Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/a6dvbKvkddZJjPPNP0W69SqHTlQ.roa
File: a6dvbKvkddZJjPPNP0W69SqHTlQ.roa (raw, json)
Hash identifier: HXd/aQ/I0BKm9dRJbL+M+2J02TEePRB8RuvjUMzKL50=
Subject key identifier: 6B:A7:6F:6C:AB:E4:75:D6:49:8C:F3:CD:3F:45:BA:F5:2A:87:4E:54
Certificate issuer: /CN=5503251db69693362a927e2b130467945c54f0fc
Certificate serial: 0193B668631FA750013691226EC4B7D69B33
Authority key identifier: 55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/a6dvbKvkddZJjPPNP0W69SqHTlQ.roa
Signing time: Wed 11 Dec 2024 15:48:34 +0000
ROA not before: Wed 11 Dec 2024 15:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216071
IP address blocks: 5.35.32.0/24 maxlen: 24
5.35.33.0/24 maxlen: 24
5.35.34.0/24 maxlen: 24
5.35.36.0/24 maxlen: 24
5.35.37.0/24 maxlen: 24
5.35.38.0/24 maxlen: 24
5.35.39.0/24 maxlen: 24
5.35.44.0/24 maxlen: 24
5.35.45.0/24 maxlen: 24
5.35.46.0/24 maxlen: 24
5.35.47.0/24 maxlen: 24
5.35.68.0/24 maxlen: 24
5.35.69.0/24 maxlen: 24
5.35.70.0/24 maxlen: 24
5.35.71.0/24 maxlen: 24
77.105.136.0/24 maxlen: 24
77.105.137.0/24 maxlen: 24
77.105.138.0/24 maxlen: 24
77.105.139.0/24 maxlen: 24
77.105.140.0/24 maxlen: 24
77.105.141.0/24 maxlen: 24
77.105.142.0/24 maxlen: 24
77.105.143.0/24 maxlen: 24
77.246.96.0/24 maxlen: 24
77.246.97.0/24 maxlen: 24
77.246.98.0/24 maxlen: 24
77.246.99.0/24 maxlen: 24
77.246.100.0/24 maxlen: 24
77.246.101.0/24 maxlen: 24
77.246.102.0/24 maxlen: 24
77.246.103.0/24 maxlen: 24
77.246.104.0/24 maxlen: 24
77.246.105.0/24 maxlen: 24
77.246.106.0/24 maxlen: 24
77.246.107.0/24 maxlen: 24
77.246.108.0/24 maxlen: 24
77.246.109.0/24 maxlen: 24
77.246.110.0/24 maxlen: 24
77.246.111.0/24 maxlen: 24
89.110.64.0/24 maxlen: 24
89.110.65.0/24 maxlen: 24
89.110.66.0/24 maxlen: 24
89.110.67.0/24 maxlen: 24
89.110.68.0/24 maxlen: 24
89.110.69.0/24 maxlen: 24
89.110.70.0/24 maxlen: 24
89.110.71.0/24 maxlen: 24
89.110.72.0/24 maxlen: 24
89.110.73.0/24 maxlen: 24
89.110.74.0/24 maxlen: 24
89.110.75.0/24 maxlen: 24
89.110.76.0/24 maxlen: 24
89.110.77.0/24 maxlen: 24
89.110.78.0/24 maxlen: 24
89.110.79.0/24 maxlen: 24
89.110.80.0/24 maxlen: 24
89.110.81.0/24 maxlen: 24
89.110.82.0/24 maxlen: 24
89.110.83.0/24 maxlen: 24
89.110.84.0/24 maxlen: 24
89.110.85.0/24 maxlen: 24
89.110.86.0/24 maxlen: 24
89.110.87.0/24 maxlen: 24
89.110.100.0/24 maxlen: 24
89.110.101.0/24 maxlen: 24
89.110.102.0/24 maxlen: 24
89.110.103.0/24 maxlen: 24
89.110.104.0/24 maxlen: 24
89.110.105.0/24 maxlen: 24
89.110.106.0/24 maxlen: 24
89.110.107.0/24 maxlen: 24
89.110.108.0/24 maxlen: 24
89.110.109.0/24 maxlen: 24
89.110.110.0/24 maxlen: 24
89.110.111.0/24 maxlen: 24
89.110.112.0/24 maxlen: 24
89.110.113.0/24 maxlen: 24
89.110.114.0/24 maxlen: 24
89.110.115.0/24 maxlen: 24
89.110.116.0/24 maxlen: 24
