Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/7-nBu-04ynBhlhQ3q8sJyR4aqc0.roa
File: 7-nBu-04ynBhlhQ3q8sJyR4aqc0.roa (raw, json)
Hash identifier: zLa7qPV1eRi4tqopFcGMhQdi/v14YYlDAWOdznelN9A=
Subject key identifier: EF:E9:C1:BB:ED:38:CA:70:61:96:14:37:AB:CB:09:C9:1E:1A:A9:CD
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018CC64AADD4D242668828853866421B3D3B
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/7-nBu-04ynBhlhQ3q8sJyR4aqc0.roa
Signing time: Mon 01 Jan 2024 18:30:32 +0000
ROA not before: Mon 01 Jan 2024 18:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.19.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ad:d4:d2:42:66:88:28:85:38:66:42:1b:3d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 18:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efe9c1bbed38ca7061961437abcb09c91e1aa9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:36:d0:7a:99:bf:db:06:ff:6d:f9:42:45:c5:
68:68:d3:55:91:30:36:cf:fa:32:62:a0:c9:8c:cd:
c7:b3:a0:03:55:b8:ce:90:2c:68:a1:20:7f:b1:3f:
3a:43:07:48:00:51:4b:a3:72:8b:3e:18:88:55:7d:
eb:07:80:04:3a:00:0a:69:c0:f2:ff:4b:24:4b:77:
81:92:fe:aa:b1:d3:d4:d3:36:ea:1a:bb:e9:f4:d3:
08:59:d2:ea:28:6f:3f:88:a0:8d:7e:c2:1e:d9:76:
4c:a2:e0:28:52:81:95:a7:91:f2:21:a4:41:4d:1f:
aa:bf:92:b9:9b:88:ba:82:db:07:4c:9a:11:41:cd:
47:8a:ab:d3:24:39:f9:47:90:58:36:40:4e:95:2a:
8b:94:2b:c4:ee:31:13:be:72:e4:b6:ca:35:5a:2a:
54:7b:f1:46:d2:2d:4a:3b:cf:0c:0b:1a:8b:a7:e3:
72:7c:b9:7d:88:45:65:8f:00:f2:3e:aa:ef:87:81:
d5:4e:af:97:c4:18:42:b7:93:66:35:00:7e:e1:51:
74:ff:2e:e7:23:7c:13:16:ca:7c:eb:fb:64:48:4f:
7d:ce:d8:6e:95:b2:68:1e:4f:a0:eb:cb:1d:ad:1f:
6c:b7:76:16:42:a1:73:7e:e2:37:78:df:08:b4:64:
33:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E9:C1:BB:ED:38:CA:70:61:96:14:37:AB:CB:09:C9:1E:1A:A9:CD
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/7-nBu-04ynBhlhQ3q8sJyR4aqc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.19.0/24
195.181.252.0/23
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
34:47:e7:9e:41:55:28:3b:50:ac:17:44:9a:e8:4f:7f:9d:72:
7c:4d:6e:11:f2:2d:35:03:f8:96:bb:a9:a2:08:15:c9:85:1a:
0c:47:3b:7c:ea:a1:ae:67:3e:81:4b:7f:7e:f4:09:2c:dd:50:
58:42:30:69:26:8a:6c:93:c9:29:a3:c2:ad:f6:e9:84:66:ab:
e4:b6:7c:e6:e1:a8:33:cc:f9:f0:72:1d:d9:63:fc:63:17:e6:
73:9d:65:3f:a0:3b:20:a1:ae:0d:c8:ab:2e:e0:4b:8a:aa:b2:
15:03:bd:de:00:2e:d9:93:9d:cf:ee:c8:d3:7f:30:ab:3e:82:
2f:b6:3e:b5:a4:1b:04:00:ab:12:be:16:d9:38:2f:ad:07:48:
53:09:1d:c8:b0:6b:8a:bc:9b:b8:73:26:5b:8e:5c:ec:1c:a4:
30:a1:97:bd:e3:79:18:85:a8:17:35:74:c0:34:3d:e6:2f:db:
c9:e4:7d:c6:44:1c:c7:55:04:0e:30:35:fe:42:05:10:b0:52:
56:ca:3a:da:dd:c1:b5:db:94:e5:2f:ce:4a:f1:74:fd:ce:31:
9f:66:c1:8d:c0:1f:03:96:6a:f1:16:0e:e9:f3:7e:99:3d:8f:
ba:c2:54:71:7a:f6:dc:12:63:17:14:aa:f7:b4:ab:0a:54:e8:
15:4b:8c:2e
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzGSq3U0kJmiCiFOGZCGz07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwMTAxMTgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU5YzFiYmVkMzhjYTcwNjE5NjE0MzdhYmNiMDljOTFlMWFhOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+zbQepm/2wb/bflCRcVoaNNVkTA2
z/oyYqDJjM3Hs6ADVbjOkCxooSB/sT86QwdIAFFLo3KLPhiIVX3rB4AEOgAKacDy
/0skS3eBkv6qsdPU0zbqGrvp9NMIWdLqKG8/iKCNfsIe2XZMouAoUoGVp5HyIaRB
TR+qv5K5m4i6gtsHTJoRQc1HiqvTJDn5R5BYNkBOlSqLlCvE7jETvnLktso1WipU
e/FG0i1KO88MCxqLp+NyfLl9iEVljwDyPqrvh4HVTq+XxBhCt5NmNQB+4VF0/y7n
I3wTFsp86/tkSE99zthulbJoHk+g68sdrR9st3YWQqFzfuI3eN8ItGQz0QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFO/pwbvtOMpwYZYUN6vLCckeGqnNMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvNy1uQnUtMDR5bkJobGhRM3E4c0p5UjRhcWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQCBT3UAwQB
BbsmAwQCX5zMAwQBuVkcAwQAuVkfAwQBuWg8MAwDBAC5aJkDBAK5aJgDBAG5eroD
BAK5ndQDBAG5obgDBAC5vBMDBAHDtfwwDAMEANk98QMEAtk98DANBgkqhkiG9w0B
AQsFAAOCAQEANEfnnkFVKDtQrBdEmuhPf51yfE1uEfItNQP4lrupoggVyYUaDEc7
fOqhrmc+gUt/fvQJLN1QWEIwaSaKbJPJKaPCrfbphGar5LZ85uGoM8z58HId2WP8
Yxfmc51lP6A7IKGuDcirLuBLiqqyFQO93gAu2ZOdz+7I038wqz6CL7Y+taQbBACr
Er4W2TgvrQdIUwkdyLBrirybuHMmW45c7BykMKGXveN5GIWoFzV0wDQ95i/byeR9
xkQcx1UEDjA1/kIFELBSVso62t3BtduU5S/OSvF0/c4xn2bBjcAfA5Zq8RYO6fN+
mT2PusJUcXr23BJjFxSq97SrClToFUuMLg==
-----END CERTIFICATE-----
Generated at Tue Jan 30 13:50:34 2024 by rpki-client on console-fra.rpki-client.org