Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/ZSytjT9HI_jAp9uI95t2hteU_2Q.roa
File: ZSytjT9HI_jAp9uI95t2hteU_2Q.roa (raw, json)
Hash identifier: OPjULOPJNWFbRyAjW/P9rEPNA0xyos04JflNnf/jXu0=
Subject key identifier: 65:2C:AD:8D:3F:47:23:F8:C0:A7:DB:88:F7:9B:76:86:D7:94:FF:64
Certificate issuer: /CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Certificate serial: 1119746F
Authority key identifier: 4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/ZSytjT9HI_jAp9uI95t2hteU_2Q.roa
Signing time: Mon 03 Jan 2022 06:58:54 +0000
ROA not before: Mon 03 Jan 2022 06:58:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51440
IP address blocks: 46.32.219.0/24 maxlen: 24
46.32.218.0/24 maxlen: 24
46.32.217.0/24 maxlen: 24
46.32.216.0/21 maxlen: 21
46.32.216.0/24 maxlen: 24
46.32.215.0/24 maxlen: 24
46.32.214.0/24 maxlen: 24
46.32.223.0/24 maxlen: 24
46.32.222.0/24 maxlen: 24
46.32.221.0/24 maxlen: 24
46.32.220.0/24 maxlen: 24
37.60.145.0/24 maxlen: 24
37.60.144.0/21 maxlen: 21
95.215.131.0/24 maxlen: 24
37.60.144.0/24 maxlen: 24
95.215.130.0/24 maxlen: 24
95.215.129.0/24 maxlen: 24
95.215.128.0/22 maxlen: 22
95.215.128.0/24 maxlen: 24
37.60.151.0/24 maxlen: 24
37.60.150.0/24 maxlen: 24
37.60.149.0/24 maxlen: 24
37.60.148.0/24 maxlen: 24
37.60.147.0/24 maxlen: 24
37.60.146.0/24 maxlen: 24
31.25.78.0/24 maxlen: 24
31.25.77.0/24 maxlen: 24
31.25.76.0/24 maxlen: 24
31.25.75.0/24 maxlen: 24
31.25.74.0/24 maxlen: 24
31.25.72.0/21 maxlen: 21
31.25.73.0/24 maxlen: 24
31.25.72.0/24 maxlen: 24
31.25.79.0/24 maxlen: 24
46.32.192.0/21 maxlen: 21
46.32.192.0/24 maxlen: 24
46.32.192.0/19 maxlen: 19
46.32.199.0/24 maxlen: 24
46.32.198.0/24 maxlen: 24
46.32.197.0/24 maxlen: 24
46.32.196.0/24 maxlen: 24
46.32.195.0/24 maxlen: 24
46.32.194.0/24 maxlen: 24
46.32.193.0/24 maxlen: 24
46.32.206.0/24 maxlen: 24
46.32.205.0/24 maxlen: 24
46.32.204.0/24 maxlen: 24
46.32.203.0/24 maxlen: 24
46.32.202.0/24 maxlen: 24
46.32.201.0/24 maxlen: 24
46.32.200.0/24 maxlen: 24
46.32.200.0/21 maxlen: 21
46.32.213.0/24 maxlen: 24
46.32.212.0/24 maxlen: 24
46.32.211.0/24 maxlen: 24
46.32.210.0/24 maxlen: 24
46.32.209.0/24 maxlen: 24
46.32.208.0/24 maxlen: 24
46.32.208.0/21 maxlen: 21
46.32.207.0/24 maxlen: 24
188.227.233.0/24 maxlen: 24
188.227.232.0/21 maxlen: 21
188.227.232.0/24 maxlen: 24
188.227.239.0/24 maxlen: 24
188.227.238.0/24 maxlen: 24
188.227.237.0/24 maxlen: 24
188.227.236.0/24 maxlen: 24
188.227.235.0/24 maxlen: 24
188.227.234.0/24 maxlen: 24
5.34.166.0/24 maxlen: 24
