Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/aAcibZBXI4aH1Ltc7XTfEUPpE6s.roa
File: aAcibZBXI4aH1Ltc7XTfEUPpE6s.roa (raw, json)
Hash identifier: P15HxLTew+Eo5aFJewmnos+hvxpb9/4FwbKApvH5ODI=
Subject key identifier: 68:07:22:6D:90:57:23:86:87:D4:BB:5C:ED:74:DF:11:43:E9:13:AB
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 01847A67F6B47ED478E3521DF7D026185823
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/aAcibZBXI4aH1Ltc7XTfEUPpE6s.roa
Signing time: Tue 15 Nov 2022 08:29:04 +0000
ROA not before: Tue 15 Nov 2022 08:29:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15685
IP address blocks: 82.208.56.0/24 maxlen: 24
82.208.58.0/24 maxlen: 24
82.208.60.0/24 maxlen: 24
82.208.60.0/22 maxlen: 22
109.123.202.0/23 maxlen: 24
109.123.205.0/24 maxlen: 24
82.208.4.0/22 maxlen: 22
109.123.206.0/23 maxlen: 24
82.208.8.0/22 maxlen: 22
109.123.209.0/24 maxlen: 24
109.123.208.0/22 maxlen: 24
109.123.217.0/24 maxlen: 24
109.123.216.0/24 maxlen: 24
82.208.14.0/24 maxlen: 24
109.123.218.0/24 maxlen: 24
82.208.16.0/23 maxlen: 23
82.208.16.0/24 maxlen: 24
82.208.17.0/24 maxlen: 24
82.208.12.0/24 maxlen: 24
109.123.216.0/21 maxlen: 24
109.123.219.0/24 maxlen: 24
109.123.214.0/23 maxlen: 24
82.208.18.0/24 maxlen: 24
109.123.222.0/24 maxlen: 24
109.123.221.0/24 maxlen: 24
82.208.28.0/23 maxlen: 23
82.208.26.0/23 maxlen: 23
82.208.32.0/22 maxlen: 22
82.208.44.0/24 maxlen: 24
82.208.39.0/24 maxlen: 24
82.208.40.0/23 maxlen: 23
82.208.50.0/24 maxlen: 24
82.208.46.0/23 maxlen: 23
82.208.48.0/23 maxlen: 23
217.11.254.0/24 maxlen: 24
217.11.224.0/23 maxlen: 23
217.11.230.0/24 maxlen: 24
217.11.232.0/23 maxlen: 23
217.11.227.0/24 maxlen: 24
217.11.228.0/23 maxlen: 23
217.11.236.0/24 maxlen: 24
217.11.235.0/24 maxlen: 24
217.11.245.0/24 maxlen: 24
217.11.246.0/23 maxlen: 23
217.11.242.0/23 maxlen: 23
217.11.251.0/24 maxlen: 24
217.11.248.0/23 maxlen: 23
217.11.249.0/24 maxlen: 24
109.123.192.0/21 maxlen: 24
81.0.217.0/24 maxlen: 24
81.0.214.0/24 maxlen: 24
81.0.226.0/24 maxlen: 24
81.0.225.0/24 maxlen: 24
81.0.230.0/23 maxlen: 23
77.78.96.0/20 maxlen: 20
81.0.232.0/21 maxlen: 21
77.78.94.0/23 maxlen: 23
81.0.228.0/24 maxlen: 24
81.0.240.0/22 maxlen: 22
77.78.112.0/21 maxlen: 21
81.0.250.0/24 maxlen: 24
77.78.123.0/24 maxlen: 24
77.78.124.0/22 maxlen: 22
81.0.254.0/23 maxlen: 23
77.78.120.0/23 maxlen: 23
85.239.227.0/24 maxlen: 24
81.0.192.0/22 maxlen: 22
81.0.199.0/24 maxlen: 24
81.0.206.0/23 maxlen: 23
