Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/4fYJeypLPlCA6-P0WugZYc0n_5o.roa
File: 4fYJeypLPlCA6-P0WugZYc0n_5o.roa (raw, json)
Hash identifier: 0t28/rVZM4mLmV+qxQzhluRLF+vYt943QxQdPq1a+jo=
Subject key identifier: E1:F6:09:7B:2A:4B:3E:50:80:EB:E3:F4:5A:E8:19:61:CD:27:FF:9A
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 06926F4A
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/4fYJeypLPlCA6-P0WugZYc0n_5o.roa
Signing time: Thu 31 Mar 2022 17:05:34 +0000
ROA not before: Thu 31 Mar 2022 17:05:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.86.211.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
134.255.242.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
89.43.196.0/24 maxlen: 24
89.43.197.0/24 maxlen: 24
93.114.131.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.92.238.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110260042 (0x6926f4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Mar 31 17:05:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1f6097b2a4b3e5080ebe3f45ae81961cd27ff9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:ff:8f:84:ce:04:7f:6f:ef:d8:81:2f:77:
ec:bc:71:bf:82:89:c0:c1:c4:07:e0:38:c0:4a:2f:
0b:81:06:d1:0e:43:10:28:c6:62:07:d3:ae:80:a9:
19:54:52:4f:5c:2c:2d:7f:2f:f2:0d:61:a9:7d:de:
42:5f:42:7c:59:a7:31:63:2b:79:5e:37:cd:88:81:
fa:66:3d:c0:03:93:a6:a5:4c:a3:08:03:7a:a3:be:
57:c4:0e:5c:21:d4:35:c3:a9:bf:f3:0d:4c:ba:92:
94:fe:70:71:4c:00:06:9e:c7:e4:11:8b:02:7f:6f:
23:7e:23:fc:a1:c6:c8:f2:cb:1d:f3:b8:3f:9a:d2:
d0:eb:e1:b2:5d:19:34:f4:7b:e8:81:fb:f4:72:3b:
0b:42:ed:b5:c2:a5:77:b6:00:d2:02:8e:e6:05:97:
bd:77:49:60:9a:ca:dd:c5:36:94:aa:3f:82:90:58:
c3:c5:f0:31:72:96:d6:88:93:4f:86:42:3b:3f:4d:
72:49:d5:36:8f:07:58:54:2e:cc:a3:54:a1:6a:89:
c4:61:9d:44:41:43:2b:cd:c1:58:60:99:49:3d:9f:
07:bc:31:7e:8e:1b:56:e5:50:87:7f:3c:5b:f8:1d:
0a:27:95:25:e4:0f:3d:2d:c9:dd:cd:e7:04:93:a6:
e9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F6:09:7B:2A:4B:3E:50:80:EB:E3:F4:5A:E8:19:61:CD:27:FF:9A
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/4fYJeypLPlCA6-P0WugZYc0n_5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
89.43.196.0/23
93.114.131.0/24
95.156.204.0/22
134.255.242.0/24
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.86.211.0/24
185.89.28.0/23
185.89.31.0/24
185.92.238.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
29:fb:57:ab:0b:11:c7:8f:46:ca:b9:b2:5c:eb:ee:bd:1d:ce:
fd:94:44:2e:0a:0f:95:ec:50:3e:7d:50:3f:c7:96:c2:29:06:
db:8d:2b:01:67:b2:15:3b:f9:17:6b:6e:38:05:75:e9:c3:f8:
