Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/oFIYhbfVi3oFxM68CTjuLd9Zz6U.roa
File: oFIYhbfVi3oFxM68CTjuLd9Zz6U.roa (raw, json)
Hash identifier: vpZeKMRo/DqsJFhgayAZAZ0Sp0GEE+Fj82jCvWidSGs=
Subject key identifier: A0:52:18:85:B7:D5:8B:7A:05:C4:CE:BC:09:38:EE:2D:DF:59:CF:A5
Certificate issuer: /CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Certificate serial: 01857295C13DDA96AA5CDEC5698DEE012ECB
Authority key identifier: E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/oFIYhbfVi3oFxM68CTjuLd9Zz6U.roa
Signing time: Mon 02 Jan 2023 13:04:55 +0000
ROA not before: Mon 02 Jan 2023 13:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39501
IP address blocks: 89.33.18.0/23 maxlen: 23
89.46.94.0/23 maxlen: 23
89.39.186.0/23 maxlen: 23
89.33.128.0/23 maxlen: 23
89.40.78.0/23 maxlen: 23
89.40.90.0/23 maxlen: 23
89.40.38.0/23 maxlen: 23
89.38.242.0/23 maxlen: 23
45.140.28.0/22 maxlen: 22
89.45.126.0/23 maxlen: 23
89.46.44.0/23 maxlen: 23
89.32.196.0/23 maxlen: 23
89.46.60.0/23 maxlen: 23
185.46.0.0/22 maxlen: 22
188.159.96.0/19 maxlen: 19
188.159.128.0/19 maxlen: 19
188.159.128.0/18 maxlen: 18
188.159.64.0/19 maxlen: 19
89.44.190.0/23 maxlen: 23
89.44.202.0/23 maxlen: 23
89.38.24.0/23 maxlen: 23
89.45.68.0/23 maxlen: 23
89.45.80.0/23 maxlen: 23
188.159.224.0/19 maxlen: 19
89.38.102.0/23 maxlen: 23
188.159.192.0/19 maxlen: 19
89.165.64.0/18 maxlen: 18
89.165.80.0/21 maxlen: 21
188.158.160.0/21 maxlen: 21
188.158.160.0/20 maxlen: 20
188.158.160.0/19 maxlen: 19
89.165.105.0/24 maxlen: 24
89.37.102.0/23 maxlen: 23
89.165.16.0/21 maxlen: 21
89.43.204.0/23 maxlen: 23
89.37.30.0/23 maxlen: 23
188.158.96.0/21 maxlen: 21
188.158.96.0/20 maxlen: 20
188.158.96.0/19 maxlen: 19
89.37.42.0/23 maxlen: 23
89.165.56.0/21 maxlen: 21
188.158.128.0/18 maxlen: 18
188.158.128.0/19 maxlen: 19
89.44.112.0/23 maxlen: 23
89.44.118.0/23 maxlen: 23
188.159.0.0/18 maxlen: 18
188.159.0.0/19 maxlen: 19
188.159.0.0/16 maxlen: 16
89.37.198.0/23 maxlen: 23
89.37.218.0/23 maxlen: 23
188.159.32.0/19 maxlen: 19
188.158.192.0/19 maxlen: 19
188.158.224.0/19 maxlen: 19
89.43.70.0/23 maxlen: 23
89.43.88.0/21 maxlen: 21
89.43.36.0/23 maxlen: 23
188.158.32.0/19 maxlen: 19
188.158.32.0/20 maxlen: 20
89.36.226.0/23 maxlen: 23
188.158.64.0/19 maxlen: 19
89.36.252.0/23 maxlen: 23
89.43.182.0/23 maxlen: 23
89.165.0.0/18 maxlen: 18
89.43.188.0/23 maxlen: 23
89.165.0.0/17 maxlen: 17
89.165.8.0/21 maxlen: 21
89.43.96.0/21 maxlen: 21
188.158.0.0/19 maxlen: 19
188.158.0.0/18 maxlen: 18
89.36.194.0/23 maxlen: 23
188.158.0.0/16 maxlen: 16
188.158.0.0/15 maxlen: 15
188.158.16.0/20 maxlen: 20
89.35.156.0/23 maxlen: 23
85.204.30.0/23 maxlen: 23
89.35.176.0/23 maxlen: 23
89.35.194.0/23 maxlen: 23
89.42.32.0/23 maxlen: 23
89.42.56.0/23 maxlen: 23
89.35.132.0/23 maxlen: 23
89.42.68.0/23 maxlen: 23
89.36.16.0/23 maxlen: 23
89.42.228.0/23 maxlen: 23
94.177.72.0/21 maxlen: 21
89.42.150.0/23 maxlen: 23
85.204.76.0/23 maxlen: 23
