Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/_lFTMQc0v_wZS9O5oGeQ7G1Lves.roa
File: _lFTMQc0v_wZS9O5oGeQ7G1Lves.roa (raw, json)
Hash identifier: 466KDfag35HRbkYA9SsB7QQMn7wpBHiinpx1iJcMVls=
Subject key identifier: FE:51:53:31:07:34:BF:FC:19:4B:D3:B9:A0:67:90:EC:6D:4B:BD:EB
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 0192564C86A64DF4413C89D855F600277BE9
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/_lFTMQc0v_wZS9O5oGeQ7G1Lves.roa
Signing time: Fri 04 Oct 2024 06:51:48 +0000
ROA not before: Fri 04 Oct 2024 06:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15695
IP address blocks: 5.253.88.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
86.48.192.0/24 maxlen: 24
86.48.193.0/24 maxlen: 24
86.48.194.0/24 maxlen: 24
86.48.208.0/24 maxlen: 24
86.48.209.0/24 maxlen: 24
86.48.210.0/24 maxlen: 24
86.48.211.0/24 maxlen: 24
86.48.212.0/24 maxlen: 24
86.48.214.0/24 maxlen: 24
86.48.216.0/24 maxlen: 24
86.48.217.0/24 maxlen: 24
86.48.218.0/24 maxlen: 24
86.48.219.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.221.0/24 maxlen: 24
86.48.222.0/24 maxlen: 24
86.48.223.0/24 maxlen: 24
86.48.224.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
86.48.241.0/24 maxlen: 24
86.48.242.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
195.238.244.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
2a0c:5900:1000::/36 maxlen: 36
2a0c:5900:2000::/36 maxlen: 36
2a0c:5900:3000::/36 maxlen: 36
2a0c:5900:4000::/36 maxlen: 36
2a0c:5900:5000::/36 maxlen: 36
2a0c:5900:6000::/36 maxlen: 36
2a0c:5900:7000::/36 maxlen: 36
2a0c:5900:8000::/36 maxlen: 36
2a0c:5900:9000::/36 maxlen: 36
2a0c:5900:a000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:4c:86:a6:4d:f4:41:3c:89:d8:55:f6:00:27:7b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Oct 4 06:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe5153310734bffc194bd3b9a06790ec6d4bbdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e8:f0:83:1f:b3:7c:cd:66:cf:aa:bf:1e:90:
f6:54:81:88:7d:c3:81:8f:8e:6b:80:b5:3e:8b:4c:
64:f7:fc:97:eb:c2:07:39:7b:d6:7e:9c:c8:66:ee:
51:48:ea:43:17:97:2b:0a:3e:2e:f4:da:fd:f3:b4:
29:7c:f9:bf:b0:ae:07:55:03:aa:c3:22:ce:9f:fc:
08:ae:18:b6:6c:46:96:bf:eb:0f:fe:e0:26:54:aa:
f1:dd:a9:e6:d1:36:1d:cd:21:ea:2d:f4:dc:6d:07:
10:0c:de:ab:d7:bc:db:ed:6c:4b:b3:cc:eb:c4:d5:
9c:b2:f1:f7:ea:9f:41:fc:2f:81:3b:19:8b:58:67:
52:44:97:f9:35:c5:a0:fc:cd:c5:b7:4d:87:5b:b4:
2b:20:6d:b5:a0:2c:ff:59:64:79:e9:14:32:d4:07:
0d:6d:a5:d7:f2:ab:b2:2d:46:50:0b:62:5c:1d:0d:
92:01:85:ed:3d:6c:f6:7a:18:e2:58:55:36:e6:c3:
76:02:4b:26:b4:c3:04:49:03:35:2d:17:93:7a:89:
93:7a:c1:04:dd:7f:92:d2:91:c2:73:87:37:00:ea:
d5:ad:f0:e4:e4:2a:8a:2a:8a:9c:28:3b:3b:2d:a4:
bb:4d:15:7d:30:c3:4b:6d:b2:78:4f:15:b9:f1:45:
2b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:51:53:31:07:34:BF:FC:19:4B:D3:B9:A0:67:90:EC:6D:4B:BD:EB
