Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/gAJbe4QU_JimtKun4JrWZ2kL4n8.roa
File: gAJbe4QU_JimtKun4JrWZ2kL4n8.roa (raw, json)
Hash identifier: PwF3uWOYR1nVszgKW3Z6q4xUS40HSet3V3YCIoOtMwQ=
Subject key identifier: 80:02:5B:7B:84:14:FC:98:A6:B4:AB:A7:E0:9A:D6:67:69:0B:E2:7F
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01941F8C97E17CA4CDB377926D43C1E3500D
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/gAJbe4QU_JimtKun4JrWZ2kL4n8.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 5.61.208.0/23 maxlen: 23
5.181.96.0/23 maxlen: 23
5.187.35.0/24 maxlen: 24
5.187.36.0/23 maxlen: 23
31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
46.251.250.0/24 maxlen: 24
46.253.139.0/24 maxlen: 24
84.247.19.0/24 maxlen: 24
85.204.168.0/23 maxlen: 23
85.204.170.0/23 maxlen: 23
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
89.44.35.0/24 maxlen: 24
95.156.203.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.75.22.0/23 maxlen: 23
185.86.208.0/23 maxlen: 23
185.88.200.0/23 maxlen: 23
185.88.202.0/23 maxlen: 23
185.193.241.0/24 maxlen: 24
185.206.121.0/24 maxlen: 24
185.212.114.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
217.61.240.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:97:e1:7c:a4:cd:b3:77:92:6d:43:c1:e3:50:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80025b7b8414fc98a6b4aba7e09ad667690be27f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:68:6d:61:fe:1a:a8:e4:ce:f9:34:e0:ce:14:
2b:36:9a:10:e0:16:4b:99:cf:7b:60:22:aa:e7:e9:
f7:cf:e3:4c:dc:5b:3b:30:98:1c:85:28:39:65:b8:
fb:3b:13:2c:32:47:d8:0b:f3:d8:e1:c5:4e:89:89:
b2:03:0a:34:b7:b9:93:f5:79:1e:81:c3:55:84:27:
d0:b0:c5:f4:05:a5:b0:85:03:fd:fe:73:1c:66:cc:
21:f6:b4:52:ce:3b:c8:1c:6b:72:28:78:2e:ff:46:
be:d3:ed:6c:5a:42:47:b1:de:9f:15:ad:4c:5f:16:
e7:f1:f3:88:04:7e:50:aa:ee:0b:5e:aa:48:76:a3:
e2:e9:08:31:e0:af:80:9d:3c:b9:e2:af:c6:22:a7:
a9:6b:54:2c:8b:e4:1c:95:a2:f6:91:e2:0a:57:c4:
7a:49:7e:8a:5c:1a:6c:00:f6:7c:fe:84:ab:7d:ce:
b1:07:fb:f9:04:06:c1:93:b1:d3:3f:5a:5f:85:ad:
8b:dc:db:71:d2:60:a6:94:05:c2:a2:f1:22:26:65:
f7:4d:fc:f5:3f:31:e8:c1:81:88:e8:e4:8b:77:56:
9c:de:14:0f:6f:ec:b3:6f:90:fa:93:04:8f:c4:6d:
9b:9f:04:2d:56:68:68:71:24:0c:b6:ac:49:43:5e:
07:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:02:5B:7B:84:14:FC:98:A6:B4:AB:A7:E0:9A:D6:67:69:0B:E2:7F
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/gAJbe4QU_JimtKun4JrWZ2kL4n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.208.0/23
