Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/PyY5Eli-KGsDsWPZHIjYra7qQVM.roa
File: PyY5Eli-KGsDsWPZHIjYra7qQVM.roa (raw, json)
Hash identifier: R3imF4nZU9uvlsJwSyZObEYedmdEXH5oOFYubPNYMrk=
Subject key identifier: 3F:26:39:12:58:BE:28:6B:03:B1:63:D9:1C:88:D8:AD:AE:EA:41:53
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 018FA3771964B93B36C98D3E1ECB0442EC12
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/PyY5Eli-KGsDsWPZHIjYra7qQVM.roa
Signing time: Thu 23 May 2024 03:20:42 +0000
ROA not before: Thu 23 May 2024 03:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15695
IP address blocks: 5.253.88.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
86.48.208.0/24 maxlen: 24
86.48.209.0/24 maxlen: 24
86.48.210.0/24 maxlen: 24
86.48.211.0/24 maxlen: 24
86.48.216.0/24 maxlen: 24
86.48.217.0/24 maxlen: 24
86.48.218.0/24 maxlen: 24
86.48.219.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.221.0/24 maxlen: 24
86.48.222.0/24 maxlen: 24
86.48.223.0/24 maxlen: 24
86.48.224.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
86.48.241.0/24 maxlen: 24
86.48.242.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
195.238.244.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
2a0c:5900:3000::/36 maxlen: 36
2a0c:5900:3001::/48 maxlen: 48
2a0c:5900:4000::/36 maxlen: 36
2a0c:5900:4001::/48 maxlen: 48
2a0c:5900:5000::/36 maxlen: 36
2a0c:5900:5001::/48 maxlen: 48
2a0c:5900:5002::/48 maxlen: 48
2a0c:5900:8000::/36 maxlen: 36
2a0c:5900:8001::/48 maxlen: 48
2a0c:5900:8002::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a3:77:19:64:b9:3b:36:c9:8d:3e:1e:cb:04:42:ec:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: May 23 03:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f26391258be286b03b163d91c88d8adaeea4153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:83:9a:8d:1a:8d:3e:2b:90:91:14:9f:ce:88:
9e:17:b7:91:8d:7c:8d:07:7a:29:c5:0c:76:b5:29:
6c:94:57:58:f5:f6:48:f1:ad:88:27:5c:a4:49:f1:
56:8a:48:f6:fb:6f:2e:e3:de:12:8c:dd:a9:d0:5d:
3a:7b:09:ee:dd:15:8a:2a:37:de:f8:09:47:1a:cf:
3b:68:ab:92:32:99:a1:79:c1:f3:a1:7f:66:77:3b:
87:1c:eb:1a:a3:05:ca:d2:30:dd:44:ac:1b:1d:b5:
6f:6c:d7:23:3c:7b:18:ca:e3:9f:03:00:d7:50:98:
1c:f9:a3:ee:47:25:36:ef:32:b6:88:b4:09:63:01:
8d:ce:29:33:d4:37:3f:97:bc:ed:fd:92:d0:e9:85:
e1:71:ec:10:7c:1a:82:1c:bf:ae:b9:be:43:56:26:
06:7e:c8:13:c0:98:d7:a3:ae:3f:05:a0:45:53:7f:
cd:5d:91:40:a8:53:a9:33:18:8d:1c:ca:73:6b:a5:
5e:f0:ec:2a:ae:11:8d:d8:7d:87:19:d8:f3:10:b8:
c6:ae:24:91:cd:0b:46:2c:d7:74:8a:44:61:cb:c7:
c1:00:54:a1:74:3b:29:b9:c3:86:6a:f3:55:a4:5e:
57:09:d5:f9:83:07:39:86:9c:36:6e:9d:68:d6:6b:
98:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:26:39:12:58:BE:28:6B:03:B1:63:D9:1C:88:D8:AD:AE:EA:41:53
