Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/6neUVM6IQw8p1wHR2bXucCTLoL0.roa
File: 6neUVM6IQw8p1wHR2bXucCTLoL0.roa (raw, json)
Hash identifier: mYBYX9UAlV/A57XnjyAxoN+lnHBV+aOzbZscUc4mRJY=
Subject key identifier: EA:77:94:54:CE:88:43:0F:29:D7:01:D1:D9:B5:EE:70:24:CB:A0:BD
Certificate issuer: /CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Certificate serial: 018A267D4B7518ADBB3F4FE76086C7F2509B
Authority key identifier: 80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/6neUVM6IQw8p1wHR2bXucCTLoL0.roa
Signing time: Thu 24 Aug 2023 07:41:00 +0000
ROA not before: Thu 24 Aug 2023 07:41:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3212
IP address blocks: 213.172.224.0/19 maxlen: 19
185.66.148.0/22 maxlen: 22
77.38.0.0/17 maxlen: 17
77.73.104.0/22 maxlen: 22
46.182.224.0/21 maxlen: 21
217.72.64.0/19 maxlen: 19
77.111.0.0/18 maxlen: 18
78.153.32.0/19 maxlen: 19
87.119.128.0/19 maxlen: 19
185.97.68.0/22 maxlen: 22
92.53.128.0/19 maxlen: 19
185.85.148.0/22 maxlen: 22
212.85.160.0/19 maxlen: 19
91.132.208.0/22 maxlen: 22
185.30.136.0/22 maxlen: 22
185.65.228.0/22 maxlen: 22
176.76.0.0/16 maxlen: 16
46.150.32.0/19 maxlen: 19
84.52.128.0/18 maxlen: 18
31.15.128.0/17 maxlen: 17
91.237.132.0/22 maxlen: 22
213.143.64.0/19 maxlen: 19
176.57.92.0/22 maxlen: 22
82.192.32.0/19 maxlen: 19
84.20.224.0/19 maxlen: 19
193.111.220.0/22 maxlen: 22
185.79.228.0/22 maxlen: 22
92.63.16.0/20 maxlen: 20
94.140.64.0/19 maxlen: 19
2a00:b2a0::/32 maxlen: 32
2a00:fc0::/32 maxlen: 32
2a00:13d8::/29 maxlen: 29
2a00:1c80::/29 maxlen: 29
2a05:acc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:7d:4b:75:18:ad:bb:3f:4f:e7:60:86:c7:f2:50:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Validity
Not Before: Aug 24 07:41:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea779454ce88430f29d701d1d9b5ee7024cba0bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cd:85:19:de:f8:7f:60:55:5d:cb:e6:a8:1f:
87:f7:28:c5:34:55:70:24:72:9e:60:3f:f1:53:47:
b0:9d:61:27:ef:59:c2:ec:64:84:76:d2:18:15:50:
ec:fa:26:64:8b:53:cc:ce:4a:8c:94:97:7e:5e:77:
b7:4e:f4:fd:c4:7b:d6:a6:3e:82:6e:2e:b1:d0:af:
a7:9f:6f:57:20:31:33:d0:f9:bf:0d:c2:20:00:66:
6e:cd:6e:42:54:93:7f:8e:a8:f6:63:24:9f:1a:5f:
cf:ef:36:04:2c:00:84:43:62:66:f3:19:62:38:9f:
60:f5:40:dd:65:7d:2e:ea:69:a8:6c:c4:1c:27:48:
6f:fd:1a:8d:11:44:54:15:35:07:9b:e8:6d:7f:6c:
e0:55:e7:7f:1d:31:37:73:dc:07:44:ce:58:31:8a:
24:c9:21:02:eb:7b:68:eb:1b:42:17:2c:4b:d8:57:
49:f2:68:20:54:00:e5:10:f2:15:3d:09:3f:21:b1:
0b:36:1c:c4:cf:fa:a8:96:fd:b2:f6:03:b8:cd:30:
66:6c:f9:d7:76:85:cc:b5:0a:1f:0f:ee:7f:0f:d0:
ff:db:84:85:e5:45:74:86:39:52:ee:63:e6:d3:b0:
e5:b4:30:af:35:35:0c:22:5a:09:c5:a2:57:3d:09:
b6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:77:94:54:CE:88:43:0F:29:D7:01:D1:D9:B5:EE:70:24:CB:A0:BD
X509v3 Authority Key Identifier:
keyid:80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/6neUVM6IQw8p1wHR2bXucCTLoL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/gPmiS9JsyCF1GKEfWY5jcgJeiuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.128.0/17
46.150.32.0/19
46.182.224.0/21
77.38.0.0/17
77.73.104.0/22
