Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/PgmWUPSa-CLBZi9eaLYjG18b7xk.roa
File: PgmWUPSa-CLBZi9eaLYjG18b7xk.roa (raw, json)
Hash identifier: 8oaOUnhS9kdMM8PoArozR/+A6MTrS3RZIVWygURPXyw=
Subject key identifier: 3E:09:96:50:F4:9A:F8:22:C1:66:2F:5E:68:B6:23:1B:5F:1B:EF:19
Certificate issuer: /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial: 0183C6062C7F62C8CC8301C77BBEECDD16E9
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/PgmWUPSa-CLBZi9eaLYjG18b7xk.roa
Signing time: Tue 11 Oct 2022 07:50:36 +0000
ROA not before: Tue 11 Oct 2022 07:50:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39010
IP address blocks: 85.112.64.0/24 maxlen: 24
85.112.69.0/24 maxlen: 24
85.112.70.0/24 maxlen: 24
85.112.71.0/24 maxlen: 24
85.112.65.0/24 maxlen: 24
85.112.66.0/24 maxlen: 24
85.112.67.0/24 maxlen: 24
85.112.75.0/24 maxlen: 24
85.112.76.0/24 maxlen: 24
85.112.77.0/24 maxlen: 24
85.112.78.0/24 maxlen: 24
85.112.72.0/24 maxlen: 24
85.112.74.0/24 maxlen: 24
85.112.82.0/24 maxlen: 24
85.112.83.0/24 maxlen: 24
85.112.84.0/24 maxlen: 24
85.112.85.0/24 maxlen: 24
85.112.89.0/24 maxlen: 24
85.112.90.0/24 maxlen: 24
85.112.91.0/24 maxlen: 24
85.112.86.0/24 maxlen: 24
85.112.87.0/24 maxlen: 24
85.112.88.0/24 maxlen: 24
85.112.93.0/24 maxlen: 24
85.112.94.0/24 maxlen: 24
85.112.95.0/24 maxlen: 24
85.112.92.0/24 maxlen: 24
212.98.137.0/24 maxlen: 24
212.98.138.0/24 maxlen: 24
212.98.139.0/24 maxlen: 24
212.98.135.0/24 maxlen: 24
212.98.136.0/24 maxlen: 24
212.98.133.0/24 maxlen: 24
212.98.144.0/24 maxlen: 24
212.98.145.0/24 maxlen: 24
212.98.141.0/24 maxlen: 24
212.98.142.0/24 maxlen: 24
212.98.143.0/24 maxlen: 24
212.98.140.0/24 maxlen: 24
212.98.151.0/24 maxlen: 24
212.98.152.0/24 maxlen: 24
212.98.147.0/24 maxlen: 24
212.98.148.0/24 maxlen: 24
212.98.149.0/24 maxlen: 24
212.98.150.0/24 maxlen: 24
212.98.146.0/24 maxlen: 24
212.98.158.0/24 maxlen: 24
212.98.159.0/24 maxlen: 24
212.98.154.0/24 maxlen: 24
212.98.155.0/24 maxlen: 24
212.98.156.0/24 maxlen: 24
212.98.157.0/24 maxlen: 24
212.98.153.0/24 maxlen: 24
212.98.130.0/24 maxlen: 24
212.98.131.0/24 maxlen: 24
212.98.132.0/24 maxlen: 24
212.98.129.0/24 maxlen: 24
5.57.4.0/24 maxlen: 24
5.57.3.0/24 maxlen: 24
5.57.0.0/21 maxlen: 21
5.57.7.0/24 maxlen: 24
5.57.5.0/24 maxlen: 24
5.57.6.0/24 maxlen: 24
213.204.112.0/24 maxlen: 24
213.204.108.0/24 maxlen: 24
213.204.109.0/24 maxlen: 24
213.204.110.0/24 maxlen: 24
213.204.111.0/24 maxlen: 24
213.204.106.0/24 maxlen: 24
213.204.107.0/24 maxlen: 24
213.204.115.0/24 maxlen: 24
213.204.116.0/24 maxlen: 24
213.204.117.0/24 maxlen: 24
213.204.118.0/24 maxlen: 24
213.204.113.0/24 maxlen: 24
213.204.114.0/24 maxlen: 24
213.204.122.0/24 maxlen: 24
213.204.123.0/24 maxlen: 24
213.204.124.0/24 maxlen: 24
213.204.125.0/24 maxlen: 24
213.204.119.0/24 maxlen: 24
213.204.120.0/24 maxlen: 24
213.204.121.0/24 maxlen: 24
213.204.126.0/24 maxlen: 24
213.204.127.0/24 maxlen: 24
213.204.64.0/24 maxlen: 24
213.204.70.0/24 maxlen: 24
213.204.71.0/24 maxlen: 24
