Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Bo9R-z3qOuoz-QRfRCJ3hSXADjs.roa
File: Bo9R-z3qOuoz-QRfRCJ3hSXADjs.roa (raw, json)
Hash identifier: o5cLusYjGn4y9f1mbiUGsRQJo1sL0spVX+rqM/X/x5s=
Subject key identifier: 06:8F:51:FB:3D:EA:3A:EA:33:F9:04:5F:44:22:77:85:25:C0:0E:3B
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B246EFF6A4F2832E44188630EE53864E2
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Bo9R-z3qOuoz-QRfRCJ3hSXADjs.roa
Signing time: Thu 12 Oct 2023 15:08:55 +0000
ROA not before: Thu 12 Oct 2023 15:08:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.219.0/24 maxlen: 32
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.223.0/24 maxlen: 32
188.132.220.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.228.0/24 maxlen: 32
188.132.233.0/24 maxlen: 24
188.132.232.0/24 maxlen: 24
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.135.0/24 maxlen: 24
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.245.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
77.92.144.0/24 maxlen: 32
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.183.0/24 maxlen: 32
188.132.180.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.195.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.211.0/24 maxlen: 32
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.36.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.41.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.47.0/24 maxlen: 24
31.210.51.0/24 maxlen: 32
31.210.50.0/24 maxlen: 32
31.210.45.0/24 maxlen: 32
31.210.49.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.98.0/24 maxlen: 24
78.135.103.0/24 maxlen: 24
78.135.99.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.37.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.38.0/24 maxlen: 24
212.68.36.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.39.0/24 maxlen: 24
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.49.0/24 maxlen: 24
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:6e:ff:6a:4f:28:32:e4:41:88:63:0e:e5:38:64:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 12 15:08:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=068f51fb3dea3aea33f9045f4422778525c00e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:d3:a4:3d:fc:dd:fe:f4:a4:b9:6a:63:84:
f5:c5:57:51:f7:21:da:90:f2:f9:91:64:cf:87:4d:
07:a2:aa:04:cb:d3:8d:e5:29:80:0b:97:82:31:4e:
46:1c:76:25:a6:f7:8b:f0:49:c3:c5:c7:06:9e:15:
03:d2:ce:e0:47:7a:13:08:92:f4:72:cc:c0:ef:70:
ba:82:15:66:0c:63:b0:b1:db:c1:3b:c8:b6:91:f9:
0a:f4:a1:07:94:e0:9c:74:ae:78:32:47:39:db:16:
49:7e:8f:f6:02:fd:19:f6:49:c6:ba:57:c2:f8:d2:
f5:c8:d7:c1:f3:07:48:51:3c:e7:28:cb:f5:83:a6:
49:bb:43:59:aa:ea:13:3c:73:dc:a5:73:49:cc:05:
33:6b:23:10:06:5b:74:c3:72:a2:78:27:75:36:af:
76:82:b3:77:69:77:af:06:c6:77:83:21:43:86:91:
71:02:fb:20:85:25:b0:2d:f4:ed:a2:57:3b:d8:6a:
4c:70:77:0b:08:aa:56:e4:1f:ce:5b:df:8c:63:9d:
d9:3f:c6:d2:fe:44:1e:c7:29:b9:0f:d5:a3:8e:e1:
9e:92:e9:1d:46:aa:b8:c2:3d:36:44:67:dc:63:a3:
91:8a:02:90:d5:b2:ed:b0:d6:2c:bc:81:82:b2:6b:
95:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8F:51:FB:3D:EA:3A:EA:33:F9:04:5F:44:22:77:85:25:C0:0E:3B
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Bo9R-z3qOuoz-QRfRCJ3hSXADjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0-31.210.36.255