85.204.104.0/23 maxlen: 23
89.34.200.0/23 maxlen: 23
94.176.32.0/21 maxlen: 21
89.34.176.0/23 maxlen: 23
89.41.240.0/21 maxlen: 21
89.35.58.0/23 maxlen: 23
89.33.234.0/23 maxlen: 23
89.33.240.0/23 maxlen: 23
89.34.20.0/23 maxlen: 23
89.40.110.0/23 maxlen: 23
89.40.106.0/23 maxlen: 23
89.40.128.0/23 maxlen: 23
89.33.204.0/23 maxlen: 23
89.41.16.0/21 maxlen: 21
89.34.88.0/23 maxlen: 23
89.34.94.0/23 maxlen: 23
89.41.32.0/23 maxlen: 23
89.41.58.0/23 maxlen: 23
89.41.8.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:c1:3d:da:96:aa:5c:de:c5:69:8d:ee:01:2e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Validity
Not Before: Jan 2 13:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0521885b7d58b7a05c4cebc0938ee2ddf59cfa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:28:06:01:b5:07:03:94:70:46:15:4e:df:09:
22:66:59:bb:01:26:47:f7:10:4b:31:ba:b3:fa:5d:
2e:ca:16:48:b9:46:6a:36:3a:76:7f:a5:6d:db:91:
d3:3d:47:60:4c:9a:ea:3a:ab:9b:06:3b:51:72:49:
57:aa:61:c9:de:a7:65:35:89:77:af:a9:37:b6:9b:
b7:f2:7b:ce:26:09:af:39:50:66:a3:13:27:df:af:
44:fb:ad:82:72:80:41:f0:c0:a5:40:9b:88:d2:c3:
fa:43:69:96:ae:7d:12:99:d8:5d:5c:98:0f:6d:e8:
07:11:ed:16:b3:ca:ca:3c:ca:d1:e7:2a:c7:20:1b:
ad:b4:34:22:98:60:75:8b:69:73:d5:89:59:cc:d9:
d2:af:5b:7d:76:51:00:14:c1:01:fa:ee:3f:a4:ad:
f4:30:74:80:b5:3b:51:25:8b:36:55:3b:b0:e3:7f:
d8:04:87:44:6c:9d:a8:68:35:72:a7:ae:8c:f0:9c:
7e:de:ed:4e:ef:50:5d:ed:29:5e:66:e9:7f:ca:fe:
6b:92:62:ad:b8:5a:47:d7:43:a5:23:6d:80:d4:7f:
8d:5f:0b:d8:f5:70:14:fd:82:84:ee:bd:2b:a0:ad:
71:dc:ec:f0:57:e8:82:66:ab:2a:29:47:5e:45:77:
fc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:52:18:85:B7:D5:8B:7A:05:C4:CE:BC:09:38:EE:2D:DF:59:CF:A5
X509v3 Authority Key Identifier:
keyid:E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/oFIYhbfVi3oFxM68CTjuLd9Zz6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.28.0/22
85.204.30.0/23
85.204.76.0/23
85.204.104.0/23
89.32.196.0/23
89.33.18.0/23
89.33.128.0/23
89.33.204.0/23
89.33.234.0/23
89.33.240.0/23
89.34.20.0/23
89.34.88.0/23
89.34.94.0/23
89.34.176.0/23
89.34.200.0/23
89.35.58.0/23
89.35.132.0/23
89.35.156.0/23
89.35.176.0/23
89.35.194.0/23
89.36.16.0/23
89.36.194.0/23
89.36.226.0/23
89.36.252.0/23
89.37.30.0/23
89.37.42.0/23
89.37.102.0/23
89.37.198.0/23
89.37.218.0/23
89.38.24.0/23
89.38.102.0/23
89.38.242.0/23
89.39.186.0/23
89.40.38.0/23
89.40.78.0/23
89.40.90.0/23
89.40.106.0/23
89.40.110.0/23
89.40.128.0/23
89.41.8.0-89.41.23.255
89.41.32.0/23
89.41.58.0/23
89.41.240.0/21
89.42.32.0/23
89.42.56.0/23
89.42.68.0/23
89.42.150.0/23
89.42.228.0/23
89.43.36.0/23
89.43.70.0/23
89.43.88.0-89.43.103.255
89.43.182.0/23
89.43.188.0/23
89.43.204.0/23
89.44.112.0/23
89.44.118.0/23
89.44.190.0/23
89.44.202.0/23
89.45.68.0/23
89.45.80.0/23
89.45.126.0/23
89.46.44.0/23
89.46.60.0/23
89.46.94.0/23
89.165.0.0/17
94.176.32.0/21
94.177.72.0/21
185.46.0.0/22
188.158.0.0/15
Signature Algorithm: sha256WithRSAEncryption
