Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/04-ZUKl0agBP0rBkdmvsMHIdC64.roa
File: 04-ZUKl0agBP0rBkdmvsMHIdC64.roa (raw, json)
Hash identifier: iBnhJt4hM3VK1+x2L2mOaPrYjO0pwhr4dFH6j8btjzE=
Subject key identifier: D3:8F:99:50:A9:74:6A:00:4F:D2:B0:64:76:6B:EC:30:72:1D:0B:AE
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018BB0032211324A94B60875A962E749D499
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/04-ZUKl0agBP0rBkdmvsMHIdC64.roa
Signing time: Wed 08 Nov 2023 17:37:57 +0000
ROA not before: Wed 08 Nov 2023 17:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:03:22:11:32:4a:94:b6:08:75:a9:62:e7:49:d4:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Nov 8 17:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d38f9950a9746a004fd2b064766bec30721d0bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8f:e5:f9:88:a9:17:25:4a:fd:f3:a5:82:2e:
ac:50:2d:6e:92:38:61:6a:f8:42:ab:f8:d2:ec:87:
71:6a:29:56:82:71:30:0c:04:1a:6f:4b:72:00:6d:
09:7d:47:78:84:76:98:b1:34:48:4a:5c:6b:13:fd:
b4:f3:e3:9f:6a:28:64:0f:1d:45:fe:57:89:bc:8e:
2a:20:e0:c5:1e:7b:2f:0d:24:2d:cf:8b:77:f4:b6:
84:48:0a:a7:46:1c:9e:29:94:5a:34:f3:d9:0e:e0:
44:d1:25:8d:a7:8f:83:84:0e:ac:1f:37:2b:79:b6:
20:dd:c2:dc:f6:35:10:81:b0:3d:92:26:38:c6:9a:
2a:f7:b0:90:e7:c9:20:8f:0f:6f:cd:ad:8b:b2:aa:
cf:3e:15:09:d0:4a:f0:cc:01:b4:bc:43:09:4c:87:
9a:c4:3f:07:48:9a:c4:08:1f:9c:ae:c5:4d:7a:fb:
a9:06:0f:da:92:01:6f:d4:f1:82:a8:0f:95:eb:97:
a0:d1:21:96:30:8c:fa:ce:cc:8b:a3:f6:36:3e:14:
b3:37:46:28:08:3f:a6:91:90:92:3a:21:1c:e8:16:
0f:7a:ac:91:e4:f8:2f:2c:d2:4f:5c:95:66:48:18:
27:65:5d:ad:34:34:32:cf:58:7b:5d:25:53:4f:2c:
5f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8F:99:50:A9:74:6A:00:4F:D2:B0:64:76:6B:EC:30:72:1D:0B:AE
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/04-ZUKl0agBP0rBkdmvsMHIdC64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.76.78.0/23
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.19.0/24
185.191.20.0/22
185.194.208.0/22
195.181.252.0/23
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
09:b5:d5:8e:b6:ea:5d:84:3d:cf:9c:60:02:61:d5:8c:dc:94:
81:6d:eb:84:8e:49:01:e7:91:67:a4:5b:28:83:0a:df:84:1b:
8b:e2:f1:20:8d:f4:46:3f:1c:21:6e:eb:71:11:ab:19:37:0e:
6c:b8:03:1c:c4:bb:82:fc:8b:5f:b8:fa:aa:b6:0e:99:13:da:
8b:e3:b4:67:58:33:b4:04:f9:3c:2e:32:8c:25:07:09:cd:a1:
82:01:08:f0:81:a0:26:30:2e:2e:ac:b3:4e:d2:58:95:c8:72:
a2:8a:30:c5:b0:00:7b:f1:ba:22:a3:8f:09:f6:99:dd:a0:d7:
3e:f9:d7:94:d9:ec:b7:36:49:7f:df:25:72:58:c6:e7:85:3c:
85:ec:d8:db:1c:4a:c3:aa:81:19:e8:97:75:42:87:69:98:7c:
9d:c3:61:f3:de:00:bf:46:ce:9a:35:a7:9d:44:b3:58:cc:ec:
34:4d:f1:85:4a:fa:44:f4:44:5b:05:3f:04:23:33:9a:6b:b3:
bb:55:c1:d1:1d:8a:9b:b2:18:2b:7c:4a:cc:99:dd:b2:c0:8c:
ec:84:db:4c:07:26:09:f0:e6:bf:6e:70:97:b0:4e:2d:bd:6b:
5f:87:6a:96:fa:2d:be:42:ab:df:83:dc:16:91:f5:5e:7c:40:
1f:be:e1:0f
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYuwAyIRMkqUtgh1qWLnSdSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMTA4MTczNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhmOTk1MGE5NzQ2YTAwNGZkMmIwNjQ3NjZiZWMzMDcyMWQwYmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI/l+YipFyVK/fOlgi6sUC1ukjhh
avhCq/jS7IdxailWgnEwDAQab0tyAG0JfUd4hHaYsTRISlxrE/208+OfaihkDx1F
/leJvI4qIODFHnsvDSQtz4t39LaESAqnRhyeKZRaNPPZDuBE0SWNp4+DhA6sHzcr
ebYg3cLc9jUQgbA9kiY4xpoq97CQ58kgjw9vza2LsqrPPhUJ0ErwzAG0vEMJTIea
xD8HSJrECB+crsVNevupBg/akgFv1PGCqA+V65eg0SGWMIz6zsyLo/Y2PhSzN0Yo
CD+mkZCSOiEc6BYPeqyR5PgvLNJPXJVmSBgnZV2tNDQyz1h7XSVTTyxffQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFNOPmVCpdGoAT9KwZHZr7DByHQuuMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvMDQtWlVLbDBhZ0JQMHJCa2RtdnNNSElkQzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAgU91AME
AQW7JgMEAl+czAMEAblMTgMEAblZHAMEALlZHwMEAbloPDAMAwQAuWiZAwQCuWiY
AwQBuXq6AwQCuZ3UAwQBuaG4AwQAubwTAwQCub8UAwQCucLQAwQBw7X8MAwDBADZ
PfEDBALZPfAwDQYJKoZIhvcNAQELBQADggEBAAm11Y626l2EPc+cYAJh1YzclIFt
64SOSQHnkWekWyiDCt+EG4vi8SCN9EY/HCFu63ERqxk3Dmy4AxzEu4L8i1+4+qq2
DpkT2ovjtGdYM7QE+TwuMowlBwnNoYIBCPCBoCYwLi6ss07SWJXIcqKKMMWwAHvx
uiKjjwn2md2g1z7515TZ7Lc2SX/fJXJYxueFPIXs2NscSsOqgRnol3VCh2mYfJ3D
YfPeAL9Gzpo1p51Es1jM7DRN8YVK+kT0RFsFPwQjM5prs7tVwdEdipuyGCt8SsyZ
3bLAjOyE20wHJgnw5r9ucJewTi29a1+Hapb6Lb5Cq9+D3BaR9V58QB++4Q8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org