Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/WI6Oj9QjMAzhqXaiAOAeJnf4hdk.roa
File: WI6Oj9QjMAzhqXaiAOAeJnf4hdk.roa (raw, json)
Hash identifier: virT6/Um47GamDxaJVWgoZzuMxU1Q47olmYYAMUa/vE=
Subject key identifier: 58:8E:8E:8F:D4:23:30:0C:E1:A9:76:A2:00:E0:1E:26:77:F8:85:D9
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 018473519D6E3F6B9CE0ADB753C6BCA5FCBC
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/WI6Oj9QjMAzhqXaiAOAeJnf4hdk.roa
Signing time: Sun 13 Nov 2022 23:27:19 +0000
ROA not before: Sun 13 Nov 2022 23:27:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15685
IP address blocks: 82.208.56.0/24 maxlen: 24
82.208.58.0/24 maxlen: 24
82.208.60.0/24 maxlen: 24
82.208.60.0/22 maxlen: 22
109.123.202.0/23 maxlen: 23
109.123.205.0/24 maxlen: 24
109.123.206.0/23 maxlen: 23
82.208.4.0/22 maxlen: 22
82.208.8.0/22 maxlen: 22
109.123.209.0/24 maxlen: 24
109.123.208.0/22 maxlen: 22
82.208.14.0/24 maxlen: 24
109.123.216.0/21 maxlen: 21
109.123.219.0/24 maxlen: 24
82.208.16.0/23 maxlen: 23
82.208.17.0/24 maxlen: 24
82.208.16.0/24 maxlen: 24
109.123.214.0/23 maxlen: 23
82.208.12.0/24 maxlen: 24
82.208.18.0/24 maxlen: 24
109.123.221.0/24 maxlen: 24
82.208.28.0/23 maxlen: 23
82.208.26.0/23 maxlen: 23
82.208.32.0/22 maxlen: 22
82.208.44.0/24 maxlen: 24
82.208.39.0/24 maxlen: 24
82.208.40.0/23 maxlen: 23
82.208.50.0/24 maxlen: 24
82.208.46.0/23 maxlen: 23
82.208.48.0/23 maxlen: 23
217.11.254.0/24 maxlen: 24
217.11.224.0/23 maxlen: 23
217.11.230.0/24 maxlen: 24
217.11.232.0/23 maxlen: 23
217.11.227.0/24 maxlen: 24
217.11.228.0/23 maxlen: 23
217.11.236.0/24 maxlen: 24
217.11.235.0/24 maxlen: 24
217.11.245.0/24 maxlen: 24
217.11.246.0/23 maxlen: 23
217.11.242.0/23 maxlen: 23
217.11.251.0/24 maxlen: 24
217.11.248.0/23 maxlen: 23
217.11.249.0/24 maxlen: 24
109.123.192.0/21 maxlen: 21
81.0.217.0/24 maxlen: 24
81.0.214.0/24 maxlen: 24
81.0.226.0/24 maxlen: 24
81.0.225.0/24 maxlen: 24
81.0.230.0/23 maxlen: 23
77.78.96.0/20 maxlen: 20
81.0.232.0/21 maxlen: 21
77.78.94.0/23 maxlen: 23
81.0.228.0/24 maxlen: 24
81.0.240.0/22 maxlen: 22
77.78.112.0/21 maxlen: 21
81.0.250.0/24 maxlen: 24
77.78.123.0/24 maxlen: 24
77.78.124.0/22 maxlen: 22
81.0.254.0/23 maxlen: 23
77.78.120.0/23 maxlen: 23
85.239.227.0/24 maxlen: 24
81.0.192.0/22 maxlen: 22
81.0.199.0/24 maxlen: 24
81.0.206.0/23 maxlen: 23
77.78.76.0/22 maxlen: 22
85.239.252.0/23 maxlen: 23
81.0.208.0/23 maxlen: 23
