Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/FHFd8c8VY3VOZxHeJ2ZUJRMjUng.roa
File: FHFd8c8VY3VOZxHeJ2ZUJRMjUng.roa (raw, json)
Hash identifier: fZ09Cpu1S64kwESJDQG7AirCuj87AxqqEPcxKdzGQ00=
Subject key identifier: 14:71:5D:F1:CF:15:63:75:4E:67:11:DE:27:66:54:25:13:23:52:78
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018CC94CC5E023E9B81333E31A39CB8D2889
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/FHFd8c8VY3VOZxHeJ2ZUJRMjUng.roa
Signing time: Tue 02 Jan 2024 08:31:40 +0000
ROA not before: Tue 02 Jan 2024 08:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1136
IP address blocks: 84.80.0.0/13 maxlen: 13
82.169.128.0/19 maxlen: 19
80.60.0.0/15 maxlen: 15
82.171.64.0/18 maxlen: 18
82.169.160.0/19 maxlen: 19
77.173.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
195.240.0.0/16 maxlen: 16
82.171.0.0/18 maxlen: 18
82.169.96.0/19 maxlen: 19
85.113.224.0/19 maxlen: 19
77.175.0.0/17 maxlen: 17
77.175.0.0/16 maxlen: 16
82.170.0.0/16 maxlen: 16
195.240.192.0/18 maxlen: 18
213.10.0.0/16 maxlen: 16
82.168.0.0/17 maxlen: 17
86.80.0.0/12 maxlen: 12
195.240.128.0/18 maxlen: 18
82.169.192.0/18 maxlen: 18
62.131.0.0/16 maxlen: 16
82.168.0.0/14 maxlen: 14
77.168.0.0/14 maxlen: 14
82.171.128.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.172.0.0/16 maxlen: 16
81.204.0.0/14 maxlen: 14
82.168.192.0/19 maxlen: 19
82.136.192.0/18 maxlen: 18
77.175.128.0/17 maxlen: 17
37.251.0.0/17 maxlen: 17
82.168.128.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
88.159.0.0/16 maxlen: 16
82.169.64.0/19 maxlen: 19
82.168.224.0/19 maxlen: 19
188.142.0.0/17 maxlen: 17
77.174.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
82.169.0.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
2a02:a400::/25 maxlen: 25
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c5:e0:23:e9:b8:13:33:e3:1a:39:cb:8d:28:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 2 08:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14715df1cf1563754e6711de2766542513235278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:18:39:ec:eb:43:f3:e4:21:89:8e:5b:05:76:
0e:10:05:95:89:06:c3:1b:c9:ca:e1:e5:0f:f5:c3:
7f:04:06:b1:99:46:ee:c7:24:2a:21:e0:22:da:7c:
8b:66:69:28:97:7d:e6:4c:a9:4b:25:d3:99:b4:0a:
f6:67:f7:36:af:9a:5f:c8:89:76:28:51:5e:de:45:
7d:ac:12:53:8d:62:8f:84:da:c7:9f:07:60:67:ab:
3d:e5:4b:10:dd:82:0e:e1:de:22:4f:a8:b1:b6:7a:
8e:5e:3f:a6:85:8f:1d:db:a3:14:71:4e:21:50:9b:
fb:8d:07:32:04:65:6e:24:79:d4:5f:c2:da:eb:c6:
8c:b7:9e:29:bf:d6:58:9c:11:b4:b5:0c:49:ce:09:
ee:bc:83:9c:39:87:16:92:0b:3f:46:05:f8:fb:5c:
0c:5f:13:20:46:7d:5f:76:1e:eb:88:31:64:92:e6:
74:c4:77:d8:36:11:02:94:6a:2d:61:57:24:39:35:
d5:50:d4:80:77:d7:41:39:3c:be:43:dc:20:55:e7:
41:1a:7b:1f:4c:f8:54:bd:4c:80:6b:ec:6d:cc:56:
a5:26:30:d6:09:18:f2:8f:46:34:11:a6:fa:be:3d:
