Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/1XF-13r__S1rcmF2MqCuLmvSlUo.roa
File: 1XF-13r__S1rcmF2MqCuLmvSlUo.roa (raw, json)
Hash identifier: 5tXC2gluCpqkPEOCnBhpAbn6QjZWUAZUTToDA8jp5+c=
Subject key identifier: D5:71:7E:D7:7A:FF:FD:2D:6B:72:61:76:32:A0:AE:2E:6B:D2:95:4A
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 2AABA61C
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/1XF-13r__S1rcmF2MqCuLmvSlUo.roa
Signing time: Thu 19 May 2022 01:27:16 +0000
ROA not before: Thu 19 May 2022 01:27:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 79.112.0.0/13 maxlen: 24
213.157.189.0/24 maxlen: 24
185.129.36.0/22 maxlen: 22
188.26.128.0/18 maxlen: 24
212.93.128.0/19 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
212.93.143.0/24 maxlen: 24
31.14.104.0/21 maxlen: 24
79.112.0.0/14 maxlen: 24
213.157.160.0/19 maxlen: 24
82.79.10.0/24 maxlen: 24
188.26.224.0/19 maxlen: 24
194.102.80.0/23 maxlen: 24
194.102.81.0/24 maxlen: 24
31.14.192.0/21 maxlen: 24
81.18.64.0/19 maxlen: 24
31.14.224.0/22 maxlen: 24
82.76.0.0/14 maxlen: 24
5.12.0.0/14 maxlen: 24
93.113.40.0/22 maxlen: 24
84.232.128.0/17 maxlen: 24
188.27.0.0/16 maxlen: 24
79.118.0.0/15 maxlen: 24
84.232.149.0/24 maxlen: 24
86.120.0.0/13 maxlen: 24
82.137.16.0/20 maxlen: 24
81.196.0.0/16 maxlen: 24
82.137.32.0/19 maxlen: 24
79.118.155.0/24 maxlen: 24
188.26.0.0/17 maxlen: 24
62.231.120.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
5.2.128.0/17 maxlen: 24
79.117.0.0/16 maxlen: 24
188.24.0.0/15 maxlen: 24
212.54.96.0/19 maxlen: 24
62.231.64.0/18 maxlen: 24
188.27.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.54.120.0/24 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.0.0/18 maxlen: 24
89.46.12.0/22 maxlen: 24
86.121.222.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 715892252 (0x2aaba61c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: May 19 01:27:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5717ed77afffd2d6b72617632a0ae2e6bd2954a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:82:6b:e3:e4:d8:88:e5:c9:24:df:3d:9b:a1:
1f:3b:46:56:68:93:28:3f:d5:76:32:f6:6e:4a:67:
1d:9b:42:f3:ac:9f:87:bd:2c:26:45:15:c8:d4:19:
86:df:b5:57:0b:82:1f:24:74:4a:d5:66:8d:06:6d:
fb:23:17:a8:9e:2a:f3:c0:90:64:22:80:38:eb:16:
8a:c3:96:da:4f:bb:7a:70:26:e8:80:61:4c:98:44:
17:ff:8e:83:0c:31:9f:a3:ed:94:7f:4f:a2:1a:34:
52:7a:aa:cc:c7:67:80:2e:0a:c7:0a:03:58:2b:30:
d6:3a:31:e0:73:38:a8:6a:b0:e4:0a:3b:4d:23:94:
79:c3:1f:18:a8:f4:b8:97:6a:2c:ec:35:8d:7d:64:
11:1b:7f:8e:9f:db:84:d2:d1:13:3a:94:f8:24:c7:
82:d1:b3:3a:22:eb:55:dc:4e:dd:bc:f2:43:c5:1f:
7f:d0:73:0c:c9:e4:8b:a1:b5:54:18:7b:a2:ba:28:
75:46:b1:d3:7c:12:f9:9d:5a:4c:7a:ee:65:57:77:
59:99:59:7f:6e:7b:b5:6c:3c:dd:00:dd:82:32:ed:
7f:f5:0a:9f:04:7a:dc:7c:2c:9c:84:e4:1a:d3:64:
bd:51:e0:c9:e0:24:5b:25:f2:1a:ad:e5:58:45:a3:
56:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:71:7E:D7:7A:FF:FD:2D:6B:72:61:76:32:A0:AE:2E:6B:D2:95:4A
