Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Ldm67v7JG4FxmLKtkAJGjIFlgdA.roa
File: Ldm67v7JG4FxmLKtkAJGjIFlgdA.roa (raw, json)
Hash identifier: 3todIga1EZNpL0PAPbifZadlpbVfps5LcIfxlaBZkws=
Subject key identifier: 2D:D9:BA:EE:FE:C9:1B:81:71:98:B2:AD:90:02:46:8C:81:65:81:D0
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 0652C71C
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Ldm67v7JG4FxmLKtkAJGjIFlgdA.roa
Signing time: Mon 07 Mar 2022 22:41:09 +0000
ROA not before: Mon 07 Mar 2022 22:41:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.188.16.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.209.0/24 maxlen: 24
185.157.212.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.86.211.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.92.238.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106088220 (0x652c71c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Mar 7 22:41:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dd9baeefec91b817198b2ad9002468c816581d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bf:1b:5b:ca:98:b7:4f:b4:d3:80:34:a1:7b:
7f:c0:0a:17:d6:d1:57:47:2b:3f:cf:4d:85:c8:5b:
8c:46:0a:a9:42:ed:ce:5a:9c:dd:1e:e3:0b:37:60:
65:12:8d:da:8b:ec:5b:fd:3a:5b:92:26:cb:b1:4b:
2f:a9:53:bf:7a:2c:85:e0:e3:59:e6:cd:70:9b:a6:
3d:b6:4c:5f:84:13:65:cf:c9:ce:e1:90:17:96:65:
61:3b:bf:50:f6:5a:89:26:5f:f3:b8:c0:cc:2f:78:
04:16:cb:eb:23:eb:61:9d:f4:e8:b5:e8:7a:e1:da:
84:9a:81:a8:59:0e:f9:94:0d:eb:a6:02:8c:8b:0a:
72:5b:3b:41:20:ac:62:7c:8f:72:6c:08:6c:3b:e6:
ad:89:fa:f2:0b:4e:52:54:4b:e7:da:ce:9c:14:81:
06:bd:a4:b1:b1:56:a8:56:d6:05:4a:06:85:66:a3:
9a:88:d7:8f:06:c0:11:b6:9f:70:c8:1b:c8:a4:42:
a2:62:95:cb:34:45:98:1b:5e:49:22:b6:c3:20:3d:
64:59:1e:b2:60:cc:35:44:40:f0:8b:81:38:ef:a8:
4e:2f:77:3f:d6:af:49:61:f9:5c:8b:20:b7:36:78:
7c:ed:67:ac:d9:9e:9e:19:c7:77:d6:d8:7a:45:54:
d4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D9:BA:EE:FE:C9:1B:81:71:98:B2:AD:90:02:46:8C:81:65:81:D0
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Ldm67v7JG4FxmLKtkAJGjIFlgdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.86.211.0/24
185.89.28.0/24
185.89.31.0/24
185.92.238.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/24
185.157.214.0/23
185.161.184.0/24
185.188.16.0/24
185.188.18.0/23
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:9d:94:92:b0:68:3f:fb:ff:ef:8b:dc:fb:d5:18:26:22:2b:
99:41:e0:5c:cd:9e:06:4c:aa:af:16:8d:cd:9d:9e:06:00:0d:
f8:2c:9e:3c:56:92:90:5c:fc:04:b0:66:50:0f:6b:70:23:9c:
