Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/RnfQ9rwf-gm8LnBUkbCbyEDm17c.roa
File: RnfQ9rwf-gm8LnBUkbCbyEDm17c.roa (raw, json)
Hash identifier: +rd5wbs25x5MmHZRcKuvGOhoeRGiO/rCBIBubuurtQ4=
Subject key identifier: 46:77:D0:F6:BC:1F:FA:09:BC:2E:70:54:91:B0:9B:C8:40:E6:D7:B7
Certificate issuer: /CN=eb500c9002321f03964583710b7baa4597341213
Certificate serial: 018DBF78CECDD5F7096F2F24F0534DED56ED
Authority key identifier: EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/RnfQ9rwf-gm8LnBUkbCbyEDm17c.roa
Signing time: Mon 19 Feb 2024 03:46:21 +0000
ROA not before: Mon 19 Feb 2024 03:46:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 5.35.96.0/23 maxlen: 23
5.35.98.0/23 maxlen: 23
31.135.8.0/23 maxlen: 23
31.135.10.0/24 maxlen: 24
31.135.11.0/24 maxlen: 24
31.135.12.0/23 maxlen: 23
31.135.14.0/23 maxlen: 23
37.230.112.0/23 maxlen: 23
37.230.114.0/23 maxlen: 23
37.230.116.0/23 maxlen: 23
37.230.118.0/23 maxlen: 23
62.109.0.0/20 maxlen: 20
62.109.0.0/21 maxlen: 21
62.109.8.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
62.109.24.0/22 maxlen: 22
62.109.28.0/22 maxlen: 22
62.181.44.0/24 maxlen: 24
62.181.53.0/24 maxlen: 24
62.181.54.0/23 maxlen: 23
78.24.216.0/21 maxlen: 21
79.143.72.0/23 maxlen: 23
79.174.12.0/23 maxlen: 23
79.174.14.0/23 maxlen: 23
82.146.32.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.34.0/23 maxlen: 23
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
82.146.54.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
83.136.232.0/23 maxlen: 23
83.136.235.0/24 maxlen: 24
86.110.194.0/24 maxlen: 24
86.110.208.0/23 maxlen: 23
86.110.212.0/24 maxlen: 24
86.110.215.0/24 maxlen: 24
86.110.220.0/24 maxlen: 24
89.169.28.0/23 maxlen: 23
89.169.30.0/23 maxlen: 23
91.107.120.0/21 maxlen: 21
91.228.224.0/23 maxlen: 23
92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.109.0/24 maxlen: 24
92.63.110.0/23 maxlen: 23
92.63.192.0/23 maxlen: 23
92.63.194.0/23 maxlen: 23
94.250.248.0/23 maxlen: 23
94.250.250.0/23 maxlen: 23
94.250.252.0/23 maxlen: 23
94.250.254.0/23 maxlen: 23
109.172.4.0/23 maxlen: 23
109.172.6.0/23 maxlen: 23
109.172.108.0/22 maxlen: 22
109.172.112.0/23 maxlen: 23
109.172.114.0/23 maxlen: 23
149.154.64.0/23 maxlen: 23
149.154.66.0/23 maxlen: 23
149.154.68.0/23 maxlen: 23
149.154.70.0/23 maxlen: 23
176.123.168.0/23 maxlen: 23
176.123.170.0/23 maxlen: 23
176.123.172.0/23 maxlen: 23
176.123.174.0/23 maxlen: 23
178.250.156.0/23 maxlen: 23
178.250.158.0/23 maxlen: 23
185.60.132.0/23 maxlen: 23
185.60.134.0/23 maxlen: 23
185.187.115.0/24 maxlen: 24
188.120.224.0/20 maxlen: 20
188.120.240.0/21 maxlen: 21
188.120.248.0/23 maxlen: 23
188.120.248.0/24 maxlen: 24
188.120.249.0/24 maxlen: 24
188.120.250.0/23 maxlen: 23
188.120.252.0/24 maxlen: 24
188.120.253.0/24 maxlen: 24
188.120.254.0/23 maxlen: 23
