Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/Wr84GAFNdHSmkgDAEXHO4OMrB70.roa
File: Wr84GAFNdHSmkgDAEXHO4OMrB70.roa (raw, json)
Hash identifier: lgfYkv2tTMI0umZwh7QmaHdFTQUtthEu56u31+YL3vw=
Subject key identifier: 5A:BF:38:18:01:4D:74:74:A6:92:00:C0:11:71:CE:E0:E3:2B:07:BD
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 01831C2FDFE809D60C876F19783F45141614
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/Wr84GAFNdHSmkgDAEXHO4OMrB70.roa
Signing time: Thu 08 Sep 2022 08:20:43 +0000
ROA not before: Thu 08 Sep 2022 08:20:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6696
IP address blocks: 94.139.39.0/24 maxlen: 24
109.69.217.16/28 maxlen: 28
62.112.29.0/24 maxlen: 24
62.112.31.0/24 maxlen: 24
94.139.37.0/24 maxlen: 24
94.139.36.0/24 maxlen: 24
94.139.38.0/24 maxlen: 24
94.139.34.0/23 maxlen: 23
46.18.36.0/22 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.33.0/24 maxlen: 24
5.149.136.0/23 maxlen: 23
5.149.138.0/24 maxlen: 24
5.149.140.0/23 maxlen: 23
5.149.142.0/24 maxlen: 24
86.107.124.0/23 maxlen: 23
86.107.120.0/22 maxlen: 22
87.238.225.0/24 maxlen: 24
86.107.126.0/24 maxlen: 24
87.238.228.0/22 maxlen: 24
185.64.64.0/22 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.221.192/28 maxlen: 28
185.185.229.0/24 maxlen: 24
185.185.228.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.219.0/24 maxlen: 24
109.69.220.0/23 maxlen: 23
109.69.220.0/24 maxlen: 24
109.69.222.0/24 maxlen: 24
109.69.221.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
85.88.34.0/24 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:2f:df:e8:09:d6:0c:87:6f:19:78:3f:45:14:16:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Sep 8 08:20:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5abf3818014d7474a69200c01171cee0e32b07bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9b:2e:43:12:9c:55:bf:90:77:a2:17:fe:be:
30:3f:77:c8:40:52:e4:de:d5:aa:1a:26:58:25:51:
b7:2e:bc:38:44:a1:23:e1:7b:f8:7c:4d:5a:aa:96:
54:db:4e:b4:44:ea:8b:4f:5a:a6:e9:3d:34:f6:cb:
46:0c:31:c8:a4:e0:a8:6e:7b:46:f2:1c:a8:0c:99:
8d:c8:d2:ba:0e:43:52:f8:74:fe:4a:6b:92:df:00:
20:b3:09:20:00:9d:26:4a:7a:18:ad:c8:b6:e9:05:
a1:47:b2:25:96:7b:be:85:ee:52:1a:56:2b:96:85:
81:dc:d2:e5:91:83:24:42:e4:e9:44:38:24:dc:ce:
13:52:84:83:a5:34:ca:03:4d:7a:4d:47:6c:f4:97:
4f:48:3d:88:5e:64:71:61:4b:55:bb:4b:4d:32:a3:
88:d3:2a:b1:f7:a2:a1:81:77:5b:fd:3a:39:8e:9e:
b6:ec:fc:4b:22:f4:df:3f:a5:08:4f:ba:8b:b3:4c:
ca:00:48:45:e6:ed:7b:50:3d:be:5b:08:24:93:1c:
0e:89:79:af:9c:0e:f5:22:22:95:ce:0f:2d:e2:fd:
25:e9:18:6b:78:8b:b4:50:77:d5:6f:6f:8c:20:f6:
43:24:e7:de:fb:3e:56:40:e5:f6:68:6b:87:62:c1:
6f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BF:38:18:01:4D:74:74:A6:92:00:C0:11:71:CE:E0:E3:2B:07:BD