77.78.76.0/22 maxlen: 22
85.239.252.0/23 maxlen: 23
81.0.208.0/23 maxlen: 23
81.0.212.0/23 maxlen: 23
2001:1528::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:67:f6:b4:7e:d4:78:e3:52:1d:f7:d0:26:18:58:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Nov 15 08:29:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6807226d9057238687d4bb5ced74df1143e913ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:d2:50:2e:e9:da:e3:32:4f:c5:6b:dc:e9:
7d:bf:06:71:9a:e8:c3:51:73:05:b3:12:4b:bb:5a:
6d:97:e7:ef:0f:91:c0:d3:32:fd:b9:d8:c8:32:ee:
e6:76:26:5f:79:b4:63:b1:71:f8:7b:29:42:4e:42:
0b:c7:68:71:95:09:45:93:38:68:72:5e:6e:1f:4e:
97:90:da:c5:79:52:c2:82:11:c3:83:99:34:8c:fc:
27:22:45:25:60:2c:a7:9a:1c:49:5e:75:b7:9d:c8:
59:04:2e:ae:58:9a:07:dc:ed:b0:86:1c:1d:e3:db:
d4:8b:93:d1:32:6f:77:0e:ef:0a:1c:54:03:5b:89:
56:d7:63:77:f9:1d:96:08:97:ad:5f:7d:ca:10:3f:
b0:e0:b2:c8:5b:5e:45:10:2d:65:b5:ff:d5:47:20:
1f:bc:3b:a9:76:04:93:01:d6:50:64:bb:07:b7:24:
1c:bc:13:a3:77:5c:f1:7d:9b:b0:a1:1a:a9:49:9f:
ba:0d:5a:67:64:80:9a:58:d1:cf:8f:dd:15:f4:b0:
1d:53:4a:81:f6:56:3b:e6:7c:5b:71:5f:bb:52:ff:
0f:fe:91:4b:c8:ee:e5:ba:9f:f6:1d:0f:56:ae:83:
d3:6e:75:9f:d9:67:47:5d:2f:fe:f0:b3:5d:9c:ca:
45:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:07:22:6D:90:57:23:86:87:D4:BB:5C:ED:74:DF:11:43:E9:13:AB
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/aAcibZBXI4aH1Ltc7XTfEUPpE6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.76.0/22
77.78.94.0-77.78.121.255
77.78.123.0-77.78.127.255
81.0.192.0/22
81.0.199.0/24
81.0.206.0-81.0.209.255
81.0.212.0-81.0.214.255
81.0.217.0/24
81.0.225.0-81.0.226.255
81.0.228.0/24
81.0.230.0-81.0.243.255
81.0.250.0/24
81.0.254.0/23
82.208.4.0-82.208.12.255
82.208.14.0/24
82.208.16.0-82.208.18.255
82.208.26.0-82.208.29.255
82.208.32.0/22
82.208.39.0-82.208.41.255
82.208.44.0/24
82.208.46.0-82.208.50.255
82.208.56.0/24
82.208.58.0/24
82.208.60.0/22
85.239.227.0/24
85.239.252.0/23
109.123.192.0/21
109.123.202.0/23
109.123.205.0-109.123.211.255
109.123.214.0-109.123.223.255
217.11.224.0/23
217.11.227.0-217.11.230.255
217.11.232.0/23
217.11.235.0-217.11.236.255
217.11.242.0/23
217.11.245.0-217.11.249.255
217.11.251.0/24
217.11.254.0/24
IPv6:
2001:1528::/32
Signature Algorithm: sha256WithRSAEncryption
45:ed:54:11:2d:03:ff:d4:11:a0:22:62:aa:04:0b:6b:a9:16:
d1:1e:07:0f:dc:41:33:94:d7:2d:82:22:fc:df:01:94:ab:3a:
e0:f8:94:9a:bc:ca:ee:8e:6a:43:0f:e3:f5:2b:74:82:11:65:
