Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/nsv7zdna61aYZWyf9hz06lCoEck.roa
File: nsv7zdna61aYZWyf9hz06lCoEck.roa (raw, json)
Hash identifier: 11/2TF8J5f+R/v2qGWHmNz2slSEfTmuLZo84AJFJVYE=
Subject key identifier: 9E:CB:FB:CD:D9:DA:EB:56:98:65:6C:9F:F6:1C:F4:EA:50:A8:11:C9
Certificate issuer: /CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Certificate serial: 01854A7296DB55C4BA54B92464D414490385
Authority key identifier: 80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/nsv7zdna61aYZWyf9hz06lCoEck.roa
Signing time: Sun 25 Dec 2022 18:01:41 +0000
ROA not before: Sun 25 Dec 2022 18:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3212
IP address blocks: 213.172.224.0/19 maxlen: 19
185.66.148.0/22 maxlen: 22
77.38.0.0/17 maxlen: 17
77.73.104.0/22 maxlen: 22
46.182.224.0/21 maxlen: 21
217.72.64.0/19 maxlen: 19
77.111.0.0/18 maxlen: 18
78.153.32.0/19 maxlen: 19
87.119.128.0/19 maxlen: 19
185.97.68.0/22 maxlen: 22
92.53.128.0/19 maxlen: 19
185.85.148.0/22 maxlen: 22
212.85.160.0/19 maxlen: 19
91.132.208.0/22 maxlen: 22
185.30.136.0/22 maxlen: 22
176.76.0.0/16 maxlen: 16
46.150.32.0/19 maxlen: 19
84.52.128.0/18 maxlen: 18
31.15.128.0/17 maxlen: 17
91.237.132.0/22 maxlen: 22
213.143.64.0/19 maxlen: 19
176.57.92.0/22 maxlen: 22
82.192.32.0/19 maxlen: 19
84.20.224.0/19 maxlen: 19
185.79.228.0/22 maxlen: 22
92.63.16.0/20 maxlen: 20
94.140.64.0/19 maxlen: 19
2a00:b2a0::/32 maxlen: 32
2a00:fc0::/32 maxlen: 32
2a00:13d8::/29 maxlen: 29
2a00:1c80::/29 maxlen: 29
2a05:acc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4a:72:96:db:55:c4:ba:54:b9:24:64:d4:14:49:03:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Validity
Not Before: Dec 25 18:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ecbfbcdd9daeb5698656c9ff61cf4ea50a811c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4d:2e:36:ec:ff:64:2f:8b:dc:fe:ed:25:99:
04:5e:e7:ce:2c:85:12:94:4e:40:97:a8:92:22:b9:
9e:c8:8d:e2:86:a0:2a:cc:8f:de:ce:94:4f:82:2c:
69:92:e9:6f:e6:c9:e6:d5:51:de:4b:cc:58:8f:6a:
35:db:b9:45:36:32:fa:19:c8:66:ff:bd:30:c1:f0:
d7:e5:7d:c7:71:53:8c:f0:29:2c:2b:f5:59:ad:59:
c2:4a:95:c7:05:1a:91:bb:78:99:64:db:8f:09:4c:
fc:a0:52:50:86:85:4d:4d:6b:b6:7f:25:49:d3:0f:
da:f0:97:be:56:e6:7e:96:f6:ed:c9:6d:28:d7:80:
53:12:29:1b:95:3c:78:11:f0:be:22:0a:45:1b:e4:
8f:a2:9e:c1:73:df:13:a1:ee:59:73:b7:1f:56:24:
c5:bd:59:35:40:0c:dc:bd:d9:f0:ca:b9:72:a9:be:
a3:51:da:b9:2f:94:1b:1d:da:06:2d:80:fd:4a:82:
da:ad:29:7e:fe:df:73:8e:c5:89:75:49:52:be:86:
01:96:88:ed:7d:52:bf:aa:a3:26:73:dc:66:8e:ba:
3d:4c:35:a8:70:34:33:78:e4:39:05:dc:2f:b8:59:
98:5a:aa:93:a3:7d:43:68:a8:f1:a9:a9:b3:ad:e0:
e3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CB:FB:CD:D9:DA:EB:56:98:65:6C:9F:F6:1C:F4:EA:50:A8:11:C9
X509v3 Authority Key Identifier:
keyid:80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/nsv7zdna61aYZWyf9hz06lCoEck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/gPmiS9JsyCF1GKEfWY5jcgJeiuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.128.0/17
46.150.32.0/19
46.182.224.0/21
77.38.0.0/17
77.73.104.0/22
