Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/SYmVWZQU1Ejmp-_ypbbY-cGpK5k.roa
File: SYmVWZQU1Ejmp-_ypbbY-cGpK5k.roa (raw, json)
Hash identifier: Zt2HvWoIKmkg00hs2f87Ik6iNjL0XkEvv9Q23ldddXY=
Subject key identifier: 49:89:95:59:94:14:D4:48:E6:A7:EF:F2:A5:B6:D8:F9:C1:A9:2B:99
Certificate issuer: /CN=eb500c9002321f03964583710b7baa4597341213
Certificate serial: 018CC8DF7D8B54776FE246C92CFD2C765BC5
Authority key identifier: EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/SYmVWZQU1Ejmp-_ypbbY-cGpK5k.roa
Signing time: Tue 02 Jan 2024 06:32:19 +0000
ROA not before: Tue 02 Jan 2024 06:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.108.0/22 maxlen: 22
92.63.110.0/23 maxlen: 23
92.63.109.0/24 maxlen: 24
62.181.44.0/24 maxlen: 24
149.154.64.0/23 maxlen: 23
62.181.53.0/24 maxlen: 24
149.154.66.0/23 maxlen: 23
149.154.70.0/23 maxlen: 23
149.154.68.0/23 maxlen: 23
62.181.54.0/23 maxlen: 23
91.228.224.0/23 maxlen: 23
185.60.132.0/23 maxlen: 23
185.60.134.0/23 maxlen: 23
86.110.194.0/24 maxlen: 24
188.120.224.0/20 maxlen: 20
86.110.208.0/23 maxlen: 23
86.110.212.0/24 maxlen: 24
188.120.240.0/21 maxlen: 21
86.110.215.0/24 maxlen: 24
188.120.248.0/23 maxlen: 23
188.120.248.0/24 maxlen: 24
86.110.220.0/24 maxlen: 24
188.120.252.0/24 maxlen: 24
188.120.250.0/23 maxlen: 23
188.120.249.0/24 maxlen: 24
188.120.253.0/24 maxlen: 24
92.63.192.0/23 maxlen: 23
188.120.254.0/23 maxlen: 23
92.63.194.0/23 maxlen: 23
217.28.222.0/23 maxlen: 23
217.28.220.0/23 maxlen: 23
94.250.250.0/23 maxlen: 23
94.250.248.0/23 maxlen: 23
94.250.252.0/23 maxlen: 23
94.250.254.0/23 maxlen: 23
79.143.72.0/23 maxlen: 23
83.136.232.0/23 maxlen: 23
185.187.115.0/24 maxlen: 24
83.136.235.0/24 maxlen: 24
79.174.12.0/23 maxlen: 23
79.174.14.0/23 maxlen: 23
62.109.0.0/21 maxlen: 21
62.109.0.0/20 maxlen: 20
62.109.8.0/21 maxlen: 21
78.24.216.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.32.0/21 maxlen: 21
82.146.34.0/23 maxlen: 23
62.109.24.0/22 maxlen: 22
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
62.109.28.0/22 maxlen: 22
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
178.250.156.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
178.250.158.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
82.146.54.0/23 maxlen: 23
37.230.112.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
37.230.116.0/23 maxlen: 23
37.230.114.0/23 maxlen: 23
37.230.118.0/23 maxlen: 23
212.57.124.0/23 maxlen: 23
212.57.122.0/24 maxlen: 24
212.57.126.0/23 maxlen: 23
31.135.10.0/24 maxlen: 24
