Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/yLTVbbG_W8Y0zBjmd2ynS8UHZDw.roa
File: yLTVbbG_W8Y0zBjmd2ynS8UHZDw.roa (raw, json)
Hash identifier: t97hm8r/Jp7CxrFsEAql2LlwnwwdA7QTQfSxMpZaJfg=
Subject key identifier: C8:B4:D5:6D:B1:BF:5B:C6:34:CC:18:E6:77:6C:A7:4B:C5:07:64:3C
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 02A0A531
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/yLTVbbG_W8Y0zBjmd2ynS8UHZDw.roa
Signing time: Tue 19 Apr 2022 11:57:27 +0000
ROA not before: Tue 19 Apr 2022 11:57:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 199.204.215.0/24 maxlen: 24
194.169.123.0/24 maxlen: 24
94.26.112.0/20 maxlen: 20
82.205.0.0/17 maxlen: 21
82.205.0.0/20 maxlen: 20
217.66.233.0/24 maxlen: 24
199.250.128.0/19 maxlen: 21
217.66.237.0/24 maxlen: 24
217.66.234.0/23 maxlen: 23
86.107.16.0/22 maxlen: 22
82.205.96.0/20 maxlen: 20
82.205.104.0/21 maxlen: 21
89.239.32.0/20 maxlen: 20
82.205.16.0/20 maxlen: 20
37.8.0.0/17 maxlen: 20
37.8.0.0/20 maxlen: 20
37.8.16.0/20 maxlen: 20
82.205.27.0/24 maxlen: 24
85.184.240.0/22 maxlen: 22
212.33.96.0/19 maxlen: 20
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
82.102.240.0/20 maxlen: 20
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.205.120.0/21 maxlen: 21
82.102.192.0/20 maxlen: 20
82.102.192.0/18 maxlen: 24
82.102.208.0/21 maxlen: 21
82.102.218.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.220.0/22 maxlen: 22
212.106.64.0/19 maxlen: 20
217.78.60.0/22 maxlen: 22
217.21.2.0/24 maxlen: 24
217.21.0.0/20 maxlen: 24
85.113.96.0/19 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44082481 (0x2a0a531)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Apr 19 11:57:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8b4d56db1bf5bc634cc18e6776ca74bc507643c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ca:14:76:28:22:12:f1:dc:dc:11:5d:3b:e2:
ba:43:bc:6d:32:8e:a1:65:0d:bc:15:3a:ad:ee:84:
93:cd:d6:b6:45:dc:93:5f:0d:ef:97:bf:e6:88:b4:
f3:c7:66:89:45:81:4f:28:6e:85:9d:af:6b:18:ac:
b1:61:3c:f8:a0:ef:13:86:da:ee:ae:2f:cf:76:df:
41:5f:87:50:03:29:e0:ed:4b:9e:f2:ca:81:19:69:
3e:09:b1:f8:ad:05:ef:c4:23:d7:b0:9f:95:09:6e:
a9:21:8e:db:11:59:dd:74:fa:a9:68:80:b8:37:ae:
c2:ac:fd:28:18:81:90:2f:ba:bf:d3:5c:cb:6f:d4:
b0:a0:03:da:78:ea:e3:23:69:8f:5e:cc:d1:87:f4:
29:8a:62:28:45:ce:58:68:0b:de:83:99:06:74:53:
cb:ba:64:f2:12:ac:de:d0:d6:14:86:c4:e6:12:3f:
f0:1c:3f:74:e3:59:33:f0:12:fc:0d:03:35:f8:d8:
f1:b0:93:7b:f9:f2:5d:5b:8a:82:30:bf:94:51:0e:
06:70:72:02:28:90:1d:8e:84:07:e2:d9:0a:2b:8d:
b1:af:d7:45:30:ae:cb:20:e9:51:32:52:93:e9:62:
ed:2a:98:68:8f:22:91:84:69:48:51:81:f0:86:30:
a6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B4:D5:6D:B1:BF:5B:C6:34:CC:18:E6:77:6C:A7:4B:C5:07:64:3C
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/yLTVbbG_W8Y0zBjmd2ynS8UHZDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
