Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/LlxfYRvDz_mNyk7fDiykfNQNtog.roa
File: LlxfYRvDz_mNyk7fDiykfNQNtog.roa (raw, json)
Hash identifier: XtldrYOFI/SmnmJiNhWdIJDz7W2nPL75YivXQjcLvTI=
Subject key identifier: 2E:5C:5F:61:1B:C3:CF:F9:8D:CA:4E:DF:0E:2C:A4:7C:D4:0D:B6:88
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018A70C2E111E7FA001CC555BC2586FA07FD
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/LlxfYRvDz_mNyk7fDiykfNQNtog.roa
Signing time: Thu 07 Sep 2023 17:48:54 +0000
ROA not before: Thu 07 Sep 2023 17:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.188.17.0/24 maxlen: 24
185.188.16.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.209.0/24 maxlen: 24
185.157.212.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:c2:e1:11:e7:fa:00:1c:c5:55:bc:25:86:fa:07:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Sep 7 17:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e5c5f611bc3cff98dca4edf0e2ca47cd40db688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ed:9a:52:e0:89:ad:54:2a:a9:d0:51:10:72:
76:f9:be:77:97:e8:25:00:b3:c8:82:22:dc:43:2a:
07:2d:2c:8c:7a:43:3c:70:b5:ac:0a:f8:8d:06:c3:
e9:d7:3f:bc:27:a1:47:71:3c:a6:5d:65:a9:5a:0b:
40:01:ac:ba:3d:7b:94:43:12:28:0f:71:0f:37:03:
38:ca:d3:59:b2:ec:94:85:59:e7:10:23:d3:1f:8a:
5e:80:90:36:66:e7:3c:b8:d0:46:8a:72:c6:3c:e3:
e3:32:54:cd:5e:c9:7b:05:07:54:75:b0:0f:8a:48:
9c:a2:62:21:7b:aa:b1:3f:78:3c:a8:52:90:15:20:
d9:1c:6f:f9:bd:55:3f:73:ff:c3:00:0b:b1:dc:d8:
9f:28:bc:6c:40:79:be:62:1c:2d:84:3b:c3:71:b8:
99:4d:54:ab:36:08:81:99:86:d5:3a:bb:19:74:70:
d0:9f:77:86:eb:c6:50:9c:c4:fa:b0:d7:05:ee:aa:
21:8c:10:b6:32:02:02:8f:ad:69:40:65:c6:fa:4f:
c9:8a:a2:10:67:11:70:00:9c:3f:0a:c9:11:fb:b1:
5d:c1:a1:c4:ad:52:4d:81:a8:1e:8e:fe:7e:e5:38:
9f:aa:51:c8:41:9f:8f:59:f4:ed:1a:a8:eb:ed:58:
8b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5C:5F:61:1B:C3:CF:F9:8D:CA:4E:DF:0E:2C:A4:7C:D4:0D:B6:88
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/LlxfYRvDz_mNyk7fDiykfNQNtog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/24
185.157.214.0/23
185.161.184.0/24
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
21:b5:a5:e2:4f:85:91:dc:3f:b0:76:51:e6:68:aa:75:27:99:
83:e1:63:4d:1d:7c:19:81:f1:93:45:43:de:f5:ce:59:3a:8a:
d5:26:a9:a6:ef:8d:e2:0f:31:9d:50:8f:27:ec:7d:bc:f4:3a:
b3:9c:ee:ea:4c:50:7a:81:86:0e:7f:50:c2:c3:08:5c:f5:6d:
54:79:d1:59:39:28:51:95:76:18:1d:bc:86:9f:cf:1c:68:fc:
67:65:30:15:eb:16:2c:46:c9:4a:ee:ff:9b:3e:f4:f1:2c:cf:
85:2a:03:42:fb:98:52:65:23:85:dc:85:73:2c:73:12:05:2b:
06:82:91:4f:be:e0:30:25:2b:04:3c:2b:e5:43:63:b8:84:8e:
df:ce:ac:ea:75:b6:43:8f:9b:86:11:47:91:d1:22:bc:27:bd:
78:b5:9b:fb:2f:26:4c:d9:1b:78:16:ee:01:cf:60:cd:10:fd:
a6:c3:c8:05:c4:62:35:0f:38:e7:1d:dd:7a:20:06:99:23:5e:
61:27:97:57:65:08:2f:40:b5:ae:4a:1b:32:d4:44:d8:17:f5:
0b:64:81:a2:4b:97:dd:f3:76:1a:b4:77:14:05:da:ec:64:55:
b0:0f:56:db:af:7a:57:ee:5a:51:16:bc:0e:e0:35:aa:15:35:
c9:69:96:b1
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYpwwuER5/oAHMVVvCWG+gf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwOTA3MTc0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTVjNWY2MTFiYzNjZmY5OGRjYTRlZGYwZTJjYTQ3Y2Q0MGRiNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje2aUuCJrVQqqdBREHJ2+b53l+gl
ALPIgiLcQyoHLSyMekM8cLWsCviNBsPp1z+8J6FHcTymXWWpWgtAAay6PXuUQxIo
D3EPNwM4ytNZsuyUhVnnECPTH4pegJA2Zuc8uNBGinLGPOPjMlTNXsl7BQdUdbAP
ikicomIhe6qxP3g8qFKQFSDZHG/5vVU/c//DAAux3NifKLxsQHm+YhwthDvDcbiZ
TVSrNgiBmYbVOrsZdHDQn3eG68ZQnMT6sNcF7qohjBC2MgICj61pQGXG+k/JiqIQ
ZxFwAJw/CskR+7FdwaHErVJNgagejv5+5TifqlHIQZ+PWfTtGqjr7ViLywIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFC5cX2Ebw8/5jcpO3w4spHzUDbaIMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvTGx4ZllSdkR6X21OeWs3ZkRpeWtmTlFOdG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAIF
PdQDBAEFuyYDBAJfnMwDBAG5SxQDBAG5TE4DBAK5VCwDBAG5WRwDBAC5WR8DBAG5
aDwwDAMEALlomQMEArlomAMEAbl6ugMEALmd1AMEAbmd1gMEALmhuAMEArm8EAME
Arm/FAMEArnC0AMEArnMQAMEAcO1/AMEANTt5zAMAwQA2T3xAwQC2T3wMA0GCSqG
SIb3DQEBCwUAA4IBAQAhtaXiT4WR3D+wdlHmaKp1J5mD4WNNHXwZgfGTRUPe9c5Z
OorVJqmm743iDzGdUI8n7H289DqznO7qTFB6gYYOf1DCwwhc9W1UedFZOShRlXYY
HbyGn88caPxnZTAV6xYsRslK7v+bPvTxLM+FKgNC+5hSZSOF3IVzLHMSBSsGgpFP
vuAwJSsEPCvlQ2O4hI7fzqzqdbZDj5uGEUeR0SK8J714tZv7LyZM2Rt4Fu4Bz2DN
EP2mw8gFxGI1DzjnHd16IAaZI15hJ5dXZQgvQLWuShsy1ETYF/ULZIGiS5fd83Ya
tHcUBdrsZFWwD1bbr3pX7lpRFrwO4DWqFTXJaZax
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org