Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/vwdXzhLM-ziLvwXX4jAbNDd60X4.roa
File: vwdXzhLM-ziLvwXX4jAbNDd60X4.roa (raw, json)
Hash identifier: fmBNXfr4lfzk887qduuAE46ydtyGRI4nCwZszfbsCDg=
Subject key identifier: BF:07:57:CE:12:CC:FB:38:8B:BF:05:D7:E2:30:1B:34:37:7A:D1:7E
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 0325BBE9
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/vwdXzhLM-ziLvwXX4jAbNDd60X4.roa
Signing time: Sun 12 Jun 2022 08:28:05 +0000
ROA not before: Sun 12 Jun 2022 08:28:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 199.204.215.0/24 maxlen: 24
94.26.112.0/20 maxlen: 20
217.66.224.0/19 maxlen: 24
82.205.0.0/17 maxlen: 21
82.205.0.0/20 maxlen: 20
217.66.233.0/24 maxlen: 24
217.66.237.0/24 maxlen: 24
217.66.234.0/23 maxlen: 23
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.96.0/20 maxlen: 20
82.205.104.0/21 maxlen: 21
89.239.32.0/20 maxlen: 20
82.205.16.0/20 maxlen: 20
217.66.240.0/20 maxlen: 20
82.205.27.0/24 maxlen: 24
85.184.240.0/22 maxlen: 22
212.33.96.0/19 maxlen: 20
185.171.132.0/22 maxlen: 22
82.102.240.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
82.102.192.0/18 maxlen: 24
82.102.208.0/21 maxlen: 21
82.102.218.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.220.0/22 maxlen: 22
212.106.64.0/19 maxlen: 20
85.113.96.0/19 maxlen: 20
176.65.12.0/22 maxlen: 22
194.169.123.0/24 maxlen: 24
194.169.122.0/24 maxlen: 24
147.189.176.0/20 maxlen: 20
194.169.121.0/24 maxlen: 24
199.250.128.0/19 maxlen: 21
188.209.208.0/22 maxlen: 22
37.8.0.0/17 maxlen: 20
37.8.0.0/20 maxlen: 20
37.8.16.0/20 maxlen: 20
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
109.232.163.0/24 maxlen: 24
109.232.162.0/24 maxlen: 24
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.205.120.0/21 maxlen: 21
217.78.48.0/21 maxlen: 21
217.78.60.0/22 maxlen: 22
217.21.2.0/24 maxlen: 24
217.21.0.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52804585 (0x325bbe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jun 12 08:28:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf0757ce12ccfb388bbf05d7e2301b34377ad17e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:63:57:10:20:37:5e:21:83:a7:23:46:72:
3d:6a:ab:c3:7d:d6:3e:52:6c:8b:f1:b0:66:14:8a:
73:4d:59:73:09:5d:1e:24:f7:90:27:4e:7e:09:59:
f5:20:67:ba:51:5c:9d:d3:53:57:d1:fb:d0:2c:7d:
36:d7:37:d5:63:2b:9a:73:50:d9:f4:f4:4b:35:18:
63:9e:fe:37:9c:45:3b:a7:65:ba:04:22:ca:b4:b2:
d4:0e:de:3a:26:ff:9a:92:72:6c:44:98:59:2f:c9:
f8:7e:79:e2:63:0a:d9:19:4f:fb:fc:25:0b:1e:b7:
fe:53:f3:8e:71:64:49:e1:cd:1a:e1:18:ed:fd:34:
7b:93:61:1c:4e:54:4d:a3:b8:9e:e5:3f:77:81:87:
f6:12:1e:48:7f:a5:65:c0:10:0d:b1:cc:f6:93:77:
78:52:86:da:3d:0b:41:1b:de:4c:bf:ad:99:28:57:
ce:88:7b:cf:0b:c1:eb:a3:70:63:3f:ba:ac:b6:86:
dc:d3:11:83:e2:05:dc:65:e9:21:17:06:5c:bc:28:
4b:ac:68:ca:09:b0:f7:0a:c5:09:9b:a4:64:c8:32:
03:96:b3:07:9d:a7:93:17:50:69:94:be:9d:6c:0e:
5a:e1:62:f5:d1:ed:41:f0:02:1d:85:ca:0f:26:6d:
46:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:07:57:CE:12:CC:FB:38:8B:BF:05:D7:E2:30:1B:34:37:7A:D1:7E