77.111.0.0/18
78.153.32.0/19
82.192.32.0/19
84.20.224.0/19
84.52.128.0/18
87.119.128.0/19
91.132.208.0/22
91.237.132.0/22
92.53.128.0/19
92.63.16.0/20
94.140.64.0/19
176.57.92.0/22
176.76.0.0/16
185.30.136.0/22
185.66.148.0/22
185.79.228.0/22
185.85.148.0/22
185.97.68.0/22
212.85.160.0/19
213.143.64.0/19
213.172.224.0/19
217.72.64.0/19
IPv6:
2a00:fc0::/32
2a00:13d8::/29
2a00:1c80::/29
2a00:b2a0::/32
2a05:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:aa:6f:79:d6:b7:e0:bf:5d:23:36:2f:7f:3a:4b:3b:84:08:
1f:b1:78:aa:2c:b4:04:9f:15:3e:68:b4:be:87:fe:0e:bd:1e:
1c:dc:64:06:88:54:6d:48:f6:a7:fb:24:87:b8:4c:ec:6a:eb:
89:ab:16:c7:73:9a:6e:ff:37:7a:06:4f:1a:45:41:84:01:17:
98:88:8c:3b:95:1d:f0:07:aa:98:56:7b:ce:7b:d6:2a:59:26:
12:74:30:7d:eb:be:b5:9f:9a:fb:77:72:f1:0b:71:ba:32:0f:
ac:6a:83:d8:74:6a:74:b9:fe:a8:14:6c:29:8c:b3:8a:a7:d1:
89:4c:53:dd:68:8a:30:de:35:ff:b6:c7:af:09:27:a5:d6:78:
82:fb:3c:2d:4b:36:54:be:76:ca:f1:92:76:dc:db:a4:01:b0:
cc:b9:5c:e7:64:dc:2b:84:19:2b:e3:df:84:8a:bc:41:1a:0a:
46:73:00:ac:fb:21:5f:87:c2:9f:85:74:6c:70:dd:a2:23:1d:
18:8d:65:26:e9:83:7f:3d:f3:af:0c:0b:58:71:61:40:93:f0:
ac:1a:0f:d8:ec:1e:14:3f:c8:9b:4b:df:20:03:aa:a5:67:78:
e6:07:a3:cd:a9:00:83:be:8d:76:95:68:4f:fa:2e:48:33:8e:
4a:4a:30:c3
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYVKcpbbVcS6VLkkZNQUSQOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjlhMjRiZDI2Y2M4MjE3NTE4YTExZjU5OGU2MzcyMDI1
ZThhZTkwHhcNMjIxMjI1MTgwMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWNiZmJjZGQ5ZGFlYjU2OTg2NTZjOWZmNjFjZjRlYTUwYTgxMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk00uNuz/ZC+L3P7tJZkEXufOLIUS
lE5Al6iSIrmeyI3ihqAqzI/ezpRPgixpkulv5snm1VHeS8xYj2o127lFNjL6Gchm
/70wwfDX5X3HcVOM8CksK/VZrVnCSpXHBRqRu3iZZNuPCUz8oFJQhoVNTWu2fyVJ
0w/a8Je+VuZ+lvbtyW0o14BTEikblTx4EfC+IgpFG+SPop7Bc98Toe5Zc7cfViTF
vVk1QAzcvdnwyrlyqb6jUdq5L5QbHdoGLYD9SoLarSl+/t9zjsWJdUlSvoYBlojt
fVK/qqMmc9xmjro9TDWocDQzeOQ5BdwvuFmYWqqTo31DaKjxqamzreDjzQIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFJ7L+83Z2utWmGVsn/Yc9OpQqBHJMB8GA1UdIwQY
MBaAFID5okvSbMghdRihH1mOY3ICXorpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODkt
OTY1NTI5ZjIwZDExLzEvbnN2N3pkbmE2MWFZWld5ZjloejA2bENvRWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODktOTY1NTI5ZjIwZDEx
LzEvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCBqAQCAAEwgaEDBAcf
D4ADBAUuliADBAMutuADBAdNJgADBAJNSWgDBAZNbwADBAVOmSADBAVSwCADBAVU
FOADBAZUNIADBAVXd4ADBAJbhNADBAJb7YQDBAVcNYADBARcPxADBAVejEADBAKw
OVwDAwCwTAMEArkeiAMEArlClAMEArlP5AMEArlVlAMEArlhRAMEBdRVoAMEBdWP
QAMEBdWs4AMEBdlIQDApBAIAAjAjAwUAKgAPwAMFAyoAE9gDBQMqAByAAwUAKgCy
oAMFAyoFrMAwDQYJKoZIhvcNAQELBQADggEBAH+qb3nWt+C/XSM2L386SzuECB+x
eKostASfFT5otL6H/g69HhzcZAaIVG1I9qf7JIe4TOxq64mrFsdzmm7/N3oGTxpF
QYQBF5iIjDuVHfAHqphWe8571ipZJhJ0MH3rvrWfmvt3cvELcboyD6xqg9h0anS5
/qgUbCmMs4qn0YlMU91oijDeNf+2x68JJ6XWeIL7PC1LNlS+dsrxknbc26QBsMy5
XOdk3CuEGSvj34SKvEEaCkZzAKz7IV+Hwp+FdGxw3aIjHRiNZSbpg389868MC1hx
YUCT8KwaD9jsHhQ/yJtL3yADqqVneOYHo82pAIO+jXaVaE/6LkgzjkpKMMM=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:34:13 2025 by rpki-client