Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/RHz5V1-EvXHlPlukMk2LmVDYC6E.roa
File: RHz5V1-EvXHlPlukMk2LmVDYC6E.roa (raw, json)
Hash identifier: o9OkSmT/pJCyJvz5dQXH5N1d9E5VMwsEdf2kih4GbOc=
Subject key identifier: 44:7C:F9:57:5F:84:BD:71:E5:3E:5B:A4:32:4D:8B:99:50:D8:0B:A1
Certificate issuer: /CN=eb500c9002321f03964583710b7baa4597341213
Certificate serial: 0B1EF3D5
Authority key identifier: EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/RHz5V1-EvXHlPlukMk2LmVDYC6E.roa
Signing time: Thu 14 Apr 2022 09:48:42 +0000
ROA not before: Thu 14 Apr 2022 09:48:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29182
IP address blocks: 92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.108.0/22 maxlen: 22
92.63.110.0/23 maxlen: 23
92.63.109.0/24 maxlen: 24
62.181.44.0/24 maxlen: 24
149.154.64.0/23 maxlen: 23
62.181.53.0/24 maxlen: 24
149.154.66.0/23 maxlen: 23
149.154.70.0/23 maxlen: 23
149.154.68.0/23 maxlen: 23
62.181.54.0/23 maxlen: 23
91.228.224.0/23 maxlen: 23
185.60.132.0/23 maxlen: 23
185.60.134.0/23 maxlen: 23
86.110.194.0/24 maxlen: 24
188.120.224.0/20 maxlen: 20
86.110.208.0/23 maxlen: 23
86.110.212.0/24 maxlen: 24
188.120.240.0/21 maxlen: 21
86.110.215.0/24 maxlen: 24
188.120.248.0/23 maxlen: 23
188.120.248.0/24 maxlen: 24
86.110.220.0/24 maxlen: 24
188.120.252.0/24 maxlen: 24
188.120.250.0/23 maxlen: 23
188.120.249.0/24 maxlen: 24
188.120.253.0/24 maxlen: 24
92.63.192.0/23 maxlen: 23
188.120.254.0/23 maxlen: 23
92.63.194.0/23 maxlen: 23
217.28.222.0/23 maxlen: 23
217.28.220.0/23 maxlen: 23
94.250.250.0/23 maxlen: 23
94.250.248.0/23 maxlen: 23
94.250.252.0/23 maxlen: 23
94.250.254.0/23 maxlen: 23
79.143.72.0/23 maxlen: 23
83.136.232.0/23 maxlen: 23
185.187.115.0/24 maxlen: 24
83.136.235.0/24 maxlen: 24
79.174.12.0/23 maxlen: 23
79.174.14.0/23 maxlen: 23
62.109.0.0/21 maxlen: 21
62.109.0.0/20 maxlen: 20
62.109.8.0/21 maxlen: 21
78.24.216.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.32.0/21 maxlen: 21
82.146.34.0/23 maxlen: 23
62.109.24.0/22 maxlen: 22
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
62.109.28.0/22 maxlen: 22
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
178.250.156.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
178.250.158.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
82.146.54.0/23 maxlen: 23
37.230.112.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
37.230.116.0/23 maxlen: 23
37.230.114.0/23 maxlen: 23
37.230.118.0/23 maxlen: 23
212.57.124.0/23 maxlen: 23
212.57.122.0/24 maxlen: 24
212.57.126.0/23 maxlen: 23
31.135.10.0/24 maxlen: 24
31.135.8.0/23 maxlen: 23
