Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/h5FRa8g-Ul395jNs9JmSn86Hy8c.roa
File: h5FRa8g-Ul395jNs9JmSn86Hy8c.roa (raw, json)
Hash identifier: p3wI08NLNjaCSVbHtzTpvgUWbUZOylZyMcOIRJOc7e8=
Subject key identifier: 87:91:51:6B:C8:3E:52:5D:FD:E6:33:6C:F4:99:92:9F:CE:87:CB:C7
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 0191F9AE330E72153C7D605B8678D37C5573
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/h5FRa8g-Ul395jNs9JmSn86Hy8c.roa
Signing time: Mon 16 Sep 2024 07:13:48 +0000
ROA not before: Mon 16 Sep 2024 07:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15695
IP address blocks: 5.253.88.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
86.48.192.0/24 maxlen: 24
86.48.193.0/24 maxlen: 24
86.48.208.0/24 maxlen: 24
86.48.209.0/24 maxlen: 24
86.48.210.0/24 maxlen: 24
86.48.211.0/24 maxlen: 24
86.48.212.0/24 maxlen: 24
86.48.214.0/24 maxlen: 24
86.48.216.0/24 maxlen: 24
86.48.217.0/24 maxlen: 24
86.48.218.0/24 maxlen: 24
86.48.219.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.221.0/24 maxlen: 24
86.48.222.0/24 maxlen: 24
86.48.223.0/24 maxlen: 24
86.48.224.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
86.48.241.0/24 maxlen: 24
86.48.242.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
195.238.244.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
2a0c:5900:1000::/36 maxlen: 36
2a0c:5900:2000::/36 maxlen: 36
2a0c:5900:3000::/36 maxlen: 36
2a0c:5900:4000::/36 maxlen: 36
2a0c:5900:5000::/36 maxlen: 36
2a0c:5900:6000::/36 maxlen: 36
2a0c:5900:7000::/36 maxlen: 36
2a0c:5900:8000::/36 maxlen: 36
2a0c:5900:9000::/36 maxlen: 36
2a0c:5900:a000::/36 maxlen: 36
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:ae:33:0e:72:15:3c:7d:60:5b:86:78:d3:7c:55:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Sep 16 07:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8791516bc83e525dfde6336cf499929fce87cbc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b8:b7:30:3b:5f:63:de:6a:35:cf:78:ed:e4:
c9:17:cd:12:2e:57:86:ff:74:8f:49:26:2a:15:cf:
2c:10:64:81:aa:46:73:9c:9d:47:1c:da:2b:24:22:
61:f3:f5:fd:46:81:fc:0b:4c:c9:21:04:bd:ad:00:
56:5f:1b:f4:c5:75:ab:30:ca:54:70:1c:88:89:4b:
cc:42:88:6a:5a:df:5e:00:f6:80:8a:d1:ff:20:d2:
6a:3d:27:9f:8d:aa:77:b0:1d:25:ff:12:3e:93:d3:
fa:b5:20:84:e8:56:dc:92:fb:90:77:18:99:f5:26:
cd:99:41:9f:a9:ca:7b:d1:d0:50:dc:7a:4c:84:c6:
19:18:1c:42:85:78:1e:3d:60:b0:9c:0a:43:c8:e6:
22:83:fa:9d:80:2c:19:a4:a4:f9:ee:fd:1e:0f:d3:
4e:53:35:76:bb:33:6c:a6:3c:20:6f:17:db:a6:3e:
52:7f:6b:9c:4c:51:e5:64:74:ac:c2:3c:08:b4:6d:
eb:5c:67:55:fa:0a:5f:d1:ec:e7:7c:ec:db:0e:b8:
3f:3e:94:8b:24:16:52:57:bb:48:26:59:f9:3b:d2:
f1:19:9c:cd:84:7c:b1:1f:fa:42:54:1e:34:76:11:
f4:04:3f:00:cb:26:62:90:ca:28:d9:ed:80:7a:fd:
a1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:91:51:6B:C8:3E:52:5D:FD:E6:33:6C:F4:99:92:9F:CE:87:CB:C7
