Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/bavzKPV1zGJBZgw0Az2_OYYG_bY.roa
File: bavzKPV1zGJBZgw0Az2_OYYG_bY.roa (raw, json)
Hash identifier: 4WPku51nX2IaGLihySxWnmM4TMvYRohgRuuCLdTHxvA=
Subject key identifier: 6D:AB:F3:28:F5:75:CC:62:41:66:0C:34:03:3D:BF:39:86:06:FD:B6
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0398B539
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/bavzKPV1zGJBZgw0Az2_OYYG_bY.roa
Signing time: Fri 08 Apr 2022 09:59:34 +0000
ROA not before: Fri 08 Apr 2022 09:59:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 193.124.20.0/23 maxlen: 24
85.204.160.0/22 maxlen: 24
93.113.184.0/21 maxlen: 24
89.39.172.0/23 maxlen: 24
89.36.231.0/24 maxlen: 24
89.36.236.0/22 maxlen: 24
86.107.108.0/23 maxlen: 24
89.40.43.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
188.211.250.0/23 maxlen: 24
188.211.252.0/22 maxlen: 24
94.177.27.0/24 maxlen: 24
5.35.192.0/21 maxlen: 24
212.237.224.0/22 maxlen: 24
94.190.248.0/22 maxlen: 24
89.42.215.0/24 maxlen: 24
195.133.202.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
89.36.32.0/22 maxlen: 24
85.204.148.0/22 maxlen: 24
94.177.65.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
93.115.155.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
62.112.0.0/21 maxlen: 24
89.37.228.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
89.37.236.0/22 maxlen: 24
93.115.111.0/24 maxlen: 24
62.112.12.0/23 maxlen: 24
89.34.171.0/24 maxlen: 24
86.105.104.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
188.240.40.0/23 maxlen: 24
89.44.210.0/24 maxlen: 24
84.234.16.0/20 maxlen: 24
46.102.174.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
89.40.166.0/24 maxlen: 24
89.40.176.0/22 maxlen: 24
185.172.20.0/22 maxlen: 24
194.135.26.0/23 maxlen: 24
89.37.106.0/24 maxlen: 24
185.64.100.0/22 maxlen: 24
86.104.209.0/24 maxlen: 24
91.232.136.0/22 maxlen: 24
77.81.1.0/24 maxlen: 24
188.212.104.0/22 maxlen: 24
77.81.124.0/22 maxlen: 24
89.37.188.0/22 maxlen: 24
213.159.10.0/23 maxlen: 24
213.159.12.0/23 maxlen: 24
64.239.236.0/22 maxlen: 24
194.135.132.0/23 maxlen: 24
89.34.124.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
77.81.160.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
185.77.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60339513 (0x398b539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 8 09:59:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dabf328f575cc6241660c34033dbf398606fdb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b9:44:83:33:38:a6:fd:8e:a2:99:92:ef:c4:
62:57:64:c8:cf:0c:8e:06:9d:29:44:33:a4:f0:07:
3b:84:55:40:2c:e7:4e:c0:76:39:1f:dd:44:cd:dd:
b7:b0:22:29:de:69:97:59:2a:c3:87:60:c5:1c:1c:
c8:5e:3e:ff:f7:18:43:24:86:78:e7:cc:76:3a:f6:
c4:f3:4b:f6:09:50:b3:ec:55:ab:c0:85:e8:00:66:
4d:27:a4:57:3e:b8:99:25:57:78:d6:70:fd:02:05:
1a:13:5e:bf:31:a2:37:d4:c3:b8:ea:ce:ec:a9:a1:
e4:4d:08:5d:73:ab:28:ae:2a:51:98:09:d8:87:f6:
7b:47:1b:e2:e6:a5:78:b3:66:d1:90:b9:69:16:6c:
f3:6b:c0:26:d1:6c:a8:9e:ca:20:53:63:83:4b:09:
83:61:f5:b0:1b:4e:8a:2a:88:72:0d:0c:b8:61:92:
80:47:d8:c9:2c:8e:e8:9f:0e:db:ee:f8:6f:1d:e7:
d3:49:ed:ec:aa:29:d5:c1:c6:26:eb:8b:df:1c:23:
c2:6b:2b:7e:5a:58:fa:7b:91:0d:86:7a:95:b3:59:
73:d9:28:e8:3d:77:62:68:41:3b:32:c2:fe:8a:fa:
81:1e:4a:b8:07:13:ce:86:88:45:5d:23:01:c7:e4:
85:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AB:F3:28:F5:75:CC:62:41:66:0C:34:03:3D:BF:39:86:06:FD:B6
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/bavzKPV1zGJBZgw0Az2_OYYG_bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