77.111.0.0/18
78.153.32.0/19
82.192.32.0/19
84.20.224.0/19
84.52.128.0/18
87.119.128.0/19
91.132.208.0/22
91.237.132.0/22
92.53.128.0/19
92.63.16.0/20
94.140.64.0/19
176.57.92.0/22
176.76.0.0/16
185.30.136.0/22
185.65.228.0/22
185.66.148.0/22
185.79.228.0/22
185.85.148.0/22
185.97.68.0/22
193.111.220.0/22
212.85.160.0/19
213.143.64.0/19
213.172.224.0/19
217.72.64.0/19
IPv6:
2a00:fc0::/32
2a00:13d8::/29
2a00:1c80::/29
2a00:b2a0::/32
2a05:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
50:3f:f2:dd:0d:8a:e6:3e:32:ca:dd:13:da:c8:e5:c1:77:69:
c7:0a:0f:a8:51:32:6f:09:7a:db:cc:38:96:91:e7:85:a6:80:
41:7a:70:ae:f7:45:b0:a3:6f:b8:89:a3:be:4a:d2:e0:5a:75:
7e:00:64:89:92:84:16:f8:7c:62:10:3c:fe:20:7c:db:a5:70:
68:34:1c:81:f9:42:81:f1:59:46:9c:23:0d:d7:a6:e5:af:a4:
5d:0a:2d:93:fc:a8:e1:a2:a2:5e:01:f6:91:30:d8:5c:c2:5b:
d0:eb:8f:7d:ba:c8:4d:d6:0e:a5:00:d5:dd:76:71:83:bb:2d:
48:44:f0:0c:c3:81:66:99:d0:ec:7d:d3:03:ce:4c:68:af:d0:
24:f9:d1:44:2d:aa:a6:85:9d:71:a9:e5:57:4a:ae:ce:01:14:
e8:be:67:57:f5:54:45:d3:5c:48:08:b4:bf:6a:af:2e:4d:d3:
dc:b6:a8:89:13:6e:79:a0:10:5d:05:9c:c6:cd:55:85:1f:8b:
6c:ed:a1:8d:a4:da:e5:e4:e8:96:e8:0f:c2:b9:9b:aa:09:4d:
a8:e6:50:26:aa:c2:ea:60:5b:c5:cf:db:6e:70:41:4c:a1:5f:
57:13:4e:a8:da:cf:8d:de:be:34:b6:f9:4c:6e:af:62:a5:7c:
04:e2:9c:a9
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYomfUt1GK27P0/nYIbH8lCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjlhMjRiZDI2Y2M4MjE3NTE4YTExZjU5OGU2MzcyMDI1
ZThhZTkwHhcNMjMwODI0MDc0MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTc3OTQ1NGNlODg0MzBmMjlkNzAxZDFkOWI1ZWU3MDI0Y2JhMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks2FGd74f2BVXcvmqB+H9yjFNFVw
JHKeYD/xU0ewnWEn71nC7GSEdtIYFVDs+iZki1PMzkqMlJd+Xne3TvT9xHvWpj6C
bi6x0K+nn29XIDEz0Pm/DcIgAGZuzW5CVJN/jqj2YySfGl/P7zYELACEQ2Jm8xli
OJ9g9UDdZX0u6mmobMQcJ0hv/RqNEURUFTUHm+htf2zgVed/HTE3c9wHRM5YMYok
ySEC63to6xtCFyxL2FdJ8mggVADlEPIVPQk/IbELNhzEz/qolv2y9gO4zTBmbPnX
doXMtQofD+5/D9D/24SF5UV0hjlS7mPm07DltDCvNTUMIloJxaJXPQm24wIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFOp3lFTOiEMPKdcB0dm17nAky6C9MB8GA1UdIwQY
MBaAFID5okvSbMghdRihH1mOY3ICXorpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODkt
OTY1NTI5ZjIwZDExLzEvNm5lVVZNNklRdzhwMXdIUjJiWHVjQ1RMb0wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODktOTY1NTI5ZjIwZDEx
LzEvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBtAQCAAEwga0DBAcf
D4ADBAUuliADBAMutuADBAdNJgADBAJNSWgDBAZNbwADBAVOmSADBAVSwCADBAVU
FOADBAZUNIADBAVXd4ADBAJbhNADBAJb7YQDBAVcNYADBARcPxADBAVejEADBAKw
OVwDAwCwTAMEArkeiAMEArlB5AMEArlClAMEArlP5AMEArlVlAMEArlhRAMEAsFv
3AMEBdRVoAMEBdWPQAMEBdWs4AMEBdlIQDApBAIAAjAjAwUAKgAPwAMFAyoAE9gD
BQMqAByAAwUAKgCyoAMFAyoFrMAwDQYJKoZIhvcNAQELBQADggEBAFA/8t0NiuY+
MsrdE9rI5cF3accKD6hRMm8JetvMOJaR54WmgEF6cK73RbCjb7iJo75K0uBadX4A
ZImShBb4fGIQPP4gfNulcGg0HIH5QoHxWUacIw3XpuWvpF0KLZP8qOGiol4B9pEw
2FzCW9Drj326yE3WDqUA1d12cYO7LUhE8AzDgWaZ0Ox90wPOTGiv0CT50UQtqqaF
nXGp5VdKrs4BFOi+Z1f1VEXTXEgItL9qry5N09y2qIkTbnmgEF0FnMbNVYUfi2zt
oY2k2uXk6JboD8K5m6oJTajmUCaqwupgW8XP225wQUyhX1cTTqjaz43evjS2+Uxu
r2KlfATinKk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:48:55 2025 by rpki-client