Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/NDXfjBKRS1SmawYJxE8qBCtoS0A.roa
File: NDXfjBKRS1SmawYJxE8qBCtoS0A.roa (raw, json)
Hash identifier: 3s1qhxswNTgebsjC0xQI1jIpmeDbd0UmQzs1GTS5TIQ=
Subject key identifier: 34:35:DF:8C:12:91:4B:54:A6:6B:06:09:C4:4F:2A:04:2B:68:4B:40
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B4C8760AF2958BFBC1C8DD6F0D65245E0
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/NDXfjBKRS1SmawYJxE8qBCtoS0A.roa
Signing time: Fri 20 Oct 2023 10:00:22 +0000
ROA not before: Fri 20 Oct 2023 10:00:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.219.0/24 maxlen: 32
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.220.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.228.0/24 maxlen: 32
188.132.233.0/24 maxlen: 24
188.132.232.0/24 maxlen: 24
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.135.0/24 maxlen: 24
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.245.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
77.92.144.0/24 maxlen: 32
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.183.0/24 maxlen: 32
188.132.180.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.195.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.211.0/24 maxlen: 32
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.36.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.41.0/24 maxlen: 24
31.210.47.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.51.0/24 maxlen: 32
31.210.50.0/24 maxlen: 32
31.210.45.0/24 maxlen: 32
31.210.49.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.98.0/24 maxlen: 24
78.135.103.0/24 maxlen: 24
78.135.99.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.37.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.38.0/24 maxlen: 24
212.68.36.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.49.0/24 maxlen: 24
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:87:60:af:29:58:bf:bc:1c:8d:d6:f0:d6:52:45:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 20 10:00:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3435df8c12914b54a66b0609c44f2a042b684b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ac:df:72:f5:0e:0a:01:91:b5:88:7e:e9:6a:
68:07:06:07:3d:55:b9:6e:fd:60:43:37:46:cb:87:
b5:54:08:e9:01:9e:c9:79:22:4a:43:95:fb:09:00:
28:11:03:2a:54:9d:a9:89:dc:af:03:58:61:d7:77:
3f:b8:8a:40:ee:59:c3:19:ce:f9:6c:1a:fd:c3:3a:
29:c8:08:a9:60:33:84:2a:bd:d9:04:6f:ae:d7:c9:
0e:bf:ed:6f:35:b9:06:27:a4:8b:28:64:38:b6:8f:
af:8f:98:f9:80:8a:f9:75:3b:27:5e:69:78:e1:61:
fc:36:10:cd:b0:82:20:b8:88:dd:c6:d2:75:a0:f1:
15:d2:dd:94:39:9f:23:41:58:88:87:af:b4:a7:a3:
2b:a2:37:50:09:a6:07:c7:9e:b5:5c:65:95:d5:72:
89:f6:6c:60:65:52:ac:0e:2a:4a:0a:6d:36:a4:f2:
10:a8:6c:78:06:66:d1:0e:3f:ed:a1:7f:df:e2:56:
c5:4b:19:0b:c7:8e:f2:bd:d1:a0:1d:5a:54:ce:22:
e1:a2:d0:79:f5:5b:80:42:cf:b0:c6:8b:d4:42:5a:
79:76:bd:6e:ea:6c:04:b3:42:53:70:1e:3d:26:0c:
4c:6b:b2:30:4d:29:59:a0:e5:26:8d:c0:69:b0:53:
a3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:35:DF:8C:12:91:4B:54:A6:6B:06:09:C4:4F:2A:04:2B:68:4B:40
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/NDXfjBKRS1SmawYJxE8qBCtoS0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0-31.210.36.255
31.210.40.0/23
31.210.44.0/22
31.210.49.0-31.210.51.255
31.210.56.0-31.210.61.255