5.34.165.0/24 maxlen: 24
5.34.164.0/24 maxlen: 24
5.34.163.0/24 maxlen: 24
5.34.162.0/24 maxlen: 24
5.34.161.0/24 maxlen: 24
5.34.160.0/24 maxlen: 24
5.34.160.0/21 maxlen: 21
5.34.167.0/24 maxlen: 24
46.28.139.0/24 maxlen: 24
46.28.138.0/24 maxlen: 24
46.28.137.0/24 maxlen: 24
46.28.136.0/21 maxlen: 21
46.28.136.0/24 maxlen: 24
46.28.143.0/24 maxlen: 24
46.28.142.0/24 maxlen: 24
46.28.141.0/24 maxlen: 24
46.28.140.0/24 maxlen: 24
195.35.85.0/24 maxlen: 24
37.122.159.0/24 maxlen: 24
37.122.158.0/23 maxlen: 23
37.122.158.0/24 maxlen: 24
31.13.166.0/24 maxlen: 24
31.13.165.0/24 maxlen: 24
31.13.164.0/24 maxlen: 24
31.13.163.0/24 maxlen: 24
31.13.162.0/24 maxlen: 24
31.13.161.0/24 maxlen: 24
31.13.160.0/21 maxlen: 21
31.13.160.0/24 maxlen: 24
31.13.167.0/24 maxlen: 24
185.7.123.0/24 maxlen: 24
185.7.122.0/24 maxlen: 24
185.7.121.0/24 maxlen: 24
185.7.120.0/22 maxlen: 22
185.7.120.0/24 maxlen: 24
2a03:2940::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286880879 (0x1119746f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Validity
Not Before: Jan 3 06:58:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=652cad8d3f4723f8c0a7db88f79b7686d794ff64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cb:a2:da:28:6c:b1:b7:be:3b:0d:08:aa:1f:
e2:c1:64:09:c3:ce:7b:8f:e8:62:f9:63:33:a6:f3:
9d:3a:e6:e7:8b:30:5c:2a:81:4b:93:45:3f:bf:4d:
39:1b:f4:6d:21:cc:58:42:7b:4f:89:e5:ae:4e:eb:
62:e5:1b:6b:cb:c9:7f:60:1b:cf:b4:b0:e9:37:e5:
38:cf:ea:f9:c8:11:1c:41:43:f1:be:ef:0a:db:d0:
13:93:d3:8f:0c:38:3f:06:9e:a0:15:46:98:39:dd:
a6:c1:11:fb:c6:1e:80:14:13:2b:82:ee:85:70:14:
b2:6b:5a:3f:b1:11:05:21:cf:c7:32:89:84:26:ce:
63:2b:34:d0:c0:dd:a6:b1:f8:22:07:96:06:71:b6:
56:6c:58:ef:b5:54:8f:ab:39:40:c4:3a:8f:d8:15:
f9:1b:41:a1:dc:fa:4c:f5:bb:a4:41:dd:cc:62:00:
8a:7d:fc:c6:a0:94:5a:82:de:5e:4c:96:f9:cd:89:
08:81:21:f6:f0:35:e3:6b:0e:38:7e:36:9e:1a:3b:
4a:c8:f8:7d:8e:36:e0:09:3c:92:aa:39:5a:bd:fa:
25:ff:69:b9:74:da:c9:94:59:25:da:f3:49:92:92:
42:90:c5:6c:d7:40:5a:a6:81:c6:eb:ca:b8:6f:21:
69:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2C:AD:8D:3F:47:23:F8:C0:A7:DB:88:F7:9B:76:86:D7:94:FF:64
X509v3 Authority Key Identifier:
keyid:4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/ZSytjT9HI_jAp9uI95t2hteU_2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.160.0/21
31.13.160.0/21
31.25.72.0/21
37.60.144.0/21
37.122.158.0/23
46.28.136.0/21
46.32.192.0/19
95.215.128.0/22
185.7.120.0/22
188.227.232.0/21
195.35.85.0/24
IPv6:
2a03:2940::/32
Signature Algorithm: sha256WithRSAEncryption
