Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/0f993a27-4615-3690-bdde-452d3f720542.roa
File: 0f993a27-4615-3690-bdde-452d3f720542.roa (raw, json)
Hash identifier: 2bfUMH4rLNvqS6zdJyC43xkUrIupkXYQSVE37sAro5k=
Subject key identifier: 59:B0:28:CA:5F:02:A5:04:09:48:28:9F:5F:AC:A5:4C:C5:B9:1D:82
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F432858439055334BE1F8E7893B4BF280
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/0f993a27-4615-3690-bdde-452d3f720542.roa
Signing time: Mon 16 Oct 2023 01:00:15 +0000
ROA not before: Mon 16 Oct 2023 01:00:15 +0000
ROA not after: Sun 14 Jan 2024 02:00:15 +0000
asID: 5650
IP address blocks: 142.111.219.0/24 maxlen: 24
136.0.226.0/24 maxlen: 24
136.0.99.0/24 maxlen: 24
136.0.67.0/24 maxlen: 24
172.120.14.0/24 maxlen: 24
166.88.149.0/24 maxlen: 24
142.252.52.0/24 maxlen: 24
142.252.51.0/24 maxlen: 24
136.0.47.0/24 maxlen: 24
107.165.138.0/24 maxlen: 24
107.164.200.0/24 maxlen: 24
107.164.199.0/24 maxlen: 24
107.186.35.0/24 maxlen: 24
107.165.194.0/24 maxlen: 24
107.165.161.0/24 maxlen: 24
172.252.25.0/24 maxlen: 24
23.27.23.0/24 maxlen: 24
104.253.132.0/24 maxlen: 24
172.252.135.0/24 maxlen: 24
50.117.45.0/24 maxlen: 24
172.252.55.0/24 maxlen: 24
23.27.243.0/24 maxlen: 24
172.252.54.0/24 maxlen: 24
23.27.14.0/24 maxlen: 24
172.252.28.0/24 maxlen: 24
172.252.215.0/24 maxlen: 24
172.252.168.0/24 maxlen: 24
172.252.139.0/24 maxlen: 24
172.252.137.0/24 maxlen: 24
216.172.135.0/24 maxlen: 24
173.245.84.0/24 maxlen: 24
23.27.127.0/24 maxlen: 24
205.164.32.0/24 maxlen: 24
205.164.9.0/24 maxlen: 24
209.73.132.0/24 maxlen: 24
205.164.59.0/24 maxlen: 24
209.73.137.0/24 maxlen: 24
209.73.136.0/24 maxlen: 24
104.253.106.0/24 maxlen: 24
104.165.134.0/24 maxlen: 24
104.165.120.0/24 maxlen: 24
104.165.29.0/24 maxlen: 24
104.253.150.0/24 maxlen: 24
104.253.146.0/24 maxlen: 24
104.253.144.0/24 maxlen: 24
104.253.139.0/24 maxlen: 24
216.172.138.0/24 maxlen: 24
23.230.29.0/24 maxlen: 24
23.27.248.0/24 maxlen: 24
104.164.180.0/24 maxlen: 24
50.118.255.0/24 maxlen: 24
50.117.96.0/24 maxlen: 24
23.230.67.0/24 maxlen: 24
107.164.145.0/24 maxlen: 24
107.164.85.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:43:90:55:33:4b:e1:f8:e7:89:3b:4b:f2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Oct 16 01:00:15 2023 GMT
Not After : Jan 14 02:00:15 2024 GMT
