Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/MiRaexB0KERmX7LqZhShpIJPZ4s.roa
File: MiRaexB0KERmX7LqZhShpIJPZ4s.roa (raw, json)
Hash identifier: XNIngC0sXvB8y0j9wAlezWUO54k9Kz5cQ5Pzxdpb9Tk=
Subject key identifier: 32:24:5A:7B:10:74:28:44:66:5F:B2:EA:66:14:A1:A4:82:4F:67:8B
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B5C1EFA3C6DE866E2ABB341C50070118B
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/MiRaexB0KERmX7LqZhShpIJPZ4s.roa
Signing time: Mon 23 Oct 2023 10:40:15 +0000
ROA not before: Mon 23 Oct 2023 10:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.219.0/24 maxlen: 32
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.220.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.228.0/24 maxlen: 32
188.132.233.0/24 maxlen: 24
188.132.232.0/24 maxlen: 24
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.135.0/24 maxlen: 24
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.245.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
77.92.144.0/24 maxlen: 32
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.183.0/24 maxlen: 32
188.132.180.0/24 maxlen: 24
188.132.195.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.211.0/24 maxlen: 32
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.36.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.41.0/24 maxlen: 24
31.210.47.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.51.0/24 maxlen: 32
31.210.50.0/24 maxlen: 32
31.210.45.0/24 maxlen: 32
31.210.49.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.98.0/24 maxlen: 24
78.135.103.0/24 maxlen: 24
78.135.99.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.37.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.38.0/24 maxlen: 24
212.68.36.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.49.0/24 maxlen: 24
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:1e:fa:3c:6d:e8:66:e2:ab:b3:41:c5:00:70:11:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 23 10:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32245a7b10742844665fb2ea6614a1a4824f678b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c4:06:3d:8c:24:f7:08:57:5b:7d:6d:9c:97:
aa:e8:35:c0:52:25:9f:cd:3b:04:12:cb:b2:75:0e:
f2:01:86:06:65:23:53:2b:7e:00:4c:3f:bf:9b:c4:
14:cf:2a:ec:e9:fe:f1:54:2b:04:71:b9:a6:16:9d:
0a:28:97:d8:64:20:0f:c2:c4:3c:2f:3a:44:48:fe:
ee:78:ec:34:13:c5:f0:ec:06:b9:85:90:ae:5d:32:
23:98:ce:8b:aa:ed:f7:72:43:93:b3:88:f3:11:c0:
d2:e6:55:a0:45:63:de:72:25:a5:a6:b4:ee:3e:c1:
38:84:22:0a:69:aa:ad:44:c3:ae:7c:fc:2c:7b:c4:
fc:f9:0f:07:cc:3b:b3:ec:2e:54:34:ac:72:97:21:
2d:35:e0:c7:7e:fb:a3:bf:87:de:f7:7f:d9:1c:29:
19:f1:da:db:d5:c9:56:61:85:e7:07:06:d7:56:f0:
75:4d:0a:5b:55:7d:0d:e9:36:f1:f5:1c:84:34:e1:
f5:5d:99:fb:50:d3:b7:bb:61:ca:58:8a:f2:49:7d:
26:2a:9e:9d:ff:9f:8d:21:5d:67:49:32:4f:19:6b:
1f:20:ce:a4:fb:84:81:0a:07:ab:d6:5d:48:9f:e9:
c3:91:5e:a0:48:12:92:28:aa:86:20:90:41:e0:a1:
d9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:24:5A:7B:10:74:28:44:66:5F:B2:EA:66:14:A1:A4:82:4F:67:8B
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/MiRaexB0KERmX7LqZhShpIJPZ4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0-31.210.36.255
31.210.40.0/23
31.210.44.0/22
31.210.49.0-31.210.51.255
31.210.56.0-31.210.61.255
77.92.128.0-77.92.142.255