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/vwdXzhLM-ziLvwXX4jAbNDd60X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
85.184.240.0/22
86.107.16.0/22
87.252.108.0/22
89.239.32.0/20
94.26.112.0/20
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0/19
217.78.48.0/21
217.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:70:f4:76:d4:fe:bf:a5:4e:f7:be:b8:33:34:2d:6d:61:a4:
ad:4d:9b:61:69:79:ae:a6:fb:be:98:e7:c2:a0:25:ef:0e:55:
52:8b:e9:e0:3a:33:f5:8b:89:c2:25:40:2d:b5:15:cf:04:42:
4b:0e:75:a4:94:0d:73:aa:16:8b:56:af:c6:6c:2a:0a:86:fa:
a8:9a:55:a4:a3:b5:c5:cc:b9:c7:10:8b:13:39:87:f6:97:bf:
23:61:ee:95:b6:ee:28:ad:ef:2f:c4:f5:92:0b:d4:e3:87:7e:
67:c5:4f:11:f8:95:25:bd:e3:44:c9:c9:02:34:af:44:03:10:
f2:c0:9e:92:35:a2:82:17:ba:00:24:aa:6a:af:ca:6f:e9:d3:
82:cc:da:c6:c5:fe:80:53:cb:da:17:f9:6b:b2:75:57:47:00:
a1:99:9b:0a:34:9d:c4:8d:70:e6:2f:f3:7e:58:f9:71:1b:8a:
9b:e8:94:75:ef:39:19:46:a9:a0:03:c6:b8:c2:47:5a:66:ee:
cf:c8:83:a1:4a:7c:09:5c:6b:83:1f:c1:9b:19:a8:4d:14:69:
39:f1:22:fb:9e:4a:b5:e4:31:b5:64:a9:04:38:b0:a0:a0:ce:
83:66:e0:cf:50:97:8c:56:f2:0b:65:43:0b:e6:7f:1f:ec:a3:
80:d6:53:d1
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIEAyW76TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzNhNjMzZWYyYzA4MjUxYTU4NjAzNTYyZTU2YWE2ZWZhOTNlYzI1MB4XDTIyMDYx
MjA4MjgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYwNzU3Y2UxMmNj
ZmIzODhiYmYwNWQ3ZTIzMDFiMzQzNzdhZDE3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYuY1cQIDdeIYOnI0ZyPWqrw33WPlJsi/GwZhSKc01Zcwld
HiT3kCdOfglZ9SBnulFcndNTV9H70Cx9Ntc31WMrmnNQ2fT0SzUYY57+N5xFO6dl
ugQiyrSy1A7eOib/mpJybESYWS/J+H554mMK2RlP+/wlCx63/lPzjnFkSeHNGuEY
7f00e5NhHE5UTaO4nuU/d4GH9hIeSH+lZcAQDbHM9pN3eFKG2j0LQRveTL+tmShX
zoh7zwvB66NwYz+6rLaG3NMRg+IF3GXpIRcGXLwoS6xoygmw9wrFCZukZMgyA5az
B52nkxdQaZS+nWwOWuFi9dHtQfACHYXKDyZtRrcCAwEAAaOCArIwggKuMB0GA1Ud
DgQWBBS/B1fOEsz7OIu/BdfiMBs0N3rRfjAfBgNVHSMEGDAWgBTsOmM+8sCCUaWG
A1YuVqpu+pPsJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdEcGpQdkxBZ2xHbGhnTldMbGFxYnZxVDdDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8x
L3Z3ZFh6aExNLXppTHZ3WFg0akFiTkRkNjBYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8xLzdEcGpQdkxBZ2xH
bGhnTldMbGFxYnZxVDdDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xwYIKwYBBQUHAQcBAf8EgbcwgbQwgbEEAgABMIGqAwQHJQgAAwQGUmbAAwQHUs0A
AwQFVXFgAwQCVbjwAwQCVmsQAwQCV/xsAwQEWe8gAwQEXhpwAwQBbeiiAwQEk72w
AwQCsEEMAwQCuSjAAwQAuVryAwQCuYqEAwQCuauEAwQCvNHQAwQCvNdkMAwDBADC
qXkDBALCqXgDBADHzNcDBAXH+oADBAXUIWADBAXUakADBATZFQADBAXZQuADBAPZ
TjADBALZTjwwDQYJKoZIhvcNAQELBQADggEBABtw9HbU/r+lTve+uDM0LW1hpK1N
m2Fpea6m+76Y58KgJe8OVVKL6eA6M/WLicIlQC21Fc8EQksOdaSUDXOqFotWr8Zs
KgqG+qiaVaSjtcXMuccQixM5h/aXvyNh7pW27iit7y/E9ZIL1OOHfmfFTxH4lSW9
40TJyQI0r0QDEPLAnpI1ooIXugAkqmqvym/p04LM2sbF/oBTy9oX+WuydVdHAKGZ
mwo0ncSNcOYv835Y+XEbipvolHXvORlGqaADxrjCR1pm7s/Ig6FKfAlca4MfwZsZ
qE0UaTnxIvueSrXkMbVkqQQ4sKCgzoNm4M9Ql4xW8gtlQwvmfx/so4DWU9E=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:32 2023 by rpki-client on console-fra.rpki-client.org