Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/pJkEov03tSXDL0Uw6g6bOCUQAWM.roa
File: pJkEov03tSXDL0Uw6g6bOCUQAWM.roa (raw, json)
Hash identifier: ZtCTHSeuNQZnlg9w9VnB1JO0lJEL6oySHmpUyTrfaS4=
Subject key identifier: A4:99:04:A2:FD:37:B5:25:C3:2F:45:30:EA:0E:9B:38:25:10:01:63
Certificate issuer: /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial: 018242E337079C1333E76C49063D26E1DCD1
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/pJkEov03tSXDL0Uw6g6bOCUQAWM.roa
Signing time: Thu 28 Jul 2022 03:39:23 +0000
ROA not before: Thu 28 Jul 2022 03:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39010
IP address blocks: 85.112.64.0/24 maxlen: 24
85.112.69.0/24 maxlen: 24
85.112.70.0/24 maxlen: 24
85.112.71.0/24 maxlen: 24
85.112.65.0/24 maxlen: 24
85.112.66.0/24 maxlen: 24
85.112.67.0/24 maxlen: 24
85.112.75.0/24 maxlen: 24
85.112.76.0/24 maxlen: 24
85.112.77.0/24 maxlen: 24
85.112.78.0/24 maxlen: 24
85.112.72.0/24 maxlen: 24
85.112.74.0/24 maxlen: 24
85.112.82.0/24 maxlen: 24
85.112.83.0/24 maxlen: 24
85.112.84.0/24 maxlen: 24
85.112.85.0/24 maxlen: 24
85.112.89.0/24 maxlen: 24
85.112.90.0/24 maxlen: 24
85.112.91.0/24 maxlen: 24
85.112.86.0/24 maxlen: 24
85.112.87.0/24 maxlen: 24
85.112.88.0/24 maxlen: 24
85.112.93.0/24 maxlen: 24
85.112.94.0/24 maxlen: 24
85.112.95.0/24 maxlen: 24
85.112.92.0/24 maxlen: 24
212.98.137.0/24 maxlen: 24
212.98.138.0/24 maxlen: 24
212.98.139.0/24 maxlen: 24
212.98.135.0/24 maxlen: 24
212.98.136.0/24 maxlen: 24
212.98.133.0/24 maxlen: 24
212.98.144.0/24 maxlen: 24
212.98.145.0/24 maxlen: 24
212.98.141.0/24 maxlen: 24
212.98.142.0/24 maxlen: 24
212.98.143.0/24 maxlen: 24
212.98.140.0/24 maxlen: 24
212.98.151.0/24 maxlen: 24
212.98.152.0/24 maxlen: 24
212.98.147.0/24 maxlen: 24
212.98.148.0/24 maxlen: 24
212.98.149.0/24 maxlen: 24
212.98.150.0/24 maxlen: 24
212.98.146.0/24 maxlen: 24
212.98.158.0/24 maxlen: 24
212.98.159.0/24 maxlen: 24
212.98.154.0/24 maxlen: 24
212.98.155.0/24 maxlen: 24
212.98.156.0/24 maxlen: 24
212.98.157.0/24 maxlen: 24
212.98.153.0/24 maxlen: 24
212.98.130.0/24 maxlen: 24
212.98.131.0/24 maxlen: 24
212.98.132.0/24 maxlen: 24
212.98.129.0/24 maxlen: 24
5.57.4.0/24 maxlen: 24
5.57.3.0/24 maxlen: 24
5.57.0.0/21 maxlen: 21
5.57.7.0/24 maxlen: 24
5.57.5.0/24 maxlen: 24
5.57.6.0/24 maxlen: 24
213.204.112.0/24 maxlen: 24
213.204.108.0/24 maxlen: 24
213.204.109.0/24 maxlen: 24
213.204.110.0/24 maxlen: 24
213.204.111.0/24 maxlen: 24
213.204.106.0/24 maxlen: 24
213.204.107.0/24 maxlen: 24
213.204.115.0/24 maxlen: 24
213.204.116.0/24 maxlen: 24
213.204.117.0/24 maxlen: 24
213.204.118.0/24 maxlen: 24
213.204.113.0/24 maxlen: 24
213.204.114.0/24 maxlen: 24
213.204.122.0/24 maxlen: 24
213.204.123.0/24 maxlen: 24
213.204.124.0/24 maxlen: 24
213.204.125.0/24 maxlen: 24
213.204.119.0/24 maxlen: 24
213.204.120.0/24 maxlen: 24
213.204.121.0/24 maxlen: 24
213.204.126.0/24 maxlen: 24
213.204.127.0/24 maxlen: 24
213.204.64.0/24 maxlen: 24
213.204.70.0/24 maxlen: 24
