Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/7LXhujbrUpM4rkE4PtqVwmEZtLY.roa
File: 7LXhujbrUpM4rkE4PtqVwmEZtLY.roa (raw, json)
Hash identifier: T2839cIfeJ+Py9umWx73AneyK/tS4IV2t4+YxVeynbY=
Subject key identifier: EC:B5:E1:BA:36:EB:52:93:38:AE:41:38:3E:DA:95:C2:61:19:B4:B6
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 018B23C3D23244B2E28CF894ABB87ABD6D37
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/7LXhujbrUpM4rkE4PtqVwmEZtLY.roa
Signing time: Thu 12 Oct 2023 12:01:57 +0000
ROA not before: Thu 12 Oct 2023 12:01:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.248.0/21 maxlen: 21
37.228.131.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
82.99.192.0/24 maxlen: 24
82.99.192.0/19 maxlen: 22
82.99.192.0/18 maxlen: 18
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.172.0/22 maxlen: 22
31.214.170.0/23 maxlen: 23
31.214.168.0/23 maxlen: 23
31.214.168.0/21 maxlen: 21
82.99.204.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.225.0/24 maxlen: 24
82.99.224.0/19 maxlen: 19
82.99.233.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
31.214.132.0/23 maxlen: 23
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
91.98.192.0/20 maxlen: 20
91.98.192.0/19 maxlen: 19
91.98.208.0/20 maxlen: 20
91.98.224.0/24 maxlen: 24
91.98.226.0/23 maxlen: 23
91.98.224.0/19 maxlen: 19
91.98.144.0/23 maxlen: 23
91.98.152.0/22 maxlen: 22
91.98.160.0/20 maxlen: 20
91.98.160.0/19 maxlen: 19
91.98.240.0/21 maxlen: 21
91.98.252.0/23 maxlen: 23
91.98.0.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
91.98.0.0/20 maxlen: 20
37.10.117.0/24 maxlen: 24
91.98.0.0/16 maxlen: 24
91.98.16.0/24 maxlen: 24
91.98.19.0/24 maxlen: 24
37.10.64.0/22 maxlen: 22
185.10.71.0/24 maxlen: 24
91.98.82.0/24 maxlen: 24
91.98.84.0/22 maxlen: 22
91.98.88.0/24 maxlen: 24
91.98.111.0/24 maxlen: 24
91.98.57.0/24 maxlen: 24
91.98.64.0/19 maxlen: 19
91.98.68.0/24 maxlen: 24
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
109.230.246.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.242.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
109.230.251.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
95.156.233.0/24 maxlen: 24
95.156.236.0/23 maxlen: 23
95.156.234.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.223.0/24 maxlen: 24
109.230.221.0/24 maxlen: 24
213.217.36.0/22 maxlen: 22
213.217.41.0/24 maxlen: 24
213.217.46.0/24 maxlen: 24
213.217.47.0/24 maxlen: 24
213.217.48.0/20 maxlen: 20
213.217.55.0/24 maxlen: 24
213.217.56.0/24 maxlen: 24
213.217.57.0/24 maxlen: 24
213.217.54.0/24 maxlen: 24
213.217.52.0/22 maxlen: 22
213.217.62.0/24 maxlen: 24
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.192.0/18 maxlen: 18
46.41.224.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
185.13.228.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:c3:d2:32:44:b2:e2:8c:f8:94:ab:b8:7a:bd:6d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Oct 12 12:01:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecb5e1ba36eb529338ae41383eda95c26119b4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:29:06:d1:b0:bf:5b:88:b2:29:27:19:56:2b:
37:d4:78:71:2c:3d:56:99:ab:e4:d5:b8:ea:53:30:
0e:a9:c4:fa:d6:86:96:d7:04:92:68:64:17:88:f4:
20:c3:0c:5e:79:67:05:1d:a2:a2:3b:b1:7e:31:3b:
97:ed:be:7c:5b:19:e7:50:3d:d8:18:ee:aa:9f:d9:
e3:5c:bf:2d:30:a5:3f:f4:18:26:38:5a:4b:39:31:
4b:5b:ba:64:ef:5d:9a:2a:14:af:35:5f:d1:a0:29:
63:86:7a:5c:39:18:ec:42:a1:f5:4e:d5:c1:02:12:
c4:06:39:52:53:08:39:8b:3d:2d:78:89:2c:57:84:
61:05:d3:24:09:93:ac:7e:89:7f:71:d7:fc:47:98:
97:c2:ad:ed:b1:f8:b7:ff:56:79:44:ba:b0:e0:30:
62:f8:84:7d:e1:63:3f:60:6b:8f:63:03:e7:ef:0f:
5a:22:4d:8d:a9:05:83:16:0a:3e:37:ff:c3:62:e3:
81:a9:a9:c9:f1:73:47:99:7e:db:54:68:15:c1:a5:
d0:b0:14:d2:36:bc:8c:44:14:7b:72:09:76:30:a0:
b9:fb:a6:f3:90:8f:46:c2:73:23:60:34:0c:05:d3:
05:1a:a2:2b:1a:00:f4:fc:1c:a6:81:30:36:ea:74:
6d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B5:E1:BA:36:EB:52:93:38:AE:41:38:3E:DA:95:C2:61:19:B4:B6
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/7LXhujbrUpM4rkE4PtqVwmEZtLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
91.98.0.0/16
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
213.217.36.0/22
213.217.41.0/24
213.217.46.0-213.217.63.255
Signature Algorithm: sha256WithRSAEncryption
79:91:f6:d7:f2:ce:07:02:37:14:df:4b:8c:68:b8:b4:e0:69:
0e:16:df:81:30:21:9f:3a:3c:9c:99:da:4d:32:40:71:1a:a2:
2c:3b:da:d9:f6:5b:d6:95:a4:fa:20:5f:2e:41:41:c7:48:0f:
b9:41:f3:6d:b4:a5:f2:f2:fe:17:70:c4:25:3d:55:4c:79:32:
79:3d:66:a1:6d:7e:78:fd:2f:48:ec:9e:83:55:f2:6d:8b:23:
83:64:25:86:bf:ab:17:a8:13:1b:c6:8a:cb:7c:45:92:0e:33:
0e:8e:71:8e:8c:76:c5:38:a4:41:96:be:73:6a:ef:df:4c:e0:
fb:12:99:e8:43:36:47:f2:bd:a3:03:59:86:b1:a0:4f:13:7c:
d9:f9:e1:7e:ab:a1:e5:65:e0:ea:99:11:a8:0d:4f:5e:5f:0a:
57:cc:7b:4d:9d:b2:11:40:02:ef:1d:7a:23:c2:f1:45:cb:80:
44:e4:7c:0d:3b:4a:8f:65:ca:9a:73:3c:68:67:2f:1a:4f:d8:
a1:23:5f:ee:0f:7e:20:9b:93:45:e5:64:1b:11:bb:93:50:7a:
3a:24:d3:65:c7:0d:1b:13:bd:4f:77:ea:a7:b7:d0:ee:5c:4f:
fa:83:65:70:8a:cf:8d:5f:30:1e:de:e3:88:02:a5:c4:49:60:
3b:ca:f1:c0
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYsjw9IyRLLijPiUq7h6vW03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjMxMDEyMTIwMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I1ZTFiYTM2ZWI1MjkzMzhhZTQxMzgzZWRhOTVjMjYxMTliNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ikG0bC/W4iyKScZVis31HhxLD1W
mavk1bjqUzAOqcT61oaW1wSSaGQXiPQgwwxeeWcFHaKiO7F+MTuX7b58WxnnUD3Y
GO6qn9njXL8tMKU/9BgmOFpLOTFLW7pk712aKhSvNV/RoCljhnpcORjsQqH1TtXB
AhLEBjlSUwg5iz0teIksV4RhBdMkCZOsfol/cdf8R5iXwq3tsfi3/1Z5RLqw4DBi
+IR94WM/YGuPYwPn7w9aIk2NqQWDFgo+N//DYuOBqanJ8XNHmX7bVGgVwaXQsBTS
NryMRBR7cgl2MKC5+6bzkI9GwnMjYDQMBdMFGqIrGgD0/BymgTA26nRt2wIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFOy14bo261KTOK5BOD7alcJhGbS2MB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvN0xYaHVqYnJVcE00cmtFNFB0cVZ3bUVadExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCCAREEAgABMIIB
CQMEAR/WhAMEAR/WkgMEAB/WmgMEAx/WqAMEAR/WyAMEAh/W5AMEAx/W+AMEAiUK
QAMEACUKbQMEACUKdQMEACXkgwMEACXkhTAMAwQAJeSHAwQCJeSIAwQGLinAAwQA
LvvgAwQALvviAwQALvvtAwQGUmPAAwMAW2IDBAFfnN4wDAMEAF+c6QMEAV+c7AME
AV+c+AMEAW3mwAMEAG3myAMEAm3mzAMEAG3m3QMEAG3m3wMEAG3m8gMEAW3m9gME
AG3m+wMEAYb/xAMEA4b/yDAMAwQAhv/1AwQAhv/2AwQAhv/5AwQAuQpHAwQCuQ3k
AwQC1dkkAwQA1dkpMAwDBAHV2S4DBAbV2QAwDQYJKoZIhvcNAQELBQADggEBAHmR
9tfyzgcCNxTfS4xouLTgaQ4W34EwIZ86PJyZ2k0yQHEaoiw72tn2W9aVpPogXy5B
QcdID7lB8220pfLy/hdwxCU9VUx5Mnk9ZqFtfnj9L0jsnoNV8m2LI4NkJYa/qxeo
ExvGist8RZIOMw6OcY6MdsU4pEGWvnNq799M4PsSmehDNkfyvaMDWYaxoE8TfNn5
4X6roeVl4OqZEagNT15fClfMe02dshFAAu8deiPC8UXLgETkfA07So9lyppzPGhn
LxpP2KEjX+4PfiCbk0XlZBsRu5NQejok02XHDRsTvU936qe30O5cT/qDZXCKz41f
MB7e44gCpcRJYDvK8cA=
-----END CERTIFICATE-----
Generated at Tue Apr 29 03:38:36 2025 by rpki-client