89.110.117.0/24 maxlen: 24
89.110.118.0/24 maxlen: 24
89.110.119.0/24 maxlen: 24
89.110.120.0/24 maxlen: 24
89.110.121.0/24 maxlen: 24
89.110.122.0/24 maxlen: 24
89.110.123.0/24 maxlen: 24
89.110.124.0/24 maxlen: 24
89.110.125.0/24 maxlen: 24
89.110.126.0/24 maxlen: 24
89.110.127.0/24 maxlen: 24
93.183.88.0/24 maxlen: 24
93.183.89.0/24 maxlen: 24
93.183.90.0/24 maxlen: 24
93.183.91.0/24 maxlen: 24
109.107.164.0/24 maxlen: 24
109.107.165.0/24 maxlen: 24
109.107.166.0/24 maxlen: 24
109.107.167.0/24 maxlen: 24
109.107.172.0/24 maxlen: 24
109.107.173.0/24 maxlen: 24
109.107.174.0/24 maxlen: 24
109.107.175.0/24 maxlen: 24
109.107.176.0/24 maxlen: 24
109.107.177.0/24 maxlen: 24
109.107.178.0/24 maxlen: 24
109.107.179.0/24 maxlen: 24
109.107.184.0/24 maxlen: 24
109.107.185.0/24 maxlen: 24
109.107.186.0/24 maxlen: 24
109.107.187.0/24 maxlen: 24
178.130.40.0/24 maxlen: 24
178.130.41.0/24 maxlen: 24
178.130.42.0/24 maxlen: 24
178.130.43.0/24 maxlen: 24
194.60.132.0/24 maxlen: 24
194.60.133.0/24 maxlen: 24
194.60.134.0/24 maxlen: 24
194.60.135.0/24 maxlen: 24
194.246.81.0/24 maxlen: 24
194.246.82.0/24 maxlen: 24
194.246.83.0/24 maxlen: 24
212.111.80.0/24 maxlen: 24
212.111.81.0/24 maxlen: 24
212.111.82.0/24 maxlen: 24
212.111.88.0/24 maxlen: 24
212.111.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:68:63:1f:a7:50:01:36:91:22:6e:c4:b7:d6:9b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5503251db69693362a927e2b130467945c54f0fc
Validity
Not Before: Dec 11 15:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ba76f6cabe475d6498cf3cd3f45baf52a874e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c5:09:e8:5c:3b:91:77:dd:2f:11:02:f4:a5:
08:67:c2:64:4a:0e:c6:08:f2:a3:a5:9b:a0:86:2a:
6b:57:29:bd:c0:a1:ba:ee:8c:b2:51:49:85:35:46:
81:43:f7:b0:89:a7:a3:bc:9d:b5:5f:7f:46:14:03:
06:2d:3c:72:d9:04:6b:7a:c7:6b:f6:93:1b:4f:5e:
94:3e:54:22:ea:fd:29:c3:c7:10:98:0d:ff:6b:1a:
17:fa:34:06:70:8c:b1:df:ca:79:d5:00:95:d3:93:
3e:4d:8d:91:f2:07:27:33:b3:0b:a9:db:f8:59:d7:
32:db:ec:12:53:71:e3:f2:70:1f:3e:56:5d:93:1f:
b1:c4:b5:6e:79:c4:a3:b3:c0:34:f5:88:34:d7:38:
f0:fc:49:0c:99:ca:e0:c4:fb:16:45:89:8c:b3:39:
15:9a:9d:23:66:57:89:7a:34:46:f8:45:5b:f1:76:
83:64:d4:d9:55:0d:1f:7d:af:2b:49:b3:13:79:2b:
ac:5d:9e:37:c7:c1:70:ec:5a:c3:f9:86:d3:d9:af:
8e:ef:41:b8:72:46:37:0b:0b:4d:2c:70:ff:22:ad:
56:ab:e7:3a:4a:d7:6c:33:dd:cc:87:92:5c:24:a3:
06:4b:4f:4d:ef:ec:6f:49:66:fb:c4:f6:f9:82:8f:
30:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A7:6F:6C:AB:E4:75:D6:49:8C:F3:CD:3F:45:BA:F5:2A:87:4E:54
X509v3 Authority Key Identifier:
keyid:55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/a6dvbKvkddZJjPPNP0W69SqHTlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.32.0-5.35.34.255
5.35.36.0/22
5.35.44.0/22
5.35.68.0/22
77.105.136.0/21
77.246.96.0/20
