Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/DhKXEIzLRWGrI3wPHoQ71wJm6iU.roa
File: DhKXEIzLRWGrI3wPHoQ71wJm6iU.roa (raw, json)
Hash identifier: a1FSrylDNbxZV+ivFd5Q2oy3saEwdwK5uKuhGzgXkCs=
Subject key identifier: 0E:12:97:10:8C:CB:45:61:AB:23:7C:0F:1E:84:3B:D7:02:66:EA:25
Certificate issuer: /CN=eb500c9002321f03964583710b7baa4597341213
Certificate serial: 018D81B8CDC154F13A9D8160F60E05763957
Authority key identifier: EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/DhKXEIzLRWGrI3wPHoQ71wJm6iU.roa
Signing time: Wed 07 Feb 2024 03:59:48 +0000
ROA not before: Wed 07 Feb 2024 03:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 5.35.96.0/23 maxlen: 23
5.35.98.0/23 maxlen: 23
31.135.8.0/23 maxlen: 23
31.135.10.0/24 maxlen: 24
31.135.11.0/24 maxlen: 24
31.135.12.0/23 maxlen: 23
31.135.14.0/23 maxlen: 23
37.230.112.0/23 maxlen: 23
37.230.114.0/23 maxlen: 23
37.230.116.0/23 maxlen: 23
37.230.118.0/23 maxlen: 23
62.109.0.0/20 maxlen: 20
62.109.0.0/21 maxlen: 21
62.109.8.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
62.109.24.0/22 maxlen: 22
62.109.28.0/22 maxlen: 22
62.181.44.0/24 maxlen: 24
62.181.53.0/24 maxlen: 24
62.181.54.0/23 maxlen: 23
78.24.216.0/21 maxlen: 21
79.143.72.0/23 maxlen: 23
79.174.12.0/23 maxlen: 23
79.174.14.0/23 maxlen: 23
82.146.32.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.34.0/23 maxlen: 23
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
82.146.54.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
83.136.232.0/23 maxlen: 23
83.136.235.0/24 maxlen: 24
86.110.194.0/24 maxlen: 24
86.110.208.0/23 maxlen: 23
86.110.212.0/24 maxlen: 24
86.110.215.0/24 maxlen: 24
86.110.220.0/24 maxlen: 24
91.107.120.0/21 maxlen: 21
91.228.224.0/23 maxlen: 23
92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.109.0/24 maxlen: 24
92.63.110.0/23 maxlen: 23
92.63.192.0/23 maxlen: 23
92.63.194.0/23 maxlen: 23
94.250.248.0/23 maxlen: 23
94.250.250.0/23 maxlen: 23
94.250.252.0/23 maxlen: 23
94.250.254.0/23 maxlen: 23
149.154.64.0/23 maxlen: 23
149.154.66.0/23 maxlen: 23
149.154.68.0/23 maxlen: 23
149.154.70.0/23 maxlen: 23
176.123.168.0/23 maxlen: 23
176.123.170.0/23 maxlen: 23
176.123.172.0/23 maxlen: 23
176.123.174.0/23 maxlen: 23
178.250.156.0/23 maxlen: 23
178.250.158.0/23 maxlen: 23
185.60.132.0/23 maxlen: 23
185.60.134.0/23 maxlen: 23
185.187.115.0/24 maxlen: 24
188.120.224.0/20 maxlen: 20
188.120.240.0/21 maxlen: 21
188.120.248.0/23 maxlen: 23
188.120.248.0/24 maxlen: 24
188.120.249.0/24 maxlen: 24
188.120.250.0/23 maxlen: 23
188.120.252.0/24 maxlen: 24
188.120.253.0/24 maxlen: 24