02:7f:b1:e0:1c:9d:32:6e:96:05:27:6f:3a:3f:ce:0c:45:7a:
b4:90:0e:19:a7:43:4f:37:33:5f:ae:9c:3b:54:87:bd:97:1a:
b6:99:f6:61:c4:e2:31:ac:53:bb:ac:da:9e:67:c7:e1:c9:08:
1c:52:ee:97:b9:ac:68:e0:4b:fb:3e:6b:34:ea:fd:90:e8:4c:
f7:fa:1f:74:cf:67:56:67:ef:2e:52:4c:e5:09:99:6c:63:62:
6f:3e:58:fd:f6:86:df:24:84:10:c2:70:45:04:c3:95:fb:fd:
c7:92:49:40:d1:dc:b0:00:ff:ca:f0:bf:8c:8b:2f:2f:8a:aa:
72:fe:ae:e8:b6:a3:6e:f8:72:0a:6c:70:62:3b:3b:e3:1e:c0:
cb:74:cf:fe:97:62:04:8d:99:70:e6:6b:ab:07:d9:72:5e:8e:
95:cd:29:32:7e:f5:d1:ee:11:a9:12:47:0a:57:ec:7a:6a:03:
01:08:d1:0e:ec:5a:08:ac:8e:fc:1a:67:13:34:1f:d7:4d:62:
79:db:cb:12:70:a2:74:dd:d2:13:06:5f:c2:5a:91:78:17:59:
5f:4a:f4:f8:a5:96:6f:28:08:9e:2f:1f:4c:0c:f2:3d:5d:bf:
17:e5:d0:b7:17:26:d5:68:4a:e5:4f:ac:33:bd:db:d0:21:5d:
a1:56:e5:4d
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgISAYVylcE92paqXN7FaY3uAS7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVkNGU3NzgyMDljM2NhZTkzZDRiNzZkMzUwNzA0NDYy
YzNhYWIwHhcNMjMwMTAyMTMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUyMTg4NWI3ZDU4YjdhMDVjNGNlYmMwOTM4ZWUyZGRmNTljZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsigGAbUHA5RwRhVO3wkiZlm7ASZH
9xBLMbqz+l0uyhZIuUZqNjp2f6Vt25HTPUdgTJrqOqubBjtRcklXqmHJ3qdlNYl3
r6k3tpu38nvOJgmvOVBmoxMn369E+62CcoBB8MClQJuI0sP6Q2mWrn0SmdhdXJgP
begHEe0Ws8rKPMrR5yrHIButtDQimGB1i2lz1YlZzNnSr1t9dlEAFMEB+u4/pK30
MHSAtTtRJYs2VTuw43/YBIdEbJ2oaDVyp66M8Jx+3u1O71Bd7SleZul/yv5rkmKt
uFpH10OlI22A1H+NXwvY9XAU/YKE7r0roK1x3OzwV+iCZqsqKUdeRXf8+wIDAQAB
o4IDujCCA7YwHQYDVR0OBBYEFKBSGIW31Yt6BcTOvAk47i3fWc+lMB8GA1UdIwQY
MBaAFOf+1Od4IJw8rpPUt201BwRGLDqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQt
OGJiODAxNTJhYjM0LzEvb0ZJWWhiZlZpM29GeE02OENUanVMZDlaejZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQtOGJiODAxNTJhYjM0
LzEvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzgYIKwYBBQUHAQcBAf8EggG9MIIBuTCCAbUEAgABMIIB
rQMEAi2MHAMEAVXMHgMEAVXMTAMEAVXMaAMEAVkgxAMEAVkhEgMEAVkhgAMEAVkh
zAMEAVkh6gMEAVkh8AMEAVkiFAMEAVkiWAMEAVkiXgMEAVkisAMEAVkiyAMEAVkj
OgMEAVkjhAMEAVkjnAMEAVkjsAMEAVkjwgMEAVkkEAMEAVkkwgMEAVkk4gMEAVkk
/AMEAVklHgMEAVklKgMEAVklZgMEAVklxgMEAVkl2gMEAVkmGAMEAVkmZgMEAVkm
8gMEAVknugMEAVkoJgMEAVkoTgMEAVkoWgMEAVkoagMEAVkobgMEAVkogDAMAwQD
WSkIAwQDWSkQAwQBWSkgAwQBWSk6AwQDWSnwAwQBWSogAwQBWSo4AwQBWSpEAwQB
WSqWAwQBWSrkAwQBWSskAwQBWStGMAwDBANZK1gDBANZK2ADBAFZK7YDBAFZK7wD
BAFZK8wDBAFZLHADBAFZLHYDBAFZLL4DBAFZLMoDBAFZLUQDBAFZLVADBAFZLX4D
BAFZLiwDBAFZLjwDBAFZLl4DBAdZpQADBANesCADBANesUgDBAK5LgADAwG8njAN
BgkqhkiG9w0BAQsFAAOCAQEAAn+x4BydMm6WBSdvOj/ODEV6tJAOGadDTzczX66c
O1SHvZcatpn2YcTiMaxTu6zanmfH4ckIHFLul7msaOBL+z5rNOr9kOhM9/ofdM9n
VmfvLlJM5QmZbGNibz5Y/faG3ySEEMJwRQTDlfv9x5JJQNHcsAD/yvC/jIsvL4qq
cv6u6LajbvhyCmxwYjs74x7Ay3TP/pdiBI2ZcOZrqwfZcl6Olc0pMn710e4RqRJH
ClfsemoDAQjRDuxaCKyO/BpnEzQf101iedvLEnCidN3SEwZfwlqReBdZX0r0+KWW
bygIni8fTAzyPV2/F+XQtxcm1WhK5U+sM73b0CFdoVblTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:46 2024 by rpki-client on console-fra.rpki-client.org