77.92.128.0-77.92.142.255
77.92.144.0/24
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.98.0/23
78.135.103.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.183.0/24
188.132.190.0/24
188.132.194.0/23
188.132.204.0/23
188.132.208.0/24
188.132.211.0-188.132.215.255
188.132.217.0-188.132.220.255
188.132.224.0-188.132.228.255
188.132.230.0-188.132.235.255
188.132.239.0/24
188.132.241.0/24
188.132.243.0-188.132.246.255
188.132.250.0-188.132.255.255
212.68.33.0/24
212.68.36.0-212.68.38.255
212.68.40.0-212.68.46.255
212.68.49.0-212.68.51.255
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
86:7d:10:22:36:85:82:48:47:f5:d8:56:5a:b7:b1:07:69:a4:
43:10:12:40:0c:8f:b2:ae:af:5a:14:88:74:0e:00:06:0a:43:
12:5e:bd:0b:ec:d6:16:7c:4f:cd:fe:93:db:41:42:81:55:cb:
99:aa:5a:85:30:7d:64:c0:fa:67:c6:98:6e:1a:c4:49:b4:34:
22:80:c5:b9:8f:ad:ec:da:a2:c6:e5:d3:d1:4d:07:6b:03:03:
79:c1:47:43:a5:0d:60:f7:45:80:5a:bc:c3:25:d9:e0:e5:a8:
ce:22:41:ce:34:1d:ca:d9:0c:7c:66:b0:63:b8:85:bd:aa:43:
56:c0:ff:23:1f:4b:82:77:0a:39:f0:de:1e:9d:60:b0:34:55:
70:88:7e:68:68:fe:11:7b:ef:23:67:66:13:6b:0a:b9:55:db:
a2:5b:60:67:0c:fc:51:de:d3:97:47:34:95:fb:e4:7d:d5:d8:
ea:e6:70:8b:d2:5c:39:a7:92:24:4c:53:0d:a6:cb:be:22:6a:
2b:a5:17:7e:f7:62:6e:72:ce:ae:a6:c0:19:1d:3c:29:43:3f:
13:5a:b3:6a:98:ad:3e:e1:2e:5c:28:a5:93:71:60:f4:52:b6:
23:bd:75:18:32:6e:69:b7:ae:1b:7b:3c:5b:6c:72:92:f8:7e:
ef:91:df:9e
-----BEGIN CERTIFICATE-----
MIIGlTCCBX2gAwIBAgISAYtMh2CvKVi/vByN1vDWUkXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDIwMTAwMDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM1ZGY4YzEyOTE0YjU0YTY2YjA2MDljNDRmMmEwNDJiNjg0YjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsazfcvUOCgGRtYh+6WpoBwYHPVW5
bv1gQzdGy4e1VAjpAZ7JeSJKQ5X7CQAoEQMqVJ2pidyvA1hh13c/uIpA7lnDGc75
bBr9wzopyAipYDOEKr3ZBG+u18kOv+1vNbkGJ6SLKGQ4to+vj5j5gIr5dTsnXml4
4WH8NhDNsIIguIjdxtJ1oPEV0t2UOZ8jQViIh6+0p6MrojdQCaYHx561XGWV1XKJ
9mxgZVKsDipKCm02pPIQqGx4BmbRDj/toX/f4lbFSxkLx47yvdGgHVpUziLhotB5
9VuAQs+wxovUQlp5dr1u6mwEs0JTcB49JgxMa7IwTSlZoOUmjcBpsFOjKQIDAQAB
o4IDoTCCA50wHQYDVR0OBBYEFDQ134wSkUtUpmsGCcRPKgQraEtAMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvTkRYZmpCS1JTMVNtYXdZSnhFOHFCQ3RvUzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtQYIKwYBBQUHAQcBAf8EggGkMIIBoDCCAY0EAgABMIIB
hQMEAR/SIDAMAwQAH9IjAwQAH9IkAwQBH9IoAwQCH9IsMAwDBAAf0jEDBAIf0jAw
DAMEAx/SOAMEAR/SPDAMAwQHTVyAAwQATVyOAwQATVyQAwQBTVyUMAwDBABNXJsD
BAVNXIADBABOh08DBAFOh2IDBABOh2cDBABOh2wwDAMEAE6HcQMEAE6HdAMEAbyE
hgMEALyEjjAMAwQAvISTAwQAvISUMAwDBAC8hJ0DBAC8hJ4DBAC8hKwwDAMEALyE
rwMEAbyEsAMEALyEtAMEALyEtwMEALyEvgMEAbyEwgMEAbyEzAMEALyE0DAMAwQA
vITTAwQDvITQMAwDBAC8hNkDBAC8hNwwDAMEBbyE4AMEALyE5DAMAwQBvITmAwQC
vIToAwQAvITvAwQAvITxMAwDBAC8hPMDBAC8hPYwCwMEAbyE+gMDALyEAwQA1EQh
MAwDBALURCQDBADURCYwDAMEA9REKAMEANRELjAMAwQA1EQxAwQC1EQwAwQB1EQ4
AwQA1EQ9MA0EAgACMAcDBQAqAiawMA0GCSqGSIb3DQEBCwUAA4IBAQCGfRAiNoWC
SEf12FZat7EHaaRDEBJADI+yrq9aFIh0DgAGCkMSXr0L7NYWfE/N/pPbQUKBVcuZ
qlqFMH1kwPpnxphuGsRJtDQigMW5j63s2qLG5dPRTQdrAwN5wUdDpQ1g90WAWrzD
Jdng5ajOIkHONB3K2Qx8ZrBjuIW9qkNWwP8jH0uCdwo58N4enWCwNFVwiH5oaP4R
e+8jZ2YTawq5VduiW2BnDPxR3tOXRzSV++R91djq5nCL0lw5p5IkTFMNpsu+Imor
pRd+92Jucs6upsAZHTwpQz8TWrNqmK0+4S5cKKWTcWD0UrYjvXUYMm5pt64bezxb
bHKS+H7vkd+e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org