31.210.40.0/23
31.210.44.0-31.210.51.255
31.210.56.0-31.210.61.255
77.92.128.0-77.92.142.255
77.92.144.0/24
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.98.0/23
78.135.103.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.183.0/24
188.132.190.0/24
188.132.194.0/23
188.132.204.0/23
188.132.208.0/24
188.132.211.0-188.132.215.255
188.132.217.0-188.132.220.255
188.132.223.0-188.132.228.255
188.132.230.0-188.132.235.255
188.132.239.0/24
188.132.241.0/24
188.132.243.0-188.132.246.255
188.132.250.0-188.132.255.255
212.68.33.0/24
212.68.36.0-212.68.46.255
212.68.49.0-212.68.51.255
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
30:1a:da:c5:07:37:30:5c:ef:ba:5a:c9:2e:14:82:46:0a:8e:
c5:7a:5b:85:26:92:e9:ba:74:e4:67:11:01:33:68:62:76:b1:
ef:be:f2:ab:c3:05:46:c3:0b:14:89:22:99:09:a4:11:2f:df:
ed:01:38:2a:78:c8:d9:02:e1:32:b5:1d:16:dc:69:85:fd:da:
45:9e:dc:81:5f:31:4a:bc:27:bf:e2:6e:1d:9a:d3:25:c5:66:
61:f4:67:38:5f:70:12:d8:5b:e7:a2:b0:ee:04:21:fa:86:32:
e9:90:ed:b9:a0:d9:a9:7e:75:f8:12:26:6d:f8:61:5b:f2:84:
a2:dd:0d:44:d8:39:85:e9:1d:9f:79:5a:13:ed:42:fd:73:1c:
ad:ee:f6:60:41:e8:d4:f0:70:f4:f7:22:50:c7:b3:06:35:64:
24:52:ba:e1:26:e8:8d:86:9e:59:3e:3d:37:37:a0:19:5f:01:
d4:18:73:a2:f9:09:d7:db:56:49:d9:77:5e:59:9f:13:a3:6c:
6d:cd:a3:fd:8c:b0:dd:d3:b4:a1:e1:f6:30:1d:74:44:66:35:
31:b0:b6:e1:d0:1f:5c:e4:60:c4:56:39:d0:ed:44:3d:be:ee:
61:28:00:6c:04:52:d6:d4:9b:c4:b5:84:d7:0c:83:9a:a6:16:
f8:d2:af:03
-----BEGIN CERTIFICATE-----
MIIGgTCCBWmgAwIBAgISAYskbv9qTygy5EGIYw7lOGTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDEyMTUwODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjhmNTFmYjNkZWEzYWVhMzNmOTA0NWY0NDIyNzc4NTI1YzAwZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7TTpD383f70pLlqY4T1xVdR9yHa
kPL5kWTPh00HoqoEy9ON5SmAC5eCMU5GHHYlpveL8EnDxccGnhUD0s7gR3oTCJL0
cszA73C6ghVmDGOwsdvBO8i2kfkK9KEHlOCcdK54Mkc52xZJfo/2Av0Z9knGulfC
+NL1yNfB8wdIUTznKMv1g6ZJu0NZquoTPHPcpXNJzAUzayMQBlt0w3KieCd1Nq92
grN3aXevBsZ3gyFDhpFxAvsghSWwLfTtolc72GpMcHcLCKpW5B/OW9+MY53ZP8bS
/kQexym5D9WjjuGekukdRqq4wj02RGfcY6ORigKQ1bLtsNYsvIGCsmuVcQIDAQAB
o4IDjTCCA4kwHQYDVR0OBBYEFAaPUfs96jrqM/kEX0Qid4UlwA47MB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvQm85Ui16M3FPdW96LVFSZlJDSjNoU1hBRGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBoQYIKwYBBQUHAQcBAf8EggGQMIIBjDCCAXkEAgABMIIB
cQMEAR/SIDAMAwQAH9IjAwQAH9IkAwQBH9IoMAwDBAIf0iwDBAIf0jAwDAMEAx/S
OAMEAR/SPDAMAwQHTVyAAwQATVyOAwQATVyQAwQBTVyUMAwDBABNXJsDBAVNXIAD
BABOh08DBAFOh2IDBABOh2cDBABOh2wwDAMEAE6HcQMEAE6HdAMEAbyEhgMEALyE
jjAMAwQAvISTAwQAvISUMAwDBAC8hJ0DBAC8hJ4DBAC8hKwwDAMEALyErwMEAbyE
sAMEALyEtAMEALyEtwMEALyEvgMEAbyEwgMEAbyEzAMEALyE0DAMAwQAvITTAwQD
vITQMAwDBAC8hNkDBAC8hNwwDAMEALyE3wMEALyE5DAMAwQBvITmAwQCvIToAwQA
vITvAwQAvITxMAwDBAC8hPMDBAC8hPYwCwMEAbyE+gMDALyEAwQA1EQhMAwDBALU
RCQDBADURC4wDAMEANREMQMEAtREMAMEAdREOAMEANREPTANBAIAAjAHAwUAKgIm
sDANBgkqhkiG9w0BAQsFAAOCAQEAMBraxQc3MFzvulrJLhSCRgqOxXpbhSaS6bp0
5GcRATNoYnax777yq8MFRsMLFIkimQmkES/f7QE4KnjI2QLhMrUdFtxphf3aRZ7c
gV8xSrwnv+JuHZrTJcVmYfRnOF9wEthb56Kw7gQh+oYy6ZDtuaDZqX51+BImbfhh
W/KEot0NRNg5hekdn3laE+1C/XMcre72YEHo1PBw9PciUMezBjVkJFK64SbojYae
WT49NzegGV8B1BhzovkJ19tWSdl3XlmfE6Nsbc2j/Yyw3dO0oeH2MB10RGY1MbC2
4dAfXORgxFY50O1EPb7uYSgAbARS1tSbxLWE1wyDmqYW+NKvAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org