Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/U8gsI50xsHJNM8O_bh0CFeDCH9Q.roa
File: U8gsI50xsHJNM8O_bh0CFeDCH9Q.roa (raw, json)
Hash identifier: QvWNKuvQCDh5Qc7DU28MRSUC1R0r01Kdm77c2qBIQdc=
Subject key identifier: 53:C8:2C:23:9D:31:B0:72:4D:33:C3:BF:6E:1D:02:15:E0:C2:1F:D4
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 0AFDEB26
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/U8gsI50xsHJNM8O_bh0CFeDCH9Q.roa
Signing time: Sat 02 Apr 2022 08:13:24 +0000
ROA not before: Sat 02 Apr 2022 08:13:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44285
IP address blocks: 45.87.4.0/22 maxlen: 22
185.18.213.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
37.32.32.0/24 maxlen: 24
37.32.32.0/21 maxlen: 21
37.32.33.0/24 maxlen: 24
37.32.32.0/22 maxlen: 22
37.32.36.0/22 maxlen: 22
37.32.37.0/24 maxlen: 24
37.32.38.0/24 maxlen: 24
37.32.36.0/24 maxlen: 24
37.32.35.0/24 maxlen: 24
37.32.34.0/24 maxlen: 24
37.32.39.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
86.57.120.0/23 maxlen: 23
86.57.122.0/23 maxlen: 23
86.57.96.0/20 maxlen: 20
86.57.112.0/23 maxlen: 23
86.57.114.0/23 maxlen: 23
86.57.116.0/22 maxlen: 22
217.172.124.0/23 maxlen: 23
217.172.120.0/24 maxlen: 24
217.172.120.0/21 maxlen: 21
217.172.127.0/24 maxlen: 24
217.172.126.0/23 maxlen: 23
85.198.48.0/20 maxlen: 20
37.75.246.0/24 maxlen: 24
37.75.245.0/24 maxlen: 24
37.75.244.0/24 maxlen: 24
37.75.244.0/22 maxlen: 22
37.75.243.0/24 maxlen: 24
37.75.247.0/24 maxlen: 24
195.110.38.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
195.110.39.0/24 maxlen: 24
185.182.248.0/22 maxlen: 22
95.82.0.0/21 maxlen: 21
95.82.0.0/20 maxlen: 20
95.82.0.0/18 maxlen: 18
95.82.8.0/21 maxlen: 21
95.82.16.0/21 maxlen: 21
95.82.16.0/20 maxlen: 20
95.82.24.0/21 maxlen: 21
91.236.168.0/23 maxlen: 23
91.236.169.0/24 maxlen: 24
91.236.168.0/24 maxlen: 24
95.82.32.0/21 maxlen: 21
95.82.40.0/21 maxlen: 21
46.28.74.0/24 maxlen: 24
95.82.48.0/21 maxlen: 21
46.28.73.0/24 maxlen: 24
46.28.72.0/24 maxlen: 24
46.28.72.0/21 maxlen: 24
95.82.56.0/21 maxlen: 21
185.121.128.0/22 maxlen: 24
185.121.128.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.129.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
84.47.226.0/24 maxlen: 24
84.47.224.0/22 maxlen: 22
84.47.225.0/24 maxlen: 24
84.47.224.0/21 maxlen: 21
84.47.224.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
84.47.231.0/24 maxlen: 24
84.47.227.0/24 maxlen: 24
84.47.230.0/24 maxlen: 24