15:04:63:c4:f1:89:31:59:34:f6:7d:9e:2a:25:47:
2b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:71:5D:F1:CF:15:63:75:4E:67:11:DE:27:66:54:25:13:23:52:78
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/FHFd8c8VY3VOZxHeJ2ZUJRMjUng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
62.131.0.0/16
77.160.0.0/12
80.60.0.0/15
81.204.0.0/14
82.136.192.0/18
82.168.0.0/14
84.80.0.0/13
85.113.224.0/19
86.80.0.0/12
88.159.0.0/16
188.142.0.0/17
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
213.10.0.0/16
IPv6:
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
1d:62:db:e8:ef:f8:ba:f8:da:60:bf:fd:40:00:4e:f4:fb:d3:
08:99:bd:41:4e:80:9d:40:bc:a7:6f:a5:48:61:f0:0b:3b:40:
e8:ee:47:61:eb:98:33:77:d6:c2:c9:83:d6:ec:a6:02:27:7c:
10:9b:a8:e5:79:f8:9f:ba:fc:54:80:78:80:ad:62:4d:3a:dd:
74:9c:8e:59:3d:a1:91:fd:c1:f3:c0:0b:de:82:45:07:f0:f2:
79:3e:0d:b8:11:36:31:50:e8:0d:db:45:de:21:99:ed:d3:e9:
28:f3:cb:8a:57:38:bd:fe:e7:7b:ed:35:db:ab:c1:14:56:74:
7b:0d:9d:89:ae:9b:66:72:9e:66:62:20:99:ac:2d:a4:78:21:
25:1f:4c:7b:b9:18:a1:b0:9b:ce:e1:fc:ea:e3:af:3f:01:57:
62:56:04:72:3d:bb:0f:c8:97:13:0a:ca:1a:b1:1d:21:a2:1f:
50:88:66:ec:90:66:86:87:80:2b:99:9f:88:37:f8:32:e8:ed:
7a:ce:d7:10:48:1f:e6:33:6f:9a:9b:5f:58:0f:7c:fc:5b:2e:
77:70:b6:42:e3:4f:69:b5:d5:b5:8a:20:22:bc:51:6f:43:5f:
2f:4b:a3:e9:ab:05:1a:09:39:38:0c:42:f0:45:fe:b8:d5:b9:
0c:65:e6:cb
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYzJTMXgI+m4EzPjGjnLjSiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjQwMTAyMDgzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDcxNWRmMWNmMTU2Mzc1NGU2NzExZGUyNzY2NTQyNTEzMjM1Mjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRg57OtD8+QhiY5bBXYOEAWViQbD
G8nK4eUP9cN/BAaxmUbuxyQqIeAi2nyLZmkol33mTKlLJdOZtAr2Z/c2r5pfyIl2
KFFe3kV9rBJTjWKPhNrHnwdgZ6s95UsQ3YIO4d4iT6ixtnqOXj+mhY8d26MUcU4h
UJv7jQcyBGVuJHnUX8La68aMt54pv9ZYnBG0tQxJzgnuvIOcOYcWkgs/RgX4+1wM
XxMgRn1fdh7riDFkkuZ0xHfYNhEClGotYVckOTXVUNSAd9dBOTy+Q9wgVedBGnsf
TPhUvUyAa+xtzFalJjDWCRjyj0Y0Eab6vj0VBGPE8YkxWTT2fZ4qJUcrWwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFBRxXfHPFWN1TmcR3idmVCUTI1J4MB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvRkhGZDhjOFZZM1ZPWnhIZUoyWlVKUk1qVW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQHJfsAAwMA
PoMDAwRNoAMDAVA8AwMCUcwDBAZSiMADAwJSqAMDA1RQAwQFVXHgAwMEVlADAwBY
nwMEB7yOAAMDAcPwAwQG1HuAAwQG1LaAAwMA1QowDQQCAAIwBwMFByoCpAAwDQYJ
KoZIhvcNAQELBQADggEBAB1i2+jv+Lr42mC//UAATvT70wiZvUFOgJ1AvKdvpUhh
8As7QOjuR2HrmDN31sLJg9bspgInfBCbqOV5+J+6/FSAeICtYk063XScjlk9oZH9
wfPAC96CRQfw8nk+DbgRNjFQ6A3bRd4hme3T6Sjzy4pXOL3+53vtNdurwRRWdHsN
nYmum2ZynmZiIJmsLaR4ISUfTHu5GKGwm87h/Orjrz8BV2JWBHI9uw/IlxMKyhqx
HSGiH1CIZuyQZoaHgCuZn4g3+DLo7XrO1xBIH+Yzb5qbX1gPfPxbLndwtkLjT2m1
1bWKICK8UW9DXy9Lo+mrBRoJOTgMQvBF/rjVuQxl5ss=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:03:32 2025 by rpki-client