Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/AVfIuAARia8ktjNfJmnhHgrCj6w.roa
File: AVfIuAARia8ktjNfJmnhHgrCj6w.roa (raw, json)
Hash identifier: vHbZPlKQQ7AnIouUkhPBbPVUu8YgKaveQ9YfuJ7djtk=
Subject key identifier: 01:57:C8:B8:00:11:89:AF:24:B6:33:5F:26:69:E1:1E:0A:C2:8F:AC
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CAAD80E0220059104855F23BFD4A186CC
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/AVfIuAARia8ktjNfJmnhHgrCj6w.roa
Signing time: Wed 27 Dec 2023 10:35:35 +0000
ROA not before: Wed 27 Dec 2023 10:35:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.228.0/24 maxlen: 32
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.135.0/24 maxlen: 24
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.245.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.180.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.211.0/24 maxlen: 32
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.47.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.45.0/24 maxlen: 32
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:d8:0e:02:20:05:91:04:85:5f:23:bf:d4:a1:86:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Dec 27 10:35:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0157c8b8001189af24b6335f2669e11e0ac28fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:06:30:15:d5:36:6e:fe:dc:53:1d:a3:c3:83:
70:4c:3e:d4:81:f0:6c:1a:70:bf:30:ee:29:50:0b:
14:97:51:7f:cb:cb:b6:63:73:bc:c8:dc:d6:43:15:
c6:30:21:d1:ee:dd:a7:e5:29:93:18:ac:3f:b2:e4:
fe:1c:4f:68:94:c8:da:7b:01:44:fd:7c:d4:97:9d:
a8:f6:6c:3d:21:74:2f:f3:e6:a1:5e:42:0a:f9:20:
45:4e:52:48:b4:e6:20:24:68:ba:49:e9:d9:f5:20:
b9:02:3f:94:0a:4b:0b:28:a0:4d:6a:96:ae:ed:e1:
58:01:ed:45:6d:2b:0f:95:27:c6:b6:44:c8:da:1d:
75:78:0d:fe:fd:aa:87:be:92:3f:79:a8:45:be:ee:
ea:ef:b8:11:1f:eb:33:d0:6f:ba:66:5d:52:04:95:
fd:83:84:3b:28:50:0d:b7:3d:36:b4:02:d2:c2:f3:
fd:ac:e5:46:d0:2e:55:77:ce:71:68:c5:87:46:b2:
b1:5c:e6:24:a3:4c:bd:5e:9b:c4:64:b8:d2:49:62:
a5:25:c9:28:f5:69:a8:fe:54:d7:2e:d2:fd:51:4c:
8f:af:c0:5c:2e:d7:26:c3:c5:c0:38:73:3f:9b:76:
39:7c:ba:d1:62:89:67:ba:07:52:bd:06:bb:ae:bc:
e9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:57:C8:B8:00:11:89:AF:24:B6:33:5F:26:69:E1:1E:0A:C2:8F:AC
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/AVfIuAARia8ktjNfJmnhHgrCj6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0/24
31.210.40.0/24
31.210.44.0/22
31.210.56.0-31.210.61.255
77.92.128.0-77.92.141.255
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.194.0/24
188.132.204.0/23
188.132.208.0/24
188.132.211.0-188.132.213.255
188.132.215.0/24
188.132.217.0-188.132.218.255
188.132.225.0-188.132.228.255
188.132.230.0/23
188.132.234.0/24
188.132.239.0/24
188.132.241.0/24
