Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/hkLfTEbPSSyX3YTAxza0ipqwgDw.roa
File: hkLfTEbPSSyX3YTAxza0ipqwgDw.roa (raw, json)
Hash identifier: TsgWJJt7MNFEjylpiDGHyyiRGSKtyQmRAk1UUU1dLTQ=
Subject key identifier: 86:42:DF:4C:46:CF:49:2C:97:DD:84:C0:C7:36:B4:8A:9A:B0:80:3C
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018AF2B0DCF66C6891D7B6B3058564F61F40
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/hkLfTEbPSSyX3YTAxza0ipqwgDw.roa
Signing time: Mon 02 Oct 2023 23:19:51 +0000
ROA not before: Mon 02 Oct 2023 23:19:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.219.0/24 maxlen: 32
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.223.0/24 maxlen: 32
188.132.220.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.228.0/24 maxlen: 32
188.132.233.0/24 maxlen: 24
188.132.232.0/24 maxlen: 24
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.135.0/24 maxlen: 24
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.245.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
77.92.144.0/24 maxlen: 32
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.183.0/24 maxlen: 32
188.132.180.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.195.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.211.0/24 maxlen: 32
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.36.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.41.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.47.0/24 maxlen: 24
31.210.51.0/24 maxlen: 32
31.210.50.0/24 maxlen: 32
31.210.45.0/24 maxlen: 32
31.210.49.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.98.0/24 maxlen: 24
78.135.103.0/24 maxlen: 24
78.135.99.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.37.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.38.0/24 maxlen: 24
212.68.36.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.39.0/24 maxlen: 24
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.49.0/24 maxlen: 24
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:b0:dc:f6:6c:68:91:d7:b6:b3:05:85:64:f6:1f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 2 23:19:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8642df4c46cf492c97dd84c0c736b48a9ab0803c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:22:c4:67:20:eb:1e:49:b3:57:f3:df:94:89:
f7:dc:e2:16:2b:58:13:b4:d7:03:a8:6f:15:f6:2a:
35:b4:b8:d6:51:c9:d1:93:48:c1:87:94:b8:b8:25:
c9:19:86:d4:c8:04:c3:1d:f9:ed:ea:26:b6:3e:d7:
9b:3b:ad:96:00:40:2c:13:bf:07:59:48:a7:f4:af:
3a:cb:b5:61:a6:79:cb:68:21:43:34:6e:21:48:3b:
5a:d2:71:fd:f7:97:37:1e:68:49:a0:4c:1d:ed:02:
c9:40:78:92:46:12:73:d5:06:c8:8a:2b:8f:b3:99:
a2:59:c7:6a:d9:49:05:c4:2e:62:9c:4e:f3:99:87:
08:e7:27:fe:02:96:1e:51:8c:b2:29:86:c0:70:03:
2c:a0:7f:72:cf:99:d8:65:1e:b9:7d:9f:3a:59:e7:
f1:3e:b0:bc:8e:10:9b:68:d4:d2:ec:0c:84:fc:7d:
eb:d0:f2:81:11:88:c8:9f:0b:0b:0c:cd:f0:81:0b:
e9:d2:18:37:ed:0d:83:28:ff:e2:98:c7:74:51:2e:
95:fa:66:85:cd:cd:f3:a7:8b:18:67:37:2d:e3:dd:
72:4e:7c:56:52:9f:80:44:c4:9c:1c:f8:07:2a:90:
6c:0b:40:c8:1b:96:9e:4e:43:cb:1e:a9:67:fd:63:
07:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:42:DF:4C:46:CF:49:2C:97:DD:84:C0:C7:36:B4:8A:9A:B0:80:3C
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/hkLfTEbPSSyX3YTAxza0ipqwgDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0-31.210.36.255
