Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/jnaT66d4PEUa8z9fCT8tyOVaF6Y.roa
File: jnaT66d4PEUa8z9fCT8tyOVaF6Y.roa (raw, json)
Hash identifier: G89qCGl8OlPIwFe3WrlQHbVo0FWAJNbk49BJMxJxekk=
Subject key identifier: 8E:76:93:EB:A7:78:3C:45:1A:F3:3F:5F:09:3F:2D:C8:E5:5A:17:A6
Certificate issuer: /CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Certificate serial: 018392FF9B5BBC3FA9B906CA4A73F5C32B7E
Authority key identifier: E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/jnaT66d4PEUa8z9fCT8tyOVaF6Y.roa
Signing time: Sat 01 Oct 2022 10:02:48 +0000
ROA not before: Sat 01 Oct 2022 10:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39501
IP address blocks: 89.33.18.0/23 maxlen: 23
89.46.94.0/23 maxlen: 23
89.39.186.0/23 maxlen: 23
89.33.128.0/23 maxlen: 23
89.40.78.0/23 maxlen: 23
89.40.90.0/23 maxlen: 23
89.40.38.0/23 maxlen: 23
89.38.242.0/23 maxlen: 23
45.140.28.0/22 maxlen: 22
89.45.126.0/23 maxlen: 23
89.46.44.0/23 maxlen: 23
89.32.196.0/23 maxlen: 23
89.46.60.0/23 maxlen: 23
185.46.0.0/22 maxlen: 22
188.159.96.0/19 maxlen: 19
188.159.128.0/19 maxlen: 19
188.159.128.0/18 maxlen: 18
188.159.64.0/19 maxlen: 19
89.44.190.0/23 maxlen: 23
89.44.202.0/23 maxlen: 23
89.38.24.0/23 maxlen: 23
89.45.68.0/23 maxlen: 23
89.45.80.0/23 maxlen: 23
188.159.224.0/19 maxlen: 19
89.38.102.0/23 maxlen: 23
188.159.192.0/19 maxlen: 19
89.165.64.0/18 maxlen: 18
89.165.80.0/21 maxlen: 21
188.158.160.0/21 maxlen: 21
188.158.160.0/20 maxlen: 20
188.158.160.0/19 maxlen: 19
89.165.105.0/24 maxlen: 24
89.37.102.0/23 maxlen: 23
89.165.16.0/21 maxlen: 21
89.43.204.0/23 maxlen: 23
89.37.30.0/23 maxlen: 23
188.158.96.0/21 maxlen: 21
188.158.96.0/20 maxlen: 20
188.158.96.0/19 maxlen: 19
89.37.42.0/23 maxlen: 23
89.165.56.0/21 maxlen: 21
188.158.128.0/18 maxlen: 18
188.158.128.0/19 maxlen: 19
89.44.112.0/23 maxlen: 23
89.44.118.0/23 maxlen: 23
188.159.0.0/18 maxlen: 18
188.159.0.0/19 maxlen: 19
188.159.0.0/16 maxlen: 16
89.37.198.0/23 maxlen: 23
89.37.218.0/23 maxlen: 23
188.159.32.0/19 maxlen: 19
188.158.192.0/19 maxlen: 19
188.158.224.0/19 maxlen: 19
89.43.70.0/23 maxlen: 23
89.43.88.0/21 maxlen: 21
89.43.36.0/23 maxlen: 23
188.158.32.0/19 maxlen: 19
188.158.32.0/20 maxlen: 20
89.36.226.0/23 maxlen: 23
188.158.64.0/19 maxlen: 19
89.36.252.0/23 maxlen: 23
89.43.182.0/23 maxlen: 23
89.165.0.0/18 maxlen: 18
89.43.188.0/23 maxlen: 23
89.165.0.0/17 maxlen: 17
89.165.8.0/21 maxlen: 21
89.43.96.0/21 maxlen: 21
188.158.0.0/19 maxlen: 19
188.158.0.0/18 maxlen: 18
89.36.194.0/23 maxlen: 23
188.158.0.0/16 maxlen: 16
188.158.0.0/15 maxlen: 15
188.158.16.0/20 maxlen: 20
89.35.156.0/23 maxlen: 23
85.204.30.0/23 maxlen: 23
89.35.176.0/23 maxlen: 23
89.35.194.0/23 maxlen: 23
89.42.32.0/23 maxlen: 23
89.42.56.0/23 maxlen: 23
89.35.132.0/23 maxlen: 23
89.42.68.0/23 maxlen: 23
89.36.16.0/23 maxlen: 23
89.42.228.0/23 maxlen: 23
94.177.72.0/21 maxlen: 21
89.42.150.0/23 maxlen: 23
85.204.76.0/23 maxlen: 23