188.132.243.0-188.132.246.255
188.132.250.0-188.132.255.255
212.68.33.0/24
212.68.40.0-212.68.46.255
212.68.50.0/23
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
a5:6b:1a:19:bb:a0:f8:50:1f:30:f1:52:e9:33:7c:a9:09:cb:
35:36:c2:d2:2a:44:2f:2f:19:25:15:21:b9:c8:b6:0c:3c:ce:
4a:92:15:d2:2a:dc:dd:de:66:ba:fa:1f:6e:79:76:25:2c:5f:
7e:c2:2d:4c:33:66:2e:4f:65:88:32:f8:06:87:0c:e2:d4:25:
e6:43:8d:72:6c:b6:44:e0:1c:6d:84:e2:9e:a8:c1:6a:0b:3a:
e6:84:b2:c6:d9:16:89:5d:20:2b:37:04:b0:14:bc:3e:89:2c:
69:01:17:e6:f9:c5:7f:74:8d:d5:ca:f1:17:0e:4e:80:22:e1:
3b:9e:40:06:ed:be:33:4d:10:36:62:f1:7c:69:e5:72:89:2b:
a5:8f:ce:a1:22:23:8e:e3:d2:0b:71:d9:92:a6:4b:10:39:78:
bf:6a:06:03:22:5f:c0:92:80:2e:f7:f7:f1:20:f0:d6:ab:ab:
37:17:dd:c1:b7:a4:6f:1e:60:f5:06:4b:08:e6:e9:45:f3:3b:
66:b2:1d:6c:6c:e3:a7:e5:2b:5c:e9:39:4d:cd:e8:b7:8f:cb:
30:9a:09:c3:17:7d:54:f8:0b:b8:62:06:54:18:3d:3b:44:80:
bb:b2:52:17:7f:17:39:0a:28:a7:fb:e5:8e:28:a2:f8:85:cf:
f1:92:45:c6
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAYyq2A4CIAWRBIVfI7/UoYbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMjI3MTAzNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTU3YzhiODAwMTE4OWFmMjRiNjMzNWYyNjY5ZTExZTBhYzI4ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwYwFdU2bv7cUx2jw4NwTD7UgfBs
GnC/MO4pUAsUl1F/y8u2Y3O8yNzWQxXGMCHR7t2n5SmTGKw/suT+HE9olMjaewFE
/XzUl52o9mw9IXQv8+ahXkIK+SBFTlJItOYgJGi6SenZ9SC5Aj+UCksLKKBNapau
7eFYAe1FbSsPlSfGtkTI2h11eA3+/aqHvpI/eahFvu7q77gRH+sz0G+6Zl1SBJX9
g4Q7KFANtz02tALSwvP9rOVG0C5Vd85xaMWHRrKxXOYko0y9XpvEZLjSSWKlJcko
9Wmo/lTXLtL9UUyPr8BcLtcmw8XAOHM/m3Y5fLrRYolnugdSvQa7rrzpBQIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFAFXyLgAEYmvJLYzXyZp4R4Kwo+sMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvQVZmSXVBQVJpYThrdGpOZkptbmhIZ3JDajZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAUcEAgABMIIB
PwMEAR/SIAMEAB/SIwMEAB/SKAMEAh/SLDAMAwQDH9I4AwQBH9I8MAwDBAdNXIAD
BAFNXIwDBAFNXJQwDAMEAE1cmwMEBU1cgAMEAE6HTwMEAE6HbDAMAwQATodxAwQA
Tod0AwQBvISGAwQAvISOMAwDBAC8hJMDBAC8hJQwDAMEALyEnQMEALyEngMEALyE
rDAMAwQAvISvAwQBvISwAwQAvIS0AwQAvITCAwQBvITMAwQAvITQMAwDBAC8hNMD
BAG8hNQDBAC8hNcwDAMEALyE2QMEALyE2jAMAwQAvIThAwQAvITkAwQBvITmAwQA
vITqAwQAvITvAwQAvITxMAwDBAC8hPMDBAC8hPYwCwMEAbyE+gMDALyEAwQA1EQh
MAwDBAPURCgDBADURC4DBAHURDIDBAHURDgDBADURD0wDQQCAAIwBwMFACoCJrAw
DQYJKoZIhvcNAQELBQADggEBAKVrGhm7oPhQHzDxUukzfKkJyzU2wtIqRC8vGSUV
IbnItgw8zkqSFdIq3N3eZrr6H255diUsX37CLUwzZi5PZYgy+AaHDOLUJeZDjXJs
tkTgHG2E4p6owWoLOuaEssbZFoldICs3BLAUvD6JLGkBF+b5xX90jdXK8RcOToAi
4TueQAbtvjNNEDZi8Xxp5XKJK6WPzqEiI47j0gtx2ZKmSxA5eL9qBgMiX8CSgC73
9/Eg8NarqzcX3cG3pG8eYPUGSwjm6UXzO2ayHWxs46flK1zpOU3N6LePyzCaCcMX
fVT4C7hiBlQYPTtEgLuyUhd/FzkKKKf75Y4ooviFz/GSRcY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org