213.204.67.0/24 maxlen: 24
213.204.64.0/18 maxlen: 18
213.204.68.0/24 maxlen: 24
213.204.69.0/24 maxlen: 24
213.204.65.0/24 maxlen: 24
213.204.66.0/24 maxlen: 24
213.204.77.0/24 maxlen: 24
213.204.78.0/24 maxlen: 24
213.204.74.0/24 maxlen: 24
213.204.75.0/24 maxlen: 24
213.204.76.0/24 maxlen: 24
213.204.76.0/23 maxlen: 23
213.204.72.0/24 maxlen: 24
213.204.73.0/24 maxlen: 24
213.204.81.0/24 maxlen: 24
213.204.82.0/24 maxlen: 24
213.204.83.0/24 maxlen: 24
213.204.79.0/24 maxlen: 24
213.204.80.0/24 maxlen: 24
213.204.84.0/24 maxlen: 24
213.204.85.0/24 maxlen: 24
213.204.91.0/24 maxlen: 24
213.204.88.0/24 maxlen: 24
213.204.89.0/24 maxlen: 24
213.204.90.0/24 maxlen: 24
213.204.86.0/24 maxlen: 24
213.204.87.0/24 maxlen: 24
213.204.98.0/24 maxlen: 24
213.204.94.0/24 maxlen: 24
213.204.95.0/24 maxlen: 24
213.204.97.0/24 maxlen: 24
213.204.92.0/24 maxlen: 24
213.204.93.0/24 maxlen: 24
213.204.105.0/24 maxlen: 24
213.204.101.0/24 maxlen: 24
213.204.102.0/24 maxlen: 24
213.204.103.0/24 maxlen: 24
213.204.104.0/24 maxlen: 24
213.204.99.0/24 maxlen: 24
213.204.100.0/24 maxlen: 24
78.108.164.0/24 maxlen: 24
78.108.165.0/24 maxlen: 24
78.108.166.0/24 maxlen: 24
78.108.161.0/24 maxlen: 24
78.108.162.0/24 maxlen: 24
78.108.163.0/24 maxlen: 24
78.108.160.0/24 maxlen: 24
78.108.171.0/24 maxlen: 24
78.108.172.0/24 maxlen: 24
78.108.167.0/24 maxlen: 24
78.108.169.0/24 maxlen: 24
78.108.170.0/24 maxlen: 24
78.108.174.0/24 maxlen: 24
78.108.175.0/24 maxlen: 24
185.54.62.0/24 maxlen: 24
185.54.63.0/24 maxlen: 24
185.54.60.0/24 maxlen: 24
185.54.61.0/24 maxlen: 24
2a00:1580::/48 maxlen: 48
2a00:1580:5::/48 maxlen: 48
2a00:1580:2::/48 maxlen: 48
2a00:1582:2::/48 maxlen: 48
2a00:1580:4::/48 maxlen: 48
2a00:1580::/29 maxlen: 29
2a00:1582:3007::/48 maxlen: 48
2a00:1582:300f:f::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:06:2c:7f:62:c8:cc:83:01:c7:7b:be:ec:dd:16:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Validity
Not Before: Oct 11 07:50:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e099650f49af822c1662f5e68b6231b5f1bef19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5b:ae:a5:ee:a6:47:78:c3:b8:18:55:33:4a:
47:ef:ee:bd:24:7b:e9:0f:2d:ff:e2:24:51:da:d5:
ee:9d:26:d6:36:3b:17:38:53:f3:f5:79:86:22:3d:
50:e6:ba:e2:9a:31:63:df:74:d0:14:e9:45:a5:06:
a3:be:5f:c1:67:5f:69:d2:70:93:f7:84:f7:fb:01:
38:d1:bd:bb:79:c2:15:50:36:3b:e8:a2:6a:1b:e2:
3f:4d:b0:ae:22:de:f7:45:a7:6e:d7:fb:1d:da:6d:
91:c2:ab:97:a7:18:0d:45:1c:87:a4:51:f8:41:3a:
c3:1c:6f:a7:41:01:5e:6d:05:cb:05:a8:ea:08:6b:
69:c7:7b:b2:6e:19:2d:3c:01:9a:d7:d0:e2:ce:46:
e3:c3:00:90:07:98:c7:19:4f:e9:7f:c6:57:d2:c3:
1c:a6:f1:35:ef:fc:f2:d8:4f:04:7c:d1:90:75:e0:
07:83:83:fa:95:7e:5b:fa:23:82:06:da:aa:b0:d3:
ab:56:53:68:89:61:8f:dc:09:87:d8:a3:59:4d:4f:
36:92:b8:c4:83:b3:33:9c:6a:d2:a1:6c:82:43:ad:
bf:a8:68:57:fa:d3:04:fe:8e:ad:f3:df:83:8a:3f:
3e:17:25:b4:17:ef:20:5b:f6:40:c7:14:77:4d:e7:
35:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:09:96:50:F4:9A:F8:22:C1:66:2F:5E:68:B6:23:1B:5F:1B:EF:19
