Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/Kk01DUpzf1xSnRZ0JtPKFJs2AFU.roa
File: Kk01DUpzf1xSnRZ0JtPKFJs2AFU.roa (raw, json)
Hash identifier: RG6yczDieGCHefhX2f+1KzO2OAbJXBR7KhQ01D1L9qs=
Subject key identifier: 2A:4D:35:0D:4A:73:7F:5C:52:9D:16:74:26:D3:CA:14:9B:36:00:55
Certificate issuer: /CN=5f96676cf398d3994c4dd4a296594614dff586c7
Certificate serial: 01856E38C9E6A5697D9D94699854F7551ABC
Authority key identifier: 5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/Kk01DUpzf1xSnRZ0JtPKFJs2AFU.roa
Signing time: Sun 01 Jan 2023 16:44:53 +0000
ROA not before: Sun 01 Jan 2023 16:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198417
IP address blocks: 89.43.39.0/24 maxlen: 24
92.114.1.0/24 maxlen: 24
89.39.151.0/24 maxlen: 24
188.208.18.0/24 maxlen: 24
93.117.64.0/24 maxlen: 24
89.40.68.0/24 maxlen: 24
92.114.99.0/24 maxlen: 24
86.107.188.0/24 maxlen: 24
89.47.35.0/24 maxlen: 24
92.114.34.0/24 maxlen: 24
86.106.82.0/24 maxlen: 24
89.35.152.0/24 maxlen: 24
37.153.137.0/24 maxlen: 24
94.177.64.0/24 maxlen: 24
89.42.34.0/24 maxlen: 24
94.177.119.0/24 maxlen: 24
89.32.201.0/24 maxlen: 24
89.32.205.0/24 maxlen: 24
188.241.70.0/24 maxlen: 24
89.32.124.0/24 maxlen: 24
89.32.128.0/24 maxlen: 24
93.113.88.0/24 maxlen: 24
86.106.178.0/24 maxlen: 24
93.113.108.0/24 maxlen: 24
89.38.56.0/24 maxlen: 24
89.34.218.0/24 maxlen: 24
89.38.71.0/24 maxlen: 24
89.45.9.0/24 maxlen: 24
188.240.16.0/24 maxlen: 24
89.34.175.0/24 maxlen: 24
188.240.46.0/24 maxlen: 24
31.14.253.0/24 maxlen: 24
86.106.21.0/24 maxlen: 24
176.223.162.0/24 maxlen: 24
84.247.57.0/24 maxlen: 24
86.105.194.0/24 maxlen: 24
86.105.197.0/24 maxlen: 24
31.14.218.0/24 maxlen: 24
176.223.180.0/24 maxlen: 24
31.14.232.0/24 maxlen: 24
159.20.112.0/24 maxlen: 24
159.20.113.0/24 maxlen: 24
159.20.114.0/24 maxlen: 24
159.20.115.0/24 maxlen: 24
159.20.116.0/24 maxlen: 24
93.118.44.0/24 maxlen: 24
93.114.141.0/24 maxlen: 24
89.40.131.0/24 maxlen: 24
89.44.106.0/24 maxlen: 24
89.41.30.0/24 maxlen: 24
31.14.64.0/24 maxlen: 24
93.114.250.0/24 maxlen: 24
2a10:3ec0::/29 maxlen: 29
2a10:3ec0:32::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:c9:e6:a5:69:7d:9d:94:69:98:54:f7:55:1a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f96676cf398d3994c4dd4a296594614dff586c7
Validity
