Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/TkUQVr6ITqwihf7TZsCnYGxTFUE.roa
File: TkUQVr6ITqwihf7TZsCnYGxTFUE.roa (raw, json)
Hash identifier: kGncH7pobCCAtTKcc9QLTzSLjRaQbIJgFbAh9zUJfYU=
Subject key identifier: 4E:45:10:56:BE:88:4E:AC:22:85:FE:D3:66:C0:A7:60:6C:53:15:41
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 095345AF
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/TkUQVr6ITqwihf7TZsCnYGxTFUE.roa
Signing time: Sat 01 Jan 2022 07:57:36 +0000
ROA not before: Sat 01 Jan 2022 07:57:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1136
IP address blocks: 84.80.0.0/13 maxlen: 13
82.169.128.0/19 maxlen: 19
80.60.0.0/15 maxlen: 15
82.171.64.0/18 maxlen: 18
82.169.160.0/19 maxlen: 19
77.173.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
82.171.0.0/18 maxlen: 18
82.169.96.0/19 maxlen: 19
85.113.224.0/19 maxlen: 19
77.175.0.0/17 maxlen: 17
77.175.0.0/16 maxlen: 16
82.170.0.0/16 maxlen: 16
195.240.192.0/18 maxlen: 18
213.10.0.0/16 maxlen: 16
82.168.0.0/17 maxlen: 17
86.80.0.0/12 maxlen: 12
195.240.128.0/18 maxlen: 18
82.169.192.0/18 maxlen: 18
62.131.0.0/16 maxlen: 16
82.168.0.0/14 maxlen: 14
77.168.0.0/14 maxlen: 14
82.171.128.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.172.0.0/16 maxlen: 16
81.204.0.0/14 maxlen: 14
82.168.192.0/19 maxlen: 19
82.136.192.0/18 maxlen: 18
77.175.128.0/17 maxlen: 17
37.251.0.0/17 maxlen: 17
82.168.128.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
88.159.0.0/16 maxlen: 16
82.169.64.0/19 maxlen: 19
82.168.224.0/19 maxlen: 19
188.142.0.0/17 maxlen: 17
77.174.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
82.169.0.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
2a02:a400::/25 maxlen: 25
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156452271 (0x95345af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 07:57:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e451056be884eac2285fed366c0a7606c531541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:49:fa:e1:db:f4:56:7d:0d:d2:60:b4:85:fb:
dd:d1:a8:1a:4c:87:23:71:ec:ba:38:c5:ad:45:52:
49:a5:19:fb:86:3f:85:1f:61:ce:34:8d:7d:9a:0e:
96:61:2a:20:12:f0:ad:38:d9:9d:a8:97:7e:30:62:
e5:84:fa:02:b5:67:e1:be:df:43:21:d6:81:39:27:
ca:8f:c6:58:0b:23:6e:d2:4e:64:d2:5a:c3:e3:6f:
2f:11:c4:89:f9:07:96:0e:13:63:bb:83:14:b6:0e:
2b:c8:26:63:4c:ae:99:d3:2f:90:e7:19:ac:a6:c8:
28:f7:c8:9a:ab:fd:ef:a3:dd:ba:df:3f:33:33:45:
68:d1:cc:76:d5:3c:1d:3d:50:bc:b5:53:53:61:0c:
85:7c:7d:b9:cb:79:5d:31:2e:6e:ae:bc:25:3c:fb:
cd:ba:5f:9d:3d:b1:71:87:45:a2:56:db:59:cd:b2:
30:9c:c3:c7:86:50:ee:aa:46:79:d0:3a:59:87:81:
bc:2f:81:ad:19:20:44:72:47:c7:52:e2:29:74:db:
ed:29:b5:df:de:4b:38:bc:19:95:37:e4:52:77:70:
9f:e1:43:f0:ef:34:94:17:d0:96:0e:82:6f:de:3e:
c7:df:21:59:a5:cf:06:3f:f4:1b:30:f4:8b:08:1a:
d1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:45:10:56:BE:88:4E:AC:22:85:FE:D3:66:C0:A7:60:6C:53:15:41