31.135.8.0/23 maxlen: 23
31.135.11.0/24 maxlen: 24
31.135.14.0/23 maxlen: 23
31.135.12.0/23 maxlen: 23
212.57.116.0/24 maxlen: 24
212.57.115.0/24 maxlen: 24
212.57.118.0/24 maxlen: 24
2a01:230:2::/48 maxlen: 48
2a01:230:1::/48 maxlen: 48
2a01:230::/48 maxlen: 48
2a09:f900::/48 maxlen: 48
2a01:230:4::/48 maxlen: 48
2a01:230:3::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:7d:8b:54:77:6f:e2:46:c9:2c:fd:2c:76:5b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb500c9002321f03964583710b7baa4597341213
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=498995599414d448e6a7eff2a5b6d8f9c1a92b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:02:4d:2a:a9:0f:73:75:ec:78:98:99:1f:f6:
18:e7:f7:69:d7:90:c8:41:af:fc:c0:65:1e:26:10:
c9:3c:4c:dd:73:51:25:73:d5:c7:d1:2c:e8:55:ca:
22:66:ca:45:19:25:ab:49:4e:ed:c3:1b:2b:94:22:
f8:2e:b7:c0:19:bc:53:a8:1e:35:ef:86:60:75:a6:
7c:8d:99:e8:12:57:c4:72:97:16:69:27:f3:5f:d5:
64:cd:08:e9:40:c6:dc:40:12:52:e4:10:05:ac:f4:
4f:9e:d7:73:0d:8f:43:41:48:1f:f5:4b:18:ee:f6:
8f:df:93:06:69:62:ec:a3:a1:8a:a1:86:b6:82:7d:
8c:47:99:39:c0:13:26:1b:77:5d:c7:58:61:f2:81:
3b:9a:2c:59:1e:00:c2:81:27:e8:31:41:2d:2a:89:
6a:61:31:b0:33:d4:16:47:4d:f1:28:69:69:50:5d:
f9:00:0e:15:ef:1e:b9:5d:c1:94:7c:71:c9:db:4d:
77:63:6f:c8:d2:c8:9c:60:db:79:4f:10:c4:84:f1:
1b:0a:fe:38:85:f5:ac:44:8e:06:20:32:df:ae:fa:
27:52:df:c1:95:4d:cb:dc:57:ad:cf:c5:06:3f:b6:
77:6f:3f:06:82:b6:72:64:09:d0:f9:d4:3c:1d:a3:
a1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:89:95:59:94:14:D4:48:E6:A7:EF:F2:A5:B6:D8:F9:C1:A9:2B:99
X509v3 Authority Key Identifier:
keyid:EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/SYmVWZQU1Ejmp-_ypbbY-cGpK5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/61AMkAIyHwOWRYNxC3uqRZc0EhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.8.0/21
37.230.112.0/21
62.109.0.0/19
62.181.44.0/24
62.181.53.0-62.181.55.255
78.24.216.0/21
79.143.72.0/23
79.174.12.0/22
82.146.32.0/19
83.136.232.0/23
83.136.235.0/24
86.110.194.0/24
86.110.208.0/23
86.110.212.0/24
86.110.215.0/24
86.110.220.0/24
91.228.224.0/23
92.63.96.0/20
92.63.192.0/22
94.250.248.0/21
149.154.64.0/21
178.250.156.0/22
185.60.132.0/22
185.187.115.0/24
188.120.224.0/19
212.57.115.0-212.57.116.255
212.57.118.0/24
212.57.122.0/24
212.57.124.0/22
217.28.220.0/22
IPv6:
2a01:230::-2a01:230:4:ffff:ffff:ffff:ffff:ffff
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
5d:e7:97:8d:a5:dc:cf:f9:8e:f8:73:40:ae:5c:15:4c:1b:46:
ce:f3:31:27:28:1f:3f:c9:ae:d9:35:a6:76:74:06:a4:2b:1e:
c1:a6:dc:c0:80:99:4f:e2:49:95:d1:b5:d4:cf:a7:26:9a:7d:
8d:0e:7b:a2:bf:1f:65:f1:5e:cc:d8:07:98:44:ed:4b:aa:2e:
44:6e:0e:23:a9:d3:18:7f:09:a6:a3:d8:4d:a0:78:18:9a:f1:
b5:44:c8:01:ac:28:6f:d7:b5:5e:da:82:05:0a:b9:83:e0:22:
75:52:5b:66:f8:a1:46:dd:67:8d:96:0e:2a:fb:64:16:74:b7:
5b:01:c6:b8:96:6b:d2:81:5f:bf:d6:d0:16:78:da:0f:be:1a:
30:d1:e3:f1:18:f7:db:58:fe:40:82:9c:08:bd:0a:c0:30:b9:
5e:0a:18:7d:55:05:7d:82:ae:9e:e6:90:88:0e:b4:c2:ce:a0:
3d:62:4c:e2:7c:87:23:f6:0c:ba:00:82:a8:0b:fa:9e:7a:af:
80:86:82:6a:00:19:1c:08:a3:a4:4f:b8:05:c5:41:1f:7f:80:
52:8d:d1:bc:2c:aa:00:7b:e1:b1:1a:f1:f1:d3:3b:44:a2:77:
6a:ae:19:5f:74:fe:a3:5e:58:02:e0:b6:2d:38:85:1e:e9:0a:
8f:f1:2d:4a
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYzI332LVHdv4kbJLP0sdlvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTAwYzkwMDIzMjFmMDM5NjQ1ODM3MTBiN2JhYTQ1OTcz
NDEyMTMwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTg5OTU1OTk0MTRkNDQ4ZTZhN2VmZjJhNWI2ZDhmOWMxYTkyYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QJNKqkPc3XseJiZH/YY5/dp15DI
Qa/8wGUeJhDJPEzdc1Elc9XH0SzoVcoiZspFGSWrSU7twxsrlCL4LrfAGbxTqB41
74ZgdaZ8jZnoElfEcpcWaSfzX9VkzQjpQMbcQBJS5BAFrPRPntdzDY9DQUgf9UsY
7vaP35MGaWLso6GKoYa2gn2MR5k5wBMmG3ddx1hh8oE7mixZHgDCgSfoMUEtKolq
YTGwM9QWR03xKGlpUF35AA4V7x65XcGUfHHJ2013Y2/I0sicYNt5TxDEhPEbCv44
hfWsRI4GIDLfrvonUt/BlU3L3Fetz8UGP7Z3bz8GgrZyZAnQ+dQ8HaOhXQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFEmJlVmUFNRI5qfv8qW22PnBqSuZMB8GA1UdIwQY
MBaAFOtQDJACMh8DlkWDcQt7qkWXNBITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYt
NGE2ODU5NjJmM2U4LzEvU1ltVldaUVUxRWptcC1feXBiYlktY0dwSzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYtNGE2ODU5NjJmM2U4
LzEvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgcsEAgABMIHEAwQD
H4cIAwQDJeZwAwQFPm0AAwQAPrUsMAwDBAA+tTUDBAM+tTADBANOGNgDBAFPj0gD
BAJPrgwDBAVSkiADBAFTiOgDBABTiOsDBABWbsIDBAFWbtADBABWbtQDBABWbtcD
BABWbtwDBAFb5OADBARcP2ADBAJcP8ADBANe+vgDBAOVmkADBAKy+pwDBAK5PIQD
BAC5u3MDBAW8eOAwDAMEANQ5cwMEANQ5dAMEANQ5dgMEANQ5egMEAtQ5fAMEAtkc
3DAhBAIAAjAbMBADBQQqAQIwAwcAKgECMAAEAwcAKgn5AAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQBd55eNpdzP+Y74c0CuXBVMG0bO8zEnKB8/ya7ZNaZ2dAakKx7BptzA
gJlP4kmV0bXUz6cmmn2NDnuivx9l8V7M2AeYRO1Lqi5Ebg4jqdMYfwmmo9hNoHgY
mvG1RMgBrChv17Ve2oIFCrmD4CJ1Ultm+KFG3WeNlg4q+2QWdLdbAca4lmvSgV+/
1tAWeNoPvhow0ePxGPfbWP5AgpwIvQrAMLleChh9VQV9gq6e5pCIDrTCzqA9Ykzi
fIcj9gy6AIKoC/qeeq+AhoJqABkcCKOkT7gFxUEff4BSjdG8LKoAe+GxGvHx0ztE
ondqrhlfdP6jXlgC4LYtOIUe6QqP8S1K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:18 2025 by rpki-client