Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/tbF8XJTPxmDR28vwRaBL7Q_4Cjs.roa
File: tbF8XJTPxmDR28vwRaBL7Q_4Cjs.roa (raw, json)
Hash identifier: yM0W+rkzg8aZrJYoU+TZ826Q3c4ENwCoJaHeDmH02v8=
Subject key identifier: B5:B1:7C:5C:94:CF:C6:60:D1:DB:CB:F0:45:A0:4B:ED:0F:F8:0A:3B
Certificate issuer: /CN=5f96676cf398d3994c4dd4a296594614dff586c7
Certificate serial: 018CC8DE65AD55D97D5E2D2408BE3D46E2C5
Authority key identifier: 5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/tbF8XJTPxmDR28vwRaBL7Q_4Cjs.roa
Signing time: Tue 02 Jan 2024 06:31:07 +0000
ROA not before: Tue 02 Jan 2024 06:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198417
IP address blocks: 89.43.39.0/24 maxlen: 24
92.114.1.0/24 maxlen: 24
89.39.151.0/24 maxlen: 24
188.208.18.0/24 maxlen: 24
93.117.64.0/24 maxlen: 24
89.40.68.0/24 maxlen: 24
92.114.99.0/24 maxlen: 24
86.107.188.0/24 maxlen: 24
89.47.35.0/24 maxlen: 24
92.114.34.0/24 maxlen: 24
86.106.82.0/24 maxlen: 24
89.35.152.0/24 maxlen: 24
37.153.137.0/24 maxlen: 24
94.177.64.0/24 maxlen: 24
89.42.34.0/24 maxlen: 24
94.177.119.0/24 maxlen: 24
89.32.201.0/24 maxlen: 24
89.32.205.0/24 maxlen: 24
188.241.70.0/24 maxlen: 24
89.32.124.0/24 maxlen: 24
89.32.128.0/24 maxlen: 24
93.113.88.0/24 maxlen: 24
86.106.178.0/24 maxlen: 24
93.113.108.0/24 maxlen: 24
89.38.56.0/24 maxlen: 24
89.34.218.0/24 maxlen: 24
89.38.71.0/24 maxlen: 24
89.45.9.0/24 maxlen: 24
188.240.16.0/24 maxlen: 24
89.34.175.0/24 maxlen: 24
188.240.46.0/24 maxlen: 24
31.14.253.0/24 maxlen: 24
86.106.21.0/24 maxlen: 24
176.223.162.0/24 maxlen: 24
84.247.57.0/24 maxlen: 24
86.105.194.0/24 maxlen: 24
86.105.197.0/24 maxlen: 24
31.14.218.0/24 maxlen: 24
176.223.180.0/24 maxlen: 24
31.14.232.0/24 maxlen: 24
159.20.112.0/24 maxlen: 24
159.20.113.0/24 maxlen: 24
159.20.114.0/24 maxlen: 24
159.20.115.0/24 maxlen: 24
159.20.116.0/24 maxlen: 24
93.118.44.0/24 maxlen: 24
93.114.141.0/24 maxlen: 24
89.40.131.0/24 maxlen: 24
89.44.106.0/24 maxlen: 24
89.41.30.0/24 maxlen: 24
31.14.64.0/24 maxlen: 24
93.114.250.0/24 maxlen: 24
2a10:3ec0::/29 maxlen: 29
2a10:3ec0:32::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:65:ad:55:d9:7d:5e:2d:24:08:be:3d:46:e2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f96676cf398d3994c4dd4a296594614dff586c7
Validity
