Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/ffW_Y6sryTMuWL1rgpRAhDToMmg.roa
File: ffW_Y6sryTMuWL1rgpRAhDToMmg.roa (raw, json)
Hash identifier: VdgsGQc1fKloAyi2xU7iIjJPewULOMAYs7Y+UnQppqQ=
Subject key identifier: 7D:F5:BF:63:AB:2B:C9:33:2E:58:BD:6B:82:94:40:84:34:E8:32:68
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 019396207612A3BE83A7D4E48C0CD9DC7F13
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/ffW_Y6sryTMuWL1rgpRAhDToMmg.roa
Signing time: Thu 05 Dec 2024 09:22:10 +0000
ROA not before: Thu 05 Dec 2024 09:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15695
IP address blocks: 5.253.88.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
86.48.192.0/24 maxlen: 24
86.48.193.0/24 maxlen: 24
86.48.194.0/24 maxlen: 24
86.48.195.0/24 maxlen: 24
86.48.196.0/24 maxlen: 24
86.48.208.0/24 maxlen: 24
86.48.209.0/24 maxlen: 24
86.48.210.0/24 maxlen: 24
86.48.211.0/24 maxlen: 24
86.48.212.0/24 maxlen: 24
86.48.214.0/24 maxlen: 24
86.48.215.0/24 maxlen: 24
86.48.216.0/24 maxlen: 24
86.48.217.0/24 maxlen: 24
86.48.218.0/24 maxlen: 24
86.48.219.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.221.0/24 maxlen: 24
86.48.222.0/24 maxlen: 24
86.48.223.0/24 maxlen: 24
86.48.224.0/24 maxlen: 24
86.48.225.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
86.48.241.0/24 maxlen: 24
86.48.242.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
195.238.244.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
2a0c:5900:1000::/36 maxlen: 36
2a0c:5900:2000::/36 maxlen: 36
2a0c:5900:3000::/36 maxlen: 36
2a0c:5900:4000::/36 maxlen: 36
2a0c:5900:5000::/36 maxlen: 36
2a0c:5900:6000::/36 maxlen: 36
2a0c:5900:7000::/36 maxlen: 36
2a0c:5900:8000::/36 maxlen: 36
2a0c:5900:9000::/36 maxlen: 36
2a0c:5900:a000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:20:76:12:a3:be:83:a7:d4:e4:8c:0c:d9:dc:7f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Dec 5 09:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7df5bf63ab2bc9332e58bd6b8294408434e83268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e1:99:29:dd:6a:b7:28:f8:71:d4:60:db:10:
7a:58:49:eb:c1:93:6a:34:fc:09:b1:18:99:ac:2a:
2d:a3:2e:38:14:ec:0f:46:d2:95:b4:9c:29:f6:38:
2b:fd:ab:dd:9d:55:1b:34:f3:e4:e4:ac:4a:dc:79:
43:14:43:08:9a:44:76:af:bf:97:d2:29:85:99:c0:
67:49:d2:7e:b1:b1:0b:c1:b3:4d:c3:aa:95:08:e9:
e5:94:db:7d:c3:e2:93:c1:9e:78:b2:d8:d2:73:16:
3f:02:a6:c0:50:0d:70:31:8d:c6:46:0f:53:91:12:
a3:05:de:20:35:0e:90:ff:81:29:45:fa:b1:fe:0e:
20:74:3b:d6:0f:41:11:c0:64:de:e9:31:ae:2c:d3:
c9:e1:b5:cf:4c:7c:e4:5c:5c:46:c3:f4:9e:e6:a6:
fb:e9:d9:b0:4d:9d:5f:00:fc:21:b6:3c:19:30:d2:
80:c6:fd:ce:62:93:4b:16:fc:00:67:14:01:fc:e8:
98:89:b6:1b:aa:c6:44:aa:9c:f1:94:aa:55:41:77:
9a:f7:a1:d2:72:63:f2:dc:22:05:14:44:9a:5e:05:
84:55:53:a8:e2:26:6b:36:38:58:03:cd:bc:fc:18:
31:16:02:af:f9:f8:c3:41:69:84:2a:12:ac:ba:93:
74:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F5:BF:63:AB:2B:C9:33:2E:58:BD:6B:82:94:40:84:34:E8:32:68