31.135.11.0/24 maxlen: 24
31.135.14.0/23 maxlen: 23
31.135.12.0/23 maxlen: 23
212.57.116.0/24 maxlen: 24
212.57.115.0/24 maxlen: 24
212.57.118.0/24 maxlen: 24
2a01:230:2::/48 maxlen: 48
2a01:230:1::/48 maxlen: 48
2a01:230::/48 maxlen: 48
2a09:f900::/48 maxlen: 48
2a01:230:4::/48 maxlen: 48
2a01:230:3::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186577877 (0xb1ef3d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb500c9002321f03964583710b7baa4597341213
Validity
Not Before: Apr 14 09:48:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=447cf9575f84bd71e53e5ba4324d8b9950d80ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:e6:ff:2f:8f:77:20:73:18:ee:de:93:28:
d8:77:ee:14:4a:c1:2c:81:5f:b2:ff:f9:c5:f4:40:
ea:b2:de:60:35:8d:d8:e0:e0:92:fd:c9:d1:48:b3:
b5:0d:ff:fb:98:40:3a:d7:0c:7c:e5:75:3e:e6:6f:
44:4f:37:3c:4c:79:92:b1:9b:41:dd:3b:2d:c3:48:
03:82:80:4d:40:bd:d6:eb:f6:c7:ef:57:89:8c:3f:
4c:16:47:a8:a5:c3:0c:10:11:3e:4a:3c:be:8f:98:
9a:f0:9a:09:02:4e:41:4b:bf:8e:fa:05:16:0d:90:
5d:7f:38:04:7a:a5:04:47:83:71:d7:00:e9:64:0f:
07:b7:12:5a:56:71:62:2d:a1:0c:11:eb:9e:b8:59:
65:06:f0:97:8b:5c:b5:77:36:bb:a4:7d:2e:2d:3d:
e9:18:7b:80:7b:e3:64:2d:e2:ad:b2:c7:d7:9a:32:
24:0e:4f:8e:77:c7:2e:68:bf:1b:ee:02:36:b3:86:
ae:e0:c1:fa:d2:4b:fc:62:03:2e:53:17:cf:83:0e:
93:06:80:c0:4a:8a:9c:1c:74:5b:35:45:4b:49:f8:
b7:29:a3:0e:e4:b6:16:7e:52:5a:ff:5d:69:1d:eb:
d0:cb:8c:cc:4a:0c:aa:01:28:58:da:06:17:80:d2:
92:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7C:F9:57:5F:84:BD:71:E5:3E:5B:A4:32:4D:8B:99:50:D8:0B:A1
X509v3 Authority Key Identifier:
keyid:EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/RHz5V1-EvXHlPlukMk2LmVDYC6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/61AMkAIyHwOWRYNxC3uqRZc0EhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.8.0/21
37.230.112.0/21
62.109.0.0/19
62.181.44.0/24
62.181.53.0-62.181.55.255
78.24.216.0/21
79.143.72.0/23
79.174.12.0/22
82.146.32.0/19
83.136.232.0/23
83.136.235.0/24
86.110.194.0/24
86.110.208.0/23
86.110.212.0/24
86.110.215.0/24
86.110.220.0/24
91.228.224.0/23
92.63.96.0/20
92.63.192.0/22
94.250.248.0/21
149.154.64.0/21
178.250.156.0/22
185.60.132.0/22
185.187.115.0/24
188.120.224.0/19
212.57.115.0-212.57.116.255
212.57.118.0/24
212.57.122.0/24
212.57.124.0/22
217.28.220.0/22
IPv6:
2a01:230::-2a01:230:4:ffff:ffff:ffff:ffff:ffff
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
84:cf:b9:7c:4b:a5:09:e7:43:5d:4b:13:74:ff:1a:ed:c1:03:
7b:a7:28:c2:fa:0f:fb:d3:f1:d1:be:86:f9:e1:74:f3:af:ec:
cd:c4:e1:f6:c5:a8:ef:b1:82:fb:fc:ab:a6:b1:68:db:36:1f:
9f:6c:7a:6c:f8:30:ce:fb:72:50:5b:f4:39:b1:1b:40:65:f1:
