Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/1uyKMfvSAYhpGM6UhY7VhMQXJxU.roa
File: 1uyKMfvSAYhpGM6UhY7VhMQXJxU.roa (raw, json)
Hash identifier: PAuzsMQm4ayliT5Sr57tE9MUpnUX4Y0HWEs/eG5kbfc=
Subject key identifier: D6:EC:8A:31:FB:D2:01:88:69:18:CE:94:85:8E:D5:84:C4:17:27:15
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CC5012398AE5A7D60963BAE38829E37B9
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/1uyKMfvSAYhpGM6UhY7VhMQXJxU.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.228.0/24 maxlen: 32
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.135.0/24 maxlen: 24
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.245.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.180.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.211.0/24 maxlen: 32
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.47.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.45.0/24 maxlen: 32
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:23:98:ae:5a:7d:60:96:3b:ae:38:82:9e:37:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6ec8a31fbd201886918ce94858ed584c4172715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:37:76:f8:17:45:c9:38:52:3f:ce:42:fc:ea:
48:a5:60:00:af:be:f2:c9:a6:34:13:bb:35:16:a3:
ad:9b:1e:7c:f9:9c:5d:28:1b:af:f3:81:26:2f:2f:
f7:94:50:3b:4e:5f:f2:1f:03:8d:d6:aa:9d:33:a0:
5b:8b:a0:9b:b3:05:3e:7d:9c:61:79:e8:e3:a7:72:
f0:29:b5:14:0b:1b:dc:86:b1:12:5c:c2:e4:de:f1:
c9:08:f3:71:b9:15:99:7b:3b:a9:d0:32:ba:9d:24:
ee:81:2b:eb:18:fb:99:80:ad:25:7d:62:97:98:75:
ff:8e:d7:ab:82:02:02:31:a5:1e:ab:a7:30:7e:a4:
d8:81:d4:5e:81:40:e7:56:07:6d:08:1d:43:91:ed:
de:dc:b6:7f:8e:0e:7e:e8:e1:1b:4f:2a:40:08:6f:
80:c0:50:c6:d2:2f:e1:12:a6:1b:e3:97:f2:69:e0:
1e:95:9e:c2:c7:f2:20:90:a3:bb:ca:13:90:39:af:
78:25:df:25:0b:e5:5d:be:62:eb:55:73:c0:49:3b:
2e:31:fd:87:80:93:bc:c1:4c:fe:bf:55:ea:fa:0e:
a5:0a:d6:39:9a:58:88:ca:82:f5:ca:c7:2f:3d:70:
5e:c9:d9:37:1d:56:e1:db:51:6b:80:a9:06:dd:f8:
5c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EC:8A:31:FB:D2:01:88:69:18:CE:94:85:8E:D5:84:C4:17:27:15
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/1uyKMfvSAYhpGM6UhY7VhMQXJxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0/24
31.210.40.0/24
31.210.44.0/22
31.210.56.0-31.210.61.255
77.92.128.0-77.92.141.255
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.194.0/24
188.132.204.0/23
188.132.208.0/24
188.132.211.0-188.132.213.255
188.132.215.0/24
188.132.217.0-188.132.218.255
188.132.225.0-188.132.228.255
188.132.230.0/23
188.132.234.0/24
188.132.239.0/24
188.132.241.0/24
188.132.243.0-188.132.246.255
188.132.250.0-188.132.255.255