84.47.229.0/24 maxlen: 24
84.47.228.0/24 maxlen: 24
84.47.228.0/22 maxlen: 22
88.135.39.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
2a02:828::/32 maxlen: 32
2a02:829::/32 maxlen: 32
2a02:82b::/32 maxlen: 32
2a02:82f::/32 maxlen: 32
2a02:828:1::/48 maxlen: 48
2a02:82a::/32 maxlen: 32
2a02:828::/29 maxlen: 29
2a02:828::/64 maxlen: 64
2a02:828::/48 maxlen: 48
2a02:82e::/32 maxlen: 32
2a02:82c::/32 maxlen: 32
2a02:82d::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184412966 (0xafdeb26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Apr 2 08:13:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53c82c239d31b0724d33c3bf6e1d0215e0c21fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f5:df:f7:32:78:36:49:45:5d:b7:f8:28:85:
4b:d5:8f:af:4b:73:95:b6:fb:46:76:15:7d:a7:a0:
6d:1d:e2:33:90:b5:13:0d:80:3e:a2:c7:6f:06:7b:
10:37:a9:fa:96:b2:2c:50:96:e6:39:43:07:e3:7c:
3d:40:6c:5b:d8:76:d4:8f:d5:17:a1:38:d1:f8:3a:
27:34:a7:38:bf:24:92:e9:b4:d7:2d:b2:26:dc:cc:
e6:3b:aa:6b:b0:32:c3:a3:b4:6e:37:25:d0:82:0c:
e7:33:44:6b:28:30:ec:0a:d2:5b:d6:f9:19:e6:ee:
69:b1:7c:d0:70:ea:19:a8:18:50:ce:db:77:a6:86:
9b:e4:33:fe:90:59:14:41:72:ae:05:ef:c6:39:aa:
d2:7b:07:64:5d:e9:28:74:f8:a0:f1:c1:9d:74:49:
9d:85:bf:00:4c:73:a8:97:ea:39:ea:24:84:4f:e7:
33:9f:d0:9f:48:50:f7:2f:32:22:77:ca:f3:f3:b7:
0c:02:4c:15:b3:50:49:91:5a:fe:61:97:2c:47:09:
53:aa:8a:e6:4a:5a:ae:5d:19:ee:af:13:b2:6e:98:
64:27:37:7f:f2:ca:d2:15:5a:c9:c3:90:b2:97:05:
e9:59:9c:52:47:f8:c3:f4:f9:bd:fd:b4:32:03:e2:
37:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C8:2C:23:9D:31:B0:72:4D:33:C3:BF:6E:1D:02:15:E0:C2:1F:D4
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/U8gsI50xsHJNM8O_bh0CFeDCH9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.32.0/21
37.75.243.0-37.75.247.255
45.87.4.0/22
46.28.72.0/21
84.47.224.0/21
85.198.48.0/20
86.57.96.0-86.57.123.255
88.135.37.0-88.135.39.255
91.236.168.0/23
95.82.0.0/18
185.18.212.0/22
185.51.200.0/22
185.121.128.0/22
185.128.136.0/22
185.141.132.0/22
185.182.248.0/22
188.209.152.0/23
195.110.38.0/23
217.172.120.0/21
IPv6:
2a02:828::/29
Signature Algorithm: sha256WithRSAEncryption
a7:e5:1d:72:a2:0e:ab:41:af:8c:43:a0:29:0e:9f:3b:a3:2b:
a8:7a:63:9b:10:4b:ec:f2:d3:23:e1:37:32:0a:fc:ac:6d:d0:
d9:92:c1:26:a2:e1:69:d9:e1:07:1a:83:08:46:4e:36:70:5b:
48:f1:ca:04:a7:8a:02:5c:7f:de:03:45:1b:ba:a3:c3:65:c5:
79:d1:6e:7e:d5:9b:76:d4:b0:2a:cb:96:e1:9e:82:74:8a:58:
35:2e:f1:33:06:99:58:ff:74:22:95:d3:63:10:f9:61:cd:49:
8b:37:b3:ef:d7:4b:d8:a7:00:b9:0a:85:c9:ab:c5:d3:c9:59:
64:94:51:25:2d:e0:80:65:4d:9d:67:30:4f:26:9a:2b:e5:24:
87:a7:ba:ba:4d:04:7d:ca:36:e9:96:da:05:45:2a:ff:eb:68:
0b:e1:84:a4:72:e9:2c:f4:54:b1:18:57:2f:cc:e0:1c:1f:a3:
56:46:4e:fb:e1:6c:88:61:d1:e1:14:5d:54:68:ec:75:fa:f9:
fb:d4:3f:f9:8f:0b:f4:da:a0:55:38:78:f1:52:9a:20:48:aa:
37:fd:02:71:29:37:b8:b3:50:2c:0f:3e:56:e1:8a:ba:0e:c5:
56:8d:f1:01:2b:2c:2a:98:59:27:eb:e9:00:08:a7:5f:6d:62:
9d:70:71:5b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIECv3rJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODFiN2EyMmU1MWNmYjljZjg0MjA1ZTQ0NDk5OThhZDU1ZDhmMDY1MB4XDTIyMDQw
MjA4MTMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNjODJjMjM5ZDMx
YjA3MjRkMzNjM2JmNmUxZDAyMTVlMGMyMWZkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJP13/cyeDZJRV23+CiFS9WPr0tzlbb7RnYVfaegbR3iM5C1
Ew2APqLHbwZ7EDep+payLFCW5jlDB+N8PUBsW9h21I/VF6E40fg6JzSnOL8kkum0
1y2yJtzM5juqa7Ayw6O0bjcl0IIM5zNEaygw7ArSW9b5GebuabF80HDqGagYUM7b
d6aGm+Qz/pBZFEFyrgXvxjmq0nsHZF3pKHT4oPHBnXRJnYW/AExzqJfqOeokhE/n
M5/Qn0hQ9y8yInfK8/O3DAJMFbNQSZFa/mGXLEcJU6qK5kparl0Z7q8Tsm6YZCc3
f/LK0hVaycOQspcF6VmcUkf4w/T5vf20MgPiN3MCAwEAAaOCAqEwggKdMB0GA1Ud
DgQWBBRTyCwjnTGwck0zw79uHQIV4MIf1DAfBgNVHSMEGDAWgBQIG3oi5Rz7nPhC
BeREmZitVdjwZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NCdDZJdVVjLTV6NFFnWGtSSm1ZclZYWThHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvYzUxNWM5LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8x
L1U4Z3NJNTB4c0hKTk04T19iaDBDRmVEQ0g5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
YzUxNWM5LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8xL0NCdDZJdVVjLTV6
NFFnWGtSSm1ZclZYWThHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tgYIKwYBBQUHAQcBAf8EgaYwgaMwgZEEAgABMIGKAwQDJSAgMAwDBAAlS/MDBAMl
S/ADBAItVwQDBAMuHEgDBANUL+ADBARVxjAwDAMEBVY5YAMEAlY5eDAMAwQAWIcl
AwQDWIcgAwQBW+yoAwQGX1IAAwQCuRLUAwQCuTPIAwQCuXmAAwQCuYCIAwQCuY2E
AwQCubb4AwQBvNGYAwQBw24mAwQD2ax4MA0EAgACMAcDBQMqAggoMA0GCSqGSIb3
DQEBCwUAA4IBAQCn5R1yog6rQa+MQ6ApDp87oyuoemObEEvs8tMj4TcyCvysbdDZ
ksEmouFp2eEHGoMIRk42cFtI8coEp4oCXH/eA0UbuqPDZcV50W5+1Zt21LAqy5bh
noJ0ilg1LvEzBplY/3QildNjEPlhzUmLN7Pv10vYpwC5CoXJq8XTyVlklFElLeCA
ZU2dZzBPJpor5SSHp7q6TQR9yjbpltoFRSr/62gL4YSkcuks9FSxGFcvzOAcH6NW
Rk774WyIYdHhFF1UaOx1+vn71D/5jwv02qBVOHjxUpogSKo3/QJxKTe4s1AsDz5W
4Yq6DsVWjfEBKywqmFkn6+kACKdfbWKdcHFb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:49 2023 by rpki-client on console-ams.rpki-client.org