9b:cc:28:cd:be:77:54:e2:b1:df:fa:cc:f2:f9:7d:e1:e0:bf:
eb:ca:5c:d4:00:80:b6:e6:d3:e9:bd:af:97:f1:b4:9b:95:47:
c4:53:21:76:c7:c8:a1:4a:fa:56:73:77:6f:d4:a5:6a:52:37:
8e:67:70:a5:f5:3e:3e:89:9a:a6:ea:88:11:43:54:44:ef:65:
61:66:34:08:53:dc:d0:84:4e:ba:9c:eb:a8:71:e9:be:4b:23:
6e:ed:23:53:35:62:3b:2d:e4:64:ec:11:58:71:c3:29:c5:60:
a4:18:22:ea:a4:e4:1e:57:87:a9:e2:ed:c1:85:f8:45:97:52:
ae:f2:0b:4c:ec:8f:b1:74:f0:f9:72:e3:c3:9f:b0:5c:b7:ab:
52:bb:5f:dc:a3:55:d3:01:cd:c8:79:4a:d5:7c:10:13:80:6f:
77:c0:e4:51:02:58:b0:6b:8c:27:c8:90:9c:77:83:80:35:44:
19:b7:16:c6
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIECx7z1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjUwMGM5MDAyMzIxZjAzOTY0NTgzNzEwYjdiYWE0NTk3MzQxMjEzMB4XDTIyMDQx
NDA5NDg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ3Y2Y5NTc1Zjg0
YmQ3MWU1M2U1YmE0MzI0ZDhiOTk1MGQ4MGJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbR5v8vj3cgcxju3pMo2HfuFErBLIFfsv/5xfRA6rLeYDWN
2ODgkv3J0UiztQ3/+5hAOtcMfOV1PuZvRE83PEx5krGbQd07LcNIA4KATUC91uv2
x+9XiYw/TBZHqKXDDBARPko8vo+YmvCaCQJOQUu/jvoFFg2QXX84BHqlBEeDcdcA
6WQPB7cSWlZxYi2hDBHrnrhZZQbwl4tctXc2u6R9Li096Rh7gHvjZC3irbLH15oy
JA5PjnfHLmi/G+4CNrOGruDB+tJL/GIDLlMXz4MOkwaAwEqKnBx0WzVFS0n4tymj
DuS2Fn5SWv9daR3r0MuMzEoMqgEoWNoGF4DSktcCAwEAAaOCAvAwggLsMB0GA1Ud
DgQWBBREfPlXX4S9ceU+W6QyTYuZUNgLoTAfBgNVHSMEGDAWgBTrUAyQAjIfA5ZF
g3ELe6pFlzQSEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYxQU1rQUl5SHdPV1JZTnhDM3VxUlpjMEVoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvMTljMDlhLWQ3OWEtNGRlNC04YTg2LTRhNjg1OTYyZjNlOC8x
L1JIejVWMS1FdlhIbFBsdWtNazJMbVZEWUM2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
MTljMDlhLWQ3OWEtNGRlNC04YTg2LTRhNjg1OTYyZjNlOC8xLzYxQU1rQUl5SHdP
V1JZTnhDM3VxUlpjMEVoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQQGCCsGAQUFBwEHAQH/BIH0MIHxMIHLBAIAATCBxAMEAx+HCAMEAyXmcAMEBT5t
AAMEAD61LDAMAwQAPrU1AwQDPrUwAwQDThjYAwQBT49IAwQCT64MAwQFUpIgAwQB
U4joAwQAU4jrAwQAVm7CAwQBVm7QAwQAVm7UAwQAVm7XAwQAVm7cAwQBW+TgAwQE
XD9gAwQCXD/AAwQDXvr4AwQDlZpAAwQCsvqcAwQCuTyEAwQAubtzAwQFvHjgMAwD
BADUOXMDBADUOXQDBADUOXYDBADUOXoDBALUOXwDBALZHNwwIQQCAAIwGzAQAwUE
KgECMAMHACoBAjAABAMHACoJ+QAAADANBgkqhkiG9w0BAQsFAAOCAQEAhM+5fEul
CedDXUsTdP8a7cEDe6cowvoP+9Px0b6G+eF086/szcTh9sWo77GC+/yrprFo2zYf
n2x6bPgwzvtyUFv0ObEbQGXxm8wozb53VOKx3/rM8vl94eC/68pc1ACAtubT6b2v
l/G0m5VHxFMhdsfIoUr6VnN3b9SlalI3jmdwpfU+PomapuqIEUNURO9lYWY0CFPc
0IROupzrqHHpvksjbu0jUzViOy3kZOwRWHHDKcVgpBgi6qTkHleHqeLtwYX4RZdS
rvILTOyPsXTw+XLjw5+wXLerUrtf3KNV0wHNyHlK1XwQE4Bvd8DkUQJYsGuMJ8iQ
nHeDgDVEGbcWxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:54 2024 by rpki-client on console-fra.rpki-client.org