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/PyY5Eli-KGsDsWPZHIjYra7qQVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.208.0/22
86.48.216.0-86.48.224.255
86.48.240.0-86.48.242.255
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
2a0c:5900:3000::-2a0c:5900:5fff:ffff:ffff:ffff:ffff:ffff
2a0c:5900:8000::/36
Signature Algorithm: sha256WithRSAEncryption
46:b6:dc:93:25:1e:95:4b:42:e2:26:6c:76:0e:cc:de:83:84:
c3:02:2b:32:0c:09:ec:c0:60:37:24:73:70:fa:a9:0e:32:21:
d6:60:25:2b:a8:62:0c:80:df:db:3c:5e:25:df:51:cb:44:3a:
38:9a:ab:00:69:22:27:40:f5:2e:cd:8c:b9:dc:66:7e:d7:09:
0e:f0:97:3a:ad:8d:7d:a3:11:f4:63:f3:2f:4b:1b:e2:98:37:
1d:65:82:66:c2:60:09:b0:ed:45:c9:e4:aa:de:17:65:3c:d2:
5e:0a:0d:d0:22:f1:61:6e:04:d5:69:6f:32:63:64:3d:ff:10:
e7:3c:9a:e4:98:2d:88:29:29:2d:41:57:63:74:7b:76:6f:99:
95:8d:9e:9a:7b:3b:53:97:90:ff:27:c7:b9:a1:e1:46:29:1f:
79:c7:c4:b5:d9:59:4e:dd:4b:07:72:43:8f:52:f8:5f:eb:26:
e8:70:19:8e:fc:12:c6:73:2b:a8:e9:7e:7a:8d:12:94:cb:ec:
63:22:ef:79:2b:4b:97:13:a6:8b:f3:24:7e:71:7a:8a:a9:11:
10:2d:b4:79:43:ce:23:a2:fa:25:00:ff:fd:fb:91:af:48:c9:
12:4c:05:2a:77:82:30:de:03:6c:47:e9:f2:8f:f8:8c:cc:dc:
ee:a1:43:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAY+jdxlkuTs2yY0+HssEQuwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQwNTIzMDMyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjI2MzkxMjU4YmUyODZiMDNiMTYzZDkxYzg4ZDhhZGFlZWE0MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4OajRqNPiuQkRSfzoieF7eRjXyN
B3opxQx2tSlslFdY9fZI8a2IJ1ykSfFWikj2+28u494SjN2p0F06ewnu3RWKKjfe
+AlHGs87aKuSMpmhecHzoX9mdzuHHOsaowXK0jDdRKwbHbVvbNcjPHsYyuOfAwDX
UJgc+aPuRyU27zK2iLQJYwGNzikz1Dc/l7zt/ZLQ6YXhcewQfBqCHL+uub5DViYG
fsgTwJjXo64/BaBFU3/NXZFAqFOpMxiNHMpza6Ve8OwqrhGN2H2HGdjzELjGriSR
zQtGLNd0ikRhy8fBAFShdDspucOGavNVpF5XCdX5gwc5hpw2bp1o1muYzQIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFD8mORJYvihrA7Fj2RyI2K2u6kFTMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvUHlZNUVsaS1LR3NEc1dQWkhJallyYTdxUVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCBggQCAAEwfAME
AgX9WAMEAyUa4AMEAi1R3AMEAS1dVAMEAC1dVwMEAC1evgMEAi1f2AMEBD/3wAME
AlYw0DAMAwQDVjDYAwQAVjDgMAwDBARWMPADBABWMPIDBAJbZxADBABbZxUDBABb
ZxcDBAK5PnQDBAHBoIYDBADD7vQDBATYrEAwfAQCAAIwdgMHACoADLgAMTASAwcA
KgAMuAAzAwcAKgAMuAA0AwcAKgAMuAA5AwcAKgAMuABBAwcAKgAMuABEAwcBKgAM
uABIAwcAKgAMuAFEAwcAKgAMuANTAwcAKgAMuAlxMBADBgQqDFkAMAMGBSoMWQBA
AwYEKgxZAIAwDQYJKoZIhvcNAQELBQADggEBAEa23JMlHpVLQuImbHYOzN6DhMMC
KzIMCezAYDckc3D6qQ4yIdZgJSuoYgyA39s8XiXfUctEOjiaqwBpIidA9S7NjLnc
Zn7XCQ7wlzqtjX2jEfRj8y9LG+KYNx1lgmbCYAmw7UXJ5KreF2U80l4KDdAi8WFu
BNVpbzJjZD3/EOc8muSYLYgpKS1BV2N0e3ZvmZWNnpp7O1OXkP8nx7mh4UYpH3nH
xLXZWU7dSwdyQ49S+F/rJuhwGY78EsZzK6jpfnqNEpTL7GMi73krS5cTpovzJH5x
eoqpERAttHlDziOi+iUA//37ka9IyRJMBSp3gjDeA2xH6fKP+IzM3O6hQ1g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:41 2025 by rpki-client