Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/oSxX2ZoI3wqJCdPHEpGiaXJmZlI.roa
File: oSxX2ZoI3wqJCdPHEpGiaXJmZlI.roa (raw, json)
Hash identifier: +4d1kk7PDM9SessneHe+3qlo8+FyEkmXIcr5bNQFsqU=
Subject key identifier: A1:2C:57:D9:9A:08:DF:0A:89:09:D3:C7:12:91:A2:69:72:66:66:52
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 038D42E4
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/oSxX2ZoI3wqJCdPHEpGiaXJmZlI.roa
Signing time: Tue 05 Apr 2022 18:56:53 +0000
ROA not before: Tue 05 Apr 2022 18:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 193.124.20.0/23 maxlen: 24
85.204.160.0/22 maxlen: 24
93.113.184.0/21 maxlen: 24
89.39.172.0/23 maxlen: 24
89.36.231.0/24 maxlen: 24
89.36.236.0/22 maxlen: 24
86.107.108.0/23 maxlen: 24
89.40.43.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
188.211.250.0/23 maxlen: 24
188.211.252.0/22 maxlen: 24
94.177.27.0/24 maxlen: 24
5.35.192.0/21 maxlen: 24
212.237.224.0/22 maxlen: 24
94.190.248.0/22 maxlen: 24
89.42.215.0/24 maxlen: 24
195.133.202.0/23 maxlen: 24
89.36.32.0/22 maxlen: 24
195.133.208.0/23 maxlen: 24
85.204.148.0/22 maxlen: 24
94.177.65.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
93.115.155.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
62.112.0.0/21 maxlen: 24
89.37.228.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
89.37.236.0/22 maxlen: 24
93.115.111.0/24 maxlen: 24
62.112.12.0/23 maxlen: 24
86.105.104.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
89.34.171.0/24 maxlen: 24
188.240.40.0/23 maxlen: 24
89.44.210.0/24 maxlen: 24
84.234.16.0/20 maxlen: 24
46.102.174.0/24 maxlen: 24
84.247.59.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
89.40.166.0/24 maxlen: 24
89.40.176.0/22 maxlen: 24
185.172.20.0/22 maxlen: 24
89.37.106.0/24 maxlen: 24
194.135.26.0/23 maxlen: 24
185.64.100.0/22 maxlen: 24
86.104.209.0/24 maxlen: 24
91.232.136.0/22 maxlen: 24
77.81.1.0/24 maxlen: 24
188.212.104.0/22 maxlen: 24
77.81.124.0/22 maxlen: 24
89.37.188.0/22 maxlen: 24
213.159.10.0/23 maxlen: 24
213.159.12.0/23 maxlen: 24
64.239.236.0/22 maxlen: 24
194.135.132.0/23 maxlen: 24
89.37.216.0/23 maxlen: 24
89.34.124.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
77.81.160.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
185.77.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59589348 (0x38d42e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 5 18:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a12c57d99a08df0a8909d3c71291a26972666652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4d:1d:20:fc:3f:56:2f:13:af:1e:c2:41:3d:
40:c9:29:45:13:ce:c5:da:b7:48:d9:a2:89:7a:c9:
d4:21:6d:fd:ad:33:39:5f:50:97:ae:b5:d8:4c:58:
76:ff:c0:f5:7f:92:d5:0a:2f:ef:7d:24:9d:5a:ef:
a1:9f:1a:1b:16:1c:61:22:f1:c7:04:53:c0:57:bd:
65:b8:b1:2a:6d:c0:e4:08:43:ef:73:c7:67:21:08:
2e:99:fa:17:9a:75:47:f0:38:f8:27:47:5e:00:1f:
0d:3b:2e:e5:35:a6:4c:6d:f1:b2:69:f1:d0:2c:c5:
00:1a:40:d7:59:ca:61:bc:67:0a:36:40:82:4e:54:
01:bf:1c:d3:87:c9:cf:98:ce:bb:2e:ef:a2:68:6c:
a5:6e:cb:16:cb:70:23:76:28:a0:59:5d:6d:b3:9d:
e1:2d:0c:a7:0d:90:a5:84:ab:56:f4:0c:60:10:74:
23:e5:a5:3a:84:d8:4e:af:31:12:fd:f8:89:92:f1:
6f:84:b9:90:a5:0b:f2:de:8e:76:90:8b:cc:67:be:
90:9e:5e:63:f7:c5:3b:16:89:50:35:76:15:32:81:
5f:3f:0d:7f:44:10:8e:0a:94:e6:98:72:fc:0a:57:
1d:f3:5c:56:86:b6:43:86:a6:4b:46:bc:09:2a:98:
3c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2C:57:D9:9A:08:DF:0A:89:09:D3:C7:12:91:A2:69:72:66:66:52
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/oSxX2ZoI3wqJCdPHEpGiaXJmZlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
