Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/mbVJ9gVV3y7EYeldq6LE5S0xvE8.roa
File: mbVJ9gVV3y7EYeldq6LE5S0xvE8.roa (raw, json)
Hash identifier: hoEhvWxNhSskXNdmCG/c25yJHPXacUNQhh74DQ9la0A=
Subject key identifier: 99:B5:49:F6:05:55:DF:2E:C4:61:E9:5D:AB:A2:C4:E5:2D:31:BC:4F
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B017C47A8DA4D95A0096AE8C4C3E8F82E
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/mbVJ9gVV3y7EYeldq6LE5S0xvE8.roa
Signing time: Thu 05 Oct 2023 20:16:43 +0000
ROA not before: Thu 05 Oct 2023 20:16:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.135.0/24 maxlen: 32
188.132.134.0/24 maxlen: 24
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.157.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.219.0/24 maxlen: 32
188.132.217.0/24 maxlen: 32
188.132.218.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 32
188.132.225.0/24 maxlen: 24
188.132.223.0/24 maxlen: 32
188.132.220.0/24 maxlen: 24
188.132.227.0/24 maxlen: 32
188.132.231.0/24 maxlen: 24
188.132.228.0/24 maxlen: 32
188.132.233.0/24 maxlen: 24
188.132.232.0/24 maxlen: 24
188.132.230.0/24 maxlen: 32
77.92.130.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.128.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
188.132.234.0/24 maxlen: 32
77.92.133.0/24 maxlen: 32
188.132.241.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
77.92.135.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.244.0/24 maxlen: 32
77.92.134.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.245.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.141.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
77.92.144.0/24 maxlen: 32
188.132.252.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.149.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
77.92.158.0/24 maxlen: 24
77.92.156.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.159.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.183.0/24 maxlen: 32
188.132.180.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.195.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.211.0/24 maxlen: 32
188.132.208.0/24 maxlen: 32
188.132.213.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.56.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
31.210.33.0/24 maxlen: 24
31.210.32.0/24 maxlen: 24
31.210.36.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.40.0/24 maxlen: 32
31.210.41.0/24 maxlen: 24
31.210.46.0/24 maxlen: 24
31.210.47.0/24 maxlen: 24
31.210.51.0/24 maxlen: 32
31.210.50.0/24 maxlen: 32
31.210.45.0/24 maxlen: 32
31.210.49.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
78.135.98.0/24 maxlen: 24
78.135.103.0/24 maxlen: 24
78.135.99.0/24 maxlen: 32
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
78.135.115.0/24 maxlen: 24
78.135.114.0/24 maxlen: 32
212.68.37.0/24 maxlen: 32
212.68.33.0/24 maxlen: 32
212.68.38.0/24 maxlen: 24
212.68.36.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.42.0/24 maxlen: 32
212.68.39.0/24 maxlen: 24
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.49.0/24 maxlen: 24
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:7c:47:a8:da:4d:95:a0:09:6a:e8:c4:c3:e8:f8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 5 20:16:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99b549f60555df2ec461e95daba2c4e52d31bc4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:fc:7a:cc:03:af:cc:1d:5f:d7:3e:ec:e3:
14:01:d3:c2:d5:79:8c:a5:92:6c:e1:af:a8:eb:06:
a4:01:71:8e:e9:28:d3:d2:6a:5f:76:97:50:66:8d:
33:57:2a:84:51:12:79:05:80:c7:b9:26:cb:97:79:
b3:53:01:df:15:f2:c5:f8:2e:fa:22:58:f9:10:cf:
68:92:72:62:0e:9c:72:c9:9c:3c:ba:e6:5e:27:8b:
02:ed:89:c0:4d:cb:17:2d:02:1d:3e:0d:d4:e3:9d:
e9:d5:7d:a7:62:76:9c:5b:17:de:83:c1:30:a0:c1:
81:25:55:1c:d8:00:bd:c5:49:08:16:7b:13:bd:97:
f2:e5:6c:8e:cc:46:d1:c7:aa:d3:5f:e5:11:4e:7f:
c4:56:df:d0:10:0d:87:06:af:09:eb:1a:75:90:31:
23:8d:b2:c7:51:ff:a6:47:9b:3e:4d:af:04:61:5e:
91:5a:f7:9c:c2:a2:d3:83:1d:f5:28:0f:f9:d8:b0:
d3:87:8d:45:ae:ef:af:d3:2f:90:cb:31:dd:d6:bb:
c4:64:93:af:fe:88:d8:4f:f9:7a:c8:74:86:29:f9:
f8:b8:0f:83:cc:3c:da:74:80:10:88:4f:97:0f:7b:
e6:8b:21:e8:3d:21:13:8c:24:26:e8:30:dd:5c:a8:
fe:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B5:49:F6:05:55:DF:2E:C4:61:E9:5D:AB:A2:C4:E5:2D:31:BC:4F
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/mbVJ9gVV3y7EYeldq6LE5S0xvE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0-31.210.36.255
31.210.40.0/23
31.210.44.0-31.210.51.255
31.210.56.0-31.210.61.255
77.92.128.0-77.92.144.255
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.98.0/23
78.135.103.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.183.0/24
188.132.190.0/24
188.132.194.0/23
188.132.204.0/23
188.132.208.0/24
188.132.211.0-188.132.220.255
188.132.223.0-188.132.228.255
188.132.230.0-188.132.235.255
188.132.239.0/24
188.132.241.0/24
188.132.243.0-188.132.246.255
188.132.250.0-188.132.255.255
212.68.33.0/24
212.68.36.0-212.68.46.255
212.68.49.0-212.68.51.255
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:96:5e:3d:84:9b:a7:12:41:3b:97:e0:39:c9:3d:fc:ac:80:
00:d5:3d:fb:8f:60:d1:19:b4:d7:9c:d5:4a:8c:39:c9:2d:a2:
6f:26:72:f1:ae:a8:dd:34:1e:c1:86:a1:21:99:45:fb:36:7a:
3d:63:87:2f:84:34:28:8f:73:9a:bf:60:90:55:76:2a:88:a7:
22:ec:3a:57:4a:5a:d0:66:a3:b6:c2:77:bc:db:27:81:bc:f7:
9b:48:f1:d9:c0:1b:6b:5e:83:88:2e:34:6b:9d:ae:ba:3c:2a:
f6:dd:3f:04:64:51:30:3f:d4:17:53:30:23:95:09:f2:0f:31:
95:c6:35:48:7c:14:8b:80:71:58:4e:f4:75:c0:10:da:b1:29:
dd:2e:62:33:bd:7b:96:d9:85:e6:a2:75:87:cd:9d:e7:f3:b4:
b1:99:c9:09:63:39:83:04:bf:e4:1c:03:f8:75:c9:47:c1:c9:
79:76:e1:2d:2e:12:2b:51:92:0c:af:14:ef:ff:08:c2:3c:2e:
e8:88:97:e3:53:58:7b:ce:2e:19:fc:6c:84:c7:40:26:67:a5:
59:9c:be:fa:e8:1a:37:4f:e5:7d:06:7d:96:6d:51:22:e3:70:
4e:af:34:80:1a:9c:e7:a2:c4:36:ec:0e:f9:f6:88:40:08:f4:
ca:bc:85:d5
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAYsBfEeo2k2VoAlq6MTD6PguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDA1MjAxNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWI1NDlmNjA1NTVkZjJlYzQ2MWU5NWRhYmEyYzRlNTJkMzFiYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1P8eswDr8wdX9c+7OMUAdPC1XmM
pZJs4a+o6wakAXGO6SjT0mpfdpdQZo0zVyqEURJ5BYDHuSbLl3mzUwHfFfLF+C76
Ilj5EM9oknJiDpxyyZw8uuZeJ4sC7YnATcsXLQIdPg3U453p1X2nYnacWxfeg8Ew
oMGBJVUc2AC9xUkIFnsTvZfy5WyOzEbRx6rTX+URTn/EVt/QEA2HBq8J6xp1kDEj
jbLHUf+mR5s+Ta8EYV6RWvecwqLTgx31KA/52LDTh41Fru+v0y+QyzHd1rvEZJOv
/ojYT/l6yHSGKfn4uA+DzDzadIAQiE+XD3vmiyHoPSETjCQm6DDdXKj+TwIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFJm1SfYFVd8uxGHpXauixOUtMbxPMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvbWJWSjlnVlYzeTdFWWVsZHE2TEU1UzB4dkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAWUEAgABMIIB
XQMEAR/SIDAMAwQAH9IjAwQAH9IkAwQBH9IoMAwDBAIf0iwDBAIf0jAwDAMEAx/S
OAMEAR/SPDAMAwQHTVyAAwQATVyQAwQBTVyUMAwDBABNXJsDBAVNXIADBABOh08D
BAFOh2IDBABOh2cDBABOh2wwDAMEAE6HcQMEAE6HdAMEAbyEhgMEALyEjjAMAwQA
vISTAwQAvISUMAwDBAC8hJ0DBAC8hJ4DBAC8hKwwDAMEALyErwMEAbyEsAMEALyE
tAMEALyEtwMEALyEvgMEAbyEwgMEAbyEzAMEALyE0DAMAwQAvITTAwQAvITcMAwD
BAC8hN8DBAC8hOQwDAMEAbyE5gMEAryE6AMEALyE7wMEALyE8TAMAwQAvITzAwQA
vIT2MAsDBAG8hPoDAwC8hAMEANREITAMAwQC1EQkAwQA1EQuMAwDBADURDEDBALU
RDADBAHURDgDBADURD0wDQQCAAIwBwMFACoCJrAwDQYJKoZIhvcNAQELBQADggEB
AKyWXj2Em6cSQTuX4DnJPfysgADVPfuPYNEZtNec1UqMOcktom8mcvGuqN00HsGG
oSGZRfs2ej1jhy+ENCiPc5q/YJBVdiqIpyLsOldKWtBmo7bCd7zbJ4G895tI8dnA
G2teg4guNGudrro8KvbdPwRkUTA/1BdTMCOVCfIPMZXGNUh8FIuAcVhO9HXAENqx
Kd0uYjO9e5bZheaidYfNnefztLGZyQljOYMEv+QcA/h1yUfByXl24S0uEitRkgyv
FO//CMI8LuiIl+NTWHvOLhn8bITHQCZnpVmcvvroGjdP5X0GfZZtUSLjcE6vNIAa
nOeixDbsDvn2iEAI9Mq8hdU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org