212.57.115.0/24 maxlen: 24
212.57.116.0/24 maxlen: 24
212.57.118.0/24 maxlen: 24
212.57.122.0/24 maxlen: 24
212.57.124.0/23 maxlen: 23
212.57.126.0/23 maxlen: 23
217.28.220.0/23 maxlen: 23
217.28.222.0/23 maxlen: 23
2a01:230::/48 maxlen: 48
2a01:230:1::/48 maxlen: 48
2a01:230:2::/48 maxlen: 48
2a01:230:3::/48 maxlen: 48
2a01:230:4::/48 maxlen: 48
2a01:230:5::/48 maxlen: 48
2a09:f900::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bf:78:ce:cd:d5:f7:09:6f:2f:24:f0:53:4d:ed:56:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb500c9002321f03964583710b7baa4597341213
Validity
Not Before: Feb 19 03:46:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4677d0f6bc1ffa09bc2e705491b09bc840e6d7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:e2:a4:68:a7:d5:af:22:74:55:55:81:ae:
58:d6:e6:25:92:98:6b:20:10:7d:3f:e6:62:5c:8c:
58:f7:bb:84:13:c6:75:4f:35:67:b3:de:0b:f0:69:
d9:b2:14:35:f4:fd:61:e5:45:35:d9:36:49:17:66:
8a:f1:15:79:c2:97:b1:c1:c2:9b:86:c2:35:c3:f7:
da:5d:c7:28:67:00:a6:34:3d:3c:f3:5f:54:66:4e:
13:5b:69:76:bb:20:cb:4c:a2:ec:1f:1a:9e:05:8c:
27:ef:10:60:ee:b4:a0:79:f0:6a:f8:93:f8:c9:ff:
97:fa:f9:d9:ac:5c:cc:5f:cd:7c:5b:92:91:70:5f:
61:7e:a1:99:dc:4b:5d:e1:75:98:d2:b0:71:ea:b5:
15:87:ea:f5:58:6b:1d:37:1d:7e:c5:8e:6f:6f:8b:
38:5c:26:17:b9:8c:0b:60:73:6f:03:03:72:e6:82:
15:17:0a:f2:08:b7:33:d0:49:0c:05:42:d4:4e:0b:
04:32:a8:7f:30:8b:7e:c0:d3:37:6e:31:76:35:9d:
56:e1:f7:58:59:ef:b1:9d:d4:bb:f7:46:ea:52:bc:
48:91:44:1a:4d:84:50:92:eb:4d:4c:b8:92:68:3a:
b3:41:1b:d2:11:65:e8:19:89:95:ef:53:4c:dc:87:
d7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:77:D0:F6:BC:1F:FA:09:BC:2E:70:54:91:B0:9B:C8:40:E6:D7:B7
X509v3 Authority Key Identifier:
keyid:EB:50:0C:90:02:32:1F:03:96:45:83:71:0B:7B:AA:45:97:34:12:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61AMkAIyHwOWRYNxC3uqRZc0EhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/RnfQ9rwf-gm8LnBUkbCbyEDm17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19c09a-d79a-4de4-8a86-4a685962f3e8/1/61AMkAIyHwOWRYNxC3uqRZc0EhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.96.0/22
31.135.8.0/21
37.230.112.0/21
62.109.0.0/19
62.181.44.0/24
62.181.53.0-62.181.55.255
78.24.216.0/21
79.143.72.0/23
79.174.12.0/22
82.146.32.0/19
83.136.232.0/23
83.136.235.0/24
86.110.194.0/24
86.110.208.0/23
86.110.212.0/24
86.110.215.0/24
86.110.220.0/24
89.169.28.0/22
91.107.120.0/21
91.228.224.0/23
92.63.96.0/20
92.63.192.0/22
94.250.248.0/21
109.172.4.0/22
109.172.108.0-109.172.115.255
149.154.64.0/21
176.123.168.0/21
178.250.156.0/22
185.60.132.0/22
185.187.115.0/24
188.120.224.0/19
212.57.115.0-212.57.116.255
212.57.118.0/24
212.57.122.0/24
212.57.124.0/22
217.28.220.0/22
IPv6:
2a01:230::-2a01:230:5:ffff:ffff:ffff:ffff:ffff
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