46.102.174.0/24
62.112.0.0/21
62.112.12.0/23
64.239.236.0/22
77.81.1.0/24
77.81.124.0/22
77.81.160.0/22
84.234.16.0/20
84.247.20.0/24
84.247.59.0/24
85.204.148.0/22
85.204.160.0/22
86.104.209.0/24
86.105.104.0/22
86.107.108.0/23
89.34.124.0/23
89.34.171.0/24
89.36.32.0/22
89.36.231.0/24
89.36.236.0/22
89.37.106.0/24
89.37.188.0/22
89.37.216.0/23
89.37.228.0/22
89.37.236.0/22
89.39.172.0/23
89.40.43.0/24
89.40.166.0/24
89.40.176.0/22
89.42.215.0/24
89.44.210.0/24
91.232.136.0/22
93.113.184.0/21
93.115.111.0/24
93.115.155.0/24
94.177.27.0/24
94.177.65.0/24
94.177.118.0/24
94.190.248.0/22
176.223.181.0/24
185.64.100.0/22
185.77.249.0-185.77.251.255
185.172.20.0/22
188.211.249.0-188.211.255.255
188.212.104.0/22
188.240.40.0/23
193.124.20.0/23
194.58.64.0/23
194.88.96.0/21
194.88.112.0/20
194.135.26.0/23
194.135.132.0/23
195.133.202.0/23
195.133.208.0/23
212.237.224.0/22
213.159.10.0-213.159.13.255
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:f1:95:bc:33:46:f3:ea:e3:20:10:4f:db:fc:c6:aa:de:87:
a6:e7:cb:40:01:fc:56:e9:fe:4e:13:32:58:52:c4:ab:08:9a:
34:49:b7:e8:a4:72:c1:d4:28:90:d7:cc:36:aa:5e:46:39:d0:
2d:4d:5e:b7:d1:c3:45:ea:d4:43:cd:e6:ce:00:75:5c:1a:55:
a3:09:47:3a:00:02:37:58:e5:09:1a:15:8d:f8:5f:00:fb:69:
60:c5:60:f7:ec:79:a0:43:73:91:26:19:cb:56:a8:80:72:8d:
e4:59:c9:ce:e1:d0:53:d0:35:64:dc:0a:ef:e5:64:12:5e:f7:
7d:4c:ca:69:06:13:3f:af:6f:e4:9b:58:fb:5c:bb:1e:e7:c3:
9e:de:3c:ab:71:94:09:61:d3:ef:ab:11:24:c0:5f:11:94:4e:
fd:98:57:a1:ab:ac:73:c9:a9:48:de:45:1c:27:04:f7:09:e0:
cc:30:15:f4:97:1e:a3:a2:ea:a9:cb:92:a6:7a:8b:10:80:1e:
41:c3:86:16:f4:29:d4:2c:2c:fd:9e:4e:83:15:c6:be:33:49:
62:0b:f3:e0:13:c7:34:e8:e5:27:30:b6:9d:c2:0a:85:46:60:
b4:bd:27:d2:95:2e:3c:be:9b:2c:f1:86:41:6f:90:ca:78:9e:
10:d6:08:b0
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgIEA41C5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDQw
NTE4NTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEyYzU3ZDk5YTA4
ZGYwYTg5MDlkM2M3MTI5MWEyNjk3MjY2NjY1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJNHSD8P1YvE68ewkE9QMkpRRPOxdq3SNmiiXrJ1CFt/a0z
OV9Ql6612ExYdv/A9X+S1Qov730knVrvoZ8aGxYcYSLxxwRTwFe9ZbixKm3A5AhD
73PHZyEILpn6F5p1R/A4+CdHXgAfDTsu5TWmTG3xsmnx0CzFABpA11nKYbxnCjZA
gk5UAb8c04fJz5jOuy7vomhspW7LFstwI3YooFldbbOd4S0Mpw2QpYSrVvQMYBB0
I+WlOoTYTq8xEv34iZLxb4S5kKUL8t6OdpCLzGe+kJ5eY/fFOxaJUDV2FTKBXz8N
f0QQjgqU5phy/ApXHfNcVoa2Q4amS0a8CSqYPCUCAwEAAaOCA4AwggN8MB0GA1Ud
DgQWBBShLFfZmgjfCokJ08cSkaJpcmZmUjAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L29TeFgyWm9JM3dxSkNkUEhFcEdpYVhKbVpsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AZQGCCsGAQUFBwEHAQH/BIIBgzCCAX8wggF7BAIAATCCAXMDBAMFI8ADBAAuZq4D
BAM+cAADBAE+cAwDBAJA7+wDBABNUQEDBAJNUXwDBAJNUaADBARU6hADBABU9xQD
BABU9zsDBAJVzJQDBAJVzKADBABWaNEDBAJWaWgDBAFWa2wDBAFZInwDBABZIqsD
BAJZJCADBABZJOcDBAJZJOwDBABZJWoDBAJZJbwDBAFZJdgDBAJZJeQDBAJZJewD
BAFZJ6wDBABZKCsDBABZKKYDBAJZKLADBABZKtcDBABZLNIDBAJb6IgDBANdcbgD
BABdc28DBABdc5sDBABesRsDBABesUEDBABesXYDBAJevvgDBACw37UDBAK5QGQw
DAMEALlN+QMEArlN+AMEArmsFDALAwQAvNP5AwMCvNADBAK81GgDBAG88CgDBAHB
fBQDBAHCOkADBAPCWGADBATCWHADBAHChxoDBAHCh4QDBAHDhcoDBAHDhdADBALU
7eAwDAMEAdWfCgMEAdWfDAMEANkTATANBgkqhkiG9w0BAQsFAAOCAQEAbvGVvDNG
8+rjIBBP2/zGqt6HpufLQAH8Vun+ThMyWFLEqwiaNEm36KRywdQokNfMNqpeRjnQ
LU1et9HDRerUQ83mzgB1XBpVowlHOgACN1jlCRoVjfhfAPtpYMVg9+x5oENzkSYZ
y1aogHKN5FnJzuHQU9A1ZNwK7+VkEl73fUzKaQYTP69v5JtY+1y7HufDnt48q3GU
CWHT76sRJMBfEZRO/ZhXoausc8mpSN5FHCcE9wngzDAV9Jceo6LqqcuSpnqLEIAe
QcOGFvQp1Cws/Z5OgxXGvjNJYgvz4BPHNOjlJzC2ncIKhUZgtL0n0pUuPL6bLPGG
QW+QynieENYIsA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org