77.92.144.0/24
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.98.0/23
78.135.103.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.183.0/24
188.132.194.0/23
188.132.204.0/23
188.132.208.0/24
188.132.211.0-188.132.215.255
188.132.217.0-188.132.220.255
188.132.224.0-188.132.228.255
188.132.230.0-188.132.235.255
188.132.239.0/24
188.132.241.0/24
188.132.243.0-188.132.246.255
188.132.250.0-188.132.255.255
212.68.33.0/24
212.68.36.0-212.68.38.255
212.68.40.0-212.68.46.255
212.68.49.0-212.68.51.255
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
c3:cc:f7:b9:3e:17:15:0f:bb:5b:f3:8a:56:07:01:7e:75:e8:
2c:bc:97:3d:e4:d5:b8:3e:d9:0e:87:d1:f1:98:27:76:92:98:
28:2a:37:1e:6e:bd:5f:9f:8b:1e:ed:b5:b6:8f:57:36:3a:7c:
1b:81:af:a3:00:0c:b2:a9:ac:66:ce:a3:c4:ae:9d:16:be:8c:
68:25:26:95:f7:66:63:7b:0c:9b:5d:d5:9b:17:1f:c9:ad:ff:
e1:96:36:58:eb:4b:dc:d0:23:fd:d0:1c:9e:ce:8e:14:a9:8a:
24:3a:bc:83:2f:1f:d1:dd:f0:74:fb:3f:18:04:99:98:2e:83:
56:b9:91:68:48:1c:92:eb:c7:85:10:a6:2e:b6:0a:d6:4f:a9:
25:9a:05:6a:5a:f9:44:db:03:84:86:75:ea:64:1d:5b:e9:73:
7c:d3:5d:ce:c3:26:a4:14:d8:e7:40:e5:70:61:be:ff:b0:33:
e8:e2:c5:3d:bb:e5:81:22:2f:d8:be:a9:d5:a8:39:50:44:a0:
32:0e:27:2f:e8:dc:bd:2b:2f:90:ee:38:64:0b:cd:29:5c:dc:
24:12:ed:b3:65:7c:6c:93:be:e0:86:cb:c8:8a:fa:19:22:7d:
fc:33:a8:6f:cc:a7:38:74:33:58:17:85:a4:52:d6:05:ac:72:
74:04:75:40
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgISAYtcHvo8behm4quzQcUAcBGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDIzMTA0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI0NWE3YjEwNzQyODQ0NjY1ZmIyZWE2NjE0YTFhNDgyNGY2NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsQGPYwk9whXW31tnJeq6DXAUiWf
zTsEEsuydQ7yAYYGZSNTK34ATD+/m8QUzyrs6f7xVCsEcbmmFp0KKJfYZCAPwsQ8
LzpESP7ueOw0E8Xw7Aa5hZCuXTIjmM6Lqu33ckOTs4jzEcDS5lWgRWPeciWlprTu
PsE4hCIKaaqtRMOufPwse8T8+Q8HzDuz7C5UNKxylyEtNeDHfvujv4fe93/ZHCkZ
8drb1clWYYXnBwbXVvB1TQpbVX0N6Tbx9RyENOH1XZn7UNO3u2HKWIrySX0mKp6d
/5+NIV1nSTJPGWsfIM6k+4SBCger1l1In+nDkV6gSBKSKKqGIJBB4KHZ5wIDAQAB
o4IDmzCCA5cwHQYDVR0OBBYEFDIkWnsQdChEZl+y6mYUoaSCT2eLMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvTWlSYWV4QjBLRVJtWDdMcVpoU2hwSUpQWjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrwYIKwYBBQUHAQcBAf8EggGeMIIBmjCCAYcEAgABMIIB
fwMEAR/SIDAMAwQAH9IjAwQAH9IkAwQBH9IoAwQCH9IsMAwDBAAf0jEDBAIf0jAw
DAMEAx/SOAMEAR/SPDAMAwQHTVyAAwQATVyOAwQATVyQAwQBTVyUMAwDBABNXJsD
BAVNXIADBABOh08DBAFOh2IDBABOh2cDBABOh2wwDAMEAE6HcQMEAE6HdAMEAbyE
hgMEALyEjjAMAwQAvISTAwQAvISUMAwDBAC8hJ0DBAC8hJ4DBAC8hKwwDAMEALyE
rwMEAbyEsAMEALyEtAMEALyEtwMEAbyEwgMEAbyEzAMEALyE0DAMAwQAvITTAwQD
vITQMAwDBAC8hNkDBAC8hNwwDAMEBbyE4AMEALyE5DAMAwQBvITmAwQCvIToAwQA
vITvAwQAvITxMAwDBAC8hPMDBAC8hPYwCwMEAbyE+gMDALyEAwQA1EQhMAwDBALU
RCQDBADURCYwDAMEA9REKAMEANRELjAMAwQA1EQxAwQC1EQwAwQB1EQ4AwQA1EQ9
MA0EAgACMAcDBQAqAiawMA0GCSqGSIb3DQEBCwUAA4IBAQDDzPe5PhcVD7tb84pW
BwF+degsvJc95NW4PtkOh9HxmCd2kpgoKjcebr1fn4se7bW2j1c2Onwbga+jAAyy
qaxmzqPErp0WvoxoJSaV92ZjewybXdWbFx/Jrf/hljZY60vc0CP90Byezo4UqYok
OryDLx/R3fB0+z8YBJmYLoNWuZFoSByS68eFEKYutgrWT6klmgVqWvlE2wOEhnXq
ZB1b6XN8013OwyakFNjnQOVwYb7/sDPo4sU9u+WBIi/YvqnVqDlQRKAyDicv6Ny9
Ky+Q7jhkC80pXNwkEu2zZXxsk77ghsvIivoZIn38M6hvzKc4dDNYF4WkUtYFrHJ0
BHVA
-----END CERTIFICATE-----
Generated at Wed Oct 25 11:20:31 2023 by rpki-client on console-ams.rpki-client.org