Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/hokUC8FZNzJ3Y4aGvu_Jq9Qkn_A.roa
File: hokUC8FZNzJ3Y4aGvu_Jq9Qkn_A.roa (raw, json)
Hash identifier: 0X91Gbt5wIILth8J06lroj3OPigaZ2O6iEg67UF6hnA=
Subject key identifier: 86:89:14:0B:C1:59:37:32:77:63:86:86:BE:EF:C9:AB:D4:24:9F:F0
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 028AE5BC
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/hokUC8FZNzJ3Y4aGvu_Jq9Qkn_A.roa
Signing time: Sat 01 Jan 2022 13:02:59 +0000
ROA not before: Sat 01 Jan 2022 13:02:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 193.124.20.0/23 maxlen: 24
85.204.160.0/22 maxlen: 24
93.113.184.0/21 maxlen: 24
89.39.172.0/23 maxlen: 24
89.36.231.0/24 maxlen: 24
89.36.236.0/22 maxlen: 24
86.107.108.0/23 maxlen: 24
89.40.43.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
188.211.250.0/23 maxlen: 24
188.211.252.0/22 maxlen: 24
94.177.27.0/24 maxlen: 24
5.35.192.0/21 maxlen: 24
212.237.224.0/22 maxlen: 24
89.42.29.0/24 maxlen: 24
94.190.248.0/22 maxlen: 24
89.42.213.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
195.133.202.0/23 maxlen: 24
89.36.32.0/22 maxlen: 24
195.133.208.0/23 maxlen: 24
85.204.148.0/22 maxlen: 24
94.177.65.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
93.115.155.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
62.112.0.0/21 maxlen: 24
89.37.228.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
89.37.236.0/22 maxlen: 24
93.115.111.0/24 maxlen: 24
62.112.12.0/23 maxlen: 24
62.112.30.0/24 maxlen: 24
86.105.104.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
89.34.171.0/24 maxlen: 24
188.240.40.0/23 maxlen: 24
89.44.210.0/24 maxlen: 24
84.234.16.0/20 maxlen: 24
46.102.174.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
89.40.166.0/24 maxlen: 24
89.40.176.0/22 maxlen: 24
185.172.20.0/22 maxlen: 24
89.37.106.0/24 maxlen: 24
194.135.26.0/23 maxlen: 24
185.64.100.0/22 maxlen: 24
86.104.209.0/24 maxlen: 24
91.232.136.0/22 maxlen: 24
77.81.1.0/24 maxlen: 24
188.212.104.0/22 maxlen: 24
77.81.124.0/22 maxlen: 24
89.37.188.0/22 maxlen: 24
213.159.10.0/23 maxlen: 24
213.159.12.0/23 maxlen: 24
64.239.236.0/22 maxlen: 24
194.135.132.0/23 maxlen: 24
89.37.216.0/23 maxlen: 24
89.34.124.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
77.81.160.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