188.120.254.0/23 maxlen: 23
212.57.115.0/24 maxlen: 24
212.57.116.0/24 maxlen: 24
212.57.118.0/24 maxlen: 24
212.57.122.0/24 maxlen: 24
212.57.124.0/23 maxlen: 23
212.57.126.0/23 maxlen: 23
217.28.220.0/23 maxlen: 23
217.28.222.0/23 maxlen: 23
2a01:230::/48 maxlen: 48
2a01:230:1::/48 maxlen: 48
2a01:230:2::/48 maxlen: 48
2a01:230:3::/48 maxlen: 48
2a01:230:4::/48 maxlen: 48
2a09:f900::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:b8:cd:c1:54:f1:3a:9d:81:60:f6:0e:05:76:39:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb500c9002321f03964583710b7baa4597341213
Validity
Not Before: Feb 7 03:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e1297108ccb4561ab237c0f1e843bd70266ea25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a7:eb:0c:df:a9:1d:bd:6d:82:67:6e:fd:49:
e6:41:8c:78:2a:5b:a6:59:83:d7:7f:e9:0d:3e:25:
05:3a:07:67:41:9b:0e:6d:37:8c:ff:71:97:6e:08:
56:87:fe:5f:19:bd:50:b5:c2:7d:95:91:c0:47:d5:
d5:dd:de:f0:2b:2d:0b:76:ff:0c:94:1d:be:ec:7e:
40:2a:19:bd:47:d0:2f:c8:ed:04:ac:f0:ba:4a:b0:
d1:00:bf:d4:e2:c4:4d:49:67:79:13:4c:15:46:3d:
57:45:f4:b4:f6:c2:13:bd:d2:b3:0f:20:9b:ef:d7:
23:ca:f0:64:6e:bb:60:dd:70:c9:f1:90:82:2f:f6:
58:91:47:b0:d2:7d:96:de:42:b8:fc:45:7c:b6:6b:
49:2e:63:59:fe:b3:2c:98:aa:16:bd:37:38:7d:d6:
9d:f0:f5:8f:cf:35:ed:ea:7a:00:ad:e9:4f:49:cb:
a5:e7:a2:c2:a8:be:e2:5a:3d:51:a2:c1:0c:2d:f5:
ae:47:d5:14:67:6d:35:27:47:5e:01:d5:46:b4:f2:
da:06:06:23:f4:2b:b6:8d:bf:3b:1b:10:75:49:ad:
0b:b2:aa:9a:47:e5:87:e3:ac:4a:04:56:de:44:cf:
15:a8:9b:b6:b2:5a:74:e8:1a:65:aa:29:85:8a:a9:
c7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:12:97:10:8C:CB:45:61:AB:23:7C:0F:1E:84:3B:D7:02:66:EA:25
X509v3 Authority Key Identifier:
keyid:EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/DhKXEIzLRWGrI3wPHoQ71wJm6iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/61AMkAIyHwOWRYNxC3uqRZc0EhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.96.0/22
31.135.8.0/21
37.230.112.0/21
62.109.0.0/19
62.181.44.0/24
62.181.53.0-62.181.55.255
78.24.216.0/21
79.143.72.0/23
79.174.12.0/22
82.146.32.0/19
83.136.232.0/23
83.136.235.0/24
86.110.194.0/24
86.110.208.0/23
86.110.212.0/24
86.110.215.0/24
86.110.220.0/24
91.107.120.0/21
91.228.224.0/23
92.63.96.0/20
92.63.192.0/22
94.250.248.0/21
149.154.64.0/21
176.123.168.0/21
178.250.156.0/22
185.60.132.0/22
185.187.115.0/24
188.120.224.0/19
212.57.115.0-212.57.116.255
212.57.118.0/24
212.57.122.0/24
212.57.124.0/22
217.28.220.0/22
IPv6:
2a01:230::-2a01:230:4:ffff:ffff:ffff:ffff:ffff
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
36:30:81:48:9c:be:6a:b4:a6:25:73:22:ec:07:f7:84:e4:96:
