Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/adXOg4vWv52i5CdV8Ahi3pL5_64.roa
File: adXOg4vWv52i5CdV8Ahi3pL5_64.roa (raw, json)
Hash identifier: FoyyfRcacxzMBtMLUZId4+vlim4BdUELrIDHcZHGHVo=
Subject key identifier: 69:D5:CE:83:8B:D6:BF:9D:A2:E4:27:55:F0:08:62:DE:92:F9:FF:AE
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018A70C2E0990997A8F398CDFC31D48DCD64
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/adXOg4vWv52i5CdV8Ahi3pL5_64.roa
Signing time: Thu 07 Sep 2023 17:48:54 +0000
ROA not before: Thu 07 Sep 2023 17:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:c2:e0:99:09:97:a8:f3:98:cd:fc:31:d4:8d:cd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Sep 7 17:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69d5ce838bd6bf9da2e42755f00862de92f9ffae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3b:42:bf:92:b3:f8:11:48:3c:4f:f1:a9:46:
78:e4:b8:98:5d:d3:81:6f:7e:a5:be:d6:5e:d9:1f:
49:94:9d:cd:dd:66:ce:11:28:ad:9e:32:ef:c2:f1:
e0:1c:76:81:0b:da:9f:c8:10:16:39:d9:be:9b:c2:
27:90:cb:3e:d4:13:bd:30:3b:0c:55:7c:c3:4a:7f:
86:05:87:0e:59:89:c2:d7:50:73:27:02:b0:57:78:
dd:51:7d:0a:00:4a:a6:8b:4f:fa:39:56:83:51:11:
ac:f6:da:10:93:73:c2:84:a3:19:5f:88:50:97:1b:
6b:00:71:26:ee:dc:e6:31:cb:d3:b5:55:0a:d2:8b:
81:f3:e3:88:0f:1b:66:86:83:d6:a2:1c:e4:1b:e3:
41:c6:0c:d3:97:32:44:c2:24:78:01:4c:7c:c1:db:
e6:e3:76:cc:dd:20:4d:e5:2b:ca:81:71:9f:da:db:
1c:79:0c:a6:b5:00:fe:65:0f:aa:76:07:19:c9:a1:
c3:34:db:cc:bc:58:26:39:53:31:45:7f:73:30:9b:
ec:aa:71:5f:a1:e0:bd:84:fe:d5:c8:0e:b7:02:06:
b9:f0:ec:a5:7d:c3:19:cd:05:db:da:e7:74:e9:47:
c2:20:8f:90:a4:e9:8e:f7:2f:d8:ff:09:ea:c6:38:
68:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D5:CE:83:8B:D6:BF:9D:A2:E4:27:55:F0:08:62:DE:92:F9:FF:AE
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/adXOg4vWv52i5CdV8Ahi3pL5_64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
a0:e0:58:91:c1:8b:16:01:d8:2b:47:b6:1b:ea:f8:5f:7e:7f:
67:f5:55:a4:6d:52:36:7c:11:65:2d:27:32:cf:c8:33:b6:f5:
b6:a5:79:a6:f0:14:7c:86:bd:3a:77:4f:77:e0:33:80:b4:b5:
08:da:bb:a4:88:ce:a6:55:d4:51:6a:43:99:29:af:5d:c0:d0:
9a:94:25:4a:04:8f:93:b4:14:c5:45:27:c0:11:fd:d0:e9:70:
04:5e:21:65:bb:71:33:cb:dd:3b:63:b5:ca:1f:ef:d2:c2:09:
52:ba:d6:ff:1e:e2:29:9e:23:f5:2c:b9:4f:c4:46:97:94:4a:
7c:9a:30:a3:fe:79:73:1f:76:11:f2:4b:55:0d:03:37:c8:14:
fc:2d:00:1b:21:f2:b9:b0:f7:b7:ee:b1:f2:0e:49:4f:1e:86:
9a:7f:90:5b:f3:22:dc:9c:f5:f5:0a:28:5d:c3:1d:a3:45:f3:
b2:a9:d1:0d:7a:e7:67:71:9f:f7:83:9a:f3:15:a0:61:0c:20:
52:13:69:6b:35:77:da:d2:6f:7a:60:a9:5e:0f:8b:0b:f0:a7:
54:df:51:a4:21:e2:e3:a9:ba:2b:ab:9c:e6:d7:99:c7:26:5e:
a8:23:57:84:bd:ed:66:af:5a:b7:03:58:cb:78:06:58:02:f7:
52:14:48:b7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYpwwuCZCZeo85jN/DHUjc1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwOTA3MTc0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQ1Y2U4MzhiZDZiZjlkYTJlNDI3NTVmMDA4NjJkZTkyZjlmZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDtCv5Kz+BFIPE/xqUZ45LiYXdOB
b36lvtZe2R9JlJ3N3WbOESitnjLvwvHgHHaBC9qfyBAWOdm+m8InkMs+1BO9MDsM
VXzDSn+GBYcOWYnC11BzJwKwV3jdUX0KAEqmi0/6OVaDURGs9toQk3PChKMZX4hQ
lxtrAHEm7tzmMcvTtVUK0ouB8+OIDxtmhoPWohzkG+NBxgzTlzJEwiR4AUx8wdvm
43bM3SBN5SvKgXGf2tsceQymtQD+ZQ+qdgcZyaHDNNvMvFgmOVMxRX9zMJvsqnFf
oeC9hP7VyA63Aga58OylfcMZzQXb2ud06UfCII+QpOmO9y/Y/wnqxjho0wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFGnVzoOL1r+douQnVfAIYt6S+f+uMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvYWRYT2c0dld2NTJpNUNkVjhBaGkzcEw1XzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIF
PdQDBAEFuyYDBAJfnMwDBAG5SxQDBAG5TE4DBAK5VCwDBAG5WRwDBAC5WR8DBAG5
aDwwDAMEALlomQMEArlomAMEAbl6ugMEArmd1AMEAbmhuAMEArm8EAMEArm/FAME
ArnC0AMEArnMQAMEAcO1/AMEANTt5zAMAwQA2T3xAwQC2T3wMA0GCSqGSIb3DQEB
CwUAA4IBAQCg4FiRwYsWAdgrR7Yb6vhffn9n9VWkbVI2fBFlLScyz8gztvW2pXmm
8BR8hr06d0934DOAtLUI2rukiM6mVdRRakOZKa9dwNCalCVKBI+TtBTFRSfAEf3Q
6XAEXiFlu3Ezy907Y7XKH+/SwglSutb/HuIpniP1LLlPxEaXlEp8mjCj/nlzH3YR
8ktVDQM3yBT8LQAbIfK5sPe37rHyDklPHoaaf5Bb8yLcnPX1Cihdwx2jRfOyqdEN
eudncZ/3g5rzFaBhDCBSE2lrNXfa0m96YKleD4sL8KdU31GkIeLjqborq5zm15nH
Jl6oI1eEve1mr1q3A1jLeAZYAvdSFEi3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org