Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/WLjXAtMYfeHDYA705cLO6dCEcIQ.roa
File: WLjXAtMYfeHDYA705cLO6dCEcIQ.roa (raw, json)
Hash identifier: /g3wpKZUG48AWiHjixD3Mjtbkij7GGaWwZJOawLVFwg=
Subject key identifier: 58:B8:D7:02:D3:18:7D:E1:C3:60:0E:F4:E5:C2:CE:E9:D0:84:70:84
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 030ED966
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/WLjXAtMYfeHDYA705cLO6dCEcIQ.roa
Signing time: Wed 01 Jun 2022 11:41:24 +0000
ROA not before: Wed 01 Jun 2022 11:41:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 199.204.215.0/24 maxlen: 24
94.26.112.0/20 maxlen: 20
217.66.224.0/19 maxlen: 24
82.205.0.0/17 maxlen: 21
82.205.0.0/20 maxlen: 20
217.66.233.0/24 maxlen: 24
217.66.237.0/24 maxlen: 24
217.66.234.0/23 maxlen: 23
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.96.0/20 maxlen: 20
82.205.104.0/21 maxlen: 21
89.239.32.0/20 maxlen: 20
82.205.16.0/20 maxlen: 20
217.66.240.0/20 maxlen: 20
82.205.27.0/24 maxlen: 24
85.184.240.0/22 maxlen: 22
212.33.96.0/19 maxlen: 20
185.171.132.0/22 maxlen: 22
82.102.240.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
82.102.192.0/18 maxlen: 24
82.102.208.0/21 maxlen: 21
82.102.218.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.220.0/22 maxlen: 22
212.106.64.0/19 maxlen: 20
85.113.96.0/19 maxlen: 20
176.65.12.0/22 maxlen: 22
194.169.123.0/24 maxlen: 24
147.189.176.0/20 maxlen: 20
194.169.121.0/24 maxlen: 24
199.250.128.0/19 maxlen: 21
188.209.208.0/22 maxlen: 22
37.8.0.0/17 maxlen: 20
37.8.0.0/20 maxlen: 20
37.8.16.0/20 maxlen: 20
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
109.232.163.0/24 maxlen: 24
109.232.162.0/24 maxlen: 24
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.205.120.0/21 maxlen: 21
217.78.48.0/21 maxlen: 21
217.78.60.0/22 maxlen: 22
217.21.2.0/24 maxlen: 24
217.21.0.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51304806 (0x30ed966)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jun 1 11:41:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58b8d702d3187de1c3600ef4e5c2cee9d0847084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:90:99:3e:8b:76:71:69:bc:4e:37:90:4b:be:
57:5f:2a:10:c8:98:e1:0c:f9:f4:ac:72:7c:5d:5c:
3e:2e:cc:55:e1:3a:cb:05:48:74:d1:59:5a:02:68:
5b:f5:ef:fa:73:65:fc:e7:fc:ad:cf:19:86:1d:5b:
10:11:ed:be:d6:54:69:30:9a:d4:83:2d:85:d1:f7:
97:63:bc:4b:ce:8f:2f:c0:4a:8a:cd:e4:c2:35:00:
21:a4:67:85:ee:05:9b:c5:22:ab:69:c3:8f:28:de:
5a:22:1f:bf:51:90:45:9b:ff:69:cb:9e:8c:3f:9a:
26:23:bf:e8:95:c4:f1:3d:92:ef:de:36:eb:74:22:
e5:4c:68:67:4e:6c:74:89:99:1d:ea:04:b9:57:ad:
63:5f:97:1b:51:ac:b4:34:45:bc:fb:3f:46:b7:4e:
e5:af:d7:41:8f:41:93:e1:72:23:a5:2c:c7:41:ad:
69:d6:53:61:32:ee:9d:76:c8:7f:5c:39:e5:bd:3e:
e1:4b:f9:7e:15:2c:2a:f5:8d:59:ee:30:bb:b5:2b:
22:dd:46:2b:4a:62:c7:7d:7f:82:63:d7:30:c1:93:
e5:39:6b:fc:a4:7e:38:6f:4a:63:14:47:93:bd:8e:
57:5c:e0:43:6a:d2:1a:11:bc:95:f7:5c:d8:01:d5:
5d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B8:D7:02:D3:18:7D:E1:C3:60:0E:F4:E5:C2:CE:E9:D0:84:70:84
