Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/_ljfpkw3iGXvC58rxcYsQ7Ff8JE.roa
File: _ljfpkw3iGXvC58rxcYsQ7Ff8JE.roa (raw, json)
Hash identifier: Q4lDN0cNWP3WW/PZyeNLjvC9CeuRIn1qnEZBQXqrZr0=
Subject key identifier: FE:58:DF:A6:4C:37:88:65:EF:0B:9F:2B:C5:C6:2C:43:B1:5F:F0:91
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018B80A4AF482873B5088E68743028A2033E
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/_ljfpkw3iGXvC58rxcYsQ7Ff8JE.roa
Signing time: Mon 30 Oct 2023 12:52:38 +0000
ROA not before: Mon 30 Oct 2023 12:52:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:a4:af:48:28:73:b5:08:8e:68:74:30:28:a2:03:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Oct 30 12:52:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe58dfa64c378865ef0b9f2bc5c62c43b15ff091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a3:37:3c:d4:01:70:ac:9c:94:c4:52:76:d1:
1f:90:29:0b:ba:f2:ff:2f:be:c8:b2:eb:aa:5a:ba:
f7:ba:54:8f:9b:36:f7:92:d3:df:d5:18:d7:8c:21:
eb:b9:ca:2a:3a:dc:d1:ed:e3:df:18:a0:80:5a:65:
9f:22:e2:e7:b0:d8:ab:e3:f2:0b:36:9e:61:c1:48:
87:e3:c1:de:6f:f7:21:1c:c8:93:35:e6:f6:96:51:
a2:9c:57:71:9c:73:2c:80:1a:78:3f:f1:e9:14:a9:
3f:bd:13:b5:8f:19:b2:06:45:5b:44:cb:1f:73:05:
d9:2c:12:a2:f7:9e:00:e2:12:b6:b8:30:90:c0:24:
a3:13:8a:6d:df:53:36:b5:b9:a4:53:67:e0:21:7c:
18:57:83:21:39:15:90:38:62:be:77:b4:c0:74:c1:
e2:ce:e4:d2:79:f0:9e:a3:48:f4:ef:16:d4:c8:6f:
35:ca:ac:7c:57:55:b6:a3:14:60:8f:1a:15:3f:cb:
80:e4:8d:6f:0a:21:16:52:6e:1d:e4:50:f0:8c:e0:
6b:8a:27:36:52:d6:37:bd:68:f2:3f:f5:3e:87:aa:
1d:83:23:1c:36:94:07:c9:d7:71:f5:21:50:30:96:
f0:0d:9a:a0:e2:3d:ad:b8:b5:47:6c:55:c8:17:6d:
29:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:58:DF:A6:4C:37:88:65:EF:0B:9F:2B:C5:C6:2C:43:B1:5F:F0:91
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/_ljfpkw3iGXvC58rxcYsQ7Ff8JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.76.78.0/23
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/23
185.188.19.0/24
185.191.20.0/22
185.194.208.0/22
195.181.252.0/23
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
a1:a9:46:65:2e:a9:eb:e5:aa:25:e3:cd:11:09:50:f4:3b:77:
a4:b9:da:00:e9:65:c3:54:d1:40:26:dc:1c:d0:5b:5c:3c:ed:
a6:2c:03:13:52:d8:ea:9c:22:43:7d:c4:00:72:d7:53:b0:de:
03:0c:11:01:7a:a9:eb:8a:c8:e6:bd:a3:33:9a:db:0a:eb:94:
e1:c9:da:e7:dc:8f:3a:0d:fe:b6:38:c8:06:bb:f7:bf:ad:20:
0b:58:fa:ac:95:37:c2:bb:2f:e0:41:a4:64:12:11:b6:61:a4:
d5:95:d8:84:d5:7f:1b:20:40:a7:0e:ea:c0:a7:9c:9a:36:ed:
45:32:6b:67:32:be:3b:a7:4e:30:c0:6d:c9:4b:cf:e5:53:32:
29:a4:0c:45:53:51:29:83:5b:3b:c3:61:80:91:4e:82:a8:13:
69:aa:19:05:d1:6d:06:da:37:f9:df:0b:b4:92:db:bb:6b:51:
4c:4b:4b:d0:99:38:f6:28:77:cc:f0:45:07:98:2d:c0:70:22:
90:f4:37:8e:89:a6:89:f8:03:3d:92:47:9f:00:42:ee:6e:db:
ae:e8:9d:6a:80:ad:ed:c6:0f:a5:4d:84:1e:10:b4:64:c6:80:
4a:ea:6c:d7:30:f8:64:26:d1:17:b3:2e:79:ea:50:15:13:3e:
ee:f0:92:1d
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYuApK9IKHO1CI5odDAoogM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMDMwMTI1MjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTU4ZGZhNjRjMzc4ODY1ZWYwYjlmMmJjNWM2MmM0M2IxNWZmMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaM3PNQBcKyclMRSdtEfkCkLuvL/
L77IsuuqWrr3ulSPmzb3ktPf1RjXjCHrucoqOtzR7ePfGKCAWmWfIuLnsNir4/IL
Np5hwUiH48Heb/chHMiTNeb2llGinFdxnHMsgBp4P/HpFKk/vRO1jxmyBkVbRMsf
cwXZLBKi954A4hK2uDCQwCSjE4pt31M2tbmkU2fgIXwYV4MhORWQOGK+d7TAdMHi
zuTSefCeo0j07xbUyG81yqx8V1W2oxRgjxoVP8uA5I1vCiEWUm4d5FDwjOBriic2
UtY3vWjyP/U+h6odgyMcNpQHyddx9SFQMJbwDZqg4j2tuLVHbFXIF20pYQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFP5Y36ZMN4hl7wufK8XGLEOxX/CRMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvX2xqZnBrdzNpR1h2QzU4cnhjWXNRN0ZmOEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAIFPdQD
BAEFuyYDBAJfnMwDBAG5TE4DBAG5WRwDBAC5WR8DBAG5aDwwDAMEALlomQMEArlo
mAMEAbl6ugMEArmd1AMEAbmhuAMEAbm8EAMEALm8EwMEArm/FAMEArnC0AMEAcO1
/DAMAwQA2T3xAwQC2T3wMA0GCSqGSIb3DQEBCwUAA4IBAQChqUZlLqnr5aol480R
CVD0O3ekudoA6WXDVNFAJtwc0FtcPO2mLAMTUtjqnCJDfcQActdTsN4DDBEBeqnr
isjmvaMzmtsK65Thydrn3I86Df62OMgGu/e/rSALWPqslTfCuy/gQaRkEhG2YaTV
ldiE1X8bIECnDurAp5yaNu1FMmtnMr47p04wwG3JS8/lUzIppAxFU1Epg1s7w2GA
kU6CqBNpqhkF0W0G2jf53wu0ktu7a1FMS0vQmTj2KHfM8EUHmC3AcCKQ9DeOiaaJ
+AM9kkefAELubtuu6J1qgK3txg+lTYQeELRkxoBK6mzXMPhkJtEXsy556lAVEz7u
8JId
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org