X509v3 Authority Key Identifier:
keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/PgmWUPSa-CLBZi9eaLYjG18b7xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.0.0/21
78.108.160.0/21
78.108.169.0-78.108.172.255
78.108.174.0/23
85.112.64.0/22
85.112.69.0-85.112.72.255
85.112.74.0-85.112.78.255
85.112.82.0-85.112.95.255
185.54.60.0/22
212.98.129.0-212.98.133.255
212.98.135.0-212.98.159.255
213.204.64.0/18
IPv6:
2a00:1580::/29
Signature Algorithm: sha256WithRSAEncryption
69:7d:b4:9a:74:2d:23:13:d5:66:3d:34:30:ca:89:b4:0a:21:
c2:1c:d8:b8:34:e8:a1:72:75:b5:52:15:e6:25:bd:03:e4:f9:
1b:02:5c:4a:06:43:1a:d9:d3:ab:de:e9:3e:39:c3:01:1a:bd:
b4:d6:7a:76:06:45:12:be:6a:38:ee:c1:97:13:0d:6b:15:1a:
8f:2c:ae:c6:8e:1d:e4:b9:bc:13:ed:5f:0e:33:56:17:e4:65:
57:f3:25:91:bf:40:0f:c7:53:b9:c6:4f:33:bd:db:0f:90:65:
30:d2:2b:6d:55:c6:25:8b:6d:7c:d5:20:83:94:d0:83:3d:24:
6c:4d:d4:38:3a:f6:8f:7a:02:d6:ec:c3:d9:60:6e:9f:2d:1a:
2d:b6:f7:59:27:37:05:92:0a:8f:7c:b7:94:5d:3f:dd:de:ec:
b7:e3:61:c4:19:20:46:5a:ec:67:10:09:8e:46:32:4f:1d:f6:
69:8d:bf:61:89:0a:83:c1:bf:6b:00:99:c1:f2:73:12:6e:6a:
6b:7c:10:46:00:69:58:31:66:ed:c8:b7:5b:be:5c:8d:99:64:
10:87:19:92:1d:97:01:fe:60:bf:84:48:45:cf:43:f6:c1:9f:
cd:13:c7:d9:14:28:7d:2b:39:bc:55:48:af:c8:32:dc:1d:5a:
fe:e0:e9:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYPGBix/YsjMgwHHe77s3RbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlY2Q2NGM5NzgzN2Q3YmZhYzA2NjM3ZGQ5NTJiZGVkZTBj
MjVkODUwHhcNMjIxMDExMDc1MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTA5OTY1MGY0OWFmODIyYzE2NjJmNWU2OGI2MjMxYjVmMWJlZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFuupe6mR3jDuBhVM0pH7+69JHvp
Dy3/4iRR2tXunSbWNjsXOFPz9XmGIj1Q5rrimjFj33TQFOlFpQajvl/BZ19p0nCT
94T3+wE40b27ecIVUDY76KJqG+I/TbCuIt73Radu1/sd2m2RwquXpxgNRRyHpFH4
QTrDHG+nQQFebQXLBajqCGtpx3uybhktPAGa19DizkbjwwCQB5jHGU/pf8ZX0sMc
pvE17/zy2E8EfNGQdeAHg4P6lX5b+iOCBtqqsNOrVlNoiWGP3AmH2KNZTU82krjE
g7MznGrSoWyCQ62/qGhX+tME/o6t89+Dij8+FyW0F+8gW/ZAxxR3Tec1lwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFD4JllD0mvgiwWYvXmi2IxtfG+8ZMB8GA1UdIwQY
MBaAFK7NZMl4N9e/rAZjfdlSve3gwl2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzIt
MWVjZGUxNzkxNTExLzEvUGdtV1VQU2EtQ0xCWmk5ZWFMWWpHMThiN3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzItMWVjZGUxNzkxNTEx
LzEvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQDBTkA
AwQDTmygMAwDBABObKkDBABObKwDBAFObK4DBAJVcEAwDAMEAFVwRQMEAFVwSDAM
AwQBVXBKAwQAVXBOMAwDBAFVcFIDBAVVcEADBAK5NjwwDAMEANRigQMEAdRihDAM
AwQA1GKHAwQF1GKAAwQG1cxAMA0EAgACMAcDBQMqABWAMA0GCSqGSIb3DQEBCwUA
A4IBAQBpfbSadC0jE9VmPTQwyom0CiHCHNi4NOihcnW1UhXmJb0D5PkbAlxKBkMa
2dOr3uk+OcMBGr201np2BkUSvmo47sGXEw1rFRqPLK7Gjh3kubwT7V8OM1YX5GVX
8yWRv0APx1O5xk8zvdsPkGUw0ittVcYli2181SCDlNCDPSRsTdQ4OvaPegLW7MPZ
YG6fLRottvdZJzcFkgqPfLeUXT/d3uy342HEGSBGWuxnEAmORjJPHfZpjb9hiQqD
wb9rAJnB8nMSbmprfBBGAGlYMWbtyLdbvlyNmWQQhxmSHZcB/mC/hEhFz0P2wZ/N
E8fZFCh9Kzm8VUivyDLcHVr+4Onj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-fra.rpki-client.org