Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/eIY9SGX3LuqxBbK_yeCgcOopMwc.roa
File: eIY9SGX3LuqxBbK_yeCgcOopMwc.roa (raw, json)
Hash identifier: rmOa/sZdgnOyVGELStGJP/keKYGwtMR+Xq/YJ3BgIHw=
Subject key identifier: 78:86:3D:48:65:F7:2E:EA:B1:05:B2:BF:C9:E0:A0:70:EA:29:33:07
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01896F9E38C3A28712FD0ED95681E1600745
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/eIY9SGX3LuqxBbK_yeCgcOopMwc.roa
Signing time: Wed 19 Jul 2023 19:26:27 +0000
ROA not before: Wed 19 Jul 2023 19:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.86.211.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
134.255.242.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
89.43.196.0/24 maxlen: 24
89.43.197.0/24 maxlen: 24
93.114.131.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6f:9e:38:c3:a2:87:12:fd:0e:d9:56:81:e1:60:07:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jul 19 19:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78863d4865f72eeab105b2bfc9e0a070ea293307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:79:06:f5:1c:6a:e0:46:79:84:ee:69:6d:7f:
73:0d:3d:0d:11:ea:73:4c:3f:a7:7e:2e:06:0f:fa:
0a:ab:77:06:dc:01:83:64:49:db:7e:99:64:ef:5a:
d3:e9:b2:df:7e:4a:3f:82:76:90:73:6b:ce:ba:b1:
d6:d5:a0:33:a5:b0:4f:49:ae:8b:e0:db:4a:f9:55:
0c:88:f1:3b:8d:8e:dd:80:63:d3:18:9f:34:33:9a:
f3:e7:74:b1:6e:fd:e9:e6:3f:17:90:1a:65:03:99:
b2:44:ff:eb:b8:6f:2f:f1:6d:d6:d7:df:d2:ba:66:
0b:9b:04:00:da:33:0b:2c:34:3a:a2:c5:cd:a9:5d:
4d:e0:8e:88:71:48:c6:8d:45:bd:9b:7e:64:ff:f5:
b5:c3:ab:10:54:89:13:28:36:cc:7d:f4:14:89:fd:
9a:a1:e8:15:50:28:48:96:ab:18:6c:a7:d7:fc:2a:
a8:e8:3f:20:17:80:68:de:57:a8:3d:57:de:17:fb:
59:16:f4:04:3f:3f:48:58:b9:1f:8c:af:76:21:5f:
2f:26:86:63:f0:96:18:45:4c:b7:1c:6d:b2:16:49:
45:13:1f:32:0d:c1:f8:3c:e0:49:3e:aa:2b:ea:af:
25:ba:04:24:54:41:b0:f7:ea:f8:c0:13:83:e4:ce:
03:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:86:3D:48:65:F7:2E:EA:B1:05:B2:BF:C9:E0:A0:70:EA:29:33:07
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/eIY9SGX3LuqxBbK_yeCgcOopMwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
89.43.196.0/23
93.114.131.0/24
95.156.204.0/22
134.255.242.0/24
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.86.211.0/24
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
81:e9:3b:ae:6f:8b:e0:54:38:97:04:f2:4c:08:db:f5:be:27:
ba:28:23:24:53:7c:2e:39:e1:0e:d3:13:df:8f:1f:6e:e7:a8:
a6:61:cb:06:fe:75:8e:87:30:d1:fb:ef:0e:51:ed:54:33:e2:
25:aa:c3:b0:0b:e9:bc:fd:93:03:19:fc:cd:d8:87:39:cd:d9:
49:a1:20:f3:57:ca:96:e4:cd:0f:2a:42:b6:75:05:bd:75:3e:
a4:01:5e:4d:30:dc:bd:77:d5:54:9d:76:ec:2b:51:fa:59:63:
ea:5b:c9:f2:c8:5f:e2:94:70:25:ab:62:40:46:7b:4b:45:cc:
8e:d0:b3:71:a8:d9:ed:da:ae:dd:79:9e:b1:b9:06:26:34:29:
88:95:3b:89:3f:1b:7c:8b:a5:d7:6f:e6:ae:88:f4:69:ec:d3:
16:50:34:e9:7b:de:75:bc:8d:c6:85:6c:ba:c8:9c:11:5b:5c:
91:51:18:c7:da:d1:67:67:de:81:5e:18:29:0c:73:78:e6:69:
76:04:98:ad:c3:d6:dc:29:f9:91:44:78:57:94:88:cc:2a:f4:
86:5e:72:ea:ea:e3:cf:52:65:a9:55:fb:e1:20:fc:67:66:c4:
2f:c4:22:a3:ee:99:99:bc:b3:7e:08:93:04:e1:8b:bf:5b:a6:
0d:80:81:9c
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYlvnjjDoocS/Q7ZVoHhYAdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwNzE5MTkyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODg2M2Q0ODY1ZjcyZWVhYjEwNWIyYmZjOWUwYTA3MGVhMjkzMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHkG9Rxq4EZ5hO5pbX9zDT0NEepz
TD+nfi4GD/oKq3cG3AGDZEnbfplk71rT6bLffko/gnaQc2vOurHW1aAzpbBPSa6L
4NtK+VUMiPE7jY7dgGPTGJ80M5rz53Sxbv3p5j8XkBplA5myRP/ruG8v8W3W19/S
umYLmwQA2jMLLDQ6osXNqV1N4I6IcUjGjUW9m35k//W1w6sQVIkTKDbMffQUif2a
oegVUChIlqsYbKfX/Cqo6D8gF4Bo3leoPVfeF/tZFvQEPz9IWLkfjK92IV8vJoZj
8JYYRUy3HG2yFklFEx8yDcH4POBJPqor6q8lugQkVEGw9+r4wBOD5M4DlQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFHiGPUhl9y7qsQWyv8ngoHDqKTMHMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvZUlZOVNHWDNMdXF4QmJLX3llQ2djT29wTXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAIF
PdQDBAEFuyYDBAFZK8QDBABdcoMDBAJfnMwDBACG//IDBAG5SxQDBAG5TE4DBAK5
VCwDBAC5VtMDBAG5WRwDBAC5WR8DBAG5aDwwDAMEALlomQMEArlomAMEAbl6ugME
Armd1AMEAbmhuAMEArm8EAMEArm/FAMEArnC0AMEArnMQAMEAcO1/AMEANTt5zAM
AwQA2T3xAwQC2T3wMA0GCSqGSIb3DQEBCwUAA4IBAQCB6Tuub4vgVDiXBPJMCNv1
vie6KCMkU3wuOeEO0xPfjx9u56imYcsG/nWOhzDR++8OUe1UM+IlqsOwC+m8/ZMD
GfzN2Ic5zdlJoSDzV8qW5M0PKkK2dQW9dT6kAV5NMNy9d9VUnXbsK1H6WWPqW8ny
yF/ilHAlq2JARntLRcyO0LNxqNnt2q7deZ6xuQYmNCmIlTuJPxt8i6XXb+auiPRp
7NMWUDTpe951vI3GhWy6yJwRW1yRURjH2tFnZ96BXhgpDHN45ml2BJitw9bcKfmR
RHhXlIjMKvSGXnLq6uPPUmWpVfvhIPxnZsQvxCKj7pmZvLN+CJME4Yu/W6YNgIGc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org