d7:7c:eb:e9:37:49:19:71:72:67:4b:6e:4e:93:c2:85:f0:47:
53:72:f0:b4:b4:42:76:fa:3c:0f:f3:a8:a3:53:5b:e3:50:5c:
90:f9:c8:2e:61:bd:f8:6d:44:2f:5b:69:87:1b:b9:ae:ca:51:
47:a2:0d:c2:1f:d5:00:83:47:a6:df:f8:17:06:4d:62:54:a2:
35:62:f2:32:c0:73:c3:6e:42:cc:d0:49:3f:05:fb:71:dc:48:
09:a1:4e:11:69:46:3c:44:03:01:13:8f:2b:e3:71:3f:a2:05:
34:ef:2a:3a:2b:bf:ce:0c:f2:7d:97:11:9a:6b:28:d7:3c:17:
62:a4:5d:b3:83:c5:94:4f:ed:d5:88:77:d0:d1:b5:f9:22:c0:
bb:73:19:e2:1f:3e:db:1a:ae:a6:a5:69:2f:b1:79:90:b3:43:
58:20:a1:23:7f:c0:e4:94:cc:59:44:14:2e:3e:8c:fb:36:9e:
34:3c:46:ba:4b:2f:00:eb:5d:3f:99:3f:fd:68:1b:79:65:89:
80:20:03:3c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIEBpJvSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmM1ZGU3ZDcyNTViN2Q1ODI2MGM2NWExMjBiMTY0ZWYxMGVmOTAzMB4XDTIyMDMz
MTE3MDUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFmNjA5N2IyYTRi
M2U1MDgwZWJlM2Y0NWFlODE5NjFjZDI3ZmY5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9W/4+EzgR/b+/YgS937Lxxv4KJwMHEB+A4wEovC4EG0Q5D
ECjGYgfTroCpGVRST1wsLX8v8g1hqX3eQl9CfFmnMWMreV43zYiB+mY9wAOTpqVM
owgDeqO+V8QOXCHUNcOpv/MNTLqSlP5wcUwABp7H5BGLAn9vI34j/KHGyPLLHfO4
P5rS0Ovhsl0ZNPR76IH79HI7C0LttcKld7YA0gKO5gWXvXdJYJrK3cU2lKo/gpBY
w8XwMXKW1oiTT4ZCOz9NcknVNo8HWFQuzKNUoWqJxGGdREFDK83BWGCZST2fB7wx
fo4bVuVQh388W/gdCieVJeQPPS3J3c3nBJOm6T0CAwEAAaOCAq4wggKqMB0GA1Ud
DgQWBBTh9gl7Kks+UIDr4/Ra6BlhzSf/mjAfBgNVHSMEGDAWgBRrxd59clW31YJg
xloSCxZO8Q75AzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E4WGVmWEpWdDlXQ1lNWmFFZ3NXVHZFTy1RTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMzIxMDllLTI0YzktNGM4OC1hOGU4LWZkZjY2MzhkMmMwNC8x
LzRmWUpleXBMUGxDQTYtUDBXdWdaWWMwbl81by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MzIxMDllLTI0YzktNGM4OC1hOGU4LWZkZjY2MzhkMmMwNC8xL2E4WGVmWEpWdDlX
Q1lNWmFFZ3NXVHZFTy1RTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wwYIKwYBBQUHAQcBAf8EgbMwgbAwga0EAgABMIGmAwQCBT3UAwQBBbsmAwQBWSvE
AwQAXXKDAwQCX5zMAwQAhv/yAwQBuUsUAwQBuUxOAwQCuVQsAwQAuVbTAwQBuVkc
AwQAuVkfAwQAuVzuAwQBuWg8MAwDBAC5aJkDBAK5aJgDBAG5eroDBAK5ndQDBAG5
obgDBAK5vBADBAK5vxQDBAK5wtADBAK5zEADBAHDtfwDBADU7ecwDAMEANk98QME
Atk98DANBgkqhkiG9w0BAQsFAAOCAQEAKftXqwsRx49GyrmyXOvuvR3O/ZRELgoP
lexQPn1QP8eWwikG240rAWeyFTv5F2tuOAV16cP413zr6TdJGXFyZ0tuTpPChfBH
U3LwtLRCdvo8D/Ooo1Nb41BckPnILmG9+G1EL1tphxu5rspRR6INwh/VAINHpt/4
FwZNYlSiNWLyMsBzw25CzNBJPwX7cdxICaFOEWlGPEQDAROPK+NxP6IFNO8qOiu/
zgzyfZcRmmso1zwXYqRds4PFlE/t1Yh30NG1+SLAu3MZ4h8+2xqupqVpL7F5kLND
WCChI3/A5JTMWUQULj6M+zaeNDxGuksvAOtdP5k//WgbeWWJgCADPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org