31.210.40.0/23
31.210.44.0-31.210.51.255
31.210.56.0-31.210.61.255
77.92.128.0-77.92.144.255
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.98.0/23
78.135.103.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.153.0/24
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.183.0/24
188.132.190.0/24
188.132.194.0/23
188.132.204.0/23
188.132.208.0/24
188.132.211.0-188.132.220.255
188.132.223.0-188.132.228.255
188.132.230.0-188.132.235.255
188.132.239.0/24
188.132.241.0/24
188.132.243.0-188.132.246.255
188.132.250.0-188.132.255.255
212.68.33.0/24
212.68.36.0-212.68.46.255
212.68.49.0-212.68.51.255
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
13:4c:d6:a6:3e:1e:5c:e0:66:9f:e9:4f:91:8d:4a:95:56:cd:
e8:2f:e5:bd:0e:21:1d:d4:0b:23:85:e5:48:c6:42:23:f0:63:
22:36:28:bc:e8:58:bc:f5:d7:96:ae:d4:c9:9f:03:7a:c1:f5:
19:ce:54:58:a1:53:1f:88:0f:6e:47:fd:3b:61:69:44:bb:e2:
68:d8:67:b6:cb:31:b0:c8:f1:7d:e8:b3:48:6c:56:3e:cd:a3:
0c:3d:05:48:d4:97:44:44:fc:f8:1a:20:2e:e0:34:52:68:8a:
31:54:c8:65:ee:7b:2a:c1:83:7f:11:01:82:24:91:2a:3f:5a:
b0:35:9a:a5:3f:01:21:58:1f:08:f0:af:c3:d3:db:99:81:47:
e4:e5:b6:ae:bf:77:44:2a:ec:8e:48:68:36:d2:66:e5:0e:1a:
2e:f3:af:f1:4d:dd:62:b1:07:ac:e3:82:ed:95:a5:98:77:fd:
21:f6:d3:e7:b4:9e:05:64:05:8e:31:9d:a3:9b:d5:55:13:87:
92:f5:bf:03:ad:a8:e7:8f:a4:fe:ab:eb:d2:54:62:21:65:8e:
47:f8:da:73:f7:08:fc:ff:b2:37:b4:31:90:55:7d:ad:36:68:
5b:3c:09:0e:ee:d5:aa:01:61:e3:51:ee:9d:45:14:4c:6f:e4:
a2:e2:eb:12
-----BEGIN CERTIFICATE-----
MIIGczCCBVugAwIBAgISAYrysNz2bGiR17azBYVk9h9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDAyMjMxOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQyZGY0YzQ2Y2Y0OTJjOTdkZDg0YzBjNzM2YjQ4YTlhYjA4MDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiLEZyDrHkmzV/PflIn33OIWK1gT
tNcDqG8V9io1tLjWUcnRk0jBh5S4uCXJGYbUyATDHfnt6ia2PtebO62WAEAsE78H
WUin9K86y7VhpnnLaCFDNG4hSDta0nH995c3HmhJoEwd7QLJQHiSRhJz1QbIiiuP
s5miWcdq2UkFxC5inE7zmYcI5yf+ApYeUYyyKYbAcAMsoH9yz5nYZR65fZ86Wefx
PrC8jhCbaNTS7AyE/H3r0PKBEYjInwsLDM3wgQvp0hg37Q2DKP/imMd0US6V+maF
zc3zp4sYZzct491yTnxWUp+ARMScHPgHKpBsC0DIG5aeTkPLHqln/WMHMQIDAQAB
o4IDfzCCA3swHQYDVR0OBBYEFIZC30xGz0ksl92EwMc2tIqasIA8MB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvaGtMZlRFYlBTU3lYM1lUQXh6YTBpcHF3Z0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkwYIKwYBBQUHAQcBAf8EggGCMIIBfjCCAWsEAgABMIIB
YwMEAR/SIDAMAwQAH9IjAwQAH9IkAwQBH9IoMAwDBAIf0iwDBAIf0jAwDAMEAx/S
OAMEAR/SPDAMAwQHTVyAAwQATVyQAwQBTVyUMAwDBABNXJsDBAVNXIADBABOh08D
BAFOh2IDBABOh2cDBABOh2wwDAMEAE6HcQMEAE6HdAMEAbyEhgMEALyEjjAMAwQA
vISTAwQAvISUAwQAvISZMAwDBAC8hJ0DBAC8hJ4DBAC8hKwwDAMEALyErwMEAbyE
sAMEALyEtAMEALyEtwMEALyEvgMEAbyEwgMEAbyEzAMEALyE0DAMAwQAvITTAwQA
vITcMAwDBAC8hN8DBAC8hOQwDAMEAbyE5gMEAryE6AMEALyE7wMEALyE8TAMAwQA
vITzAwQAvIT2MAsDBAG8hPoDAwC8hAMEANREITAMAwQC1EQkAwQA1EQuMAwDBADU
RDEDBALURDADBAHURDgDBADURD0wDQQCAAIwBwMFACoCJrAwDQYJKoZIhvcNAQEL
BQADggEBABNM1qY+HlzgZp/pT5GNSpVWzegv5b0OIR3UCyOF5UjGQiPwYyI2KLzo
WLz115au1MmfA3rB9RnOVFihUx+ID25H/TthaUS74mjYZ7bLMbDI8X3os0hsVj7N
oww9BUjUl0RE/PgaIC7gNFJoijFUyGXueyrBg38RAYIkkSo/WrA1mqU/ASFYHwjw
r8PT25mBR+Tltq6/d0Qq7I5IaDbSZuUOGi7zr/FN3WKxB6zjgu2VpZh3/SH20+e0
ngVkBY4xnaOb1VUTh5L1vwOtqOePpP6r69JUYiFljkf42nP3CPz/sje0MZBVfa02
aFs8CQ7u1aoBYeNR7p1FFExv5KLi6xI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org