Not Before: Jan 2 06:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5b17c5c94cfc660d1dbcbf045a04bed0ff80a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:07:c3:95:f1:b5:07:e1:a9:cc:3b:39:7f:08:
a7:f8:cc:d9:10:a6:bb:54:ce:8e:44:35:6c:c4:a5:
ba:0d:a3:1f:53:d9:c0:e1:07:ec:4f:52:0a:e2:25:
5e:cb:4f:84:90:de:88:d1:53:21:56:ef:64:91:76:
60:92:5e:e6:00:1a:3b:d8:0a:ac:d1:e9:5d:7b:7e:
d2:2a:6a:0b:be:ff:98:1a:41:59:af:3f:d6:eb:d6:
38:9d:92:2b:68:1f:34:ca:7d:b1:67:5e:4f:42:1a:
ec:ef:82:42:9c:45:0d:85:ef:f9:f9:47:51:5f:fd:
75:24:9c:ec:5b:1d:0e:f0:26:2c:d4:75:5c:0a:43:
d7:b1:b0:06:81:50:aa:e8:bb:bd:d3:c7:22:26:c2:
77:26:21:ba:d5:38:32:fb:6c:52:76:84:74:ea:b3:
12:8b:3c:bc:8e:92:50:90:39:07:15:4b:67:bc:9d:
76:7b:ca:da:c2:53:78:26:6d:7c:26:4b:97:89:6c:
af:17:85:51:3f:99:cb:94:15:da:2e:20:28:d7:19:
5c:f9:36:3a:87:7d:e2:94:85:97:0a:5c:ed:2d:80:
c7:10:5e:40:1c:3c:ab:8e:70:fa:6b:7e:11:05:44:
b8:d3:2d:bd:b3:37:2b:93:ea:a3:cf:6c:78:20:0e:
b7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B1:7C:5C:94:CF:C6:60:D1:DB:CB:F0:45:A0:4B:ED:0F:F8:0A:3B
X509v3 Authority Key Identifier:
keyid:5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/tbF8XJTPxmDR28vwRaBL7Q_4Cjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.64.0/24
31.14.218.0/24
31.14.232.0/24
31.14.253.0/24
37.153.137.0/24
84.247.57.0/24
86.105.194.0/24
86.105.197.0/24
86.106.21.0/24
86.106.82.0/24
86.106.178.0/24
86.107.188.0/24
89.32.124.0/24
89.32.128.0/24
89.32.201.0/24
89.32.205.0/24
89.34.175.0/24
89.34.218.0/24
89.35.152.0/24
89.38.56.0/24
89.38.71.0/24
89.39.151.0/24
89.40.68.0/24
89.40.131.0/24
89.41.30.0/24
89.42.34.0/24
89.43.39.0/24
89.44.106.0/24
89.45.9.0/24
89.47.35.0/24
92.114.1.0/24
92.114.34.0/24
92.114.99.0/24
93.113.88.0/24
93.113.108.0/24
93.114.141.0/24
93.114.250.0/24
93.117.64.0/24
93.118.44.0/24
94.177.64.0/24
94.177.119.0/24
159.20.112.0-159.20.116.255
176.223.162.0/24
176.223.180.0/24
188.208.18.0/24
188.240.16.0/24
188.240.46.0/24
188.241.70.0/24
IPv6:
2a10:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
13:3f:3b:43:6a:88:06:85:bf:37:1a:b9:1a:20:0b:f5:e6:39:
13:1e:53:1f:bc:97:4a:24:5c:99:d6:14:29:24:b0:18:27:d8:
99:b6:c1:38:4e:99:37:e3:c0:2a:fd:49:20:32:09:fc:5c:bc:
0b:be:f5:57:d1:25:41:25:b7:7b:c6:56:93:ee:8f:16:94:d7:
0d:1c:16:eb:5a:9d:8e:22:e7:73:b4:f2:d8:22:c7:42:e9:98:
55:23:e3:61:a6:63:58:64:e8:de:8a:9f:8b:c5:c6:ee:8e:3b:
c5:93:7c:c8:bc:0c:6b:4a:ef:54:bb:45:dc:a8:ab:c9:b0:3f:
a8:4b:f1:c5:ae:ce:92:b7:6f:20:22:83:20:95:ec:40:78:45:
c4:6f:f1:00:f7:2e:b0:eb:68:89:ba:d7:9c:73:44:5b:a8:43:
d0:82:91:86:19:cc:fc:94:ec:b8:5d:d2:c1:dd:53:9a:5e:f0:
78:3e:1d:a3:ff:45:69:a8:ed:04:ec:df:93:45:2a:99:44:ac:
5b:d9:53:d7:f0:86:13:ad:e8:47:21:31:40:dd:3d:5b:24:06:
63:cb:cf:dc:78:1e:c7:a7:6b:46:ec:9f:e3:c0:be:6c:02:00:
b7:0c:03:79:1a:25:36:a2:07:ba:03:ca:a5:5e:70:36:85:e2:
ce:58:d2:64
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgISAYzI3mWtVdl9Xi0kCL49RuLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTY2NzZjZjM5OGQzOTk0YzRkZDRhMjk2NTk0NjE0ZGZm
NTg2YzcwHhcNMjQwMTAyMDYzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIxN2M1Yzk0Y2ZjNjYwZDFkYmNiZjA0NWEwNGJlZDBmZjgwYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQfDlfG1B+GpzDs5fwin+MzZEKa7
VM6ORDVsxKW6DaMfU9nA4QfsT1IK4iVey0+EkN6I0VMhVu9kkXZgkl7mABo72Aqs
0elde37SKmoLvv+YGkFZrz/W69Y4nZIraB80yn2xZ15PQhrs74JCnEUNhe/5+UdR
X/11JJzsWx0O8CYs1HVcCkPXsbAGgVCq6Lu908ciJsJ3JiG61Tgy+2xSdoR06rMS
izy8jpJQkDkHFUtnvJ12e8rawlN4Jm18JkuXiWyvF4VRP5nLlBXaLiAo1xlc+TY6
h33ilIWXClztLYDHEF5AHDyrjnD6a34RBUS40y29szcrk+qjz2x4IA63RQIDAQAB
o4IDRDCCA0AwHQYDVR0OBBYEFLWxfFyUz8Zg0dvL8EWgS+0P+Ao7MB8GA1UdIwQY
MBaAFF+WZ2zzmNOZTE3UopZZRhTf9YbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMt
ZjYyZjM1YWY0MzcxLzEvdGJGOFhKVFB4bURSMjh2d1JhQkw3UV80Q2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMtZjYyZjM1YWY0Mzcx
LzEvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWAYIKwYBBQUHAQcBAf8EggFHMIIBQzCCATAEAgABMIIB
KAMEAB8OQAMEAB8O2gMEAB8O6AMEAB8O/QMEACWZiQMEAFT3OQMEAFZpwgMEAFZp
xQMEAFZqFQMEAFZqUgMEAFZqsgMEAFZrvAMEAFkgfAMEAFkggAMEAFkgyQMEAFkg
zQMEAFkirwMEAFki2gMEAFkjmAMEAFkmOAMEAFkmRwMEAFknlwMEAFkoRAMEAFko
gwMEAFkpHgMEAFkqIgMEAFkrJwMEAFksagMEAFktCQMEAFkvIwMEAFxyAQMEAFxy
IgMEAFxyYwMEAF1xWAMEAF1xbAMEAF1yjQMEAF1y+gMEAF11QAMEAF12LAMEAF6x
QAMEAF6xdzAMAwQEnxRwAwQAnxR0AwQAsN+iAwQAsN+0AwQAvNASAwQAvPAQAwQA
vPAuAwQAvPFGMA0EAgACMAcDBQMqED7AMA0GCSqGSIb3DQEBCwUAA4IBAQATPztD
aogGhb83GrkaIAv15jkTHlMfvJdKJFyZ1hQpJLAYJ9iZtsE4Tpk348Aq/UkgMgn8
XLwLvvVX0SVBJbd7xlaT7o8WlNcNHBbrWp2OIudztPLYIsdC6ZhVI+NhpmNYZOje
ip+LxcbujjvFk3zIvAxrSu9Uu0XcqKvJsD+oS/HFrs6St28gIoMglexAeEXEb/EA
9y6w62iJutecc0RbqEPQgpGGGcz8lOy4XdLB3VOaXvB4Ph2j/0VpqO0E7N+TRSqZ
RKxb2VPX8IYTrehHITFA3T1bJAZjy8/ceB7Hp2tG7J/jwL5sAgC3DAN5GiU2oge6
A8qlXnA2heLOWNJk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:28 2024 by rpki-client on console-ams.rpki-client.org