92:43:6b:a6:ec:e5:07:75:66:89:cd:0f:86:3e:32:1c:78:3c:
bf:41:92:b5:9f:3b:79:d5:e9:76:ba:64:c4:fe:48:e2:a2:6b:
12:e6:6e:17:31:b3:a1:a0:8b:98:a4:dc:06:ad:fb:84:90:3f:
b2:91:13:7b:e9:e4:9e:33:94:3d:61:10:35:82:0b:cc:9d:1b:
66:4f:7f:3c:9f:cf:5e:0b:61:8b:22:3e:ca:60:cf:c0:a4:1c:
33:c7:d5:80:80:71:9e:d7:66:37:37:28:d3:d7:31:3d:b3:a5:
0d:04:18:de:66:f9:2b:b8:b4:9f:f4:65:b8:94:ac:e8:0c:c4:
19:c5:2a:f0:e4:3c:1b:ae:a4:43:8a:51:68:48:81:a5:aa:1b:
7b:94:b9:f9:b5:9b:9e:88:9b:1f:14:97:b2:07:ff:b3:97:95:
4f:00:d1:b6:87:06:b1:e2:92:78:99:c4:e0:ac:4a:5f:40:57:
03:b5:25:90:58:7d:13:ee:db:d1:dd:b4:c1:62:1e:7e:44:ae:
c6:b6:cf:c2:ba:46:0f:2d:85:ee:f0:2e:76:aa:54:92:96:80:
f1:59:8d:e6:0f:63:7b:66:b9:3a:7a:55:cf:b6:58:7a:9b:0f:
9d:fe:25:e5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAY2BuM3BVPE6nYFg9g4FdjlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTAwYzkwMDIzMjFmMDM5NjQ1ODM3MTBiN2JhYTQ1OTcz
NDEyMTMwHhcNMjQwMjA3MDM1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTEyOTcxMDhjY2I0NTYxYWIyMzdjMGYxZTg0M2JkNzAyNjZlYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqfrDN+pHb1tgmdu/UnmQYx4Klum
WYPXf+kNPiUFOgdnQZsObTeM/3GXbghWh/5fGb1QtcJ9lZHAR9XV3d7wKy0Ldv8M
lB2+7H5AKhm9R9AvyO0ErPC6SrDRAL/U4sRNSWd5E0wVRj1XRfS09sITvdKzDyCb
79cjyvBkbrtg3XDJ8ZCCL/ZYkUew0n2W3kK4/EV8tmtJLmNZ/rMsmKoWvTc4fdad
8PWPzzXt6noArelPScul56LCqL7iWj1RosEMLfWuR9UUZ201J0deAdVGtPLaBgYj
9Cu2jb87GxB1Sa0LsqqaR+WH46xKBFbeRM8VqJu2slp06BplqimFiqnH4wIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFA4SlxCMy0VhqyN8Dx6EO9cCZuolMB8GA1UdIwQY
MBaAFOtQDJACMh8DlkWDcQt7qkWXNBITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYt
NGE2ODU5NjJmM2U4LzEvRGhLWEVJekxSV0dySTN3UEhvUTcxd0ptNmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYtNGE2ODU5NjJmM2U4
LzEvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB3QQCAAEwgdYD
BAIFI2ADBAMfhwgDBAMl5nADBAU+bQADBAA+tSwwDAMEAD61NQMEAz61MAMEA04Y
2AMEAU+PSAMEAk+uDAMEBVKSIAMEAVOI6AMEAFOI6wMEAFZuwgMEAVZu0AMEAFZu
1AMEAFZu1wMEAFZu3AMEA1treAMEAVvk4AMEBFw/YAMEAlw/wAMEA176+AMEA5Wa
QAMEA7B7qAMEArL6nAMEArk8hAMEALm7cwMEBbx44DAMAwQA1DlzAwQA1Dl0AwQA
1Dl2AwQA1Dl6AwQC1Dl8AwQC2RzcMCEEAgACMBswEAMFBCoBAjADBwAqAQIwAAQD
BwAqCfkAAAAwDQYJKoZIhvcNAQELBQADggEBADYwgUicvmq0piVzIuwH94TklpJD
a6bs5Qd1ZonND4Y+Mhx4PL9BkrWfO3nV6Xa6ZMT+SOKiaxLmbhcxs6Ggi5ik3Aat
+4SQP7KRE3vp5J4zlD1hEDWCC8ydG2ZPfzyfz14LYYsiPspgz8CkHDPH1YCAcZ7X
Zjc3KNPXMT2zpQ0EGN5m+Su4tJ/0ZbiUrOgMxBnFKvDkPBuupEOKUWhIgaWqG3uU
ufm1m56Imx8Ul7IH/7OXlU8A0baHBrHikniZxOCsSl9AVwO1JZBYfRPu29HdtMFi
Hn5Ersa2z8K6Rg8the7wLnaqVJKWgPFZjeYPY3tmuTp6Vc+2WHqbD53+JeU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:57 2025 by rpki-client