Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/dAdLC80zD8KvkhdROLje0KaNHNI.roa
File: dAdLC80zD8KvkhdROLje0KaNHNI.roa (raw, json)
Hash identifier: nkvQ+9VxQN2ksPxId9GleJav68SdoZti6ARJd1iG/iM=
Subject key identifier: 74:07:4B:0B:CD:33:0F:C2:AF:92:17:51:38:B8:DE:D0:A6:8D:1C:D2
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018C3E390B2A181AF996C63285BDDF2F5316
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/dAdLC80zD8KvkhdROLje0KaNHNI.roa
Signing time: Wed 06 Dec 2023 08:22:54 +0000
ROA not before: Wed 06 Dec 2023 08:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:39:0b:2a:18:1a:f9:96:c6:32:85:bd:df:2f:53:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Dec 6 08:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74074b0bcd330fc2af92175138b8ded0a68d1cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:e5:ce:40:53:04:3d:a0:db:ac:01:e4:cf:
d8:09:26:3e:ac:e6:cf:20:29:3a:73:7a:95:af:e6:
46:3c:2a:ca:92:e1:18:03:37:f5:93:0a:46:fa:e0:
bf:e0:b3:50:59:b5:bb:fb:6b:c6:21:4b:18:fc:11:
3c:b6:63:9e:31:5a:bc:09:2e:7c:1a:d6:a4:35:e8:
78:f2:f2:06:56:ca:31:ad:9e:d8:9b:5c:2d:13:a3:
ac:aa:65:bd:5d:79:8c:d5:87:95:43:44:ba:4b:63:
28:74:f9:1b:0c:50:1a:9e:fd:36:d4:ba:ba:b5:b8:
39:f7:cb:c6:0a:64:0e:c9:5e:c4:5d:5b:52:d5:1e:
82:dc:54:ee:5b:cc:46:46:86:2b:06:55:06:35:c0:
b9:27:1c:59:5c:8d:f0:69:4f:55:ad:50:a3:45:88:
fc:60:54:f2:96:db:59:21:ff:1b:ef:1a:8a:3d:41:
f3:47:c0:89:7d:2b:79:1e:6d:7b:ee:8c:ef:44:ac:
c7:18:62:99:f1:c1:e4:f6:c1:39:20:37:b5:b5:a0:
50:54:f7:a4:32:3f:76:12:0b:19:16:5c:d6:65:6d:
ee:dd:54:59:77:87:00:34:58:20:86:d5:5e:af:ba:
fa:30:93:59:2d:07:51:1b:85:2e:69:3f:e8:0f:2b:
29:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:07:4B:0B:CD:33:0F:C2:AF:92:17:51:38:B8:DE:D0:A6:8D:1C:D2
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/dAdLC80zD8KvkhdROLje0KaNHNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.19.0/24
185.194.208.0/22
195.181.252.0/23
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
a2:c1:a5:fa:13:4f:6f:b9:6b:a4:5f:ce:60:e3:c9:27:5f:1f:
d9:bf:71:b4:0c:e6:1a:4a:cd:7b:0e:d4:c4:43:8a:c3:93:81:
5d:6f:98:7e:05:1d:83:c7:0c:30:5f:ef:38:5a:0d:97:c3:df:
fd:51:b8:c4:ec:3b:e9:fe:82:a8:2c:03:79:6c:44:db:8a:4a:
70:57:7f:62:20:89:54:bf:41:50:36:c6:c1:cd:7e:2e:93:e3:
27:d4:5e:2b:60:6c:7c:d8:c8:63:65:1a:3d:3f:0f:0b:17:07:
8f:5c:29:92:8b:67:40:02:93:ae:e7:c4:ed:11:0b:ea:5d:42:
f9:77:81:1a:81:25:26:92:df:ec:ab:66:8b:10:0a:f5:24:4c:
1a:80:18:a8:0c:70:21:6c:c1:57:af:40:a2:28:63:7c:19:02:
32:bf:03:61:a5:0e:06:fb:4e:e6:4b:f6:49:bf:13:00:52:56:
d8:15:96:e2:c9:94:c3:b3:65:1a:cd:fc:3d:6c:a6:ad:d2:ec:
49:3e:d3:d6:07:4c:44:c1:c6:20:93:bd:f8:24:ce:df:71:e5:
ae:1b:26:3a:80:4f:00:d4:c9:23:1b:de:0e:0e:16:7e:75:d0:
15:d9:fc:56:3c:d5:f0:6c:77:21:24:14:10:f4:97:e7:8d:44:
27:4c:46:70
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYw+OQsqGBr5lsYyhb3fL1MWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMjA2MDgyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA3NGIwYmNkMzMwZmMyYWY5MjE3NTEzOGI4ZGVkMGE2OGQxY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdHlzkBTBD2g26wB5M/YCSY+rObP
ICk6c3qVr+ZGPCrKkuEYAzf1kwpG+uC/4LNQWbW7+2vGIUsY/BE8tmOeMVq8CS58
GtakNeh48vIGVsoxrZ7Ym1wtE6OsqmW9XXmM1YeVQ0S6S2ModPkbDFAanv021Lq6
tbg598vGCmQOyV7EXVtS1R6C3FTuW8xGRoYrBlUGNcC5JxxZXI3waU9VrVCjRYj8
YFTylttZIf8b7xqKPUHzR8CJfSt5Hm177ozvRKzHGGKZ8cHk9sE5IDe1taBQVPek
Mj92EgsZFlzWZW3u3VRZd4cANFgghtVer7r6MJNZLQdRG4UuaT/oDyspxwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFHQHSwvNMw/Cr5IXUTi43tCmjRzSMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvZEFkTEM4MHpEOEt2a2hkUk9MamUwS2FOSE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQCBT3UAwQB
BbsmAwQCX5zMAwQBuVkcAwQAuVkfAwQBuWg8MAwDBAC5aJkDBAK5aJgDBAG5eroD
BAK5ndQDBAG5obgDBAC5vBMDBAK5wtADBAHDtfwwDAMEANk98QMEAtk98DANBgkq
hkiG9w0BAQsFAAOCAQEAosGl+hNPb7lrpF/OYOPJJ18f2b9xtAzmGkrNew7UxEOK
w5OBXW+YfgUdg8cMMF/vOFoNl8Pf/VG4xOw76f6CqCwDeWxE24pKcFd/YiCJVL9B
UDbGwc1+LpPjJ9ReK2BsfNjIY2UaPT8PCxcHj1wpkotnQAKTrufE7REL6l1C+XeB
GoElJpLf7KtmixAK9SRMGoAYqAxwIWzBV69AoihjfBkCMr8DYaUOBvtO5kv2Sb8T
AFJW2BWW4smUw7NlGs38PWymrdLsST7T1gdMRMHGIJO9+CTO33HlrhsmOoBPANTJ
IxveDg4WfnXQFdn8VjzV8Gx3ISQUEPSX541EJ0xGcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org