67:ca:33:1a:e7:ff:7e:39:30:c4:4d:5b:23:cf:58:14:cd:20:
0a:b5:6f:2b:1d:62:58:da:53:48:3b:07:e4:ae:96:36:ce:c9:
c6:8e:f1:a0:28:76:dd:5f:82:3f:c2:ff:77:37:02:d0:e0:6f:
92:ac:9f:af:26:d3:87:5f:25:19:57:2c:08:6c:f0:87:58:0c:
0a:52:a7:30:5c:3c:c4:55:cc:ed:71:21:4b:7a:a2:cf:07:ae:
77:3f:c4:e4:e2:88:f8:9b:06:2f:03:aa:75:9c:db:71:15:45:
83:93:a1:28:ef:b1:f1:74:a2:0d:eb:e0:96:14:b5:67:97:3a:
3e:4b:79:fb:27:e8:cb:8a:ac:65:32:65:51:37:9a:ca:d4:e0:
e0:85:aa:bf:bd:53:b4:e2:a7:ef:f6:25:6c:4b:b8:23:6d:84:
af:86:2e:f9:52:98:93:b1:18:4a:9f:ee:ac:9a:48:fc:34:f6:
25:c5:60:b5:e5:00:e8:2d:d6:7e:6e:2a:62:f6:60:10:91:79:
33:a0:39:47
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgISAYR6Z/a0ftR441Id99AmGFgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjIxMTE1MDgyOTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODA3MjI2ZDkwNTcyMzg2ODdkNGJiNWNlZDc0ZGYxMTQzZTkxM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV/SUC7p2uMyT8Vr3Ol9vwZxmujD
UXMFsxJLu1ptl+fvD5HA0zL9udjIMu7mdiZfebRjsXH4eylCTkILx2hxlQlFkzho
cl5uH06XkNrFeVLCghHDg5k0jPwnIkUlYCynmhxJXnW3nchZBC6uWJoH3O2whhwd
49vUi5PRMm93Du8KHFQDW4lW12N3+R2WCJetX33KED+w4LLIW15FEC1ltf/VRyAf
vDupdgSTAdZQZLsHtyQcvBOjd1zxfZuwoRqpSZ+6DVpnZICaWNHPj90V9LAdU0qB
9lY75nxbcV+7Uv8P/pFLyO7lup/2HQ9WroPTbnWf2WdHXS/+8LNdnMpFJQIDAQAB
o4IDgDCCA3wwHQYDVR0OBBYEFGgHIm2QVyOGh9S7XO103xFD6ROrMB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvYUFjaWJaQlhJNGFIMUx0YzdYVGZFVVBwRTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlAYIKwYBBQUHAQcBAf8EggGDMIIBfzCCAWwEAgABMIIB
ZAMEAk1OTDAMAwQBTU5eAwQBTU54MAwDBABNTnsDBAdNTgADBAJRAMADBABRAMcw
DAMEAVEAzgMEAVEA0DAMAwQCUQDUAwQAUQDWAwQAUQDZMAwDBABRAOEDBABRAOID
BABRAOQwDAMEAVEA5gMEAlEA8AMEAFEA+gMEAVEA/jAMAwQCUtAEAwQAUtAMAwQA
UtAOMAwDBARS0BADBABS0BIwDAMEAVLQGgMEAVLQHAMEAlLQIDAMAwQAUtAnAwQB
UtAoAwQAUtAsMAwDBAFS0C4DBABS0DIDBABS0DgDBABS0DoDBAJS0DwDBABV7+MD
BAFV7/wDBANte8ADBAFte8owDAMEAG17zQMEAm170DAMAwQBbXvWAwQFbXvAAwQB
2QvgMAwDBADZC+MDBADZC+YDBAHZC+gwDAMEANkL6wMEANkL7AMEAdkL8jAMAwQA
2Qv1AwQB2Qv4AwQA2Qv7AwQA2Qv+MA0EAgACMAcDBQAgARUoMA0GCSqGSIb3DQEB
CwUAA4IBAQBF7VQRLQP/1BGgImKqBAtrqRbRHgcP3EEzlNctgiL83wGUqzrg+JSa
vMrujmpDD+P1K3SCEWVnyjMa5/9+OTDETVsjz1gUzSAKtW8rHWJY2lNIOwfkrpY2
zsnGjvGgKHbdX4I/wv93NwLQ4G+SrJ+vJtOHXyUZVywIbPCHWAwKUqcwXDzEVczt
cSFLeqLPB653P8Tk4oj4mwYvA6p1nNtxFUWDk6Eo77HxdKIN6+CWFLVnlzo+S3n7
J+jLiqxlMmVRN5rK1ODghaq/vVO04qfv9iVsS7gjbYSvhi75UpiTsRhKn+6smkj8
NPYlxWC15QDoLdZ+bipi9mAQkXkzoDlH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:35 2025 by rpki-client