Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/5KGMh-2cyOkBTX7AE04F9fwNuo4.roa
File: 5KGMh-2cyOkBTX7AE04F9fwNuo4.roa (raw, json)
Hash identifier: 8Oox06EIG0C/22GQr3dLwPfC6NlSw8MVQxsLP70Wu5U=
Subject key identifier: E4:A1:8C:87:ED:9C:C8:E9:01:4D:7E:C0:13:4E:05:F5:FC:0D:BA:8E
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01897317E8052E2375EB5D1A479789164E1F
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/5KGMh-2cyOkBTX7AE04F9fwNuo4.roa
Signing time: Thu 20 Jul 2023 11:38:13 +0000
ROA not before: Thu 20 Jul 2023 11:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.86.211.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
134.255.242.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
89.43.196.0/24 maxlen: 24
89.43.197.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:17:e8:05:2e:23:75:eb:5d:1a:47:97:89:16:4e:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jul 20 11:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4a18c87ed9cc8e9014d7ec0134e05f5fc0dba8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:1a:0a:65:f1:ca:c3:ea:51:c2:c7:bc:70:
1e:e2:24:7a:cd:6d:f4:6a:8e:6a:ec:84:70:ee:4c:
af:64:db:b5:09:14:f3:61:99:6a:3f:9d:68:f1:67:
0e:05:ab:e1:81:f9:ed:37:b3:5b:94:2a:ae:cc:27:
9f:69:64:14:d8:8a:fd:fd:1f:0e:07:8b:98:6a:1e:
ad:29:1c:9a:57:e9:19:b8:40:35:24:d6:2c:ec:1a:
df:80:43:3a:31:cc:f5:f1:0c:f7:59:42:74:96:0a:
61:ad:18:5f:b1:3b:bb:67:06:60:64:2c:03:6f:19:
94:3e:6c:7d:5f:a0:ec:90:d3:9a:18:e1:a5:ec:5b:
0d:02:29:27:fa:59:48:85:dc:6e:9b:b7:5a:02:d0:
05:df:7a:ef:60:99:f4:99:67:07:8c:a7:b7:e3:53:
95:3b:fc:5b:7d:3d:83:3a:6c:80:c3:d7:09:44:e8:
9c:a2:cb:57:b1:0e:4b:c6:d7:4e:48:ca:c9:e8:20:
7f:e9:6e:58:4d:8c:1f:8b:2e:17:36:5c:1c:8f:b5:
bd:68:4c:d8:55:37:11:2a:21:a4:59:55:ac:76:56:
c9:7d:33:19:c2:fb:1b:c3:51:7a:6c:3f:a7:16:ca:
7b:37:4c:6f:d4:45:bf:46:0c:0e:f7:17:a9:7e:d8:
27:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A1:8C:87:ED:9C:C8:E9:01:4D:7E:C0:13:4E:05:F5:FC:0D:BA:8E
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/5KGMh-2cyOkBTX7AE04F9fwNuo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
89.43.196.0/23
95.156.204.0/22
134.255.242.0/24
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.86.211.0/24
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
2d:e2:a1:65:b2:18:7c:4f:15:12:75:ce:e1:28:77:dc:46:f1:
ae:08:27:7d:73:03:75:88:48:2f:e6:52:3d:d4:f0:d1:ce:42:
95:ad:0b:72:15:b2:dc:25:01:22:d1:10:36:66:1c:7b:ad:14:
ca:4b:da:c2:12:08:a8:f4:14:44:c9:1b:77:39:53:f2:b6:c6:
c5:21:e3:96:2b:8e:32:28:33:04:28:68:13:81:7b:86:f3:e9:
8f:13:2c:92:80:9e:12:ae:8f:bf:aa:4c:a0:78:df:4f:06:3a:
21:c5:d0:e4:0c:d9:4e:aa:38:cf:70:93:87:33:b9:d9:a0:3d:
40:1e:69:54:05:f4:de:10:0e:19:5d:d3:f6:31:66:4a:3a:84:
a9:e8:f6:91:74:7f:cc:00:9c:7f:ea:f8:79:ca:90:3d:28:e0:
1a:ff:93:41:6e:d1:46:fb:65:13:ce:d8:ba:ad:81:89:ed:c3:
93:25:3a:bf:1c:54:c0:9b:47:95:d6:81:30:ba:f7:6e:9f:0a:
81:23:fc:67:d6:2d:6a:63:00:ab:eb:64:b3:74:f9:8a:0b:1a:
82:61:8e:72:6f:0c:a3:da:9b:87:54:a6:54:42:1b:4d:fe:ba:
bb:11:c5:6c:bc:ef:f5:a2:ce:e1:ef:7d:a2:90:3d:24:7d:84:
30:a8:1d:8f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYlzF+gFLiN1610aR5eJFk4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwNzIwMTEzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGExOGM4N2VkOWNjOGU5MDE0ZDdlYzAxMzRlMDVmNWZjMGRiYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUkaCmXxysPqUcLHvHAe4iR6zW30
ao5q7IRw7kyvZNu1CRTzYZlqP51o8WcOBavhgfntN7NblCquzCefaWQU2Ir9/R8O
B4uYah6tKRyaV+kZuEA1JNYs7BrfgEM6Mcz18Qz3WUJ0lgphrRhfsTu7ZwZgZCwD
bxmUPmx9X6DskNOaGOGl7FsNAikn+llIhdxum7daAtAF33rvYJn0mWcHjKe341OV
O/xbfT2DOmyAw9cJROicostXsQ5LxtdOSMrJ6CB/6W5YTYwfiy4XNlwcj7W9aEzY
VTcRKiGkWVWsdlbJfTMZwvsbw1F6bD+nFsp7N0xv1EW/RgwO9xepftgnWQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFOShjIftnMjpAU1+wBNOBfX8DbqOMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvNUtHTWgtMmN5T2tCVFg3QUUwNEY5ZndOdW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAIF
PdQDBAEFuyYDBAFZK8QDBAJfnMwDBACG//IDBAG5SxQDBAG5TE4DBAK5VCwDBAC5
VtMDBAG5WRwDBAC5WR8DBAG5aDwwDAMEALlomQMEArlomAMEAbl6ugMEArmd1AME
AbmhuAMEArm8EAMEArm/FAMEArnC0AMEArnMQAMEAcO1/AMEANTt5zAMAwQA2T3x
AwQC2T3wMA0GCSqGSIb3DQEBCwUAA4IBAQAt4qFlshh8TxUSdc7hKHfcRvGuCCd9
cwN1iEgv5lI91PDRzkKVrQtyFbLcJQEi0RA2Zhx7rRTKS9rCEgio9BREyRt3OVPy
tsbFIeOWK44yKDMEKGgTgXuG8+mPEyySgJ4Sro+/qkygeN9PBjohxdDkDNlOqjjP
cJOHM7nZoD1AHmlUBfTeEA4ZXdP2MWZKOoSp6PaRdH/MAJx/6vh5ypA9KOAa/5NB
btFG+2UTzti6rYGJ7cOTJTq/HFTAm0eV1oEwuvdunwqBI/xn1i1qYwCr62SzdPmK
CxqCYY5ybwyj2puHVKZUQhtN/rq7EcVsvO/1os7h732ikD0kfYQwqB2P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org