Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/IFAyiF-wOb_H5UwqdVo_VESmODk.roa
File: IFAyiF-wOb_H5UwqdVo_VESmODk.roa (raw, json)
Hash identifier: XVNp3WPYxh1abMe/1xWmafbhOqGEUL8EHltAKCnxBQg=
Subject key identifier: 20:50:32:88:5F:B0:39:BF:C7:E5:4C:2A:75:5A:3F:54:44:A6:38:39
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 0304C8C2
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/IFAyiF-wOb_H5UwqdVo_VESmODk.roa
Signing time: Sun 29 May 2022 07:16:13 +0000
ROA not before: Sun 29 May 2022 07:16:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 199.204.215.0/24 maxlen: 24
176.65.12.0/22 maxlen: 22
194.169.123.0/24 maxlen: 24
147.189.176.0/20 maxlen: 20
94.26.112.0/20 maxlen: 20
217.66.224.0/19 maxlen: 24
82.205.0.0/17 maxlen: 21
82.205.0.0/20 maxlen: 20
217.66.233.0/24 maxlen: 24
199.250.128.0/19 maxlen: 21
217.66.237.0/24 maxlen: 24
217.66.234.0/23 maxlen: 23
86.107.16.0/22 maxlen: 22
188.209.208.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.96.0/20 maxlen: 20
82.205.104.0/21 maxlen: 21
89.239.32.0/20 maxlen: 20
82.205.16.0/20 maxlen: 20
217.66.240.0/20 maxlen: 20
37.8.0.0/17 maxlen: 20
37.8.0.0/20 maxlen: 20
37.8.16.0/20 maxlen: 20
82.205.27.0/24 maxlen: 24
85.184.240.0/22 maxlen: 22
212.33.96.0/19 maxlen: 20
37.8.32.0/20 maxlen: 20
185.171.132.0/22 maxlen: 22
37.8.48.0/20 maxlen: 20
82.102.240.0/20 maxlen: 20
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.205.120.0/21 maxlen: 21
82.102.192.0/20 maxlen: 20
82.102.192.0/18 maxlen: 24
82.102.208.0/21 maxlen: 21
82.102.218.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.220.0/22 maxlen: 22
212.106.64.0/19 maxlen: 20
217.78.48.0/21 maxlen: 21
217.78.60.0/22 maxlen: 22
217.21.2.0/24 maxlen: 24
217.21.0.0/20 maxlen: 24
85.113.96.0/19 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50645186 (0x304c8c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: May 29 07:16:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=205032885fb039bfc7e54c2a755a3f5444a63839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:34:8f:e6:75:25:31:21:2c:2a:78:fc:72:26:
79:94:8d:1c:6d:dc:4c:bd:48:ea:43:f5:54:e6:89:
53:53:e7:b8:98:da:ef:20:94:4c:53:77:39:8a:2a:
e5:8b:5b:ee:30:71:84:fc:0b:ca:c2:3b:9f:f9:7a:
de:83:c9:c6:49:69:3f:4a:55:eb:5a:7b:0a:21:1c:
71:47:64:0d:82:88:b1:23:d4:67:ca:7a:e2:34:de:
33:f5:c2:b1:3d:81:3d:1c:13:93:cc:30:eb:d9:d8:
ee:49:db:0c:11:1d:84:18:b0:8b:d6:11:b9:d7:ba:
0a:a5:ca:d0:6f:b9:c9:49:dd:3d:da:78:8e:29:87:
cd:d1:65:ff:8b:86:68:18:b0:6d:07:2e:93:6e:13:
af:46:77:68:de:5c:18:11:22:79:ae:51:8c:b4:b7:
d1:5f:04:50:d5:b8:b5:00:a6:47:70:40:41:f2:6d:
4b:af:90:8d:4c:54:c7:cd:df:b9:2b:eb:f1:0b:3a:
8a:c5:9e:47:01:b5:ac:f5:db:f8:bb:cf:6c:b5:ce:
04:97:e7:d9:05:1f:77:7a:c4:c9:51:8f:56:83:ec:
52:67:23:94:6c:9c:93:e0:ff:8e:9c:59:fc:1c:c4:
80:e7:b0:88:47:c4:7b:ca:0c:4b:95:cc:c3:54:02:
ba:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:50:32:88:5F:B0:39:BF:C7:E5:4C:2A:75:5A:3F:54:44:A6:38:39
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/IFAyiF-wOb_H5UwqdVo_VESmODk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
