Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/ZJD1FKAjfjRJxEVpiZc0IljLFGc.roa
File: ZJD1FKAjfjRJxEVpiZc0IljLFGc.roa (raw, json)
Hash identifier: vZNXlcwzZ0smBWncRHg19YUsceBGepeijBvrdFyrps0=
Subject key identifier: 64:90:F5:14:A0:23:7E:34:49:C4:45:69:89:97:34:22:58:CB:14:67
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 01843281FCC4D7CA8E5D9B9D408F24184EDE
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/ZJD1FKAjfjRJxEVpiZc0IljLFGc.roa
Signing time: Tue 01 Nov 2022 09:24:50 +0000
ROA not before: Tue 01 Nov 2022 09:24:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 199.204.215.0/24 maxlen: 24
94.26.112.0/20 maxlen: 20
217.66.224.0/19 maxlen: 24
82.205.0.0/17 maxlen: 21
82.205.0.0/20 maxlen: 20
217.66.233.0/24 maxlen: 24
217.66.237.0/24 maxlen: 24
217.66.234.0/23 maxlen: 23
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.96.0/20 maxlen: 20
82.205.104.0/21 maxlen: 21
89.239.32.0/20 maxlen: 20
82.205.16.0/20 maxlen: 20
217.66.240.0/20 maxlen: 20
82.205.27.0/24 maxlen: 24
85.184.240.0/22 maxlen: 22
212.33.96.0/19 maxlen: 20
185.171.132.0/22 maxlen: 22
82.102.240.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
82.102.192.0/18 maxlen: 24
82.102.208.0/21 maxlen: 21
82.102.218.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.220.0/22 maxlen: 22
212.106.64.0/19 maxlen: 20
85.113.96.0/19 maxlen: 20
176.65.12.0/22 maxlen: 22
194.169.123.0/24 maxlen: 24
194.169.122.0/23 maxlen: 23
194.169.122.0/24 maxlen: 24
147.189.176.0/20 maxlen: 20
194.169.121.0/24 maxlen: 24
199.250.128.0/19 maxlen: 21
217.21.14.0/23 maxlen: 23
217.21.12.0/23 maxlen: 23
188.209.208.0/22 maxlen: 22
37.8.0.0/17 maxlen: 20
37.8.0.0/20 maxlen: 20
37.8.16.0/20 maxlen: 20
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
109.232.163.0/24 maxlen: 24
109.232.162.0/24 maxlen: 24
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.205.120.0/21 maxlen: 21
217.78.48.0/21 maxlen: 21
217.78.48.0/20 maxlen: 20
217.78.60.0/22 maxlen: 22
217.21.4.0/24 maxlen: 24
217.21.3.0/24 maxlen: 24
217.21.2.0/24 maxlen: 24
217.21.0.0/20 maxlen: 20
217.21.10.0/23 maxlen: 23
217.21.8.0/23 maxlen: 23
217.21.6.0/23 maxlen: 23
217.21.5.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:81:fc:c4:d7:ca:8e:5d:9b:9d:40:8f:24:18:4e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Nov 1 09:24:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6490f514a0237e3449c445698997342258cb1467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5d:23:e2:a6:d0:01:27:3d:57:fa:4c:f4:9d:
c4:60:6e:15:f6:d0:a0:81:3d:5d:72:20:ae:bc:4a:
ea:d0:3e:8f:8f:47:f6:f7:4a:1a:6b:12:b1:42:e3:
68:ad:90:b2:63:11:4c:5a:78:01:70:3f:dd:cf:70:
79:aa:5a:a0:53:ac:69:51:c3:83:58:a7:23:2e:77:
1a:09:62:99:b3:51:b8:bc:18:2e:1f:ba:ab:b6:57:
d8:35:b7:84:f6:5b:f7:e9:d6:58:26:f1:e3:31:78:
66:a0:f0:5f:76:9d:ef:b6:03:6f:22:68:86:a7:10:
e7:17:5b:dc:81:bc:67:83:c1:54:5d:07:87:6b:be:
08:e1:86:89:69:54:29:8a:ae:b8:3d:4d:40:49:db:
22:a9:e2:ac:b1:bb:1e:33:19:20:49:d9:a2:84:1d:
0c:73:13:4a:56:b3:cd:42:8b:3f:4c:26:fc:40:53:
91:96:b6:38:db:53:df:e4:02:80:09:47:2a:59:05:
84:a7:df:26:7f:8d:b3:39:e1:80:db:3b:ad:27:1e:
87:81:8d:4e:9c:7e:7a:92:4d:1d:65:f1:a1:68:f9:
af:3b:09:ff:02:07:18:f1:7a:92:15:11:57:9f:3c:
1c:34:4c:86:39:16:eb:53:ba:6e:5d:24:b2:fb:f8:
86:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:90:F5:14:A0:23:7E:34:49:C4:45:69:89:97:34:22:58:CB:14:67
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/ZJD1FKAjfjRJxEVpiZc0IljLFGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
85.184.240.0/22
86.107.16.0/22
87.252.108.0/22
89.239.32.0/20
94.26.112.0/20
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0/19
217.78.48.0/20
Signature Algorithm: sha256WithRSAEncryption
2a:ec:ed:b5:59:02:5f:f2:6c:39:fb:06:af:ae:f4:d7:9c:3d:
75:c8:63:54:0c:06:9a:e2:00:ac:ed:3d:bf:cc:aa:0b:0f:b0:
f0:8c:11:ed:e3:56:2c:3c:15:c3:18:f2:ec:cf:d0:8d:46:df:
50:90:3f:81:51:eb:a1:bb:49:95:81:5a:3f:a5:d7:16:05:92:
38:c5:72:72:b3:b6:b6:3f:69:55:a0:e2:9c:53:ff:ce:f8:d4:
3f:76:89:8d:ce:6f:ab:ca:eb:5d:e9:f0:68:29:4c:a4:9e:0d:
6e:1b:22:05:e9:8b:cb:ed:0f:df:b4:e7:c9:8b:9b:19:ae:6a:
13:5c:e1:53:fa:65:de:c2:98:67:bf:c7:e0:1d:1d:76:f5:35:
84:28:e7:3c:54:29:b7:cd:3b:6e:02:4f:5a:cb:45:4a:19:2b:
dc:2c:2d:5f:37:12:31:8e:a7:bd:2f:64:02:05:97:84:29:05:
4c:29:17:e3:37:2c:c0:ce:e2:f0:f4:9e:e1:b9:02:e8:62:be:
71:c5:e8:fa:98:70:48:f1:13:24:fb:b2:dd:09:2e:54:9d:ab:
bf:ac:54:80:b3:97:51:b2:85:11:b2:59:a8:4d:d4:b6:a3:9a:
8b:86:8d:5a:11:95:6d:61:06:40:11:f6:8e:1f:0e:b1:61:00:
8b:9a:54:ce
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYQygfzE18qOXZudQI8kGE7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2E2MzNlZjJjMDgyNTFhNTg2MDM1NjJlNTZhYTZlZmE5
M2VjMjUwHhcNMjIxMTAxMDkyNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDkwZjUxNGEwMjM3ZTM0NDljNDQ1Njk4OTk3MzQyMjU4Y2IxNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V0j4qbQASc9V/pM9J3EYG4V9tCg
gT1dciCuvErq0D6Pj0f290oaaxKxQuNorZCyYxFMWngBcD/dz3B5qlqgU6xpUcOD
WKcjLncaCWKZs1G4vBguH7qrtlfYNbeE9lv36dZYJvHjMXhmoPBfdp3vtgNvImiG
pxDnF1vcgbxng8FUXQeHa74I4YaJaVQpiq64PU1ASdsiqeKssbseMxkgSdmihB0M
cxNKVrPNQos/TCb8QFORlrY421Pf5AKACUcqWQWEp98mf42zOeGA2zutJx6HgY1O
nH56kk0dZfGhaPmvOwn/AgcY8XqSFRFXnzwcNEyGORbrU7puXSSy+/iGZQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFGSQ9RSgI340ScRFaYmXNCJYyxRnMB8GA1UdIwQY
MBaAFOw6Yz7ywIJRpYYDVi5Wqm76k+wlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUt
ZjdjMmMyYTkxYmMyLzEvWkpEMUZLQWpmalJKeEVWcGlaYzBJbGpMRkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUtZjdjMmMyYTkxYmMy
LzEvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAcl
CAADBAZSZsADBAdSzQADBAVVcWADBAJVuPADBAJWaxADBAJX/GwDBARZ7yADBARe
GnADBAFt6KIDBASTvbADBAKwQQwDBAK5KMADBAC5WvIDBAK5ioQDBAK5q4QDBAK8
0dADBAK812QwDAMEAMKpeQMEAsKpeAMEAMfM1wMEBcf6gAMEBdQhYAMEBdRqQAME
BNkVAAMEBdlC4AMEBNlOMDANBgkqhkiG9w0BAQsFAAOCAQEAKuzttVkCX/JsOfsG
r67015w9dchjVAwGmuIArO09v8yqCw+w8IwR7eNWLDwVwxjy7M/QjUbfUJA/gVHr
obtJlYFaP6XXFgWSOMVycrO2tj9pVaDinFP/zvjUP3aJjc5vq8rrXenwaClMpJ4N
bhsiBemLy+0P37TnyYubGa5qE1zhU/pl3sKYZ7/H4B0ddvU1hCjnPFQpt807bgJP
WstFShkr3CwtXzcSMY6nvS9kAgWXhCkFTCkX4zcswM7i8PSe4bkC6GK+ccXo+phw
SPETJPuy3QkuVJ2rv6xUgLOXUbKFEbJZqE3UtqOai4aNWhGVbWEGQBH2jh8OsWEA
i5pUzg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:26 2023 by rpki-client on console-ams.rpki-client.org