Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/01JFCo1ZyT2U1YWj2KcrNWPZg8M.roa
File: 01JFCo1ZyT2U1YWj2KcrNWPZg8M.roa (raw, json)
Hash identifier: VwpAGw1gO3zy09YS4tfat+OxupwKI7u3MqHagUgNRkA=
Subject key identifier: D3:52:45:0A:8D:59:C9:3D:94:D5:85:A3:D8:A7:2B:35:63:D9:83:C3
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01896F9E396CA9F411A0866FFD72C823C152
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/01JFCo1ZyT2U1YWj2KcrNWPZg8M.roa
Signing time: Wed 19 Jul 2023 19:26:27 +0000
ROA not before: Wed 19 Jul 2023 19:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.188.17.0/24 maxlen: 24
185.188.16.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.209.0/24 maxlen: 24
185.157.212.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.86.211.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
134.255.242.0/24 maxlen: 24
89.43.197.0/24 maxlen: 24
89.43.196.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6f:9e:39:6c:a9:f4:11:a0:86:6f:fd:72:c8:23:c1:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jul 19 19:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d352450a8d59c93d94d585a3d8a72b3563d983c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4d:6a:67:2d:00:7a:20:e5:26:04:a9:ca:e7:
7b:88:29:b1:0e:e0:1f:6e:1a:34:8b:ea:07:ed:f1:
b5:92:db:bf:68:15:33:0a:04:45:59:57:18:37:14:
5b:c6:69:1e:50:ce:45:29:7f:16:dd:fe:ea:87:3b:
8c:c0:1b:8f:07:43:82:37:63:ed:23:f5:ba:18:e9:
22:6f:6c:30:4e:70:8d:68:3c:13:8c:e7:c2:d4:57:
6d:98:2d:ad:6d:21:da:ba:f2:1b:a4:6f:4b:d9:99:
43:e6:f3:a1:92:55:9e:42:e0:66:69:e4:ec:40:e8:
20:10:b8:89:2b:0a:21:c3:c0:33:3d:7f:ea:d2:23:
c3:17:e0:50:fb:c9:d7:f4:35:08:95:7c:1d:f8:ba:
31:9c:fc:fa:e4:d7:2d:07:15:cb:ec:e9:42:37:fc:
c5:01:55:af:cc:67:79:5c:98:b8:8f:83:89:63:2c:
49:7b:15:75:1c:a6:6e:26:90:70:2f:a6:0a:d5:fe:
aa:0f:f5:57:16:56:f2:f8:04:5e:d6:28:21:43:a6:
e9:2c:ab:b0:09:ac:11:20:b1:5d:ff:bc:81:09:78:
c0:ae:12:5c:a0:10:97:fb:02:95:03:cc:d0:d4:c8:
5d:bd:58:83:1c:97:f5:32:a1:66:f9:94:c0:b5:99:
75:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:52:45:0A:8D:59:C9:3D:94:D5:85:A3:D8:A7:2B:35:63:D9:83:C3
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/01JFCo1ZyT2U1YWj2KcrNWPZg8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
89.43.196.0/23
95.156.204.0/22
134.255.242.0/24
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.86.211.0/24
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/24
185.157.214.0/23
185.161.184.0/24
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
94:e3:5b:48:2f:a8:48:76:bb:04:dc:a0:37:34:d4:70:58:aa:
bb:27:b1:fd:59:87:28:52:2b:78:a5:f5:3a:3d:6b:84:ed:ad:
65:a3:33:47:4c:66:5b:16:31:95:12:be:8c:be:dc:52:da:2d:
79:34:4d:06:32:6b:b6:eb:30:3c:61:5d:ce:e7:78:78:37:37:
a6:59:e5:be:b1:3e:ee:36:6d:2c:c2:da:85:46:90:5a:07:e5:
24:cb:9b:72:1d:f5:1c:b8:4a:b4:cb:39:3d:f3:91:90:7e:c4:
fb:f3:bb:b7:65:d2:cc:d7:c0:ae:e1:f1:22:7e:0a:2a:12:b6:
c1:93:56:b4:d0:bb:77:ea:6c:6d:c5:fd:52:6f:c3:6e:74:93:
c8:3b:02:68:e7:c1:17:7f:a9:01:b8:80:01:b6:25:c5:3f:8a:
bb:2d:01:de:3a:1f:a8:ba:68:92:08:ca:ab:75:5d:19:43:05:
90:4d:c6:4f:26:0a:12:8f:54:30:55:ec:57:30:9b:27:46:23:
63:21:40:2c:c4:45:4d:f6:b1:67:fc:e9:dc:f5:7f:63:6a:5b:
3f:54:ae:09:2b:2b:5d:a5:38:29:57:5a:dd:4e:99:54:34:41:
16:98:9f:3a:56:17:5e:b5:f5:6a:df:f7:b0:2d:0a:90:1b:4d:
3d:c0:18:d4
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYlvnjlsqfQRoIZv/XLII8FSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwNzE5MTkyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzUyNDUwYThkNTljOTNkOTRkNTg1YTNkOGE3MmIzNTYzZDk4M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs01qZy0AeiDlJgSpyud7iCmxDuAf
bho0i+oH7fG1ktu/aBUzCgRFWVcYNxRbxmkeUM5FKX8W3f7qhzuMwBuPB0OCN2Pt
I/W6GOkib2wwTnCNaDwTjOfC1FdtmC2tbSHauvIbpG9L2ZlD5vOhklWeQuBmaeTs
QOggELiJKwohw8AzPX/q0iPDF+BQ+8nX9DUIlXwd+LoxnPz65NctBxXL7OlCN/zF
AVWvzGd5XJi4j4OJYyxJexV1HKZuJpBwL6YK1f6qD/VXFlby+ARe1ighQ6bpLKuw
CawRILFd/7yBCXjArhJcoBCX+wKVA8zQ1MhdvViDHJf1MqFm+ZTAtZl1hwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFNNSRQqNWck9lNWFo9inKzVj2YPDMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvMDFKRkNvMVp5VDJVMVlXajJLY3JOV1BaZzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAIF
PdQDBAEFuyYDBAFZK8QDBAJfnMwDBACG//IDBAG5SxQDBAG5TE4DBAK5VCwDBAC5
VtMDBAG5WRwDBAC5WR8DBAG5aDwwDAMEALlomQMEArlomAMEAbl6ugMEALmd1AME
Abmd1gMEALmhuAMEArm8EAMEArm/FAMEArnC0AMEArnMQAMEAcO1/AMEANTt5zAM
AwQA2T3xAwQC2T3wMA0GCSqGSIb3DQEBCwUAA4IBAQCU41tIL6hIdrsE3KA3NNRw
WKq7J7H9WYcoUit4pfU6PWuE7a1lozNHTGZbFjGVEr6MvtxS2i15NE0GMmu26zA8
YV3O53h4NzemWeW+sT7uNm0swtqFRpBaB+Uky5tyHfUcuEq0yzk985GQfsT787u3
ZdLM18Cu4fEifgoqErbBk1a00Lt36mxtxf1Sb8NudJPIOwJo58EXf6kBuIABtiXF
P4q7LQHeOh+oumiSCMqrdV0ZQwWQTcZPJgoSj1QwVexXMJsnRiNjIUAsxEVN9rFn
/Onc9X9jals/VK4JKytdpTgpV1rdTplUNEEWmJ86VhdetfVq3/ewLQqQG009wBjU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org