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/_lFTMQc0v_wZS9O5oGeQ7G1Lves.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.192.0-86.48.194.255
86.48.208.0-86.48.212.255
86.48.214.0/24
86.48.216.0-86.48.224.255
86.48.240.0-86.48.242.255
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
2a0c:5900:1000::-2a0c:5900:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:fc:17:61:8f:16:de:d6:28:c2:90:30:2e:ea:25:75:df:97:
00:15:39:0b:8d:22:08:c2:ec:27:92:94:89:53:1a:b1:9e:5e:
b1:96:65:90:7f:1a:f6:22:d8:f1:3a:88:98:d4:b9:c7:1b:6c:
a8:a9:96:07:b3:c2:33:59:24:ee:10:a0:22:3e:57:73:aa:39:
b0:2e:af:cf:cc:3d:58:7b:13:0d:2d:bb:d2:fb:47:37:e3:99:
06:77:8b:5a:34:09:0d:fc:32:0c:d9:96:38:ad:3d:8c:62:10:
f6:a4:60:88:fa:2b:44:32:b1:7b:e5:5a:41:b0:eb:3e:2d:3d:
39:10:c5:c7:07:56:71:a2:d9:52:11:2c:df:26:f5:0a:4d:b4:
de:09:ba:f7:d2:97:be:92:3c:b7:56:a3:ba:01:c6:44:94:91:
cf:fa:ed:4e:d0:14:5e:97:9d:eb:fb:2e:c2:b1:04:06:b0:6f:
c7:aa:79:ec:53:f3:45:06:20:be:c1:6e:cd:8a:d8:33:ec:14:
7d:ec:f4:fb:5f:4e:94:11:33:62:34:52:ff:f2:a7:c5:c1:dc:
54:df:1d:bc:71:8a:fc:8e:c9:6e:3d:98:01:03:7b:d8:14:06:
26:13:95:51:1f:4b:f0:38:02:b1:d0:ff:45:01:5d:28:d4:90:
c0:6b:a3:1f
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZJWTIamTfRBPInYVfYAJ3vpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQxMDA0MDY1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUxNTMzMTA3MzRiZmZjMTk0YmQzYjlhMDY3OTBlYzZkNGJiZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+jwgx+zfM1mz6q/HpD2VIGIfcOB
j45rgLU+i0xk9/yX68IHOXvWfpzIZu5RSOpDF5crCj4u9Nr987QpfPm/sK4HVQOq
wyLOn/wIrhi2bEaWv+sP/uAmVKrx3anm0TYdzSHqLfTcbQcQDN6r17zb7WxLs8zr
xNWcsvH36p9B/C+BOxmLWGdSRJf5NcWg/M3Ft02HW7QrIG21oCz/WWR56RQy1AcN
baXX8quyLUZQC2JcHQ2SAYXtPWz2ehjiWFU25sN2AksmtMMESQM1LReTeomTesEE
3X+S0pHCc4c3AOrVrfDk5CqKKoqcKDs7LaS7TRV9MMNLbbJ4TxW58UUrYwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFP5RUzEHNL/8GUvTuaBnkOxtS73rMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvX2xGVE1RYzB2X3daUzlPNW9HZVE3RzFMdmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCBnwQCAAEwgZgD
BAIF/VgDBAMlGuADBAItUdwDBAEtXVQDBAAtXVcDBAAtXr4DBAItX9gDBAQ/98Aw
DAMEBlYwwAMEAFYwwjAMAwQEVjDQAwQAVjDUAwQAVjDWMAwDBANWMNgDBABWMOAw
DAMEBFYw8AMEAFYw8gMEAltnEAMEAFtnFQMEAFtnFwMEArk+dAMEAcGghgMEAMPu
9AMEBNisQDB0BAIAAjBuAwcAKgAMuAAxMBIDBwAqAAy4ADMDBwAqAAy4ADQDBwAq
AAy4ADkDBwAqAAy4AEEDBwAqAAy4AEQDBwEqAAy4AEgDBwAqAAy4AUQDBwAqAAy4
A1MDBwAqAAy4CXEwEAMGBCoMWQAQAwYEKgxZAKAwDQYJKoZIhvcNAQELBQADggEB
AHn8F2GPFt7WKMKQMC7qJXXflwAVOQuNIgjC7CeSlIlTGrGeXrGWZZB/GvYi2PE6
iJjUuccbbKiplgezwjNZJO4QoCI+V3OqObAur8/MPVh7Ew0tu9L7RzfjmQZ3i1o0
CQ38MgzZljitPYxiEPakYIj6K0QysXvlWkGw6z4tPTkQxccHVnGi2VIRLN8m9QpN
tN4JuvfSl76SPLdWo7oBxkSUkc/67U7QFF6Xnev7LsKxBAawb8eqeexT80UGIL7B
bs2K2DPsFH3s9PtfTpQRM2I0Uv/yp8XB3FTfHbxxivyOyW49mAEDe9gUBiYTlVEf
S/A4ArHQ/0UBXSjUkMBrox8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:40 2025 by rpki-client