213.204.71.0/24 maxlen: 24
213.204.67.0/24 maxlen: 24
213.204.64.0/18 maxlen: 18
213.204.68.0/24 maxlen: 24
213.204.69.0/24 maxlen: 24
213.204.65.0/24 maxlen: 24
213.204.66.0/24 maxlen: 24
213.204.77.0/24 maxlen: 24
213.204.78.0/24 maxlen: 24
213.204.74.0/24 maxlen: 24
213.204.75.0/24 maxlen: 24
213.204.76.0/24 maxlen: 24
213.204.76.0/23 maxlen: 23
213.204.72.0/24 maxlen: 24
213.204.73.0/24 maxlen: 24
213.204.81.0/24 maxlen: 24
213.204.82.0/24 maxlen: 24
213.204.83.0/24 maxlen: 24
213.204.79.0/24 maxlen: 24
213.204.80.0/24 maxlen: 24
213.204.84.0/24 maxlen: 24
213.204.85.0/24 maxlen: 24
213.204.91.0/24 maxlen: 24
213.204.88.0/24 maxlen: 24
213.204.89.0/24 maxlen: 24
213.204.90.0/24 maxlen: 24
213.204.86.0/24 maxlen: 24
213.204.87.0/24 maxlen: 24
213.204.98.0/24 maxlen: 24
213.204.94.0/24 maxlen: 24
213.204.95.0/24 maxlen: 24
213.204.97.0/24 maxlen: 24
213.204.92.0/24 maxlen: 24
213.204.93.0/24 maxlen: 24
213.204.105.0/24 maxlen: 24
213.204.101.0/24 maxlen: 24
213.204.102.0/24 maxlen: 24
213.204.103.0/24 maxlen: 24
213.204.104.0/24 maxlen: 24
213.204.99.0/24 maxlen: 24
213.204.100.0/24 maxlen: 24
78.108.164.0/24 maxlen: 24
78.108.165.0/24 maxlen: 24
78.108.166.0/24 maxlen: 24
78.108.161.0/24 maxlen: 24
78.108.162.0/24 maxlen: 24
78.108.163.0/24 maxlen: 24
78.108.160.0/24 maxlen: 24
78.108.171.0/24 maxlen: 24
78.108.172.0/24 maxlen: 24
78.108.167.0/24 maxlen: 24
78.108.169.0/24 maxlen: 24
78.108.170.0/24 maxlen: 24
78.108.174.0/24 maxlen: 24
78.108.175.0/24 maxlen: 24
185.54.62.0/24 maxlen: 24
185.54.63.0/24 maxlen: 24
185.54.60.0/24 maxlen: 24
185.54.61.0/24 maxlen: 24
2a00:1580::/48 maxlen: 48
2a00:1580:5::/48 maxlen: 48
2a00:1580:2::/48 maxlen: 48
2a00:1582:2::/48 maxlen: 48
2a00:1580:4::/48 maxlen: 48
2a00:1580::/29 maxlen: 29
2a00:1582:3007::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:42:e3:37:07:9c:13:33:e7:6c:49:06:3d:26:e1:dc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Validity
Not Before: Jul 28 03:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a49904a2fd37b525c32f4530ea0e9b3825100163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ae:3e:75:9e:07:73:c7:52:9d:d3:3e:84:10:
2b:89:0a:2c:18:71:a6:b6:b1:0e:8e:9e:25:ab:ff:
38:e6:ae:c7:5f:7e:1c:9f:43:fc:57:ec:b1:3e:91:
35:1f:4f:8d:cc:0a:e8:64:ec:77:c5:96:e8:d8:32:
42:64:5b:24:95:6c:dd:c5:68:bd:7c:48:cf:b9:dc:
f7:03:f7:69:81:13:d6:f6:6b:18:5c:d6:fa:26:e7:
7f:e0:ab:c3:6a:b4:bd:29:c5:f3:79:db:8b:0f:8f:
9b:eb:8a:ee:d2:16:11:01:83:89:fc:ca:02:b9:ae:
ef:58:99:30:49:32:8c:25:b6:fe:4d:83:dc:dc:a3:
43:2c:1b:2a:7e:10:6e:ec:81:9d:58:ed:e6:fa:b0:
87:9d:35:24:bb:a8:fa:da:b0:c1:b1:aa:3f:bf:8a:
33:bb:1e:ea:4c:ae:c6:4c:dc:66:e7:33:19:51:78:
84:bc:96:98:aa:2d:04:70:46:82:df:5f:3f:5e:ea:
66:ac:e3:dd:a1:2e:e9:13:0e:d8:20:35:72:01:c3:
44:4c:9b:f2:b0:e0:90:cf:fa:e2:55:36:6e:ee:83:
ed:f9:ba:dc:00:f1:be:5a:b0:03:d4:30:21:16:c4:
3a:32:59:75:35:61:7d:81:5d:de:06:14:0d:b7:8d:
31:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:99:04:A2:FD:37:B5:25:C3:2F:45:30:EA:0E:9B:38:25:10:01:63