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/Wr84GAFNdHSmkgDAEXHO4OMrB70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.136.0-5.149.138.255
5.149.140.0-5.149.142.255
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.88.34.0/24
85.119.216.0/21
86.107.120.0-86.107.126.255
87.238.225.0/24
87.238.228.0/22
94.139.34.0-94.139.39.255
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
20:bc:16:f4:96:38:5c:3e:a9:b4:87:0f:5f:91:d7:a6:47:be:
8a:4f:a0:ca:aa:69:e6:44:5d:5d:7d:55:e5:f3:56:29:7c:cc:
8d:ea:41:29:76:44:af:bc:de:97:f2:d0:cf:1f:94:a0:4f:af:
f8:12:bf:e6:28:68:9b:0b:fa:5c:ec:6e:80:83:48:cc:03:13:
d7:35:e7:37:15:62:5b:e1:5f:4c:cb:69:0f:53:30:7e:37:b1:
d6:a7:aa:12:0e:0c:76:dc:a4:70:e7:67:18:ca:5d:7a:8b:11:
92:4e:5b:d3:5a:bf:85:4b:19:34:63:e1:b5:3b:f7:cb:0c:37:
0e:6f:c9:dd:57:53:05:58:5f:35:e5:7a:d9:70:80:02:84:dd:
d5:14:d2:44:81:ad:3c:a3:34:66:9b:36:04:e2:51:b6:56:8e:
0b:87:b0:d4:a7:ca:7a:25:d5:3c:3e:a7:38:70:bd:a4:d7:92:
2d:2b:a7:6f:45:f5:80:12:87:f8:ad:84:fc:10:29:c8:c8:26:
5a:7f:32:0f:3b:7c:0a:21:ef:46:77:22:ce:b1:15:28:d6:5c:
61:f6:19:f9:a2:ee:77:58:04:b4:ee:40:4d:db:0f:3a:7c:a5:
31:0b:f2:99:19:e3:61:ad:9d:c0:98:cd:00:18:f2:7a:24:1d:
88:72:e6:35
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYMcL9/oCdYMh28ZeD9FFBYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjIwOTA4MDgyMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWJmMzgxODAxNGQ3NDc0YTY5MjAwYzAxMTcxY2VlMGUzMmIwN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5suQxKcVb+Qd6IX/r4wP3fIQFLk
3tWqGiZYJVG3Lrw4RKEj4Xv4fE1aqpZU2060ROqLT1qm6T009stGDDHIpOCobntG
8hyoDJmNyNK6DkNS+HT+SmuS3wAgswkgAJ0mSnoYrci26QWhR7Illnu+he5SGlYr
loWB3NLlkYMkQuTpRDgk3M4TUoSDpTTKA016TUds9JdPSD2IXmRxYUtVu0tNMqOI
0yqx96KhgXdb/To5jp627PxLIvTfP6UIT7qLs0zKAEhF5u17UD2+WwgkkxwOiXmv
nA71IiKVzg8t4v0l6RhreIu0UHfVb2+MIPZDJOfe+z5WQOX2aGuHYsFvCwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFFq/OBgBTXR0ppIAwBFxzuDjKwe9MB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvV3I4NEdBRk5kSFNta2dEQUVYSE80T01yQjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZAwDAME
AwWViAMEAAWVijAMAwQCBZWMAwQABZWOAwQDJRMIMAwDBAAuEiEDBAMuEiADBAA+
cB0DBAA+cB8DBABVWCIDBANVd9gwDAMEA1ZreAMEAFZrfgMEAFfu4QMEAlfu5DAM
AwQBXosiAwQDXosgAwQBbUXYMAwDBABtRdsDBABtRd4DBAK5QEADBAG5ueQwDQQC
AAIwBwMFACoAFSgwDQYJKoZIhvcNAQELBQADggEBACC8FvSWOFw+qbSHD1+R16ZH
vopPoMqqaeZEXV19VeXzVil8zI3qQSl2RK+83pfy0M8flKBPr/gSv+YoaJsL+lzs
boCDSMwDE9c15zcVYlvhX0zLaQ9TMH43sdanqhIODHbcpHDnZxjKXXqLEZJOW9Na
v4VLGTRj4bU798sMNw5vyd1XUwVYXzXletlwgAKE3dUU0kSBrTyjNGabNgTiUbZW
jguHsNSnynol1Tw+pzhwvaTXki0rp29F9YASh/ithPwQKcjIJlp/Mg87fAoh70Z3
Is6xFSjWXGH2Gfmi7ndYBLTuQE3bDzp8pTEL8pkZ42GtncCYzQAY8nokHYhy5jU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:22 2024 by rpki-client on console-ams.rpki-client.org