Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/IB7Isjw2fO0rB6rP5iLxyM8Bi0E.roa
File: IB7Isjw2fO0rB6rP5iLxyM8Bi0E.roa (raw, json)
Hash identifier: RbatyuWigCBz+qoTUdq+hyEtVwD3liCoPRbel6rUYZ4=
Subject key identifier: 20:1E:C8:B2:3C:36:7C:ED:2B:07:AA:CF:E6:22:F1:C8:CF:01:8B:41
Certificate issuer: /CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Certificate serial: 0187BD3CA6FC87B807E82F4CB687CEC75D77
Authority key identifier: 80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/IB7Isjw2fO0rB6rP5iLxyM8Bi0E.roa
Signing time: Wed 26 Apr 2023 11:04:41 +0000
ROA not before: Wed 26 Apr 2023 11:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3212
IP address blocks: 213.172.224.0/19 maxlen: 19
185.66.148.0/22 maxlen: 22
77.38.0.0/17 maxlen: 17
77.73.104.0/22 maxlen: 22
46.182.224.0/21 maxlen: 21
217.72.64.0/19 maxlen: 19
77.111.0.0/18 maxlen: 18
78.153.32.0/19 maxlen: 19
87.119.128.0/19 maxlen: 19
185.97.68.0/22 maxlen: 22
92.53.128.0/19 maxlen: 19
185.85.148.0/22 maxlen: 22
212.85.160.0/19 maxlen: 19
91.132.208.0/22 maxlen: 22
185.30.136.0/22 maxlen: 22
176.76.0.0/16 maxlen: 16
46.150.32.0/19 maxlen: 19
84.52.128.0/18 maxlen: 18
31.15.128.0/17 maxlen: 17
91.237.132.0/22 maxlen: 22
213.143.64.0/19 maxlen: 19
176.57.92.0/22 maxlen: 22
82.192.32.0/19 maxlen: 19
84.20.224.0/19 maxlen: 19
193.111.220.0/22 maxlen: 22
185.79.228.0/22 maxlen: 22
92.63.16.0/20 maxlen: 20
94.140.64.0/19 maxlen: 19
2a00:b2a0::/32 maxlen: 32
2a00:fc0::/32 maxlen: 32
2a00:13d8::/29 maxlen: 29
2a00:1c80::/29 maxlen: 29
2a05:acc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:3c:a6:fc:87:b8:07:e8:2f:4c:b6:87:ce:c7:5d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Validity
Not Before: Apr 26 11:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=201ec8b23c367ced2b07aacfe622f1c8cf018b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ca:8d:3f:d7:3f:47:c0:2e:e7:9f:b2:af:4b:
a5:66:67:76:b3:5b:f0:dc:81:71:ab:3b:b9:fb:ea:
d8:89:e4:a4:90:21:ba:0e:e5:4d:04:23:fa:e8:71:
56:39:f3:43:83:ab:d3:c1:d5:79:f7:7a:02:18:bf:
a1:4c:09:fc:ed:60:ac:a8:d9:92:4f:a2:1a:9e:a0:
3d:08:a0:57:45:a1:bf:2f:18:ba:6a:8c:8b:f9:c7:
28:be:b8:7e:f6:65:36:c3:3c:8d:0a:c5:8a:03:26:
1a:a0:aa:bd:f6:36:97:23:bd:c9:6d:74:f3:79:93:
90:0d:9a:87:0f:f4:77:ad:ca:dd:86:e3:73:f5:97:
fc:d0:aa:70:99:6b:92:7b:40:e3:42:32:c7:54:49:
9d:f8:c7:fe:63:fe:ce:60:82:25:15:f3:6f:ec:39:
5b:8a:a2:00:0d:c8:6c:4f:bd:92:1c:5f:5b:a8:e7:
b7:1a:f9:5f:41:65:ba:87:00:61:fd:88:d2:d1:b3:
0f:af:74:ba:fb:23:35:1d:05:da:7b:cb:a1:66:37:
a0:68:1c:0b:73:9d:c3:cb:23:37:94:6e:3c:86:b0:
bb:ca:bf:91:29:ef:74:02:1e:ab:ff:51:64:df:d7:
1e:ba:15:ba:cd:61:81:ef:95:3a:5b:4f:2b:34:18:
71:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1E:C8:B2:3C:36:7C:ED:2B:07:AA:CF:E6:22:F1:C8:CF:01:8B:41
X509v3 Authority Key Identifier:
keyid:80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/IB7Isjw2fO0rB6rP5iLxyM8Bi0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/gPmiS9JsyCF1GKEfWY5jcgJeiuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.128.0/17
46.150.32.0/19
46.182.224.0/21
77.38.0.0/17
77.73.104.0/22