X509v3 Authority Key Identifier:
keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/pJkEov03tSXDL0Uw6g6bOCUQAWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.0.0/21
78.108.160.0/21
78.108.169.0-78.108.172.255
78.108.174.0/23
85.112.64.0/22
85.112.69.0-85.112.72.255
85.112.74.0-85.112.78.255
85.112.82.0-85.112.95.255
185.54.60.0/22
212.98.129.0-212.98.133.255
212.98.135.0-212.98.159.255
213.204.64.0/18
IPv6:
2a00:1580::/29
Signature Algorithm: sha256WithRSAEncryption
37:82:9a:0b:5e:dc:8b:11:cd:ea:f4:26:47:45:4e:39:47:19:
a6:49:32:94:b1:ba:51:77:11:12:d9:72:c1:11:86:11:b6:62:
29:52:87:2e:fb:9a:f9:94:de:db:e7:5b:b9:3f:72:5f:aa:5d:
74:16:e8:60:26:4a:6f:b3:0b:54:b1:a8:0f:26:25:1c:40:2c:
29:18:e6:3c:a8:4a:1d:0d:c9:c8:6a:a6:6a:b2:98:50:f6:44:
d4:6c:8a:8e:8d:5f:da:48:5c:4d:e4:cc:a9:0f:88:41:5e:83:
e6:9e:91:60:2d:0c:10:9e:f7:3f:7d:1f:b4:5d:e0:83:ce:98:
dd:b0:09:5d:13:c1:e8:b3:94:e8:d0:0a:2c:2a:9d:c6:c3:20:
40:77:f5:c3:b5:8f:2c:69:93:71:dd:2e:24:83:7f:ed:35:99:
04:df:c3:8e:aa:81:c5:51:0e:1d:df:e4:90:1a:4b:87:af:92:
52:43:0b:37:6f:b7:71:54:b6:d6:30:37:dd:ec:75:00:d1:4b:
c2:57:f1:af:00:5b:91:cf:b1:d1:61:1f:af:9c:99:1f:81:a3:
da:b8:01:3c:46:01:53:39:bf:2d:ef:c1:5d:e0:de:59:02:2f:
d8:e9:2d:c9:4b:72:a7:95:2f:eb:23:be:9b:1e:da:80:39:4a:
6e:93:87:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYJC4zcHnBMz52xJBj0m4dzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlY2Q2NGM5NzgzN2Q3YmZhYzA2NjM3ZGQ5NTJiZGVkZTBj
MjVkODUwHhcNMjIwNzI4MDMzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk5MDRhMmZkMzdiNTI1YzMyZjQ1MzBlYTBlOWIzODI1MTAwMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6q4+dZ4Hc8dSndM+hBAriQosGHGm
trEOjp4lq/845q7HX34cn0P8V+yxPpE1H0+NzAroZOx3xZbo2DJCZFsklWzdxWi9
fEjPudz3A/dpgRPW9msYXNb6Jud/4KvDarS9KcXzeduLD4+b64ru0hYRAYOJ/MoC
ua7vWJkwSTKMJbb+TYPc3KNDLBsqfhBu7IGdWO3m+rCHnTUku6j62rDBsao/v4oz
ux7qTK7GTNxm5zMZUXiEvJaYqi0EcEaC318/XupmrOPdoS7pEw7YIDVyAcNETJvy
sOCQz/riVTZu7oPt+brcAPG+WrAD1DAhFsQ6Mll1NWF9gV3eBhQNt40xgwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFKSZBKL9N7Ulwy9FMOoOmzglEAFjMB8GA1UdIwQY
MBaAFK7NZMl4N9e/rAZjfdlSve3gwl2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzIt
MWVjZGUxNzkxNTExLzEvcEprRW92MDN0U1hETDBVdzZnNmJPQ1VRQVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzItMWVjZGUxNzkxNTEx
LzEvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQDBTkA
AwQDTmygMAwDBABObKkDBABObKwDBAFObK4DBAJVcEAwDAMEAFVwRQMEAFVwSDAM
AwQBVXBKAwQAVXBOMAwDBAFVcFIDBAVVcEADBAK5NjwwDAMEANRigQMEAdRihDAM
AwQA1GKHAwQF1GKAAwQG1cxAMA0EAgACMAcDBQMqABWAMA0GCSqGSIb3DQEBCwUA
A4IBAQA3gpoLXtyLEc3q9CZHRU45RxmmSTKUsbpRdxES2XLBEYYRtmIpUocu+5r5
lN7b51u5P3Jfql10FuhgJkpvswtUsagPJiUcQCwpGOY8qEodDcnIaqZqsphQ9kTU
bIqOjV/aSFxN5MypD4hBXoPmnpFgLQwQnvc/fR+0XeCDzpjdsAldE8Hos5To0Aos
Kp3GwyBAd/XDtY8saZNx3S4kg3/tNZkE38OOqoHFUQ4d3+SQGkuHr5JSQws3b7dx
VLbWMDfd7HUA0UvCV/GvAFuRz7HRYR+vnJkfgaPauAE8RgFTOb8t78Fd4N5ZAi/Y
6S3JS3KnlS/rI76bHtqAOUpuk4fZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-fra.rpki-client.org