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/TkUQVr6ITqwihf7TZsCnYGxTFUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
62.131.0.0/16
77.160.0.0/12
80.60.0.0/15
81.204.0.0/14
82.136.192.0/18
82.168.0.0/14
84.80.0.0/13
85.113.224.0/19
86.80.0.0/12
88.159.0.0/16
188.142.0.0/17
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
213.10.0.0/16
IPv6:
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
8b:1b:13:e6:00:08:f5:b1:03:44:ef:73:91:43:f6:30:a7:5e:
8f:8c:77:8b:0b:d3:65:db:68:03:ce:42:bf:9a:09:35:a7:64:
28:39:7e:40:f1:43:f8:a7:7d:dc:5b:c1:65:39:c6:87:88:fc:
85:ee:60:ee:8e:ae:f3:8f:73:c0:9c:93:26:71:21:ef:05:4c:
7a:0b:bb:4c:ca:73:23:73:db:22:84:22:0b:4f:b1:fb:01:30:
17:3e:00:b9:be:d0:05:34:53:b2:7d:c0:c2:c9:ba:f6:26:44:
06:66:f0:d3:be:b9:46:77:9f:4d:9e:c1:51:cc:3f:42:2f:fc:
36:22:00:fe:92:d3:13:6d:c5:73:d3:e8:22:40:aa:8f:54:07:
d2:fb:fb:20:6a:67:49:bd:00:dc:f5:83:07:86:e5:ba:c2:83:
52:38:5e:c9:1e:60:bb:d0:ab:e9:a6:23:70:13:08:57:18:42:
09:dc:ec:dd:cf:5f:df:67:72:c7:1b:95:18:ee:ad:a5:e7:81:
ac:aa:5b:4f:c9:bc:76:51:9c:cb:d2:0d:92:88:03:50:c3:05:
77:b6:9e:4c:28:4f:89:82:d5:ca:3c:7b:b3:76:14:88:5e:37:
93:fb:fa:1c:38:b0:88:4f:70:b5:b4:23:d3:60:c2:9a:1a:73:
c3:fb:c8:49
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIECVNFrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWVlZDQwOTEzODNkOWVkNDA1NmQ5ZjRlZmY3ZDI2MjJkZGNlMjA1MB4XDTIyMDEw
MTA3NTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU0NTEwNTZiZTg4
NGVhYzIyODVmZWQzNjZjMGE3NjA2YzUzMTU0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRJ+uHb9FZ9DdJgtIX73dGoGkyHI3HsujjFrUVSSaUZ+4Y/
hR9hzjSNfZoOlmEqIBLwrTjZnaiXfjBi5YT6ArVn4b7fQyHWgTknyo/GWAsjbtJO
ZNJaw+NvLxHEifkHlg4TY7uDFLYOK8gmY0yumdMvkOcZrKbIKPfImqv976Pdut8/
MzNFaNHMdtU8HT1QvLVTU2EMhXx9uct5XTEubq68JTz7zbpfnT2xcYdFolbbWc2y
MJzDx4ZQ7qpGedA6WYeBvC+BrRkgRHJHx1LiKXTb7Sm1395LOLwZlTfkUndwn+FD
8O80lBfQlg6Cb94+x98hWaXPBj/0GzD0iwga0ScCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBRORRBWvohOrCKF/tNmwKdgbFMVQTAfBgNVHSMEGDAWgBSB7tQJE4PZ7UBW
2fTv99JiLdziBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8x
L1RrVVFWcjZJVHF3aWhmN1Rac0NuWUd4VEZVRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
NGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8xL2dlN1VDUk9EMmUx
QVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wXAQCAAEwVgMEByX7AAMDAD6DAwMETaADAwFQPAMD
AlHMAwQGUojAAwMCUqgDAwNUUAMEBVVx4AMDBFZQAwMAWJ8DBAe8jgADAwHD8AME
BtR7gAMEBtS2gAMDANUKMA0EAgACMAcDBQcqAqQAMA0GCSqGSIb3DQEBCwUAA4IB
AQCLGxPmAAj1sQNE73ORQ/Ywp16PjHeLC9Nl22gDzkK/mgk1p2QoOX5A8UP4p33c
W8FlOcaHiPyF7mDujq7zj3PAnJMmcSHvBUx6C7tMynMjc9sihCILT7H7ATAXPgC5
vtAFNFOyfcDCybr2JkQGZvDTvrlGd59NnsFRzD9CL/w2IgD+ktMTbcVz0+giQKqP
VAfS+/sgamdJvQDc9YMHhuW6woNSOF7JHmC70KvppiNwEwhXGEIJ3Ozdz1/fZ3LH
G5UY7q2l54GsqltPybx2UZzL0g2SiANQwwV3tp5MKE+JgtXKPHuzdhSIXjeT+/oc
OLCIT3C1tCPTYMKaGnPD+8hJ
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:15:16 2025 by rpki-client