185.77.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42657212 (0x28ae5bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 13:02:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8689140bc159373277638686beefc9abd4249ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:14:e6:22:87:fb:c9:6e:a5:d5:38:08:9f:83:
fd:5d:12:7f:4b:7a:da:07:a4:65:16:0e:00:b1:5d:
30:df:3e:88:8b:7d:4b:4d:44:f9:a8:15:6d:fb:84:
b3:30:c7:88:e6:62:ba:a9:23:ee:78:c0:de:0f:fb:
fe:8a:ff:4c:f6:e9:8f:8a:6d:33:2f:58:ce:d5:f8:
38:a7:fd:57:d7:7f:9a:45:94:c6:db:d6:f6:f4:29:
f7:8a:b4:16:3d:4a:b1:39:02:29:fa:cd:46:42:f1:
05:76:f0:d0:a1:b7:12:e1:70:8e:7d:b7:9f:b0:f0:
bd:c5:eb:fd:bf:d0:bd:90:ba:0f:3e:7e:40:97:23:
96:09:e8:f2:7a:31:ef:07:c8:5e:d7:b3:6d:b0:1b:
0a:0e:a6:b4:a9:83:ee:4f:6c:07:de:b7:1b:a5:5a:
5d:c7:ad:a3:d1:2e:b0:28:ee:92:8f:f0:58:e4:49:
91:6e:f0:64:0e:d0:d4:f3:4d:14:6d:35:b3:1d:29:
55:fd:96:34:68:38:f6:df:99:33:af:32:89:cf:0b:
30:8e:af:2f:61:58:92:df:d3:13:38:cb:ee:a7:aa:
85:df:8e:03:0b:db:2c:21:f4:65:43:ca:19:0a:30:
7a:db:83:0d:41:9b:2e:74:4a:9a:54:60:5d:72:92:
60:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:89:14:0B:C1:59:37:32:77:63:86:86:BE:EF:C9:AB:D4:24:9F:F0
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/hokUC8FZNzJ3Y4aGvu_Jq9Qkn_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
46.102.174.0/24
62.112.0.0/21
62.112.12.0/23
62.112.30.0/24
64.239.236.0/22
77.81.1.0/24
77.81.124.0/22
77.81.160.0/22
84.234.16.0/20
84.247.20.0/24
84.247.59.0/24
85.204.148.0/22
85.204.160.0/22
86.104.209.0/24
86.105.104.0/22
86.107.108.0/23
89.34.124.0/23
89.34.171.0/24
89.36.32.0/22
89.36.231.0/24
89.36.236.0/22
89.37.106.0/24
89.37.188.0/22
89.37.216.0/23
89.37.228.0/22
89.37.236.0/22
89.39.172.0/23
89.40.43.0/24
89.40.166.0/24
89.40.176.0/22
89.42.29.0/24
89.42.213.0/24
89.42.215.0/24
89.44.210.0/24
91.232.136.0/22
93.113.184.0/21
93.114.69.0/24
93.115.111.0/24
93.115.155.0/24
94.177.27.0/24
94.177.65.0/24
94.177.118.0/24
94.190.248.0/22
176.223.181.0/24
185.64.100.0/22
185.77.249.0-185.77.251.255
185.172.20.0/22
188.211.249.0-188.211.255.255
188.212.104.0/22
188.240.40.0/23
193.124.20.0/23
194.58.64.0/23
194.88.96.0/21
194.88.112.0/20
194.135.26.0/23
194.135.132.0/23
195.133.202.0/23
195.133.208.0/23
212.237.224.0/22
213.159.10.0-213.159.13.255
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:7c:2a:5d:dc:ae:74:13:8c:1b:8c:64:61:a0:94:b9:3d:a1:
dd:ff:9e:78:56:bf:af:7e:7b:b7:db:2e:92:fd:c9:bc:cc:be:
d9:17:da:0f:91:e1:d0:d5:9f:6a:6e:6d:6f:54:7b:44:8c:fd:
a2:b9:8f:32:5c:a7:3a:df:fb:54:82:91:3f:fa:96:58:88:ff:
