217.11.251.0/24
217.11.254.0/24
IPv6:
2001:1528::/32
Signature Algorithm: sha256WithRSAEncryption
16:e6:48:fe:5c:0b:ed:26:8d:79:d0:c9:b1:96:15:28:02:05:
35:d0:91:7a:f2:a6:12:30:f8:05:16:55:37:5d:58:05:7f:c6:
14:b7:0b:c2:cb:d4:07:11:8e:8b:9c:96:ab:df:ec:6a:ab:20:
a1:08:cd:d4:65:6e:f7:73:be:44:bc:bc:ca:c1:c0:f1:e8:e8:
e3:ec:61:03:68:db:b7:48:da:9e:10:48:4d:5f:c6:d9:0c:9e:
d4:48:6b:5e:ed:e4:d6:fe:5d:84:e0:a6:29:e3:30:ca:b6:47:
ca:a5:32:c8:54:08:be:d9:38:8e:78:59:1c:b2:0c:c8:d2:ff:
72:ae:b3:26:f6:9d:24:72:20:86:1e:64:f4:cc:58:3e:c4:0b:
cf:b6:2e:e3:f9:58:36:49:6e:cf:84:51:6f:fb:ba:fa:2f:a9:
60:91:1b:65:64:e4:9e:4d:1e:48:27:c1:a8:03:ff:aa:b2:5e:
0d:70:be:b3:9a:57:e4:18:39:55:d5:ba:69:8b:6f:fb:12:a2:
11:f4:0f:c4:f5:ed:2c:3d:10:dd:a3:f4:b0:32:ed:25:64:17:
7e:0a:76:a7:4c:35:1b:2e:ad:63:53:18:2d:54:d4:18:fe:c5:
13:3e:b5:47:01:a8:4b:39:20:3e:80:ff:0c:d9:a3:36:98:dc:
dd:cd:95:a0
-----BEGIN CERTIFICATE-----
MIIGpTCCBY2gAwIBAgIECAfe/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzQ4NDdmODY2N2Q1MmZhMmNmOWNmOWFmY2M0M2EwNzkxNTU3NWNhMB4XDTIyMDEw
MTE1MDI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ0NTQzYjVjNmU4
Mjc2NmM5NmIyZjEwZmYyOWE2YjRhYWU4MDFmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8aJjJWH0rN6o3/2Q9Oy+E3CgjOyx16hwrew4glhNKnnZr0
+pkVCsRtJNcuWBphcKYr0kPFjGnc4vgvBhgx9fdXWGmaypSerUEYPQxorlJNmJDk
pnEFMWHy2fcmCkmik3lWWkKKULMr4jTaipXxEG76Olb/aUo1sbhowLl9vNLOenLd
D/MLlih8Qm1CagsM3CA4rPrTpm5esaL1PStc053w/tWtH4eOsjsudDj/I+Gj2TCt
4BNr1ztGlbrkO28Bs0wAJA5bjVdALl9VdgKSniKwWTchDTL3ImuFz1AR+EqPGebT
ji6bNzyd4X78vTBTJgu27j0FOIFcp7vCGzGgOFUCAwEAAaOCA78wggO7MB0GA1Ud
DgQWBBRdRUO1xugnZslrLxD/Kaa0qugB8zAfBgNVHSMEGDAWgBQXSEf4Zn1S+iz5
z5r8xDoHkVV1yjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YwaEgtR1o5VXZvcy1jLWFfTVE2QjVGVmRjby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvNzJjYzRhLTJkOWMtNDgwOC04MjNlLTE0NTRmZmU2MTgyYy8x
L1hVVkR0Y2JvSjJiSmF5OFFfeW1tdEtyb0FmTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
NzJjYzRhLTJkOWMtNDgwOC04MjNlLTE0NTRmZmU2MTgyYy8xL0YwaEgtR1o5VXZv
cy1jLWFfTVE2QjVGVmRjby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AdMGCCsGAQUFBwEHAQH/BIIBwjCCAb4wggGrBAIAATCCAaMwDAMEAU1ORgMEAU1O
SAMEAk1OTDAMAwQBTU5eAwQBTU54MAwDBABNTnsDBAdNTgADBAJRAMADBABRAMcw
DAMEAVEAzgMEAVEA0DAMAwQCUQDUAwQAUQDWMAwDBABRANkDBAFRANwwDAMEAFEA
4QMEAFEA4gMEAFEA5DAMAwQBUQDmAwQCUQDwMAwDBAFRAPYDBABRAPoDBAFRAP4w
DAMEAlLQBAMEAFLQDAMEAFLQDjAMAwQEUtAQAwQAUtASAwQCUtAUMAwDBAFS0BoD
BAFS0BwDBAJS0CAwDAMEAFLQJwMEAVLQKAMEAFLQLDAMAwQBUtAuAwQAUtAyAwQA
UtA4AwQAUtA6AwQCUtA8AwQAVe/jMAwDBAFV7+YDBABV7/oDBAFV7/wDBANte8AD
BAFte8owDAMEAG17zQMEAm170DAMAwQBbXvWAwQBbXvgMAsDBABte+MDAwJteAME
AdkL4DAMAwQA2QvjAwQA2QvmAwQB2QvoMAwDBADZC+sDBADZC+wDBAHZC/IwDAME
ANkL9QMEAdkL+AMEANkL+wMEANkL/jANBAIAAjAHAwUAIAEVKDANBgkqhkiG9w0B
AQsFAAOCAQEAFuZI/lwL7SaNedDJsZYVKAIFNdCRevKmEjD4BRZVN11YBX/GFLcL
wsvUBxGOi5yWq9/saqsgoQjN1GVu93O+RLy8ysHA8ejo4+xhA2jbt0janhBITV/G
2Qye1EhrXu3k1v5dhOCmKeMwyrZHyqUyyFQIvtk4jnhZHLIMyNL/cq6zJvadJHIg
hh5k9MxYPsQLz7Yu4/lYNkluz4RRb/u6+i+pYJEbZWTknk0eSCfBqAP/qrJeDXC+
s5pX5Bg5VdW6aYtv+xKiEfQPxPXtLD0Q3aP0sDLtJWQXfgp2p0w1Gy6tY1MYLVTU
GP7FEz61RwGoSzkgPoD/DNmjNpjc3c2VoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:38 2024 by rpki-client on console-ams.rpki-client.org