89.110.64.0-89.110.87.255
89.110.100.0-89.110.127.255
93.183.88.0/22
109.107.164.0/22
109.107.172.0-109.107.179.255
109.107.184.0/22
178.130.40.0/22
194.60.132.0/22
194.246.81.0-194.246.83.255
212.111.80.0-212.111.82.255
212.111.88.0/23
Signature Algorithm: sha256WithRSAEncryption
62:43:c0:f0:71:88:e8:5d:16:b4:92:d7:dc:38:1a:04:dd:06:
48:95:c4:80:71:1d:f2:96:85:a3:d3:95:be:ad:85:5f:0a:4b:
b3:e5:1a:4b:b7:ec:4e:6b:2c:f5:f2:77:c9:9e:10:c8:ad:ea:
06:06:d2:d7:99:34:c2:58:78:cf:65:36:b7:4b:1a:12:1a:66:
47:a8:49:54:9f:6c:08:ce:4a:ac:8c:b6:c3:3f:3b:90:eb:3b:
c7:30:ac:f8:e6:ee:73:1d:f9:00:93:fb:d1:d3:8b:29:fb:3f:
a4:21:06:3c:88:46:c8:2d:08:c6:0d:50:4d:b9:1b:72:4a:9d:
ae:28:5d:4e:4e:d9:d7:4a:87:4c:22:7e:59:bd:29:c8:5f:4d:
34:10:8b:2c:23:68:14:9e:51:77:9a:15:df:84:ec:c6:a9:8c:
87:5e:65:e7:de:11:50:28:67:c6:ba:06:9c:4a:ec:ee:b4:0d:
8d:8a:df:75:40:42:e7:c0:7f:86:52:b1:19:ac:e0:6d:19:ac:
53:b8:27:29:d6:f0:8f:6f:73:a8:7e:a3:e4:1c:cd:cd:7c:3d:
cb:fc:41:0c:ea:0b:04:82:62:13:41:75:70:26:01:bd:03:2b:
f9:87:76:58:55:b2:79:07:e1:67:5a:15:6c:00:89:e0:ad:25:
5e:0a:bd:7c
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZO2aGMfp1ABNpEibsS31pszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MDMyNTFkYjY5NjkzMzYyYTkyN2UyYjEzMDQ2Nzk0NWM1
NGYwZmMwHhcNMjQxMjExMTU0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmE3NmY2Y2FiZTQ3NWQ2NDk4Y2YzY2QzZjQ1YmFmNTJhODc0ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysUJ6Fw7kXfdLxEC9KUIZ8JkSg7G
CPKjpZughiprVym9wKG67oyyUUmFNUaBQ/ewiaejvJ21X39GFAMGLTxy2QRresdr
9pMbT16UPlQi6v0pw8cQmA3/axoX+jQGcIyx38p51QCV05M+TY2R8gcnM7MLqdv4
Wdcy2+wSU3Hj8nAfPlZdkx+xxLVuecSjs8A09Yg01zjw/EkMmcrgxPsWRYmMszkV
mp0jZleJejRG+EVb8XaDZNTZVQ0ffa8rSbMTeSusXZ43x8Fw7FrD+YbT2a+O70G4
ckY3CwtNLHD/Iq1Wq+c6StdsM93Mh5JcJKMGS09N7+xvSWb7xPb5go8wcwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFGunb2yr5HXWSYzzzT9FuvUqh05UMB8GA1UdIwQY
MBaAFFUDJR22lpM2KpJ+KxMEZ5RcVPD8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2It
M2NiYWQ1YjkwNGI1LzEvYTZkdmJLdmtkZFpKalBQTlAwVzY5U3FIVGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2ItM2NiYWQ1YjkwNGI1
LzEvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYwDAME
BQUjIAMEAAUjIgMEAgUjJAMEAgUjLAMEAgUjRAMEA01piAMEBE32YDAMAwQGWW5A
AwQDWW5QMAwDBAJZbmQDBAdZbgADBAJdt1gDBAJta6QwDAMEAm1rrAMEAm1rsAME
Am1ruAMEArKCKAMEAsI8hDAMAwQAwvZRAwQCwvZQMAwDBATUb1ADBADUb1IDBAHU
b1gwDQYJKoZIhvcNAQELBQADggEBAGJDwPBxiOhdFrSS19w4GgTdBkiVxIBxHfKW
haPTlb6thV8KS7PlGku37E5rLPXyd8meEMit6gYG0teZNMJYeM9lNrdLGhIaZkeo
SVSfbAjOSqyMtsM/O5DrO8cwrPjm7nMd+QCT+9HTiyn7P6QhBjyIRsgtCMYNUE25
G3JKna4oXU5O2ddKh0wiflm9KchfTTQQiywjaBSeUXeaFd+E7MapjIdeZefeEVAo
Z8a6BpxK7O60DY2K33VAQufAf4ZSsRms4G0ZrFO4JynW8I9vc6h+o+Qczc18Pcv8
QQzqCwSCYhNBdXAmAb0DK/mHdlhVsnkH4WdaFWwAieCtJV4KvXw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:04:58 2025 by rpki-client