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/h5FRa8g-Ul395jNs9JmSn86Hy8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.192.0/23
86.48.208.0-86.48.212.255
86.48.214.0/24
86.48.216.0-86.48.224.255
86.48.240.0-86.48.242.255
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
2a0c:5900:1000::-2a0c:5900:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:65:99:98:6e:14:65:1d:f3:be:88:10:47:33:a8:e8:ad:de:
3a:a4:9d:7b:4a:0c:ff:3b:49:11:84:c3:bf:76:9e:7a:2c:71:
d5:61:37:f7:12:12:56:0b:4d:1b:60:84:1c:24:c3:94:f3:e1:
3a:1b:94:e2:1b:c1:82:be:0a:c5:4a:d9:b3:c0:28:c8:fd:ba:
dd:64:6d:05:e9:40:88:f9:69:df:20:e5:cd:6e:61:4a:69:a7:
43:02:06:26:cb:61:eb:bc:c7:c7:3e:6e:6a:c9:e0:9d:8f:09:
4c:08:1d:e5:bf:28:69:0b:80:3a:60:f3:25:03:57:cc:f6:39:
25:f8:58:81:e0:81:61:c5:19:95:9d:ff:57:ed:e5:9c:b7:a9:
c3:f9:f2:23:08:aa:a8:cc:9d:8c:9e:76:ad:44:2d:04:46:58:
80:c1:81:5f:d0:80:3b:fd:26:70:3f:4f:77:a3:a3:bf:5e:ac:
fe:dc:71:5f:7a:d9:64:31:51:7f:f4:9f:84:35:be:3d:c7:b0:
bf:57:c0:f1:54:d1:12:3a:5f:5b:ce:fd:8b:43:f1:f2:84:ed:
6d:88:17:36:62:ad:13:93:9e:c1:7c:48:ce:cf:1f:1b:37:1d:
a7:aa:e1:75:f1:f6:e1:54:bc:d9:8f:16:2e:25:e9:0f:f5:af:
9e:6c:57:63
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZH5rjMOchU8fWBbhnjTfFVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQwOTE2MDcxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkxNTE2YmM4M2U1MjVkZmRlNjMzNmNmNDk5OTI5ZmNlODdjYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLi3MDtfY95qNc947eTJF80SLleG
/3SPSSYqFc8sEGSBqkZznJ1HHNorJCJh8/X9RoH8C0zJIQS9rQBWXxv0xXWrMMpU
cByIiUvMQohqWt9eAPaAitH/INJqPSefjap3sB0l/xI+k9P6tSCE6FbckvuQdxiZ
9SbNmUGfqcp70dBQ3HpMhMYZGBxChXgePWCwnApDyOYig/qdgCwZpKT57v0eD9NO
UzV2uzNspjwgbxfbpj5Sf2ucTFHlZHSswjwItG3rXGdV+gpf0eznfOzbDrg/PpSL
JBZSV7tIJln5O9LxGZzNhHyxH/pCVB40dhH0BD8AyyZikMoo2e2Aev2hqQIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFIeRUWvIPlJd/eYzbPSZkp/Oh8vHMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvaDVGUmE4Zy1VbDM5NWpOczlKbVNuODZIeThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCBlwQCAAEwgZAD
BAIF/VgDBAMlGuADBAItUdwDBAEtXVQDBAAtXVcDBAAtXr4DBAItX9gDBAQ/98AD
BAFWMMAwDAMEBFYw0AMEAFYw1AMEAFYw1jAMAwQDVjDYAwQAVjDgMAwDBARWMPAD
BABWMPIDBAJbZxADBABbZxUDBABbZxcDBAK5PnQDBAHBoIYDBADD7vQDBATYrEAw
dAQCAAIwbgMHACoADLgAMTASAwcAKgAMuAAzAwcAKgAMuAA0AwcAKgAMuAA5AwcA
KgAMuABBAwcAKgAMuABEAwcBKgAMuABIAwcAKgAMuAFEAwcAKgAMuANTAwcAKgAM
uAlxMBADBgQqDFkAEAMGBCoMWQCgMA0GCSqGSIb3DQEBCwUAA4IBAQAFZZmYbhRl
HfO+iBBHM6jord46pJ17Sgz/O0kRhMO/dp56LHHVYTf3EhJWC00bYIQcJMOU8+E6
G5TiG8GCvgrFStmzwCjI/brdZG0F6UCI+WnfIOXNbmFKaadDAgYmy2HrvMfHPm5q
yeCdjwlMCB3lvyhpC4A6YPMlA1fM9jkl+FiB4IFhxRmVnf9X7eWct6nD+fIjCKqo
zJ2MnnatRC0ERliAwYFf0IA7/SZwP093o6O/Xqz+3HFfetlkMVF/9J+ENb49x7C/
V8DxVNESOl9bzv2LQ/HyhO1tiBc2Yq0Tk57BfEjOzx8bNx2nquF18fbhVLzZjxYu
JekP9a+ebFdj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:25 2025 by rpki-client