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/1XF-13r__S1rcmF2MqCuLmvSlUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.104.0/21
31.14.192.0/21
31.14.224.0/22
62.231.64.0/18
79.112.0.0/13
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.157.160.0/19
IPv6:
2a02:2f00::/28
Signature Algorithm: sha256WithRSAEncryption
7e:d0:fb:eb:b2:81:f0:1d:3e:9d:ec:c3:02:98:13:ab:67:1e:
8d:4f:e2:44:45:61:93:e9:85:0e:fb:7b:60:d2:36:55:42:32:
4b:95:d3:79:db:72:27:98:d0:ba:ae:8a:3e:08:d5:61:46:33:
4d:bd:1f:80:04:1c:27:86:df:31:bf:1e:5c:c3:d9:ca:22:d9:
52:9f:3f:48:82:3c:b3:63:6e:d6:f8:48:01:5f:89:34:a1:76:
c7:5b:3d:39:78:80:eb:6c:cc:68:99:ea:aa:79:83:19:c2:c3:
aa:e3:f9:d4:b9:f9:38:51:09:92:5b:72:3d:d5:0d:84:a6:28:
d0:af:a9:b4:77:25:0d:29:bc:83:64:da:af:ab:ee:e9:7a:38:
4a:33:25:18:e6:98:2f:b0:b6:07:b3:24:70:00:5b:c4:95:b3:
4d:5e:4d:a1:8d:1f:8a:f5:4b:55:84:0e:4e:99:d7:70:ba:d6:
2e:2d:90:5e:67:b2:ad:2e:b8:31:94:cd:ae:21:3b:7b:f8:ac:
f3:13:d1:fb:09:b9:8c:99:55:1f:7a:e9:53:f8:97:06:26:32:
cd:85:40:7a:ed:00:82:50:54:17:0d:cf:0e:af:88:bc:e5:93:
22:4f:77:57:04:2b:ff:5e:0b:d8:ed:99:29:33:94:4d:c1:29:
2f:39:53:a2
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIEKqumHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjU1NmFjYjVmM2I5NjFiNWNjMjRhMjk5NWYzNGVlOTFmNzlkYzE2MB4XDTIyMDUx
OTAxMjcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU3MTdlZDc3YWZm
ZmQyZDZiNzI2MTc2MzJhMGFlMmU2YmQyOTU0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSCa+Pk2IjlySTfPZuhHztGVmiTKD/VdjL2bkpnHZtC86yf
h70sJkUVyNQZht+1VwuCHyR0StVmjQZt+yMXqJ4q88CQZCKAOOsWisOW2k+7enAm
6IBhTJhEF/+Ogwwxn6PtlH9Poho0UnqqzMdngC4KxwoDWCsw1jox4HM4qGqw5Ao7
TSOUecMfGKj0uJdqLOw1jX1kERt/jp/bhNLREzqU+CTHgtGzOiLrVdxO3bzyQ8Uf
f9BzDMnki6G1VBh7oroodUax03wS+Z1aTHruZVd3WZlZf257tWw83QDdgjLtf/UK
nwR63HwsnITkGtNkvVHgyeAkWyXyGq3lWEWjVr0CAwEAAaOCAqowggKmMB0GA1Ud
DgQWBBTVcX7Xev/9LWtyYXYyoK4ua9KVSjAfBgNVHSMEGDAWgBQLVWrLXzuWG1zC
SimV807pH3ncFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0MxVnF5MTg3bGh0Y3drb3BsZk5PNlI5NTNCWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvODI5ZmRmLWJhNjMtNGMyMy05MWQxLWQyYmJmMzdkYWJiNC8x
LzFYRi0xM3JfX1MxcmNtRjJNcUN1TG12U2xVby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
ODI5ZmRmLWJhNjMtNGMyMy05MWQxLWQyYmJmMzdkYWJiNC8xL0MxVnF5MTg3bGh0
Y3drb3BsZk5PNlI5NTNCWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vwYIKwYBBQUHAQcBAf8Ega8wgawwgZoEAgABMIGTAwQHBQKAAwMCBQwDBAMfDmgD
BAMfDsADBAIfDuADBAY+50ADAwNPcAMEBVESQAMDAFHEAwMCUkwDBAZSiQADBAdU
6IADAwNWeAMEAlkuDAMEAl1xKAMEArmBJDALAwMDvBgDBAa8GoAwCwMEBbwa4AMD
ArwYAwQAwW/oAwQBwmZQAwQF1DZgAwQF1F2AAwQF1Z2gMA0EAgACMAcDBQQqAi8A
MA0GCSqGSIb3DQEBCwUAA4IBAQB+0PvrsoHwHT6d7MMCmBOrZx6NT+JERWGT6YUO
+3tg0jZVQjJLldN523InmNC6roo+CNVhRjNNvR+ABBwnht8xvx5cw9nKItlSnz9I
gjyzY27W+EgBX4k0oXbHWz05eIDrbMxomeqqeYMZwsOq4/nUufk4UQmSW3I91Q2E
pijQr6m0dyUNKbyDZNqvq+7pejhKMyUY5pgvsLYHsyRwAFvElbNNXk2hjR+K9UtV
hA5OmddwutYuLZBeZ7KtLrgxlM2uITt7+KzzE9H7CbmMmVUfeulT+JcGJjLNhUB6
7QCCUFQXDc8Or4i85ZMiT3dXBCv/XgvY7ZkpM5RNwSkvOVOi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:06 2025 by rpki-client