71:76:ce:02:f3:66:95:06:9f:4d:9a:21:e9:76:fc:81:56:0d:
fa:3c:95:9a:66:7b:bb:3c:92:4f:7f:c1:b2:40:e1:44:92:cf:
f4:97:0b:61:39:ef:f1:b2:ec:17:07:8b:ce:ef:6e:bd:bf:a3:
9a:70:7d:0f:f7:9f:32:d7:03:1a:e4:5a:af:3c:07:27:5b:21:
70:7c:e1:c8:81:37:2f:3d:e8:8c:09:7f:2d:61:a4:af:14:24:
41:5f:0e:ff:6c:4c:43:68:53:4e:66:63:03:05:df:28:5e:aa:
98:69:f8:40:9d:89:ee:2e:02:c1:b1:84:9a:b6:f4:1f:c0:df:
6d:2b:c0:ca:c1:4c:3c:18:1b:b8:5a:84:fd:1e:49:27:1b:75:
d8:93:e5:44:7b:5b:aa:d2:ab:9f:15:8a:1b:03:f6:e4:11:22:
b7:83:ac:bd:1b:f3:ca:b9:22:90:bf:24:d0:6f:f0:11:30:6a:
15:f7:ff:a1:54:f7:db:82:e0:6b:8f:2c:0c:15:7d:a5:07:aa:
f1:c3:e7:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIEBlLHHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmM1ZGU3ZDcyNTViN2Q1ODI2MGM2NWExMjBiMTY0ZWYxMGVmOTAzMB4XDTIyMDMw
NzIyNDEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRkOWJhZWVmZWM5
MWI4MTcxOThiMmFkOTAwMjQ2OGM4MTY1ODFkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe/G1vKmLdPtNOANKF7f8AKF9bRV0crP89NhchbjEYKqULt
zlqc3R7jCzdgZRKN2ovsW/06W5Imy7FLL6lTv3osheDjWebNcJumPbZMX4QTZc/J
zuGQF5ZlYTu/UPZaiSZf87jAzC94BBbL6yPrYZ306LXoeuHahJqBqFkO+ZQN66YC
jIsKcls7QSCsYnyPcmwIbDvmrYn68gtOUlRL59rOnBSBBr2ksbFWqFbWBUoGhWaj
mojXjwbAEbafcMgbyKRComKVyzRFmBteSSK2wyA9ZFkesmDMNURA8IuBOO+oTi93
P9avSWH5XIsgtzZ4fO1nrNmenhnHd9bYekVU1PsCAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBQt2bru/skbgXGYsq2QAkaMgWWB0DAfBgNVHSMEGDAWgBRrxd59clW31YJg
xloSCxZO8Q75AzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E4WGVmWEpWdDlXQ1lNWmFFZ3NXVHZFTy1RTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMzIxMDllLTI0YzktNGM4OC1hOGU4LWZkZjY2MzhkMmMwNC8x
L0xkbTY3djdKRzRGeG1MS3RrQUpHaklGbGdkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MzIxMDllLTI0YzktNGM4OC1hOGU4LWZkZjY2MzhkMmMwNC8xL2E4WGVmWEpWdDlX
Q1lNWmFFZ3NXVHZFTy1RTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBAG5SxQDBAG5TE4DBAK5VCwDBAC5
VtMDBAC5WRwDBAC5WR8DBAC5XO4DBAG5aDwwDAMEALlomQMEArlomAMEAbl6ugME
ALmd1AMEAbmd1gMEALmhuAMEALm8EAMEAbm8EgMEArm/FAMEArnC0AMEArnMQDAN
BgkqhkiG9w0BAQsFAAOCAQEAqp2UkrBoP/v/74vc+9UYJiIrmUHgXM2eBkyqrxaN
zZ2eBgAN+CyePFaSkFz8BLBmUA9rcCOccXbOAvNmlQafTZoh6Xb8gVYN+jyVmmZ7
uzyST3/BskDhRJLP9JcLYTnv8bLsFweLzu9uvb+jmnB9D/efMtcDGuRarzwHJ1sh
cHzhyIE3Lz3ojAl/LWGkrxQkQV8O/2xMQ2hTTmZjAwXfKF6qmGn4QJ2J7i4CwbGE
mrb0H8DfbSvAysFMPBgbuFqE/R5JJxt12JPlRHtbqtKrnxWKGwP25BEit4OsvRvz
yrkikL8k0G/wETBqFff/oVT324Lga48sDBV9pQeq8cPnfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org