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/WLjXAtMYfeHDYA705cLO6dCEcIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
85.184.240.0/22
86.107.16.0/22
87.252.108.0/22
89.239.32.0/20
94.26.112.0/20
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0/24
194.169.123.0/24
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0/19
217.78.48.0/21
217.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
34:a8:24:34:99:67:eb:cc:77:da:b7:bf:f9:80:95:62:92:10:
fb:ad:06:25:04:28:26:44:33:4b:51:05:aa:04:e5:84:49:c1:
43:a4:45:c6:cf:91:75:2d:95:0e:0f:94:3b:40:53:f5:fb:c5:
44:dd:72:b2:ce:14:70:20:b6:4e:85:9f:10:49:b8:da:ff:23:
d7:d0:ea:80:88:ab:d9:71:7c:2d:7a:c1:b5:dc:f8:11:c5:bf:
f6:f3:f2:45:d5:18:c7:e0:a6:0d:50:fd:7f:b1:3c:43:5a:75:
6f:f3:b4:25:46:25:88:15:2f:ab:34:67:92:51:7c:f6:58:6f:
9e:96:27:12:31:52:03:8f:68:3b:58:a9:d2:c7:f9:79:88:6c:
bc:0e:22:19:52:06:f2:42:05:b8:04:3b:b3:a5:02:f0:16:1b:
d0:23:0c:f1:f2:90:b7:cc:10:89:ef:e5:bf:04:f2:c3:c8:21:
a2:72:07:06:1a:8b:7b:cf:48:00:ea:9c:01:b5:da:ff:15:75:
23:b1:2f:5a:e2:70:28:11:d1:11:3d:38:f8:4f:bb:6e:58:6f:
72:58:aa:00:58:f2:d5:76:e6:20:ef:cd:fe:35:fc:cd:0d:05:
aa:07:ac:b5:ce:4d:f9:7c:2a:0b:dd:39:dc:7f:ce:5a:8a:9a:
ad:33:0b:42
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIEAw7ZZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzNhNjMzZWYyYzA4MjUxYTU4NjAzNTYyZTU2YWE2ZWZhOTNlYzI1MB4XDTIyMDYw
MTExNDEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNThiOGQ3MDJkMzE4
N2RlMWMzNjAwZWY0ZTVjMmNlZTlkMDg0NzA4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGQmT6LdnFpvE43kEu+V18qEMiY4Qz59KxyfF1cPi7MVeE6
ywVIdNFZWgJoW/Xv+nNl/Of8rc8Zhh1bEBHtvtZUaTCa1IMthdH3l2O8S86PL8BK
is3kwjUAIaRnhe4Fm8Uiq2nDjyjeWiIfv1GQRZv/acuejD+aJiO/6JXE8T2S7942
63Qi5UxoZ05sdImZHeoEuVetY1+XG1GstDRFvPs/RrdO5a/XQY9Bk+FyI6Usx0Gt
adZTYTLunXbIf1w55b0+4Uv5fhUsKvWNWe4wu7UrIt1GK0pix31/gmPXMMGT5Tlr
/KR+OG9KYxRHk72OV1zgQ2rSGhG8lfdc2AHVXQ0CAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBRYuNcC0xh94cNgDvTlws7p0IRwhDAfBgNVHSMEGDAWgBTsOmM+8sCCUaWG
A1YuVqpu+pPsJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdEcGpQdkxBZ2xHbGhnTldMbGFxYnZxVDdDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8x
L1dMalhBdE1ZZmVIRFlBNzA1Y0xPNmRDRWNJUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8xLzdEcGpQdkxBZ2xH
bGhnTldMbGFxYnZxVDdDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwga8EAgABMIGoAwQHJQgAAwQGUmbAAwQHUs0A
AwQFVXFgAwQCVbjwAwQCVmsQAwQCV/xsAwQEWe8gAwQEXhpwAwQBbeiiAwQEk72w
AwQCsEEMAwQCuSjAAwQAuVryAwQCuYqEAwQCuauEAwQCvNHQAwQCvNdkAwQAwql5
AwQAwql7AwQAx8zXAwQFx/qAAwQF1CFgAwQF1GpAAwQE2RUAAwQF2ULgAwQD2U4w
AwQC2U48MA0GCSqGSIb3DQEBCwUAA4IBAQA0qCQ0mWfrzHfat7/5gJVikhD7rQYl
BCgmRDNLUQWqBOWEScFDpEXGz5F1LZUOD5Q7QFP1+8VE3XKyzhRwILZOhZ8QSbja
/yPX0OqAiKvZcXwtesG13PgRxb/28/JF1RjH4KYNUP1/sTxDWnVv87QlRiWIFS+r
NGeSUXz2WG+elicSMVIDj2g7WKnSx/l5iGy8DiIZUgbyQgW4BDuzpQLwFhvQIwzx
8pC3zBCJ7+W/BPLDyCGicgcGGot7z0gA6pwBtdr/FXUjsS9a4nAoEdERPTj4T7tu
WG9yWKoAWPLVduYg783+NfzNDQWqB6y1zk35fCoL3Tncf85aipqtMwtC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:32 2023 by rpki-client on console-fra.rpki-client.org