Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/V9Op7VdTxU_T02i8kFzS8NymMYI.roa
File: V9Op7VdTxU_T02i8kFzS8NymMYI.roa (raw, json)
Hash identifier: 67WQifoS5PtagRSEoGWCXYePqUZYEAZCCmhYmZgM1C8=
Subject key identifier: 57:D3:A9:ED:57:53:C5:4F:D3:D3:68:BC:90:5C:D2:F0:DC:A6:31:82
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018AED4C5F373F093D65E44E1C2488713A83
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/V9Op7VdTxU_T02i8kFzS8NymMYI.roa
Signing time: Sun 01 Oct 2023 22:11:59 +0000
ROA not before: Sun 01 Oct 2023 22:11:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ed:4c:5f:37:3f:09:3d:65:e4:4e:1c:24:88:71:3a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Oct 1 22:11:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57d3a9ed5753c54fd3d368bc905cd2f0dca63182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ab:bf:4d:3b:1b:f8:b5:98:1b:5c:f5:ce:99:
d0:6c:11:d2:e8:df:87:c3:de:56:1e:85:27:75:33:
20:31:c1:70:ef:69:71:8c:13:9b:b6:6c:53:f8:cd:
62:8c:97:be:6a:71:fe:0a:f0:25:bc:e8:f9:c6:ce:
bd:51:e4:68:b5:3b:c8:f3:2d:14:0a:01:ac:d4:fc:
bd:50:22:79:74:2b:49:c5:5c:91:6a:a0:cd:c3:83:
6d:77:44:30:12:d9:b9:64:e2:8c:66:92:ca:94:ef:
94:f3:5e:72:67:59:dc:bc:4b:63:b5:33:dc:43:9b:
0e:09:62:c3:f3:a5:79:c2:c3:e8:89:ac:e1:67:34:
2b:2a:ea:0c:56:23:4b:4b:48:a5:f7:f5:39:b9:da:
74:cd:8b:43:ca:e0:ea:8c:f3:66:96:71:96:99:99:
b0:e6:4b:79:59:45:05:05:a7:66:4b:74:6e:bf:6c:
88:4d:3c:f6:41:b2:73:b8:d7:0e:a1:fd:61:5b:f2:
ed:0f:99:5a:4c:14:28:a7:70:9b:38:9f:94:59:b8:
5c:c7:50:eb:34:41:26:8d:1f:c8:a6:6d:8c:80:52:
02:d8:80:40:b6:a6:78:09:60:f1:83:37:09:6a:bb:
f7:09:bb:35:68:96:c1:0a:53:5b:c6:5a:dd:b5:d7:
1b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D3:A9:ED:57:53:C5:4F:D3:D3:68:BC:90:5C:D2:F0:DC:A6:31:82
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/V9Op7VdTxU_T02i8kFzS8NymMYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.76.78.0/23
185.84.44.0/22
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
04:b2:11:e2:22:f7:88:cd:1a:95:53:5e:73:bc:2f:84:f7:5c:
32:90:0c:e2:96:f8:50:fb:fc:b2:01:31:4b:c5:71:38:08:b3:
a4:97:a0:23:d9:0d:2d:21:fe:f5:2d:3b:07:2a:f8:22:cd:84:
ca:d3:6a:e5:bb:f5:f8:ec:7b:47:c0:49:20:6a:0d:d5:5f:4b:
7d:83:98:ea:ac:b9:86:18:2e:69:11:ba:a5:4d:0b:64:2a:04:
f5:69:95:45:0e:a4:b7:b2:dd:95:9e:35:e1:98:39:ac:65:8e:
fc:50:5c:13:3b:4b:6a:82:c6:68:f7:b6:90:2a:88:cb:c1:d5:
f1:51:96:de:ea:cb:a4:ef:cb:e4:b9:89:9e:74:de:38:ac:3f:
93:3e:e6:ed:80:22:c9:4b:3f:b8:89:ff:6c:8a:49:77:56:39:
a9:4f:d9:d6:25:54:86:b4:85:84:d5:b7:0d:fd:89:33:63:f5:
27:5f:2a:c4:e0:03:b2:6e:e3:24:4e:52:31:33:2c:88:f6:d4:
81:1e:e1:86:99:af:3b:77:e3:44:80:ce:b8:96:a4:d4:96:26:
c5:65:fb:cf:ff:9b:a5:ca:75:bd:58:de:72:ee:7b:96:ac:e3:
05:a5:13:60:e3:7e:f3:ad:7b:6a:e4:4d:76:c9:6a:83:4e:61:
32:02:2c:e1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYrtTF83Pwk9ZeROHCSIcTqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMDAxMjIxMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2QzYTllZDU3NTNjNTRmZDNkMzY4YmM5MDVjZDJmMGRjYTYzMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6u/TTsb+LWYG1z1zpnQbBHS6N+H
w95WHoUndTMgMcFw72lxjBObtmxT+M1ijJe+anH+CvAlvOj5xs69UeRotTvI8y0U
CgGs1Py9UCJ5dCtJxVyRaqDNw4Ntd0QwEtm5ZOKMZpLKlO+U815yZ1ncvEtjtTPc
Q5sOCWLD86V5wsPoiazhZzQrKuoMViNLS0il9/U5udp0zYtDyuDqjPNmlnGWmZmw
5kt5WUUFBadmS3Ruv2yITTz2QbJzuNcOof1hW/LtD5laTBQop3CbOJ+UWbhcx1Dr
NEEmjR/Ipm2MgFIC2IBAtqZ4CWDxgzcJarv3Cbs1aJbBClNbxlrdtdcbawIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFFfTqe1XU8VP09NovJBc0vDcpjGCMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvVjlPcDdWZFR4VV9UMDJpOGtGelM4TnltTVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAgU9
1AMEAQW7JgMEAl+czAMEAblMTgMEArlULAMEAblZHAMEALlZHwMEAbloPDAMAwQA
uWiZAwQCuWiYAwQBuXq6AwQCuZ3UAwQBuaG4AwQCubwQAwQCub8UAwQCucLQAwQB
w7X8AwQA1O3nMAwDBADZPfEDBALZPfAwDQYJKoZIhvcNAQELBQADggEBAASyEeIi
94jNGpVTXnO8L4T3XDKQDOKW+FD7/LIBMUvFcTgIs6SXoCPZDS0h/vUtOwcq+CLN
hMrTauW79fjse0fASSBqDdVfS32DmOqsuYYYLmkRuqVNC2QqBPVplUUOpLey3ZWe
NeGYOaxljvxQXBM7S2qCxmj3tpAqiMvB1fFRlt7qy6Tvy+S5iZ503jisP5M+5u2A
IslLP7iJ/2yKSXdWOalP2dYlVIa0hYTVtw39iTNj9SdfKsTgA7Ju4yROUjEzLIj2
1IEe4YaZrzt340SAzriWpNSWJsVl+8//m6XKdb1Y3nLue5as4wWlE2DjfvOte2rk
TXbJaoNOYTICLOE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org