Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/UywtckxQbQR873_TGpfoKNbHfXg.roa
File: UywtckxQbQR873_TGpfoKNbHfXg.roa (raw, json)
Hash identifier: TK77gjPTQz1H/ulz62bFmoqHCSgJwIEZ9X9Oz5rd11c=
Subject key identifier: 53:2C:2D:72:4C:50:6D:04:7C:EF:7F:D3:1A:97:E8:28:D6:C7:7D:78
Certificate issuer: /CN=5f96676cf398d3994c4dd4a296594614dff586c7
Certificate serial: 083F947A
Authority key identifier: 5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/UywtckxQbQR873_TGpfoKNbHfXg.roa
Signing time: Thu 24 Feb 2022 01:07:47 +0000
ROA not before: Thu 24 Feb 2022 01:07:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198417
IP address blocks: 89.43.39.0/24 maxlen: 24
92.114.1.0/24 maxlen: 24
89.39.151.0/24 maxlen: 24
188.208.18.0/24 maxlen: 24
93.117.64.0/24 maxlen: 24
89.40.68.0/24 maxlen: 24
92.114.99.0/24 maxlen: 24
86.107.188.0/24 maxlen: 24
89.47.35.0/24 maxlen: 24
92.114.34.0/24 maxlen: 24
86.106.82.0/24 maxlen: 24
89.35.152.0/24 maxlen: 24
37.153.137.0/24 maxlen: 24
94.177.64.0/24 maxlen: 24
89.42.34.0/24 maxlen: 24
94.177.119.0/24 maxlen: 24
89.32.201.0/24 maxlen: 24
89.32.205.0/24 maxlen: 24
188.241.70.0/24 maxlen: 24
89.32.124.0/24 maxlen: 24
89.32.128.0/24 maxlen: 24
93.113.88.0/24 maxlen: 24
86.106.178.0/24 maxlen: 24
93.113.108.0/24 maxlen: 24
89.38.56.0/24 maxlen: 24
89.34.218.0/24 maxlen: 24
89.38.71.0/24 maxlen: 24
89.45.9.0/24 maxlen: 24
188.240.16.0/24 maxlen: 24
89.34.175.0/24 maxlen: 24
188.240.46.0/24 maxlen: 24
31.14.253.0/24 maxlen: 24
86.106.21.0/24 maxlen: 24
176.223.162.0/24 maxlen: 24
84.247.57.0/24 maxlen: 24
86.105.194.0/24 maxlen: 24
86.105.197.0/24 maxlen: 24
31.14.218.0/24 maxlen: 24
176.223.180.0/24 maxlen: 24
31.14.232.0/24 maxlen: 24
159.20.112.0/24 maxlen: 24
159.20.113.0/24 maxlen: 24
159.20.114.0/24 maxlen: 24
159.20.115.0/24 maxlen: 24
159.20.116.0/24 maxlen: 24
93.118.44.0/24 maxlen: 24
93.114.141.0/24 maxlen: 24
89.40.131.0/24 maxlen: 24
89.44.106.0/24 maxlen: 24
89.41.30.0/24 maxlen: 24
31.14.64.0/24 maxlen: 24
93.114.250.0/24 maxlen: 24
2a10:3ec0::/29 maxlen: 29
2a10:3ec0:32::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138384506 (0x83f947a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f96676cf398d3994c4dd4a296594614dff586c7
Validity
Not Before: Feb 24 01:07:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=532c2d724c506d047cef7fd31a97e828d6c77d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:14:b1:55:34:d0:c0:11:87:af:e9:4c:d4:de:
76:87:72:21:aa:4b:3f:e3:bf:89:7e:3b:96:56:d6:
12:be:71:26:e7:af:3d:9e:f2:f0:d9:c8:fa:a4:b6:
d4:b1:78:6d:25:ca:6f:58:b8:73:cf:27:7c:e7:c6:
c1:e2:97:ff:10:29:8b:e1:40:e7:23:2d:35:b4:51:
ee:95:d1:60:ea:b7:f9:60:ce:4b:81:ca:76:23:f0:
e9:4c:f3:e2:85:22:98:bd:cb:17:12:6e:75:f1:01:
5d:57:25:1b:1e:d1:cf:9f:7a:8c:91:20:ee:39:97:
e7:2e:8f:b1:6f:4e:84:e0:c9:d1:c5:57:c2:e1:c7:
e3:b8:02:7d:93:5d:86:db:8f:fa:c2:24:f3:b6:aa:
f2:1a:9c:db:b1:ea:b3:6b:49:5f:27:b4:09:37:14:
79:af:0d:61:5b:f7:98:29:a1:04:0b:c6:a9:70:4e:
85:60:2f:a9:4c:ec:dc:06:20:72:66:86:91:98:af:
05:f0:72:52:b7:cb:58:89:97:80:3e:44:22:c6:a7:
2b:ce:bb:de:c8:2f:32:1f:8d:e2:3d:1e:17:62:3b:
2d:80:2e:1f:af:51:e2:6b:05:75:0f:52:84:4d:86:
f1:93:02:08:8c:48:a6:92:8e:af:3f:fa:7a:c8:e6:
c8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:2C:2D:72:4C:50:6D:04:7C:EF:7F:D3:1A:97:E8:28:D6:C7:7D:78
X509v3 Authority Key Identifier:
keyid:5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/UywtckxQbQR873_TGpfoKNbHfXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.64.0/24
31.14.218.0/24
31.14.232.0/24
31.14.253.0/24
37.153.137.0/24
84.247.57.0/24
86.105.194.0/24
86.105.197.0/24
86.106.21.0/24
86.106.82.0/24
86.106.178.0/24
86.107.188.0/24
89.32.124.0/24
89.32.128.0/24
89.32.201.0/24
89.32.205.0/24
89.34.175.0/24
89.34.218.0/24
89.35.152.0/24
89.38.56.0/24
89.38.71.0/24
89.39.151.0/24
89.40.68.0/24
89.40.131.0/24
89.41.30.0/24
89.42.34.0/24
89.43.39.0/24
89.44.106.0/24
89.45.9.0/24
89.47.35.0/24
92.114.1.0/24
92.114.34.0/24
92.114.99.0/24
93.113.88.0/24
93.113.108.0/24
93.114.141.0/24
93.114.250.0/24
93.117.64.0/24
93.118.44.0/24
94.177.64.0/24
94.177.119.0/24
159.20.112.0-159.20.116.255
176.223.162.0/24
176.223.180.0/24
188.208.18.0/24
188.240.16.0/24
188.240.46.0/24
188.241.70.0/24
IPv6:
2a10:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
39:83:15:98:41:8e:d2:69:97:d4:9d:d1:df:6d:d6:4a:1d:36:
89:0e:26:02:87:df:b5:8d:b2:58:a2:c9:88:8a:db:26:8d:09:
35:2e:fe:82:fb:82:77:75:cb:f6:19:e5:42:36:c2:e8:8d:4e:
21:6b:33:90:bd:94:01:6e:c4:f9:a7:74:e6:87:8f:0f:bf:98:
a0:fe:e4:dc:7d:6c:aa:d2:94:0a:f2:36:2e:43:26:b7:01:80:
bc:39:ae:f7:e4:21:a1:02:52:a8:14:3b:d2:c5:fa:c8:4d:a0:
da:5f:b2:d2:7e:fd:5f:2d:2e:80:25:36:e3:ac:03:47:b9:39:
cd:4b:cf:bc:fd:e6:9a:8c:e1:59:d3:06:6a:9f:7a:09:7c:15:
dd:12:42:79:04:17:02:b9:b7:3d:75:a0:ee:2d:91:32:78:a4:
4f:49:37:50:5a:89:ea:fd:42:8f:43:e6:cd:2d:d9:a7:ef:9a:
fa:9f:76:0d:24:07:61:16:43:34:a7:b1:ad:4c:7b:c1:3b:5b:
2b:d4:cd:e4:d3:44:d1:e3:02:4f:ce:c3:ec:5f:89:2d:8a:b0:
73:11:04:0b:ac:93:db:e5:b7:0f:99:0f:a0:08:45:97:12:4f:
10:b0:7f:34:85:1b:87:59:63:5f:d5:7d:e3:db:6b:0f:96:65:
c9:f6:5e:17
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIECD+UejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Zjk2Njc2Y2YzOThkMzk5NGM0ZGQ0YTI5NjU5NDYxNGRmZjU4NmM3MB4XDTIyMDIy
NDAxMDc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTMyYzJkNzI0YzUw
NmQwNDdjZWY3ZmQzMWE5N2U4MjhkNmM3N2Q3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPgUsVU00MARh6/pTNTedodyIapLP+O/iX47llbWEr5xJuev
PZ7y8NnI+qS21LF4bSXKb1i4c88nfOfGweKX/xApi+FA5yMtNbRR7pXRYOq3+WDO
S4HKdiPw6Uzz4oUimL3LFxJudfEBXVclGx7Rz596jJEg7jmX5y6PsW9OhODJ0cVX
wuHH47gCfZNdhtuP+sIk87aq8hqc27Hqs2tJXye0CTcUea8NYVv3mCmhBAvGqXBO
hWAvqUzs3AYgcmaGkZivBfByUrfLWImXgD5EIsanK8673sgvMh+N4j0eF2I7LYAu
H69R4msFdQ9ShE2G8ZMCCIxIppKOrz/6esjmyMUCAwEAAaOCA0QwggNAMB0GA1Ud
DgQWBBRTLC1yTFBtBHzvf9Mal+go1sd9eDAfBgNVHSMEGDAWgBRflmds85jTmUxN
1KKWWUYU3/WGxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1g1Wm5iUE9ZMDVsTVRkU2lsbGxHRk5fMWhzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNmE2ODA1LTVjZTAtNDEyOC1hMDRjLWY2MmYzNWFmNDM3MS8x
L1V5d3Rja3hRYlFSODczX1RHcGZvS05iSGZYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NmE2ODA1LTVjZTAtNDEyOC1hMDRjLWY2MmYzNWFmNDM3MS8xL1g1Wm5iUE9ZMDVs
TVRkU2lsbGxHRk5fMWhzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVgGCCsGAQUFBwEHAQH/BIIBRzCCAUMwggEwBAIAATCCASgDBAAfDkADBAAfDtoD
BAAfDugDBAAfDv0DBAAlmYkDBABU9zkDBABWacIDBABWacUDBABWahUDBABWalID
BABWarIDBABWa7wDBABZIHwDBABZIIADBABZIMkDBABZIM0DBABZIq8DBABZItoD
BABZI5gDBABZJjgDBABZJkcDBABZJ5cDBABZKEQDBABZKIMDBABZKR4DBABZKiID
BABZKycDBABZLGoDBABZLQkDBABZLyMDBABccgEDBABcciIDBABccmMDBABdcVgD
BABdcWwDBABdco0DBABdcvoDBABddUADBABddiwDBABesUADBABesXcwDAMEBJ8U
cAMEAJ8UdAMEALDfogMEALDftAMEALzQEgMEALzwEAMEALzwLgMEALzxRjANBAIA
AjAHAwUDKhA+wDANBgkqhkiG9w0BAQsFAAOCAQEAOYMVmEGO0mmX1J3R323WSh02
iQ4mAofftY2yWKLJiIrbJo0JNS7+gvuCd3XL9hnlQjbC6I1OIWszkL2UAW7E+ad0
5oePD7+YoP7k3H1sqtKUCvI2LkMmtwGAvDmu9+QhoQJSqBQ70sX6yE2g2l+y0n79
Xy0ugCU246wDR7k5zUvPvP3mmozhWdMGap96CXwV3RJCeQQXArm3PXWg7i2RMnik
T0k3UFqJ6v1Cj0PmzS3Zp++a+p92DSQHYRZDNKexrUx7wTtbK9TN5NNE0eMCT87D
7F+JLYqwcxEEC6yT2+W3D5kPoAhFlxJPELB/NIUbh1ljX9V949trD5ZlyfZeFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:10 2024 by rpki-client on console-fra.rpki-client.org