85.204.104.0/23 maxlen: 23
89.34.200.0/23 maxlen: 23
94.176.32.0/21 maxlen: 21
89.34.176.0/23 maxlen: 23
89.41.240.0/21 maxlen: 21
89.35.58.0/23 maxlen: 23
89.33.234.0/23 maxlen: 23
89.33.240.0/23 maxlen: 23
89.34.20.0/23 maxlen: 23
89.40.110.0/23 maxlen: 23
89.40.106.0/23 maxlen: 23
89.40.128.0/23 maxlen: 23
89.33.204.0/23 maxlen: 23
89.41.16.0/21 maxlen: 21
89.34.88.0/23 maxlen: 23
89.34.94.0/23 maxlen: 23
89.41.32.0/23 maxlen: 23
89.41.58.0/23 maxlen: 23
89.41.8.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:92:ff:9b:5b:bc:3f:a9:b9:06:ca:4a:73:f5:c3:2b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Validity
Not Before: Oct 1 10:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e7693eba7783c451af33f5f093f2dc8e55a17a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:31:c0:24:37:69:2e:a4:da:ed:ee:7b:e1:f8:
65:9e:9c:68:9b:1f:78:7d:f5:83:93:1c:8e:0f:46:
02:86:53:0c:0d:58:72:a3:39:eb:85:d0:b4:9c:58:
72:32:a6:a1:c2:0b:03:10:e9:00:a9:61:e9:3f:9c:
cf:3d:ea:1e:25:ec:39:49:c2:eb:29:eb:04:a8:ef:
39:6a:61:1d:c8:17:0d:de:8b:2f:8b:b4:c2:ba:94:
d6:cc:00:45:c4:0a:eb:a8:8a:8e:84:b3:24:fb:b0:
1a:9a:b2:15:19:22:b4:a6:2a:d1:eb:ff:1e:9b:58:
da:5b:cc:0a:d6:9e:be:cd:f8:ec:14:6d:9f:c5:94:
46:35:89:2e:a5:d5:9a:ee:25:1d:74:27:a0:87:ef:
78:39:13:59:fe:a1:16:e1:df:f5:bc:c1:00:99:11:
c4:21:8c:be:d4:09:f4:2e:2a:9e:4f:00:89:7f:5f:
8d:b2:63:7f:46:7c:62:61:c2:6f:de:7d:1a:07:a9:
19:d8:be:ff:85:8f:e7:13:cd:0c:7d:e6:b0:45:e9:
73:04:e9:9f:64:07:4b:cd:7d:97:1c:66:0e:50:ed:
cc:bc:66:8d:62:2f:7f:3a:72:a4:a2:c4:f9:bc:ad:
41:78:94:b0:3e:48:26:62:48:39:87:e7:90:a9:71:
a6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:76:93:EB:A7:78:3C:45:1A:F3:3F:5F:09:3F:2D:C8:E5:5A:17:A6
X509v3 Authority Key Identifier:
keyid:E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/jnaT66d4PEUa8z9fCT8tyOVaF6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.28.0/22
85.204.30.0/23
85.204.76.0/23
85.204.104.0/23
89.32.196.0/23
89.33.18.0/23
89.33.128.0/23
89.33.204.0/23
89.33.234.0/23
89.33.240.0/23
89.34.20.0/23
89.34.88.0/23
89.34.94.0/23
89.34.176.0/23
89.34.200.0/23
89.35.58.0/23
89.35.132.0/23
89.35.156.0/23
89.35.176.0/23
89.35.194.0/23
89.36.16.0/23
89.36.194.0/23
89.36.226.0/23
89.36.252.0/23
89.37.30.0/23
89.37.42.0/23
89.37.102.0/23
89.37.198.0/23
89.37.218.0/23
89.38.24.0/23
89.38.102.0/23
89.38.242.0/23
89.39.186.0/23
89.40.38.0/23
89.40.78.0/23
89.40.90.0/23
89.40.106.0/23
89.40.110.0/23
89.40.128.0/23
89.41.8.0-89.41.23.255
89.41.32.0/23
89.41.58.0/23
89.41.240.0/21
89.42.32.0/23
89.42.56.0/23
89.42.68.0/23
89.42.150.0/23
89.42.228.0/23
89.43.36.0/23
89.43.70.0/23
89.43.88.0-89.43.103.255
89.43.182.0/23
89.43.188.0/23
89.43.204.0/23
89.44.112.0/23
89.44.118.0/23
89.44.190.0/23
89.44.202.0/23
89.45.68.0/23
89.45.80.0/23
89.45.126.0/23
89.46.44.0/23
89.46.60.0/23
89.46.94.0/23
89.165.0.0/17
94.176.32.0/21
94.177.72.0/21
185.46.0.0/22
188.158.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:c1:0a:eb:58:22:50:42:da:c9:cd:ac:0c:0d:f7:5a:94:40:
bc:d2:64:1c:a7:17:90:cd:2b:76:90:c1:b1:73:dc:b3:47:88:
aa:2b:15:6a:4b:b2:0e:41:67:fa:40:da:49:20:3e:38:9e:08:
a1:d9:eb:76:59:7c:c8:43:05:83:94:7e:36:7c:65:40:16:33:
8d:a0:df:61:66:89:a8:82:89:25:80:4a:9c:5b:9a:1f:12:71:
ba:4d:a6:f5:9e:eb:2d:e5:c6:d5:b5:8a:86:7a:5a:38:d2:fd:
30:c6:61:7a:44:f6:1b:45:0a:a6:0b:6f:ff:37:32:ab:9f:4f:
23:f8:93:79:02:67:53:91:00:f1:33:a9:7d:60:75:cf:ee:b5:
5c:3c:e5:98:3d:b3:85:75:74:80:1b:22:4d:4d:0a:3e:df:7e:
9a:cf:89:12:01:3a:42:e5:91:a9:dc:fa:3c:22:13:e2:c6:48:
23:be:f3:5c:a9:19:d4:68:26:12:d3:77:d1:78:58:38:d6:d5:
fb:c6:7b:24:fc:ff:99:3b:53:d9:5a:e8:9d:e4:b6:7d:9e:cb:
47:ae:30:0e:5e:e5:e0:12:f5:1c:a9:67:7b:92:bb:26:92:18:
d7:33:1c:01:b3:f5:97:02:9d:97:fa:bc:86:10:0f:9c:0e:92:
12:2b:cc:b5
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgISAYOS/5tbvD+puQbKSnP1wyt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVkNGU3NzgyMDljM2NhZTkzZDRiNzZkMzUwNzA0NDYy
YzNhYWIwHhcNMjIxMDAxMTAwMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc2OTNlYmE3NzgzYzQ1MWFmMzNmNWYwOTNmMmRjOGU1NWExN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDHAJDdpLqTa7e574fhlnpxomx94
ffWDkxyOD0YChlMMDVhyoznrhdC0nFhyMqahwgsDEOkAqWHpP5zPPeoeJew5ScLr
KesEqO85amEdyBcN3osvi7TCupTWzABFxArrqIqOhLMk+7AamrIVGSK0pirR6/8e
m1jaW8wK1p6+zfjsFG2fxZRGNYkupdWa7iUddCegh+94ORNZ/qEW4d/1vMEAmRHE
IYy+1An0LiqeTwCJf1+NsmN/RnxiYcJv3n0aB6kZ2L7/hY/nE80MfeawRelzBOmf
ZAdLzX2XHGYOUO3MvGaNYi9/OnKkosT5vK1BeJSwPkgmYkg5h+eQqXGm6wIDAQAB
o4IDujCCA7YwHQYDVR0OBBYEFI52k+uneDxFGvM/Xwk/LcjlWhemMB8GA1UdIwQY
MBaAFOf+1Od4IJw8rpPUt201BwRGLDqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQt
OGJiODAxNTJhYjM0LzEvam5hVDY2ZDRQRVVhOHo5ZkNUOHR5T1ZhRjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQtOGJiODAxNTJhYjM0
LzEvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzgYIKwYBBQUHAQcBAf8EggG9MIIBuTCCAbUEAgABMIIB
rQMEAi2MHAMEAVXMHgMEAVXMTAMEAVXMaAMEAVkgxAMEAVkhEgMEAVkhgAMEAVkh
zAMEAVkh6gMEAVkh8AMEAVkiFAMEAVkiWAMEAVkiXgMEAVkisAMEAVkiyAMEAVkj
OgMEAVkjhAMEAVkjnAMEAVkjsAMEAVkjwgMEAVkkEAMEAVkkwgMEAVkk4gMEAVkk
/AMEAVklHgMEAVklKgMEAVklZgMEAVklxgMEAVkl2gMEAVkmGAMEAVkmZgMEAVkm
8gMEAVknugMEAVkoJgMEAVkoTgMEAVkoWgMEAVkoagMEAVkobgMEAVkogDAMAwQD
WSkIAwQDWSkQAwQBWSkgAwQBWSk6AwQDWSnwAwQBWSogAwQBWSo4AwQBWSpEAwQB
WSqWAwQBWSrkAwQBWSskAwQBWStGMAwDBANZK1gDBANZK2ADBAFZK7YDBAFZK7wD
BAFZK8wDBAFZLHADBAFZLHYDBAFZLL4DBAFZLMoDBAFZLUQDBAFZLVADBAFZLX4D
BAFZLiwDBAFZLjwDBAFZLl4DBAdZpQADBANesCADBANesUgDBAK5LgADAwG8njAN
BgkqhkiG9w0BAQsFAAOCAQEAQcEK61giUELayc2sDA33WpRAvNJkHKcXkM0rdpDB
sXPcs0eIqisVakuyDkFn+kDaSSA+OJ4Iodnrdll8yEMFg5R+NnxlQBYzjaDfYWaJ
qIKJJYBKnFuaHxJxuk2m9Z7rLeXG1bWKhnpaONL9MMZhekT2G0UKpgtv/zcyq59P
I/iTeQJnU5EA8TOpfWB1z+61XDzlmD2zhXV0gBsiTU0KPt9+ms+JEgE6QuWRqdz6
PCIT4sZII77zXKkZ1GgmEtN30XhYONbV+8Z7JPz/mTtT2VroneS2fZ7LR64wDl7l
4BL1HKlne5K7JpIY1zMcAbP1lwKdl/q8hhAPnA6SEivMtQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:34 2023 by rpki-client on console-fra.rpki-client.org