06:e0:dd:91:39:b2:6b:78:7d:ca:52:e1:e3:b2:cf:50:27:39:
50:4e:3e:bd:62:80:76:cb:86:44:27:bd:d7:9e:bc:28:91:de:
fd:c9:27:83:c9:e1:91:64:dd:9f:5d:30:2a:0e:65:7e:dd:8d:
0d:10:75:e8:6b:b7:93:68:53:5c:41:e7:a4:7b:8f:71:bd:33:
47:04:63:4f:32:1a:98:8a:54:d6:9d:e5:03:9a:54:98:55:3c:
35:d8:87:4a:22:bc:d2:a5:f3:06:a4:d7:93:46:e4:04:e6:e0:
8f:d0:25:c2:1d:43:b9:6f:de:e7:b1:60:28:51:9b:86:4c:b1:
4d:3c:97:87:88:0d:88:9f:60:71:a7:30:45:05:cb:2e:6e:ef:
2f:3d:16:f8:59:22:2d:22:4d:1e:51:5f:31:10:a1:d3:2b:94:
1e:61:59:2f:43:38:ce:cc:4d:23:5e:4e:75:b2:1a:30:f0:20:
ca:eb:01:de:bc:0e:64:d9:da:29:09:c8:ea:19:bd:ad:17:97:
0c:f9:3b:f3:68:5a:0b:4a:47:09:97:03:9b:8d:6d:cc:ea:35:
65:65:f5:f5:70:33:27:c4:19:b7:b2:85:15:c8:aa:93:a9:04:
2f:54:df:10:f3:2d:1c:26:2c:92:dd:59:e0:3d:8e:47:f8:ed:
b6:ed:6f:74
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEERl0bzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjU3NzI1YjBhNjA1ZDRkZGNjNDY0YjcwZGNiM2ExNjJhNWYwNTViMB4XDTIyMDEw
MzA2NTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjUyY2FkOGQzZjQ3
MjNmOGMwYTdkYjg4Zjc5Yjc2ODZkNzk0ZmY2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/LotoobLG3vjsNCKof4sFkCcPOe4/oYvljM6bznTrm54sw
XCqBS5NFP79NORv0bSHMWEJ7T4nlrk7rYuUba8vJf2Abz7Sw6TflOM/q+cgRHEFD
8b7vCtvQE5PTjww4PwaeoBVGmDndpsER+8YegBQTK4LuhXAUsmtaP7ERBSHPxzKJ
hCbOYys00MDdprH4IgeWBnG2VmxY77VUj6s5QMQ6j9gV+RtBodz6TPW7pEHdzGIA
in38xqCUWoLeXkyW+c2JCIEh9vA142sOOH42nho7Ssj4fY424Ak8kqo5Wr36Jf9p
uXTayZRZJdrzSZKSQpDFbNdAWqaBxuvKuG8haRkCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBRlLK2NP0cj+MCn24j3m3aG15T/ZDAfBgNVHSMEGDAWgBRLV3JbCmBdTdzE
ZLcNyzoWKl8FWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxZHlXd3BnWFUzY3hHUzNEY3M2RmlwZkJWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8x
L1pTeXRqVDlISV9qQXA5dUk5NXQyaHRlVV8yUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8xL1MxZHlXd3BnWFUz
Y3hHUzNEY3M2RmlwZkJWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEAwUioAMEAx8NoAMEAx8ZSAMEAyU8
kAMEASV6ngMEAy4ciAMEBS4gwAMEAl/XgAMEArkHeAMEA7zj6AMEAMMjVTANBAIA
AjAHAwUAKgMpQDANBgkqhkiG9w0BAQsFAAOCAQEABuDdkTmya3h9ylLh47LPUCc5
UE4+vWKAdsuGRCe91568KJHe/ckng8nhkWTdn10wKg5lft2NDRB16Gu3k2hTXEHn
pHuPcb0zRwRjTzIamIpU1p3lA5pUmFU8NdiHSiK80qXzBqTXk0bkBObgj9Alwh1D
uW/e57FgKFGbhkyxTTyXh4gNiJ9gcacwRQXLLm7vLz0W+FkiLSJNHlFfMRCh0yuU
HmFZL0M4zsxNI15OdbIaMPAgyusB3rwOZNnaKQnI6hm9rReXDPk782haC0pHCZcD
m41tzOo1ZWX19XAzJ8QZt7KFFciqk6kEL1TfEPMtHCYskt1Z4D2OR/jttu1vdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:07 2024 by rpki-client on console-fra.rpki-client.org