212.68.33.0/24
212.68.40.0-212.68.46.255
212.68.50.0/23
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:0a:bc:0e:b0:5a:f4:cd:6d:88:fc:ca:79:ba:1b:7c:e3:44:
36:0a:9a:5e:01:c3:68:50:eb:94:2f:64:c6:ba:8a:bb:3f:08:
e1:31:03:1b:c5:10:36:30:fc:4f:7f:7d:21:83:8a:12:25:28:
9c:47:5a:24:48:d5:e9:6a:ed:25:71:bc:90:ce:2c:53:8e:f8:
f6:a7:7b:da:a7:5c:20:b1:a1:97:66:13:0c:f3:95:81:ce:34:
78:c6:2f:ee:f0:a1:da:09:e1:7a:be:be:93:30:d9:1e:5c:5e:
aa:4f:19:85:0b:be:64:ed:a0:2d:7d:1c:d6:c6:21:33:f0:80:
e9:f4:e6:61:dd:47:21:9c:e7:e2:58:9f:ec:d5:77:c1:f5:09:
19:ed:d0:3d:a7:a7:79:a4:87:d9:b5:82:29:45:6c:fa:83:71:
5b:02:8b:a1:77:9f:f4:2d:fb:b8:74:2c:e6:42:82:59:e5:18:
45:d2:85:eb:09:dc:0c:db:9d:ff:68:4e:24:06:06:fa:56:55:
c2:9b:8b:3a:97:3b:ba:72:d6:18:cf:b4:b9:ac:8a:59:71:07:
06:53:7b:86:be:ea:88:2f:c7:3a:83:a3:16:ea:05:8d:29:48:
ca:01:34:1a:d1:be:f9:fc:27:7b:b2:a2:29:c3:fd:4a:d4:a6:
65:e6:60:bb
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAYzFASOYrlp9YJY7rjiCnje5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmVjOGEzMWZiZDIwMTg4NjkxOGNlOTQ4NThlZDU4NGM0MTcyNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzd2+BdFyThSP85C/OpIpWAAr77y
yaY0E7s1FqOtmx58+ZxdKBuv84EmLy/3lFA7Tl/yHwON1qqdM6Bbi6CbswU+fZxh
eejjp3LwKbUUCxvchrESXMLk3vHJCPNxuRWZezup0DK6nSTugSvrGPuZgK0lfWKX
mHX/jterggICMaUeq6cwfqTYgdRegUDnVgdtCB1Dke3e3LZ/jg5+6OEbTypACG+A
wFDG0i/hEqYb45fyaeAelZ7Cx/IgkKO7yhOQOa94Jd8lC+VdvmLrVXPASTsuMf2H
gJO8wUz+v1Xq+g6lCtY5mliIyoL1yscvPXBeydk3HVbh21FrgKkG3fhcLQIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFNbsijH70gGIaRjOlIWO1YTEFycVMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvMXV5S01mdlNBWWhwR002VWhZN1ZoTVFYSnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAUcEAgABMIIB
PwMEAR/SIAMEAB/SIwMEAB/SKAMEAh/SLDAMAwQDH9I4AwQBH9I8MAwDBAdNXIAD
BAFNXIwDBAFNXJQwDAMEAE1cmwMEBU1cgAMEAE6HTwMEAE6HbDAMAwQATodxAwQA
Tod0AwQBvISGAwQAvISOMAwDBAC8hJMDBAC8hJQwDAMEALyEnQMEALyEngMEALyE
rDAMAwQAvISvAwQBvISwAwQAvIS0AwQAvITCAwQBvITMAwQAvITQMAwDBAC8hNMD
BAG8hNQDBAC8hNcwDAMEALyE2QMEALyE2jAMAwQAvIThAwQAvITkAwQBvITmAwQA
vITqAwQAvITvAwQAvITxMAwDBAC8hPMDBAC8hPYwCwMEAbyE+gMDALyEAwQA1EQh
MAwDBAPURCgDBADURC4DBAHURDIDBAHURDgDBADURD0wDQQCAAIwBwMFACoCJrAw
DQYJKoZIhvcNAQELBQADggEBAIsKvA6wWvTNbYj8ynm6G3zjRDYKml4Bw2hQ65Qv
ZMa6irs/COExAxvFEDYw/E9/fSGDihIlKJxHWiRI1elq7SVxvJDOLFOO+Pane9qn
XCCxoZdmEwzzlYHONHjGL+7wodoJ4Xq+vpMw2R5cXqpPGYULvmTtoC19HNbGITPw
gOn05mHdRyGc5+JYn+zVd8H1CRnt0D2np3mkh9m1gilFbPqDcVsCi6F3n/Qt+7h0
LOZCglnlGEXShesJ3Azbnf9oTiQGBvpWVcKbizqXO7py1hjPtLmsillxBwZTe4a+
6ogvxzqDoxbqBY0pSMoBNBrRvvn8J3uyoinD/UrUpmXmYLs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:53 2025 by rpki-client