77.111.0.0/18
78.153.32.0/19
82.192.32.0/19
84.20.224.0/19
84.52.128.0/18
87.119.128.0/19
91.132.208.0/22
91.237.132.0/22
92.53.128.0/19
92.63.16.0/20
94.140.64.0/19
176.57.92.0/22
176.76.0.0/16
185.30.136.0/22
185.66.148.0/22
185.79.228.0/22
185.85.148.0/22
185.97.68.0/22
193.111.220.0/22
212.85.160.0/19
213.143.64.0/19
213.172.224.0/19
217.72.64.0/19
IPv6:
2a00:fc0::/32
2a00:13d8::/29
2a00:1c80::/29
2a00:b2a0::/32
2a05:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:68:36:f3:9e:54:68:07:03:2f:25:f0:03:76:43:69:41:8c:
d9:cb:68:4a:52:0c:13:39:81:f3:38:da:c8:36:f7:df:6d:b2:
ac:22:99:1e:cc:73:ac:20:c9:26:fc:8e:8b:34:27:c5:e6:b2:
13:c8:8c:09:82:c6:82:80:ba:47:b7:29:b4:6e:28:3f:04:15:
35:e9:c2:97:5f:b7:57:15:de:86:dc:c1:ad:82:48:0d:30:d2:
d9:e1:ea:ee:97:1e:67:8c:58:99:3f:d8:83:5a:42:dc:fd:80:
22:b1:1b:2d:c2:27:00:49:b5:9d:d9:44:1c:7f:35:cc:1b:3c:
b5:8b:30:77:27:31:7b:c8:6c:ee:64:97:4f:11:aa:60:dd:e0:
f3:21:40:76:e4:41:dd:45:bf:06:b6:a2:8d:9e:d4:71:18:47:
66:13:73:9f:94:6a:ef:69:c1:2f:bb:17:d9:54:47:02:f6:d5:
1e:7a:fe:da:39:f7:fa:84:e2:4e:fe:19:e7:ab:37:0d:31:a6:
49:73:6b:5d:71:6a:2a:b8:7d:28:a0:0d:38:2f:4b:9e:75:6a:
56:1d:42:0e:86:a0:94:83:65:c8:2b:3b:72:92:b2:c3:1c:9a:
1c:17:60:5f:20:cf:24:23:c6:d2:45:4e:49:59:d0:84:0c:55:
bd:30:03:04
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYe9PKb8h7gH6C9MtofOx113MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjlhMjRiZDI2Y2M4MjE3NTE4YTExZjU5OGU2MzcyMDI1
ZThhZTkwHhcNMjMwNDI2MTEwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDFlYzhiMjNjMzY3Y2VkMmIwN2FhY2ZlNjIyZjFjOGNmMDE4YjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsqNP9c/R8Au55+yr0ulZmd2s1vw
3IFxqzu5++rYieSkkCG6DuVNBCP66HFWOfNDg6vTwdV593oCGL+hTAn87WCsqNmS
T6IanqA9CKBXRaG/Lxi6aoyL+ccovrh+9mU2wzyNCsWKAyYaoKq99jaXI73JbXTz
eZOQDZqHD/R3rcrdhuNz9Zf80KpwmWuSe0DjQjLHVEmd+Mf+Y/7OYIIlFfNv7Dlb
iqIADchsT72SHF9bqOe3GvlfQWW6hwBh/YjS0bMPr3S6+yM1HQXae8uhZjegaBwL
c53DyyM3lG48hrC7yr+RKe90Ah6r/1Fk39ceuhW6zWGB75U6W08rNBhxGwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFCAeyLI8NnztKweqz+Yi8cjPAYtBMB8GA1UdIwQY
MBaAFID5okvSbMghdRihH1mOY3ICXorpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODkt
OTY1NTI5ZjIwZDExLzEvSUI3SXNqdzJmTzByQjZyUDVpTHh5TThCaTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODktOTY1NTI5ZjIwZDEx
LzEvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCBrgQCAAEwgacDBAcf
D4ADBAUuliADBAMutuADBAdNJgADBAJNSWgDBAZNbwADBAVOmSADBAVSwCADBAVU
FOADBAZUNIADBAVXd4ADBAJbhNADBAJb7YQDBAVcNYADBARcPxADBAVejEADBAKw
OVwDAwCwTAMEArkeiAMEArlClAMEArlP5AMEArlVlAMEArlhRAMEAsFv3AMEBdRV
oAMEBdWPQAMEBdWs4AMEBdlIQDApBAIAAjAjAwUAKgAPwAMFAyoAE9gDBQMqAByA
AwUAKgCyoAMFAyoFrMAwDQYJKoZIhvcNAQELBQADggEBAB1oNvOeVGgHAy8l8AN2
Q2lBjNnLaEpSDBM5gfM42sg2999tsqwimR7Mc6wgySb8jos0J8XmshPIjAmCxoKA
uke3KbRuKD8EFTXpwpdft1cV3obcwa2CSA0w0tnh6u6XHmeMWJk/2INaQtz9gCKx
Gy3CJwBJtZ3ZRBx/NcwbPLWLMHcnMXvIbO5kl08RqmDd4PMhQHbkQd1Fvwa2oo2e
1HEYR2YTc5+Uau9pwS+7F9lURwL21R56/to59/qE4k7+GeerNw0xpklza11xaiq4
fSigDTgvS551alYdQg6GoJSDZcgrO3KSssMcmhwXYF8gzyQjxtJFTklZ0IQMVb0w
AwQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:18:58 2025 by rpki-client