03:ab:75:b6:ad:13:a5:51:39:dc:05:8a:ff:57:c4:63:3c:dc:
93:7c:1a:59:44:c8:58:f2:88:7e:a6:cd:22:28:06:49:a1:de:
b9:5d:de:f7:42:c4:48:f5:03:21:8c:f8:55:fd:83:78:a3:bb:
f0:7e:be:67:ee:da:f8:21:58:35:48:13:00:1c:90:bc:78:0c:
6f:74:97:0d:93:b9:70:32:e8:dc:32:c8:2d:33:5c:eb:02:aa:
22:7f:21:29:7e:d4:c7:0a:5d:e1:88:8f:b5:cf:9d:d4:c9:b5:
50:0c:d9:aa:56:5c:5c:3d:dd:2f:b4:fa:57:6b:73:bf:c0:08:
7d:00:46:fa:bf:f3:b5:46:49:be:16:a6:17:49:30:34:ec:a3:
ad:22:f4:39:27:6b:27:f2:09:d7:41:6d:3e:b2:e4:f1:b8:99:
ea:94:c7:a9:3a:50:53:f0:a5:bc:25:7a:9a:fa:a4:ed:25:db:
e7:8e:ef:06
-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgIEAorlvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDEw
MTEzMDI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY4OTE0MGJjMTU5
MzczMjc3NjM4Njg2YmVlZmM5YWJkNDI0OWZmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEU5iKH+8lupdU4CJ+D/V0Sf0t62gekZRYOALFdMN8+iIt9
S01E+agVbfuEszDHiOZiuqkj7njA3g/7/or/TPbpj4ptMy9YztX4OKf9V9d/mkWU
xtvW9vQp94q0Fj1KsTkCKfrNRkLxBXbw0KG3EuFwjn23n7DwvcXr/b/QvZC6Dz5+
QJcjlgno8nox7wfIXtezbbAbCg6mtKmD7k9sB963G6VaXceto9EusCjuko/wWORJ
kW7wZA7Q1PNNFG01sx0pVf2WNGg49t+ZM68yic8LMI6vL2FYkt/TEzjL7qeqhd+O
AwvbLCH0ZUPKGQowetuDDUGbLnRKmlRgXXKSYBECAwEAAaOCA5gwggOUMB0GA1Ud
DgQWBBSGiRQLwVk3Mndjhoa+78mr1CSf8DAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L2hva1VDOEZaTnpKM1k0YUd2dV9KcTlRa25fQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AawGCCsGAQUFBwEHAQH/BIIBmzCCAZcwggGTBAIAATCCAYsDBAMFI8ADBAAuZq4D
BAM+cAADBAE+cAwDBAA+cB4DBAJA7+wDBABNUQEDBAJNUXwDBAJNUaADBARU6hAD
BABU9xQDBABU9zsDBAJVzJQDBAJVzKADBABWaNEDBAJWaWgDBAFWa2wDBAFZInwD
BABZIqsDBAJZJCADBABZJOcDBAJZJOwDBABZJWoDBAJZJbwDBAFZJdgDBAJZJeQD
BAJZJewDBAFZJ6wDBABZKCsDBABZKKYDBAJZKLADBABZKh0DBABZKtUDBABZKtcD
BABZLNIDBAJb6IgDBANdcbgDBABdckUDBABdc28DBABdc5sDBABesRsDBABesUED
BABesXYDBAJevvgDBACw37UDBAK5QGQwDAMEALlN+QMEArlN+AMEArmsFDALAwQA
vNP5AwMCvNADBAK81GgDBAG88CgDBAHBfBQDBAHCOkADBAPCWGADBATCWHADBAHC
hxoDBAHCh4QDBAHDhcoDBAHDhdADBALU7eAwDAMEAdWfCgMEAdWfDAMEANkTATAN
BgkqhkiG9w0BAQsFAAOCAQEAnnwqXdyudBOMG4xkYaCUuT2h3f+eeFa/r357t9su
kv3JvMy+2RfaD5Hh0NWfam5tb1R7RIz9ormPMlynOt/7VIKRP/qWWIj/A6t1tq0T
pVE53AWK/1fEYzzck3waWUTIWPKIfqbNIigGSaHeuV3e90LESPUDIYz4Vf2DeKO7
8H6+Z+7a+CFYNUgTAByQvHgMb3SXDZO5cDLo3DLILTNc6wKqIn8hKX7Uxwpd4YiP
tc+d1Mm1UAzZqlZcXD3dL7T6V2tzv8AIfQBG+r/ztUZJvhamF0kwNOyjrSL0OSdr
J/IJ10FtPrLk8biZ6pTHqTpQU/ClvCV6mvqk7SXb547vBg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:05 2023 by rpki-client on console-fra.rpki-client.org