46.102.174.0/24
62.112.0.0/21
62.112.12.0/23
64.239.236.0/22
77.81.1.0/24
77.81.124.0/22
77.81.160.0/22
84.234.16.0/20
84.247.20.0/24
84.247.59.0/24
85.204.148.0/22
85.204.160.0/22
86.104.209.0/24
86.105.104.0/22
86.107.108.0/23
89.34.124.0/23
89.34.171.0/24
89.36.32.0/22
89.36.231.0/24
89.36.236.0/22
89.37.106.0/24
89.37.188.0/22
89.37.228.0/22
89.37.236.0/22
89.39.172.0/23
89.40.43.0/24
89.40.166.0/24
89.40.176.0/22
89.42.215.0/24
89.44.210.0/24
91.232.136.0/22
93.113.184.0/21
93.115.111.0/24
93.115.155.0/24
94.177.27.0/24
94.177.65.0/24
94.177.118.0/24
94.190.248.0/22
176.223.181.0/24
185.64.100.0/22
185.77.249.0-185.77.251.255
185.172.20.0/22
188.211.249.0-188.211.255.255
188.212.104.0/22
188.240.40.0/23
193.124.20.0/23
194.58.64.0/23
194.88.96.0/21
194.88.112.0/20
194.135.26.0/23
194.135.132.0/23
195.133.202.0/23
195.133.208.0/23
212.237.224.0/22
213.159.10.0-213.159.13.255
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a2:e4:63:1f:05:bd:cf:31:df:de:fe:c4:a9:38:7d:78:66:
eb:d9:36:5d:b4:21:a1:1a:8e:9c:00:ee:17:04:2e:84:1b:52:
73:a7:fe:22:5c:e8:de:65:d3:24:2a:e7:02:db:18:3e:fd:cd:
f1:84:4e:d9:aa:02:31:3b:8f:d4:c1:a8:a1:33:c0:79:db:8c:
f3:36:9c:3a:06:2f:9b:c4:59:61:69:c4:08:46:a5:3c:91:d5:
09:35:0a:7a:05:4c:59:c9:4c:fc:ab:52:02:f5:93:97:26:f7:
60:cd:b3:31:80:8d:4e:32:c2:9e:fb:e0:f1:92:ca:21:81:35:
39:b3:69:37:0d:e3:9d:4f:3b:50:90:7e:5b:40:6d:e2:42:df:
b4:2c:e5:24:ca:36:d5:1b:6e:a5:53:53:13:c5:2f:f2:af:c0:
4c:2d:29:21:5b:25:63:3d:6e:e5:7d:94:e6:85:f6:7c:95:53:
89:5f:b0:49:bd:54:16:2b:5b:87:6a:84:91:5a:08:ff:20:bf:
4d:77:62:67:a6:00:fa:b1:6e:d7:f1:0d:80:de:ac:07:72:a0:
df:c3:ec:0e:58:76:63:5b:29:3d:de:d2:8f:0a:4c:24:97:ba:
0c:dc:6b:e3:1e:cc:93:af:78:51:54:2d:5f:ff:ed:b6:40:a9:
8f:95:65:23
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgIEA5i1OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDQw
ODA5NTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRhYmYzMjhmNTc1
Y2M2MjQxNjYwYzM0MDMzZGJmMzk4NjA2ZmRiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJq5RIMzOKb9jqKZku/EYldkyM8MjgadKUQzpPAHO4RVQCzn
TsB2OR/dRM3dt7AiKd5pl1kqw4dgxRwcyF4+//cYQySGeOfMdjr2xPNL9glQs+xV
q8CF6ABmTSekVz64mSVXeNZw/QIFGhNevzGiN9TDuOrO7Kmh5E0IXXOrKK4qUZgJ
2If2e0cb4ualeLNm0ZC5aRZs82vAJtFsqJ7KIFNjg0sJg2H1sBtOiiqIcg0MuGGS
gEfYySyO6J8O2+74bx3n00nt7Kop1cHGJuuL3xwjwmsrflpY+nuRDYZ6lbNZc9ko
6D13YmhBOzLC/or6gR5KuAcTzoaIRV0jAcfkhe8CAwEAAaOCA3owggN2MB0GA1Ud
DgQWBBRtq/Mo9XXMYkFmDDQDPb85hgb9tjAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L2JhdnpLUFYxekdKQlpndzBBejJfT1lZR19iWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AY4GCCsGAQUFBwEHAQH/BIIBfTCCAXkwggF1BAIAATCCAW0DBAMFI8ADBAAuZq4D
BAM+cAADBAE+cAwDBAJA7+wDBABNUQEDBAJNUXwDBAJNUaADBARU6hADBABU9xQD
BABU9zsDBAJVzJQDBAJVzKADBABWaNEDBAJWaWgDBAFWa2wDBAFZInwDBABZIqsD
BAJZJCADBABZJOcDBAJZJOwDBABZJWoDBAJZJbwDBAJZJeQDBAJZJewDBAFZJ6wD
BABZKCsDBABZKKYDBAJZKLADBABZKtcDBABZLNIDBAJb6IgDBANdcbgDBABdc28D
BABdc5sDBABesRsDBABesUEDBABesXYDBAJevvgDBACw37UDBAK5QGQwDAMEALlN
+QMEArlN+AMEArmsFDALAwQAvNP5AwMCvNADBAK81GgDBAG88CgDBAHBfBQDBAHC
OkADBAPCWGADBATCWHADBAHChxoDBAHCh4QDBAHDhcoDBAHDhdADBALU7eAwDAME
AdWfCgMEAdWfDAMEANkTATANBgkqhkiG9w0BAQsFAAOCAQEAIKLkYx8Fvc8x397+
xKk4fXhm69k2XbQhoRqOnADuFwQuhBtSc6f+Ilzo3mXTJCrnAtsYPv3N8YRO2aoC
MTuP1MGooTPAeduM8zacOgYvm8RZYWnECEalPJHVCTUKegVMWclM/KtSAvWTlyb3
YM2zMYCNTjLCnvvg8ZLKIYE1ObNpNw3jnU87UJB+W0Bt4kLftCzlJMo21RtupVNT
E8Uv8q/ATC0pIVslYz1u5X2U5oX2fJVTiV+wSb1UFitbh2qEkVoI/yC/TXdiZ6YA
+rFu1/ENgN6sB3Kg38PsDlh2Y1spPd7SjwpMJJe6DNxr4x7Mk694UVQtX//ttkCp
j5VlIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org