71:f3:9f:b0:12:b4:10:66:a3:a7:61:50:46:b9:0c:22:a2:bd:
8c:6e:e4:71:0a:dc:94:2c:d0:23:4e:2b:81:aa:44:d2:a8:4d:
7d:14:fc:1e:68:1d:2e:1c:9b:b8:72:07:b0:76:82:91:68:a6:
c7:e4:76:5b:22:47:e1:eb:a3:c0:b4:5d:18:67:9b:8d:4f:a6:
45:a4:2a:40:e1:6b:47:6c:ba:78:9e:e0:1f:46:43:e8:91:8b:
0d:d9:34:b5:d1:58:9d:55:22:20:3c:d6:a6:8d:ca:a0:87:b6:
bd:ea:22:dd:d9:42:23:42:7b:4e:6f:4b:79:ff:a7:f3:4e:da:
06:b5:28:47:d0:10:30:ad:a7:15:3c:f9:b2:e6:7a:08:44:41:
22:54:fa:2b:ac:27:86:58:b7:35:a8:33:ce:8d:18:f3:b7:55:
9b:ff:35:34:a4:1d:33:80:3a:34:f0:e2:82:2b:f8:e6:48:50:
9b:1b:8d:84:b3:c4:f3:e6:07:aa:8a:16:8a:66:48:f1:bc:ed:
fe:a4:d5:88:c4:b5:34:84:18:d1:6d:02:4d:d3:f8:da:2e:4e:
27:10:9c:d4:d9:4f:4a:04:ec:d7:7f:4a:0f:cd:13:68:a9:b1:
87:cb:57:eb:1f:89:21:35:20:37:af:60:3b:70:aa:68:ce:b4:
72:d1:f8:45
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgISAY2/eM7N1fcJby8k8FNN7VbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTAwYzkwMDIzMjFmMDM5NjQ1ODM3MTBiN2JhYTQ1OTcz
NDEyMTMwHhcNMjQwMjE5MDM0NjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc3ZDBmNmJjMWZmYTA5YmMyZTcwNTQ5MWIwOWJjODQwZTZkN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmvipGin1a8idFVVga5Y1uYlkphr
IBB9P+ZiXIxY97uEE8Z1TzVns94L8GnZshQ19P1h5UU12TZJF2aK8RV5wpexwcKb
hsI1w/faXccoZwCmND08819UZk4TW2l2uyDLTKLsHxqeBYwn7xBg7rSgefBq+JP4
yf+X+vnZrFzMX818W5KRcF9hfqGZ3Etd4XWY0rBx6rUVh+r1WGsdNx1+xY5vb4s4
XCYXuYwLYHNvAwNy5oIVFwryCLcz0EkMBULUTgsEMqh/MIt+wNM3bjF2NZ1W4fdY
We+xndS790bqUrxIkUQaTYRQkutNTLiSaDqzQRvSEWXoGYmV71NM3IfXYQIDAQAB
o4IDHjCCAxowHQYDVR0OBBYEFEZ30Pa8H/oJvC5wVJGwm8hA5te3MB8GA1UdIwQY
MBaAFOtQDJACMh8DlkWDcQt7qkWXNBITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYt
NGE2ODU5NjJmM2U4LzEvUm5mUTlyd2YtZ204TG5CVWtiQ2J5RURtMTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xOWMwOWEtZDc5YS00ZGU0LThhODYtNGE2ODU5NjJmM2U4
LzEvNjFBTWtBSXlId09XUllOeEMzdXFSWmMwRWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMgYIKwYBBQUHAQcBAf8EggEhMIIBHTCB9wQCAAEwgfAD
BAIFI2ADBAMfhwgDBAMl5nADBAU+bQADBAA+tSwwDAMEAD61NQMEAz61MAMEA04Y
2AMEAU+PSAMEAk+uDAMEBVKSIAMEAVOI6AMEAFOI6wMEAFZuwgMEAVZu0AMEAFZu
1AMEAFZu1wMEAFZu3AMEAlmpHAMEA1treAMEAVvk4AMEBFw/YAMEAlw/wAMEA176
+AMEAm2sBDAMAwQCbaxsAwQCbaxwAwQDlZpAAwQDsHuoAwQCsvqcAwQCuTyEAwQA
ubtzAwQFvHjgMAwDBADUOXMDBADUOXQDBADUOXYDBADUOXoDBALUOXwDBALZHNww
IQQCAAIwGzAQAwUEKgECMAMHASoBAjAABAMHACoJ+QAAADANBgkqhkiG9w0BAQsF
AAOCAQEAcfOfsBK0EGajp2FQRrkMIqK9jG7kcQrclCzQI04rgapE0qhNfRT8Hmgd
LhybuHIHsHaCkWimx+R2WyJH4eujwLRdGGebjU+mRaQqQOFrR2y6eJ7gH0ZD6JGL
Ddk0tdFYnVUiIDzWpo3KoIe2veoi3dlCI0J7Tm9Lef+n807aBrUoR9AQMK2nFTz5
suZ6CERBIlT6K6wnhli3Nagzzo0Y87dVm/81NKQdM4A6NPDigiv45khQmxuNhLPE
8+YHqooWimZI8bzt/qTViMS1NIQY0W0CTdP42i5OJxCc1NlPSgTs139KD80TaKmx
h8tX6x+JITUgN69gO3CqaM60ctH4RQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:54 2024 by rpki-client on console-fra.rpki-client.org