Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KMnJFUOq8-aF_Aa-a4IJvi3YQlA.roa
File: KMnJFUOq8-aF_Aa-a4IJvi3YQlA.roa (raw, json)
Hash identifier: ADu3+U5TNPRHxCxSldh7Aq2U+kKJZHc4akuzCC+ISDQ=
Subject key identifier: 28:C9:C9:15:43:AA:F3:E6:85:FC:06:BE:6B:82:09:BE:2D:D8:42:50
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 0D9BCFD5
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KMnJFUOq8-aF_Aa-a4IJvi3YQlA.roa
Signing time: Thu 09 Jun 2022 13:18:03 +0000
ROA not before: Thu 09 Jun 2022 13:18:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.219.0/24 maxlen: 32
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.223.0/24 maxlen: 32
188.132.220.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.229.0/24 maxlen: 32
188.132.228.0/24 maxlen: 32
188.132.233.0/24 maxlen: 24
188.132.232.0/24 maxlen: 24
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
77.92.135.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.242.0/24 maxlen: 32
188.132.250.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
77.92.144.0/24 maxlen: 32
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.146.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.183.0/24 maxlen: 32
188.132.180.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.195.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.200.0/24 maxlen: 24
188.132.205.0/24 maxlen: 32
188.132.206.0/24 maxlen: 24
188.132.210.0/24 maxlen: 24
188.132.211.0/24 maxlen: 32
188.132.207.0/24 maxlen: 24
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.36.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.41.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.47.0/24 maxlen: 24
31.210.51.0/24 maxlen: 32
31.210.50.0/24 maxlen: 32
31.210.45.0/24 maxlen: 32
31.210.49.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.98.0/24 maxlen: 24
78.135.103.0/24 maxlen: 24
78.135.99.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.32.0/24 maxlen: 32
212.68.37.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.38.0/24 maxlen: 24
212.68.36.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.39.0/24 maxlen: 24
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.49.0/24 maxlen: 24
212.68.48.0/24 maxlen: 24
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228315093 (0xd9bcfd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Jun 9 13:18:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c9c91543aaf3e685fc06be6b8209be2dd84250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:d4:91:00:d3:1d:fd:4d:6f:f8:46:7e:82:
45:e8:27:cb:7b:44:9f:f2:ed:7d:1e:6a:3e:46:dc:
b0:30:d2:8b:12:1f:f8:d5:75:fc:54:b9:5e:fa:04:
a4:35:ec:68:d3:9c:0e:b9:35:94:9e:40:d7:8a:97:
f3:59:75:c5:99:d0:c7:fa:b7:b0:5c:cf:cd:60:47:
5c:17:a1:dd:0e:fe:14:fe:2f:1c:49:e9:90:cd:b1:
a3:cb:36:31:86:fc:01:48:b1:25:27:b6:34:52:c3:
e4:cc:2c:04:11:1b:e4:52:dc:84:b9:df:4d:77:27:
d1:c0:ee:77:61:ec:e8:00:73:f0:68:fc:df:02:d9:
77:c8:25:8f:ff:0f:d2:6b:5a:69:09:8a:7f:e5:aa:
88:6f:75:09:ad:dd:15:88:31:b3:6d:64:08:25:3a:
6c:ad:c6:40:94:4b:b7:f1:87:3f:19:68:3c:4b:0a:
e8:56:ff:d3:64:d1:49:2b:44:f8:bf:13:14:1b:5a:
9b:e2:63:66:74:98:cb:6c:77:6c:f4:4a:22:37:52:
3c:81:0a:86:85:24:72:36:2e:40:58:3f:f1:03:bb:
44:00:e0:ff:f0:54:ac:f1:14:d7:62:92:b0:38:31:
ea:40:8b:08:88:3d:60:71:81:18:b1:61:17:60:20:
6b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C9:C9:15:43:AA:F3:E6:85:FC:06:BE:6B:82:09:BE:2D:D8:42:50
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KMnJFUOq8-aF_Aa-a4IJvi3YQlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0-31.210.36.255
31.210.40.0/23
31.210.44.0-31.210.51.255
31.210.56.0/22
31.210.61.0/24
77.92.128.0-77.92.144.255