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/ffW_Y6sryTMuWL1rgpRAhDToMmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.192.0-86.48.196.255
86.48.208.0-86.48.212.255
86.48.214.0-86.48.225.255
86.48.240.0-86.48.242.255
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
2a0c:5900:1000::-2a0c:5900:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
17:18:3d:53:1e:9a:b0:0b:98:19:50:35:99:b6:18:0c:ac:84:
82:db:d2:59:c1:52:57:d2:b3:08:53:c4:d7:60:2c:cf:2d:58:
3a:8b:11:32:f5:43:84:61:28:d6:d7:35:c1:e3:f4:c5:60:9d:
53:85:5e:c0:1b:7d:dc:d7:04:4b:f1:e9:5c:07:50:ab:af:33:
81:66:5d:1a:27:f9:ad:e3:47:a5:88:d7:30:1e:16:73:84:2a:
85:b3:25:5b:ca:14:d8:dc:bd:25:92:1a:e9:5c:c7:f3:48:7d:
9e:cc:5c:0a:4b:88:31:9d:f3:75:e2:da:4c:e0:77:d3:3f:35:
7b:15:04:27:b1:6c:74:3c:f5:7d:9f:ac:8c:50:98:0f:ad:2f:
f4:3e:67:ab:0a:bf:5d:1f:86:ca:0f:94:e5:2c:5d:6f:0a:9e:
e3:4a:57:18:76:aa:6b:bc:f7:58:52:bb:dd:52:02:7f:b0:42:
4f:78:0c:70:6c:b3:e8:d5:05:19:78:2d:0e:4c:91:2d:a8:2c:
8a:5a:6b:9c:b1:da:bf:52:cb:51:c0:f0:95:c1:c9:b3:ec:02:
f5:4a:7c:16:61:2c:08:d4:6e:fb:f7:d6:6f:dc:43:0f:b9:6b:
77:2b:22:25:60:51:93:d5:16:ee:1a:7a:82:10:db:f0:0c:4d:
a0:fc:6f:f9
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZOWIHYSo76Dp9TkjAzZ3H8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQxMjA1MDkyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGY1YmY2M2FiMmJjOTMzMmU1OGJkNmI4Mjk0NDA4NDM0ZTgzMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+GZKd1qtyj4cdRg2xB6WEnrwZNq
NPwJsRiZrCotoy44FOwPRtKVtJwp9jgr/avdnVUbNPPk5KxK3HlDFEMImkR2r7+X
0imFmcBnSdJ+sbELwbNNw6qVCOnllNt9w+KTwZ54stjScxY/AqbAUA1wMY3GRg9T
kRKjBd4gNQ6Q/4EpRfqx/g4gdDvWD0ERwGTe6TGuLNPJ4bXPTHzkXFxGw/Se5qb7
6dmwTZ1fAPwhtjwZMNKAxv3OYpNLFvwAZxQB/OiYibYbqsZEqpzxlKpVQXea96HS
cmPy3CIFFESaXgWEVVOo4iZrNjhYA828/BgxFgKv+fjDQWmEKhKsupN0EQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFH31v2OrK8kzLli9a4KUQIQ06DJoMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvZmZXX1k2c3J5VE11V0wxcmdwUkFoRFRvTW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCBmQQCAAEwgZID
BAIF/VgDBAMlGuADBAItUdwDBAEtXVQDBAAtXVcDBAAtXr4DBAItX9gDBAQ/98Aw
DAMEBlYwwAMEAFYwxDAMAwQEVjDQAwQAVjDUMAwDBAFWMNYDBAFWMOAwDAMEBFYw
8AMEAFYw8gMEAltnEAMEAFtnFQMEAFtnFwMEArk+dAMEAcGghgMEAMPu9AMEBNis
QDB0BAIAAjBuAwcAKgAMuAAxMBIDBwAqAAy4ADMDBwAqAAy4ADQDBwAqAAy4ADkD
BwAqAAy4AEEDBwAqAAy4AEQDBwEqAAy4AEgDBwAqAAy4AUQDBwAqAAy4A1MDBwAq
AAy4CXEwEAMGBCoMWQAQAwYEKgxZAKAwDQYJKoZIhvcNAQELBQADggEBABcYPVMe
mrALmBlQNZm2GAyshILb0lnBUlfSswhTxNdgLM8tWDqLETL1Q4RhKNbXNcHj9MVg
nVOFXsAbfdzXBEvx6VwHUKuvM4FmXRon+a3jR6WI1zAeFnOEKoWzJVvKFNjcvSWS
Gulcx/NIfZ7MXApLiDGd83Xi2kzgd9M/NXsVBCexbHQ89X2frIxQmA+tL/Q+Z6sK
v10fhsoPlOUsXW8KnuNKVxh2qmu891hSu91SAn+wQk94DHBss+jVBRl4LQ5MkS2o
LIpaa5yx2r9Sy1HA8JXBybPsAvVKfBZhLAjUbvv31m/cQw+5a3crIiVgUZPVFu4a
eoIQ2/AMTaD8b/k=
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:54:01 2025 by rpki-client