85.184.240.0/22
86.107.16.0/22
87.252.108.0/22
89.239.32.0/20
94.26.112.0/20
147.189.176.0/20
176.65.12.0/22
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.123.0/24
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0/19
217.78.48.0/21
217.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
89:5b:c8:ca:e8:08:e5:41:1e:07:89:0b:ec:fd:c3:3b:23:81:
4c:a8:16:c9:27:36:46:f5:4e:ee:b2:d5:c8:75:c0:d1:f0:e1:
03:ab:01:00:c3:e4:cd:20:d0:fe:05:60:85:49:1e:75:b2:5e:
c6:ae:1e:0f:0d:8c:0d:af:53:86:92:98:76:13:19:7a:b7:33:
22:11:b7:c1:30:e3:84:c2:98:38:3e:3a:f0:4b:03:6e:35:98:
65:cd:36:e8:8c:d7:2e:9e:83:52:5e:d7:13:a3:8d:4e:db:f3:
e4:a2:bb:c9:50:d0:5b:bb:91:48:3a:21:55:ce:d1:a8:05:b4:
98:d6:b6:30:dd:94:26:79:0d:99:e7:d2:76:ed:74:fa:2d:e3:
15:e6:c6:53:fc:15:9c:8f:c8:9f:8d:dd:c3:2b:fe:d0:99:d4:
e4:0d:09:1e:a0:4c:a1:d7:03:32:fc:ec:8a:67:92:be:05:00:
eb:fe:7e:74:a4:85:08:2e:4a:7d:bf:22:58:a8:43:41:05:20:
94:f9:1c:d3:74:f0:d6:12:8f:9b:7b:8c:21:24:c4:9a:82:11:
7a:2a:bc:55:ce:c6:a0:29:8a:09:d9:7d:af:ca:02:5b:4d:0c:
3c:73:42:2a:a3:c3:29:a9:bb:03:4b:fb:47:a1:a7:39:c3:a7:
df:27:2a:d9
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIEAwTIwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzNhNjMzZWYyYzA4MjUxYTU4NjAzNTYyZTU2YWE2ZWZhOTNlYzI1MB4XDTIyMDUy
OTA3MTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA1MDMyODg1ZmIw
MzliZmM3ZTU0YzJhNzU1YTNmNTQ0NGE2MzgzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU0j+Z1JTEhLCp4/HImeZSNHG3cTL1I6kP1VOaJU1PnuJja
7yCUTFN3OYoq5Ytb7jBxhPwLysI7n/l63oPJxklpP0pV61p7CiEccUdkDYKIsSPU
Z8p64jTeM/XCsT2BPRwTk8ww69nY7knbDBEdhBiwi9YRude6CqXK0G+5yUndPdp4
jimHzdFl/4uGaBiwbQcuk24Tr0Z3aN5cGBEiea5RjLS30V8EUNW4tQCmR3BAQfJt
S6+QjUxUx83fuSvr8Qs6isWeRwG1rPXb+LvPbLXOBJfn2QUfd3rEyVGPVoPsUmcj
lGyck+D/jpxZ/BzEgOewiEfEe8oMS5XMw1QCuhUCAwEAAaOCAqQwggKgMB0GA1Ud
DgQWBBQgUDKIX7A5v8flTCp1Wj9URKY4OTAfBgNVHSMEGDAWgBTsOmM+8sCCUaWG
A1YuVqpu+pPsJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdEcGpQdkxBZ2xHbGhnTldMbGFxYnZxVDdDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8x
L0lGQXlpRi13T2JfSDVVd3FkVm9fVkVTbU9Eay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8xLzdEcGpQdkxBZ2xH
bGhnTldMbGFxYnZxVDdDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uQYIKwYBBQUHAQcBAf8EgakwgaYwgaMEAgABMIGcAwQHJQgAAwQGUmbAAwQHUs0A
AwQFVXFgAwQCVbjwAwQCVmsQAwQCV/xsAwQEWe8gAwQEXhpwAwQEk72wAwQCsEEM
AwQCuSjAAwQAuVryAwQCuYqEAwQCuauEAwQCvNHQAwQCvNdkAwQAwql7AwQAx8zX
AwQFx/qAAwQF1CFgAwQF1GpAAwQE2RUAAwQF2ULgAwQD2U4wAwQC2U48MA0GCSqG
SIb3DQEBCwUAA4IBAQCJW8jK6AjlQR4HiQvs/cM7I4FMqBbJJzZG9U7ustXIdcDR
8OEDqwEAw+TNIND+BWCFSR51sl7Grh4PDYwNr1OGkph2Exl6tzMiEbfBMOOEwpg4
PjrwSwNuNZhlzTbojNcunoNSXtcTo41O2/PkorvJUNBbu5FIOiFVztGoBbSY1rYw
3ZQmeQ2Z59J27XT6LeMV5sZT/BWcj8ifjd3DK/7QmdTkDQkeoEyh1wMy/OyKZ5K+
BQDr/n50pIUILkp9vyJYqENBBSCU+RzTdPDWEo+be4whJMSaghF6KrxVzsagKYoJ
2X2vygJbTQw8c0Iqo8MpqbsDS/tHoac5w6ffJyrZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:32 2023 by rpki-client on console-fra.rpki-client.org