77.92.146.0/24
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.98.0/23
78.135.103.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.153.0/24
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.183.0-188.132.184.255
188.132.190.0/24
188.132.194.0/23
188.132.200.0/24
188.132.204.0-188.132.208.255
188.132.210.0-188.132.220.255
188.132.223.0-188.132.235.255
188.132.239.0/24
188.132.241.0-188.132.244.255
188.132.246.0/24
188.132.250.0-188.132.255.255
212.68.32.0/23
212.68.36.0-212.68.46.255
212.68.48.0/22
212.68.55.0-212.68.57.255
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
89:51:ed:7a:0e:eb:a7:c3:e9:5a:32:82:f9:b4:de:ea:73:be:
c8:aa:20:66:83:69:8e:39:29:8f:1b:ec:1a:18:7e:cf:32:3d:
c4:c0:3d:53:72:31:40:c2:77:a9:02:2b:dc:a0:d7:c0:44:2a:
c0:e8:86:71:3b:e0:e7:eb:a2:84:f2:1f:86:14:d0:16:b0:e8:
ef:21:e1:f3:9b:0f:f6:c3:57:7c:82:2b:ae:69:ca:c9:e6:30:
7d:3d:4c:e0:ce:e7:02:1f:f0:99:b2:be:cb:41:b3:42:ae:48:
25:a9:16:8e:ef:2d:4d:1f:74:24:4e:e5:0f:19:8c:cc:2e:b6:
b3:9d:22:fd:4e:84:c9:26:f3:3c:74:4c:0f:1f:f3:bc:11:2f:
5c:cf:6a:1d:d6:ed:a1:c1:9e:ad:9a:8a:d7:77:9a:42:30:42:
6f:24:e0:5d:ca:d4:50:44:dc:3f:5f:72:96:e7:ce:89:a9:97:
38:33:77:d4:da:57:13:ce:53:b9:c1:86:24:0c:00:cb:ff:6b:
fe:1e:f3:ea:63:40:5a:4d:7e:af:6b:00:7a:ea:dc:5b:9c:a1:
e3:a7:43:3a:5f:1a:e6:c3:24:cf:74:e2:bf:3c:39:cb:24:9c:
db:e4:b0:8d:ae:a6:62:f3:4f:86:a9:0c:4d:17:d7:02:cf:85:
f2:47:00:72
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgIEDZvP1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NGEyYjhlOTBkMTU3ZWEwMjJmOGU3MDAwMjRhOTNkYzM1NmE1MTRkMB4XDTIyMDYw
OTEzMTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhjOWM5MTU0M2Fh
ZjNlNjg1ZmMwNmJlNmI4MjA5YmUyZGQ4NDI1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1t1JEA0x39TW/4Rn6CRegny3tEn/LtfR5qPkbcsDDSixIf
+NV1/FS5XvoEpDXsaNOcDrk1lJ5A14qX81l1xZnQx/q3sFzPzWBHXBeh3Q7+FP4v
HEnpkM2xo8s2MYb8AUixJSe2NFLD5MwsBBEb5FLchLnfTXcn0cDud2Hs6ABz8Gj8
3wLZd8glj/8P0mtaaQmKf+WqiG91Ca3dFYgxs21kCCU6bK3GQJRLt/GHPxloPEsK
6Fb/02TRSStE+L8TFBtam+JjZnSYy2x3bPRKIjdSPIEKhoUkcjYuQFg/8QO7RADg
//BUrPEU12KSsDgx6kCLCIg9YHGBGLFhF2AgawcCAwEAAaOCA4UwggOBMB0GA1Ud
DgQWBBQoyckVQ6rz5oX8Br5rggm+LdhCUDAfBgNVHSMEGDAWgBTkorjpDRV+oCL4
5wACSpPcNWpRTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVLSzQ2UTBWZnFBaS1PY0FBa3FUM0RWcVVVMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvNjk5ZTg1LTEwMjctNGM3ZS04YWU3LWRmNGEyZTc2MGNjYi8x
L0tNbkpGVU9xOC1hRl9BYS1hNElKdmkzWVFsQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
Njk5ZTg1LTEwMjctNGM3ZS04YWU3LWRmNGEyZTc2MGNjYi8xLzVLSzQ2UTBWZnFB
aS1PY0FBa3FUM0RWcVVVMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AZkGCCsGAQUFBwEHAQH/BIIBiDCCAYQwggFxBAIAATCCAWkDBAEf0iAwDAMEAB/S
IwMEAB/SJAMEAR/SKDAMAwQCH9IsAwQCH9IwAwQCH9I4AwQAH9I9MAwDBAdNXIAD
BABNXJADBABNXJIDBAFNXJQwDAMEAE1cmwMEBU1cgAMEAE6HTwMEAU6HYgMEAE6H
ZwMEAE6HbDAMAwQATodxAwQATod0AwQBvISGAwQAvISOMAwDBAC8hJMDBAC8hJQD
BAC8hJkwDAMEALyEnQMEALyEngMEALyErDAMAwQAvISvAwQBvISwAwQAvIS0MAwD
BAC8hLcDBAC8hLgDBAC8hL4DBAG8hMIDBAC8hMgwDAMEAryEzAMEALyE0DAMAwQB
vITSAwQAvITcMAwDBAC8hN8DBAK8hOgDBAC8hO8wDAMEALyE8QMEALyE9AMEALyE
9jALAwQBvIT6AwMAvIQDBAHURCAwDAMEAtREJAMEANRELgMEAtREMDAMAwQA1EQ3
AwQB1EQ4AwQA1EQ9MA0EAgACMAcDBQAqAiawMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
Ue16Duunw+laMoL5tN7qc77IqiBmg2mOOSmPG+waGH7PMj3EwD1TcjFAwnepAivc
oNfARCrA6IZxO+Dn66KE8h+GFNAWsOjvIeHzmw/2w1d8giuuacrJ5jB9PUzgzucC
H/CZsr7LQbNCrkglqRaO7y1NH3QkTuUPGYzMLraznSL9ToTJJvM8dEwPH/O8ES9c
z2od1u2hwZ6tmorXd5pCMEJvJOBdytRQRNw/X3KW586JqZc4M3fU2lcTzlO5wYYk
DADL/2v+HvPqY0BaTX6vawB66txbnKHjp0M6XxrmwyTPdOK/PDnLJJzb5LCNrqZi
80+GqQxNF9cCz4XyRwBy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org