Subject: CN=3b9e12bb-d553-49b8-ba86-16479831e66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:28:e5:2a:41:97:04:4e:67:d8:ff:72:ab:dc:
14:e2:f4:74:91:7c:86:0a:c2:3b:13:c9:d3:05:74:
d1:11:91:2a:3b:b9:c3:1f:ab:2a:8d:75:31:17:c0:
12:c5:79:45:ff:6c:73:3a:7c:e5:8d:0a:e1:99:72:
54:1d:79:32:0c:01:33:03:14:19:75:2a:dc:6a:cc:
6e:5b:f6:fa:9c:7e:5a:8c:1f:3c:f1:31:e2:3f:5b:
e2:6b:5d:52:d7:47:47:5a:8c:87:4b:ea:ee:4f:7a:
72:83:23:db:c7:70:ed:01:76:c2:f1:4a:1b:87:10:
7a:28:65:36:f1:6e:19:35:49:17:ae:16:b9:b4:dd:
85:8b:76:dd:fe:ff:a6:f2:3c:07:f1:8c:0f:2c:5e:
f3:50:79:56:c2:22:87:c3:e7:02:20:a7:18:65:7e:
59:82:98:b2:33:64:3c:e0:8d:81:a2:94:ac:20:bc:
f4:b7:cb:01:6b:8f:97:97:58:82:68:58:5c:6f:84:
d5:d6:66:70:63:28:39:30:ce:9b:27:84:7f:65:9f:
fb:70:a2:cc:e9:6a:9a:a7:a5:38:1b:ec:5c:96:e0:
fa:9b:14:61:6e:1e:7d:6a:c6:bc:6d:08:8f:7a:17:
c1:c4:a9:4d:4f:da:1b:fe:1f:06:20:74:4b:8f:24:
c2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B0:28:CA:5F:02:A5:04:09:48:28:9F:5F:AC:A5:4C:C5:B9:1D:82
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/0f993a27-4615-3690-bdde-452d3f720542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
23.27.14.0/24
23.27.23.0/24
23.27.127.0/24
23.27.243.0/24
23.27.248.0/24
23.230.29.0/24
23.230.67.0/24
50.117.45.0/24
50.117.96.0/24
50.118.255.0/24
104.164.180.0/24
104.165.29.0/24
104.165.120.0/24
104.165.134.0/24
104.253.106.0/24
104.253.132.0/24
104.253.139.0/24
104.253.144.0/24
104.253.146.0/24
104.253.150.0/24
107.164.85.0/24
107.164.145.0/24
107.164.199.0-107.164.200.255
107.165.138.0/24
107.165.161.0/24
107.165.194.0/24
107.186.35.0/24
136.0.47.0/24
136.0.67.0/24
136.0.99.0/24
136.0.226.0/24
142.111.219.0/24
142.252.51.0-142.252.52.255
166.88.149.0/24
172.120.14.0/24
172.252.25.0/24
172.252.28.0/24
172.252.54.0/23
172.252.135.0/24
172.252.137.0/24
172.252.139.0/24
172.252.168.0/24
172.252.215.0/24
173.245.84.0/24
205.164.9.0/24
205.164.32.0/24
205.164.59.0/24
209.73.132.0/24
209.73.136.0/23
216.172.135.0/24
216.172.138.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
12:c4:ef:22:e6:df:7e:08:73:8b:a0:34:1a:fc:5b:75:22:fd:
9c:e6:e2:95:01:a8:22:75:6f:f6:e0:f3:ad:ed:67:6f:44:17:
79:a7:48:41:13:13:c8:ad:8f:14:31:85:55:37:5b:48:29:9c:
2f:5c:c7:94:ee:7b:e3:81:89:d1:6d:28:28:b6:6a:46:b6:7c:
39:e8:41:35:70:48:72:4e:81:09:63:a9:0e:24:61:b9:6f:8a:
c6:86:d6:3d:56:02:39:1c:99:3a:d4:c6:47:b5:9a:84:e0:85:
20:bd:1b:c3:27:ba:ad:ba:6d:db:68:a4:29:3a:37:57:25:53:
df:84:55:93:0d:29:6c:eb:81:2a:08:94:5a:b1:cb:8c:0a:93:
99:7c:4a:e1:53:17:d5:c1:29:d3:0a:d5:24:ce:b8:9f:c2:0f:
b2:59:78:aa:0e:c8:7c:32:3e:e7:34:d2:2b:a2:15:52:ce:9b:
b9:c7:36:be:19:eb:4b:3e:64:d9:d7:87:32:14:2c:38:e8:70:
68:72:ec:0c:2e:17:d7:ad:ce:31:35:57:f4:3a:fd:f8:39:a9:
66:1f:51:6f:47:1e:d9:30:8f:de:03:9c:26:0c:6b:01:52:2e:
22:10:22:c1:5c:9b:9b:31:eb:d0:50:83:94:66:09:82:0c:18:
71:6f:99:2c
-----BEGIN CERTIFICATE-----
MIIHiTCCBnGgAwIBAgIUAQ0Mn0MoWEOQVTNL4fjniTtL8oAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIzMTAxNjAxMDAxNVoXDTI0MDExNDAyMDAxNVowLzEtMCsGA1UEAxMk
M2I5ZTEyYmItZDU1My00OWI4LWJhODYtMTY0Nzk4MzFlNjZjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyjlKkGXBE5n2P9yq9wU4vR0kXyGCsI7E8nT
BXTREZEqO7nDH6sqjXUxF8ASxXlF/2xzOnzljQrhmXJUHXkyDAEzAxQZdSrcasxu
W/b6nH5ajB888THiP1via11S10dHWoyHS+ruT3pygyPbx3DtAXbC8UobhxB6KGU2
8W4ZNUkXrha5tN2Fi3bd/v+m8jwH8YwPLF7zUHlWwiKHw+cCIKcYZX5ZgpiyM2Q8
4I2BopSsILz0t8sBa4+Xl1iCaFhcb4TV1mZwYyg5MM6bJ4R/ZZ/7cKLM6Wqap6U4
G+xcluD6mxRhbh59asa8bQiPehfBxKlNT9ob/h8GIHRLjyTC8QIDAQABo4IEmzCC
BJcwHQYDVR0OBBYEFFmwKMpfAqUECUgon1+spUzFuR2CMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvMGY5OTNhMjctNDYxNS0z
NjkwLWJkZGUtNDUyZDNmNzIwNTQyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCCAUoEAgABMIIB
QgMEABcbDgMEABcbFwMEABcbfwMEABcb8wMEABcb+AMEABfmHQMEABfmQwMEADJ1
LQMEADJ1YAMEADJ2/wMEAGiktAMEAGilHQMEAGileAMEAGilhgMEAGj9agMEAGj9
hAMEAGj9iwMEAGj9kAMEAGj9kgMEAGj9lgMEAGukVQMEAGukkTAMAwQAa6THAwQA
a6TIAwQAa6WKAwQAa6WhAwQAa6XCAwQAa7ojAwQAiAAvAwQAiABDAwQAiABjAwQA
iADiAwQAjm/bMAwDBACO/DMDBACO/DQDBACmWJUDBACseA4DBACs/BkDBACs/BwD
BAGs/DYDBACs/IcDBACs/IkDBACs/IsDBACs/KgDBACs/NcDBACt9VQDBADNpAkD
BADNpCADBADNpDsDBADRSYQDBAHRSYgDBADYrIcDBADYrIowVAYDVR0gAQH/BEow
SDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5l
dC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAEsTv
Iubffghzi6A0GvxbdSL9nObilQGoInVv9uDzre1nb0QXeadIQRMTyK2PFDGFVTdb
SCmcL1zHlO5744GJ0W0oKLZqRrZ8OehBNXBIck6BCWOpDiRhuW+KxobWPVYCORyZ
OtTGR7WahOCFIL0bwye6rbpt22ikKTo3VyVT34RVkw0pbOuBKgiUWrHLjAqTmXxK
4VMX1cEp0wrVJM64n8IPsll4qg7IfDI+5zTSK6IVUs6bucc2vhnrSz5k2deHMhQs
OOhwaHLsDC4X163OMTVX9Dr9+DmpZh9Rb0ce2TCP3gOcJgxrAVIuIhAiwVybmzHr
0FCDlGYJggwYcW+ZLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:18 2024 by rpki-client on console-fra.rpki-client.org