85.184.240.0/22
86.107.16.0/22
89.239.32.0/20
94.26.112.0/20
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
194.169.123.0/24
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.233.0-217.66.235.255
217.66.237.0/24
217.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
82:21:c7:37:13:7d:84:43:10:f4:66:73:c9:57:b4:f0:7e:21:
4d:9b:2f:e2:bd:24:fc:65:2f:f5:61:20:d6:d0:93:50:f9:23:
3c:2f:7c:12:2f:51:49:26:93:17:a0:08:9d:7d:b7:40:65:fd:
24:12:0e:ae:90:cb:bb:64:ca:7b:35:97:63:6d:38:f6:c1:42:
c2:96:9a:19:22:30:d8:14:8b:cb:f5:fc:22:63:47:4a:c5:37:
b4:db:50:fc:d9:98:f0:e3:56:f0:f6:6a:ec:b4:1a:10:16:da:
ee:8e:97:9b:51:93:ca:fa:bd:db:4c:01:fb:37:f8:57:48:90:
72:44:7a:4e:39:67:a3:fd:20:e6:27:31:85:20:51:cd:97:f6:
92:e5:aa:02:8b:a0:60:33:29:0e:7e:ab:d7:c6:de:02:93:ec:
d2:c3:fa:85:a8:bc:0a:64:6f:c0:7c:24:32:79:e1:fe:d3:1f:
c0:45:4b:39:c8:0e:d3:14:7f:2d:7c:7b:bd:a1:a2:35:6b:24:
03:22:15:a6:b0:ba:b6:de:ee:59:3a:75:07:11:8e:a2:90:0a:
c7:e6:72:a5:b7:47:df:10:55:8d:e2:0e:87:13:e0:2c:4f:be:
8c:e6:ca:8c:2d:8e:d5:3b:00:a7:39:19:ba:5e:4b:86:eb:d9:
b6:29:0d:fc
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIEAqClMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzNhNjMzZWYyYzA4MjUxYTU4NjAzNTYyZTU2YWE2ZWZhOTNlYzI1MB4XDTIyMDQx
OTExNTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhiNGQ1NmRiMWJm
NWJjNjM0Y2MxOGU2Nzc2Y2E3NGJjNTA3NjQzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPPKFHYoIhLx3NwRXTviukO8bTKOoWUNvBU6re6Ek83WtkXc
k18N75e/5oi088dmiUWBTyhuhZ2vaxissWE8+KDvE4ba7q4vz3bfQV+HUAMp4O1L
nvLKgRlpPgmx+K0F78Qj17CflQluqSGO2xFZ3XT6qWiAuDeuwqz9KBiBkC+6v9Nc
y2/UsKAD2njq4yNpj17M0Yf0KYpiKEXOWGgL3oOZBnRTy7pk8hKs3tDWFIbE5hI/
8Bw/dONZM/AS/A0DNfjY8bCTe/nyXVuKgjC/lFEOBnByAiiQHY6EB+LZCiuNsa/X
RTCuyyDpUTJSk+li7SqYaI8ikYRpSFGB8IYwpjECAwEAAaOCAogwggKEMB0GA1Ud
DgQWBBTItNVtsb9bxjTMGOZ3bKdLxQdkPDAfBgNVHSMEGDAWgBTsOmM+8sCCUaWG
A1YuVqpu+pPsJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdEcGpQdkxBZ2xHbGhnTldMbGFxYnZxVDdDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8x
L3lMVFZiYkdfVzhZMHpCam1kMnluUzhVSFpEdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8xLzdEcGpQdkxBZ2xH
bGhnTldMbGFxYnZxVDdDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAAwQHJQgAAwQGUmbAAwQHUs0A
AwQFVXFgAwQCVbjwAwQCVmsQAwQEWe8gAwQEXhpwAwQCuSjAAwQAuVryAwQCuYqE
AwQAwql7AwQAx8zXAwQFx/qAAwQF1CFgAwQF1GpAAwQE2RUAMAwDBADZQukDBALZ
QugDBADZQu0DBALZTjwwDQYJKoZIhvcNAQELBQADggEBAIIhxzcTfYRDEPRmc8lX
tPB+IU2bL+K9JPxlL/VhINbQk1D5IzwvfBIvUUkmkxegCJ19t0Bl/SQSDq6Qy7tk
yns1l2NtOPbBQsKWmhkiMNgUi8v1/CJjR0rFN7TbUPzZmPDjVvD2auy0GhAW2u6O
l5tRk8r6vdtMAfs3+FdIkHJEek45Z6P9IOYnMYUgUc2X9pLlqgKLoGAzKQ5+q9fG
3gKT7NLD+oWovApkb8B8JDJ54f7TH8BFSznIDtMUfy18e72hojVrJAMiFaawurbe
7lk6dQcRjqKQCsfmcqW3R98QVY3iDocT4CxPvozmyowtjtU7AKc5GbpeS4br2bYp
Dfw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:26 2023 by rpki-client on console-ams.rpki-client.org