81.0.212.0/23 maxlen: 23
2001:1528::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:73:51:9d:6e:3f:6b:9c:e0:ad:b7:53:c6:bc:a5:fc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Nov 13 23:27:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=588e8e8fd423300ce1a976a200e01e2677f885d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:dc:44:ff:30:91:bb:17:f8:0c:d0:0c:83:f1:
8e:64:3e:a2:fb:ff:94:cc:72:59:a8:01:1f:94:19:
5f:96:51:bb:15:ad:ad:f1:7a:4c:ea:2c:aa:d7:ed:
55:0b:0f:70:34:5e:b8:9a:10:08:1a:86:ac:a9:b2:
3f:e7:7e:db:d2:bc:b0:10:96:57:a9:38:d2:d4:ce:
36:9f:37:4d:de:9a:5f:2b:de:eb:77:38:e9:ff:51:
45:2c:3a:88:4e:6f:8d:3c:eb:a7:b5:62:89:5c:fe:
81:61:c6:7e:d8:6c:8d:4d:d6:2e:6e:66:a0:66:51:
16:08:86:53:f8:f1:3d:64:cb:a0:a3:ce:fd:4e:b5:
76:a8:49:e5:d9:1d:fa:8d:57:d3:3b:e7:eb:b9:7b:
e4:b3:12:c3:98:fa:33:64:7a:cb:d6:7b:4c:79:85:
ed:2d:28:82:10:00:85:b8:96:9c:94:e3:c8:71:1a:
95:aa:46:09:e4:d5:79:ac:f4:8f:ea:31:52:a1:3a:
ce:b2:ec:d2:51:70:f9:0a:e5:ef:74:ad:89:1d:45:
e6:eb:86:50:26:91:52:80:99:ca:9c:7b:a9:16:58:
4f:c6:e6:90:c9:48:b6:6e:7c:0c:77:ef:f3:3c:72:
ab:24:b2:71:16:9a:5f:69:ec:36:6d:f2:e2:35:f7:
00:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:8E:8E:8F:D4:23:30:0C:E1:A9:76:A2:00:E0:1E:26:77:F8:85:D9
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/WI6Oj9QjMAzhqXaiAOAeJnf4hdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.76.0/22
77.78.94.0-77.78.121.255
77.78.123.0-77.78.127.255
81.0.192.0/22
81.0.199.0/24
81.0.206.0-81.0.209.255
81.0.212.0-81.0.214.255
81.0.217.0/24
81.0.225.0-81.0.226.255
81.0.228.0/24
81.0.230.0-81.0.243.255
81.0.250.0/24
81.0.254.0/23
82.208.4.0-82.208.12.255
82.208.14.0/24
82.208.16.0-82.208.18.255
82.208.26.0-82.208.29.255
82.208.32.0/22
82.208.39.0-82.208.41.255
82.208.44.0/24
82.208.46.0-82.208.50.255
82.208.56.0/24
82.208.58.0/24
82.208.60.0/22
85.239.227.0/24
85.239.252.0/23
109.123.192.0/21
109.123.202.0/23
109.123.205.0-109.123.211.255
109.123.214.0-109.123.223.255
217.11.224.0/23
217.11.227.0-217.11.230.255
217.11.232.0/23
217.11.235.0-217.11.236.255
217.11.242.0/23
217.11.245.0-217.11.249.255
217.11.251.0/24
217.11.254.0/24
IPv6:
2001:1528::/32
Signature Algorithm: sha256WithRSAEncryption
1a:02:36:75:62:c8:61:34:9b:7a:7f:3c:13:27:fb:f5:d7:9f:
f4:6f:e3:fa:78:db:ac:dc:0a:d7:f5:92:73:93:0c:88:d1:a9:
79:c5:4f:c9:9d:68:76:e2:02:4a:4f:fd:cf:5c:fa:b3:be:e2:
d7:92:9c:1f:b7:1d:ba:22:d7:1f:5a:15:98:3d:00:de:94:d5:
42:60:46:5c:54:09:20:7c:7e:76:eb:40:a4:28:2b:5d:0b:15:
80:7e:7c:d5:1d:cd:55:29:53:46:af:ef:2b:a9:9b:ff:a2:92:
3a:37:d3:19:8a:1f:db:08:d9:e0:a1:0d:71:c1:49:05:f7:be:
75:95:07:53:38:3c:a6:98:35:60:a9:ab:9a:81:e2:3b:28:de:
4f:25:4e:e5:29:5f:1f:ab:cd:25:fb:aa:4c:c1:47:2f:34:05:
e5:70:f3:db:dc:73:53:93:76:e1:50:ea:1a:b3:91:10:ea:0e:
77:6d:c0:29:5d:2c:17:16:95:ca:05:c8:20:5a:54:57:6a:4e:
04:24:02:93:73:e8:53:fe:89:37:2f:2a:ee:05:15:e1:a6:16:
34:5a:8c:cb:7d:1e:de:a8:8a:d1:a0:b2:ac:e7:f3:4b:b1:a8:
48:6f:da:6b:c6:61:bb:ab:f9:48:b7:7f:9e:55:13:c2:2c:9a:
4a:48:d1:d3
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgISAYRzUZ1uP2uc4K23U8a8pfy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjIxMTEzMjMyNzE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODhlOGU4ZmQ0MjMzMDBjZTFhOTc2YTIwMGUwMWUyNjc3Zjg4NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9xE/zCRuxf4DNAMg/GOZD6i+/+U
zHJZqAEflBlfllG7Fa2t8XpM6iyq1+1VCw9wNF64mhAIGoasqbI/537b0rywEJZX
qTjS1M42nzdN3ppfK97rdzjp/1FFLDqITm+NPOuntWKJXP6BYcZ+2GyNTdYubmag
ZlEWCIZT+PE9ZMugo879TrV2qEnl2R36jVfTO+fruXvksxLDmPozZHrL1ntMeYXt
LSiCEACFuJaclOPIcRqVqkYJ5NV5rPSP6jFSoTrOsuzSUXD5CuXvdK2JHUXm64ZQ
JpFSgJnKnHupFlhPxuaQyUi2bnwMd+/zPHKrJLJxFppfaew2bfLiNfcAMwIDAQAB
o4IDgDCCA3wwHQYDVR0OBBYEFFiOjo/UIzAM4al2ogDgHiZ3+IXZMB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvV0k2T2o5UWpNQXpocVhhaUFPQWVKbmY0aGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlAYIKwYBBQUHAQcBAf8EggGDMIIBfzCCAWwEAgABMIIB
ZAMEAk1OTDAMAwQBTU5eAwQBTU54MAwDBABNTnsDBAdNTgADBAJRAMADBABRAMcw
DAMEAVEAzgMEAVEA0DAMAwQCUQDUAwQAUQDWAwQAUQDZMAwDBABRAOEDBABRAOID
BABRAOQwDAMEAVEA5gMEAlEA8AMEAFEA+gMEAVEA/jAMAwQCUtAEAwQAUtAMAwQA
UtAOMAwDBARS0BADBABS0BIwDAMEAVLQGgMEAVLQHAMEAlLQIDAMAwQAUtAnAwQB
UtAoAwQAUtAsMAwDBAFS0C4DBABS0DIDBABS0DgDBABS0DoDBAJS0DwDBABV7+MD
BAFV7/wDBANte8ADBAFte8owDAMEAG17zQMEAm170DAMAwQBbXvWAwQFbXvAAwQB
2QvgMAwDBADZC+MDBADZC+YDBAHZC+gwDAMEANkL6wMEANkL7AMEAdkL8jAMAwQA
2Qv1AwQB2Qv4AwQA2Qv7AwQA2Qv+MA0EAgACMAcDBQAgARUoMA0GCSqGSIb3DQEB
CwUAA4IBAQAaAjZ1YshhNJt6fzwTJ/v115/0b+P6eNus3ArX9ZJzkwyI0al5xU/J
nWh24gJKT/3PXPqzvuLXkpwftx26ItcfWhWYPQDelNVCYEZcVAkgfH5260CkKCtd
CxWAfnzVHc1VKVNGr+8rqZv/opI6N9MZih/bCNngoQ1xwUkF9751lQdTODymmDVg
qauageI7KN5PJU7lKV8fq80l+6pMwUcvNAXlcPPb3HNTk3bhUOoas5EQ6g53bcAp
XSwXFpXKBcggWlRXak4EJAKTc+hT/ok3LyruBRXhphY0WozLfR7eqIrRoLKs5/NL
sahIb9prxmG7q/lIt3+eVRPCLJpKSNHT
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:31:29 2025 by rpki-client