Not Before: Jan 1 16:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a4d350d4a737f5c529d167426d3ca149b360055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f6:de:2c:a3:8b:8a:cc:0b:78:04:52:71:e5:
18:d0:f5:71:dd:d1:4b:32:0c:71:ea:c1:cf:43:fb:
35:1f:56:1d:d4:a1:59:5a:9b:bf:aa:15:dd:68:d6:
b1:2b:a6:f9:0b:74:d1:ce:d7:f3:0a:1a:ae:7d:d2:
77:8d:34:1a:0c:b1:2f:10:40:c4:47:64:4c:cc:fd:
98:a5:5c:79:a0:9b:35:88:a9:d0:82:aa:d0:f1:c9:
b4:37:bf:12:11:ac:5c:7a:7d:b7:2d:91:62:32:e4:
f2:ef:4b:bd:05:36:83:00:65:96:e3:c6:cc:97:81:
f1:5e:55:80:29:73:7e:0c:50:e9:2f:b6:18:2a:d6:
ac:a1:63:9a:c1:38:f0:c9:80:0f:5b:a3:8d:f3:e9:
79:cc:b3:67:c7:1f:a3:04:19:a7:7f:c1:4a:1a:32:
4a:96:fc:2b:04:49:14:b9:a7:55:0f:15:20:06:aa:
4f:98:8f:92:7c:4d:92:b2:58:99:3d:b3:46:45:c2:
55:24:7f:5a:e5:97:d6:3e:0e:2d:82:36:8e:5c:b2:
be:d0:02:67:45:6b:5c:cd:29:e8:4e:3c:23:81:12:
a9:ce:12:41:b9:81:f6:46:27:c7:fd:60:3f:e6:0d:
a5:97:81:6d:f0:a5:c1:1e:5f:55:7e:01:b4:f4:b4:
7d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4D:35:0D:4A:73:7F:5C:52:9D:16:74:26:D3:CA:14:9B:36:00:55
X509v3 Authority Key Identifier:
keyid:5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/Kk01DUpzf1xSnRZ0JtPKFJs2AFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.64.0/24
31.14.218.0/24
31.14.232.0/24
31.14.253.0/24
37.153.137.0/24
84.247.57.0/24
86.105.194.0/24
86.105.197.0/24
86.106.21.0/24
86.106.82.0/24
86.106.178.0/24
86.107.188.0/24
89.32.124.0/24
89.32.128.0/24
89.32.201.0/24
89.32.205.0/24
89.34.175.0/24
89.34.218.0/24
89.35.152.0/24
89.38.56.0/24
89.38.71.0/24
89.39.151.0/24
89.40.68.0/24
89.40.131.0/24
89.41.30.0/24
89.42.34.0/24
89.43.39.0/24
89.44.106.0/24
89.45.9.0/24
89.47.35.0/24
92.114.1.0/24
92.114.34.0/24
92.114.99.0/24
93.113.88.0/24
93.113.108.0/24
93.114.141.0/24
93.114.250.0/24
93.117.64.0/24
93.118.44.0/24
94.177.64.0/24
94.177.119.0/24
159.20.112.0-159.20.116.255
176.223.162.0/24
176.223.180.0/24
188.208.18.0/24
188.240.16.0/24
188.240.46.0/24
188.241.70.0/24
IPv6:
2a10:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
46:95:5b:bd:85:f8:7e:55:88:45:77:c9:07:df:58:33:7d:18:
b2:68:82:f4:da:00:33:24:57:30:49:47:d4:4d:a0:8e:c3:64:
9a:63:40:6d:37:c7:7e:bc:5d:c8:f7:7a:cf:fb:3b:35:dd:80:
ae:c5:56:1e:03:dc:0c:10:6e:d3:1f:0f:d8:11:c6:f8:01:99:
d4:dd:ea:af:a6:55:a8:bf:2a:3a:3a:ea:41:db:71:69:35:58:
d7:74:ca:84:a0:ed:fb:74:55:de:f5:cc:07:f5:a1:a6:04:62:
57:84:67:b4:33:1f:1b:fc:61:06:f0:97:a8:4a:be:e6:56:cd:
69:54:9f:65:f4:14:c2:8f:63:7e:44:73:4e:ff:1a:e7:3e:65:
7d:60:14:fd:a6:33:a5:5e:6f:7a:54:eb:35:ca:25:4b:a4:e6:
93:2e:86:1b:34:1d:94:62:eb:b9:5a:ae:df:bf:aa:31:b1:b5:
3d:eb:2f:14:1a:9f:ee:57:cc:29:54:db:35:5f:ea:14:20:9e:
77:21:b9:e7:e9:a9:f7:ce:20:76:99:13:43:31:2b:f7:c9:c8:
85:0f:59:d6:57:8f:47:8d:06:02:87:28:5d:1a:91:92:9d:99:
4a:ec:97:ac:48:4c:be:60:b1:0b:05:9e:ad:21:f1:7b:81:27:
9f:7e:bb:c0
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgISAYVuOMnmpWl9nZRpmFT3VRq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTY2NzZjZjM5OGQzOTk0YzRkZDRhMjk2NTk0NjE0ZGZm
NTg2YzcwHhcNMjMwMTAxMTY0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRkMzUwZDRhNzM3ZjVjNTI5ZDE2NzQyNmQzY2ExNDliMzYwMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/beLKOLiswLeARSceUY0PVx3dFL
Mgxx6sHPQ/s1H1Yd1KFZWpu/qhXdaNaxK6b5C3TRztfzChqufdJ3jTQaDLEvEEDE
R2RMzP2YpVx5oJs1iKnQgqrQ8cm0N78SEaxcen23LZFiMuTy70u9BTaDAGWW48bM
l4HxXlWAKXN+DFDpL7YYKtasoWOawTjwyYAPW6ON8+l5zLNnxx+jBBmnf8FKGjJK
lvwrBEkUuadVDxUgBqpPmI+SfE2SsliZPbNGRcJVJH9a5ZfWPg4tgjaOXLK+0AJn
RWtczSnoTjwjgRKpzhJBuYH2RifH/WA/5g2ll4Ft8KXBHl9VfgG09LR9gQIDAQAB
o4IDRDCCA0AwHQYDVR0OBBYEFCpNNQ1Kc39cUp0WdCbTyhSbNgBVMB8GA1UdIwQY
MBaAFF+WZ2zzmNOZTE3UopZZRhTf9YbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMt
ZjYyZjM1YWY0MzcxLzEvS2swMURVcHpmMXhTblJaMEp0UEtGSnMyQUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMtZjYyZjM1YWY0Mzcx
LzEvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWAYIKwYBBQUHAQcBAf8EggFHMIIBQzCCATAEAgABMIIB
KAMEAB8OQAMEAB8O2gMEAB8O6AMEAB8O/QMEACWZiQMEAFT3OQMEAFZpwgMEAFZp
xQMEAFZqFQMEAFZqUgMEAFZqsgMEAFZrvAMEAFkgfAMEAFkggAMEAFkgyQMEAFkg
zQMEAFkirwMEAFki2gMEAFkjmAMEAFkmOAMEAFkmRwMEAFknlwMEAFkoRAMEAFko
gwMEAFkpHgMEAFkqIgMEAFkrJwMEAFksagMEAFktCQMEAFkvIwMEAFxyAQMEAFxy
IgMEAFxyYwMEAF1xWAMEAF1xbAMEAF1yjQMEAF1y+gMEAF11QAMEAF12LAMEAF6x
QAMEAF6xdzAMAwQEnxRwAwQAnxR0AwQAsN+iAwQAsN+0AwQAvNASAwQAvPAQAwQA
vPAuAwQAvPFGMA0EAgACMAcDBQMqED7AMA0GCSqGSIb3DQEBCwUAA4IBAQBGlVu9
hfh+VYhFd8kH31gzfRiyaIL02gAzJFcwSUfUTaCOw2SaY0BtN8d+vF3I93rP+zs1
3YCuxVYeA9wMEG7THw/YEcb4AZnU3eqvplWovyo6OupB23FpNVjXdMqEoO37dFXe
9cwH9aGmBGJXhGe0Mx8b/GEG8JeoSr7mVs1pVJ9l9BTCj2N+RHNO/xrnPmV9YBT9
pjOlXm96VOs1yiVLpOaTLoYbNB2UYuu5Wq7fv6oxsbU96y8UGp/uV8wpVNs1X+oU
IJ53Ibnn6an3ziB2mRNDMSv3yciFD1nWV49HjQYChyhdGpGSnZlK7JesSEy+YLEL
BZ6tIfF7gSeffrvA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:28 2024 by rpki-client on console-ams.rpki-client.org