5.181.96.0/23
5.187.35.0-5.187.37.255
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.251.250.0/24
46.253.139.0/24
84.247.19.0/24
85.204.168.0/22
89.32.64.0/22
89.44.35.0/24
95.156.203.0/24
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.200.0/22
185.193.241.0/24
185.206.121.0/24
185.212.114.0/24
185.225.8.0/24
217.61.240.0/24
Signature Algorithm: sha256WithRSAEncryption
62:8d:b2:53:c3:78:8e:e5:77:69:1a:7d:d1:19:b0:f5:1c:89:
4f:ed:ea:f5:64:a9:89:b4:78:f4:30:a5:75:49:77:11:69:8a:
bc:18:be:91:23:60:b1:70:0d:73:2b:4a:6f:a2:a7:1d:4f:6c:
fc:bd:07:65:04:fe:de:46:00:8f:b5:35:5e:d6:08:ca:1e:bc:
ae:83:f1:33:84:28:94:3d:46:2a:eb:34:27:9f:56:1f:0a:58:
af:6a:cd:9e:2f:4a:11:98:cc:ea:66:a4:c5:ba:59:f8:4b:79:
f7:50:f8:b4:d5:e3:1f:9b:95:8c:8e:32:c8:da:06:4b:55:5d:
ef:13:8d:18:0a:71:86:5c:17:a7:8d:a8:eb:dd:47:ab:f0:23:
01:37:d5:48:e9:19:2c:b2:5a:be:8d:a2:f6:b0:9c:c3:0a:c3:
a5:32:54:22:f0:43:b3:8a:03:dd:c3:34:8e:8a:cf:a7:2b:55:
7b:cf:6d:c8:e8:ca:9f:72:f5:58:f8:bf:67:27:1d:93:bc:32:
c8:84:c5:da:f6:05:c4:21:26:07:5b:ee:98:4a:9d:44:33:e6:
65:44:0f:8d:a7:f7:58:63:dc:4f:f1:b8:dd:2e:0e:f8:4d:38:
f4:f7:90:8a:18:d4:62:6b:d6:b5:5a:8c:63:b2:01:78:b9:db:
2a:27:7c:25
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQfjJfhfKTNs3eSbUPB41ANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAyNWI3Yjg0MTRmYzk4YTZiNGFiYTdlMDlhZDY2NzY5MGJlMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WhtYf4aqOTO+TTgzhQrNpoQ4BZL
mc97YCKq5+n3z+NM3Fs7MJgchSg5Zbj7OxMsMkfYC/PY4cVOiYmyAwo0t7mT9Xke
gcNVhCfQsMX0BaWwhQP9/nMcZswh9rRSzjvIHGtyKHgu/0a+0+1sWkJHsd6fFa1M
Xxbn8fOIBH5Qqu4LXqpIdqPi6Qgx4K+AnTy54q/GIqepa1Qsi+QclaL2keIKV8R6
SX6KXBpsAPZ8/oSrfc6xB/v5BAbBk7HTP1pfha2L3Ntx0mCmlAXCovEiJmX3Tfz1
PzHowYGI6OSLd1ac3hQPb+yzb5D6kwSPxG2bnwQtVmhocSQMtqxJQ14HTQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFIACW3uEFPyYprSrp+Ca1mdpC+J/MB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvZ0FKYmU0UVVfSmltdEt1bjRKcldaMmtMNG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAEF
PdADBAEFtWAwDAMEAAW7IwMEAQW7JAMEAB/WmwMEACX8YgMEASX8ZAMEAC77+gME
AC79iwMEAFT3EwMEAlXMqAMEAlkgQAMEAFksIwMEAF+cywMEAJ7/7wMEA6IhyAME
ALlCrAMEALlCrgMEAblLFgMEAblW0AMEArlYyAMEALnB8QMEALnOeQMEALnUcgME
ALnhCAMEANk98DANBgkqhkiG9w0BAQsFAAOCAQEAYo2yU8N4juV3aRp90Rmw9RyJ
T+3q9WSpibR49DCldUl3EWmKvBi+kSNgsXANcytKb6KnHU9s/L0HZQT+3kYAj7U1
XtYIyh68roPxM4QolD1GKus0J59WHwpYr2rNni9KEZjM6makxbpZ+Et591D4tNXj
H5uVjI4yyNoGS1Vd7xONGApxhlwXp42o691Hq/AjATfVSOkZLLJavo2i9rCcwwrD
pTJUIvBDs4oD3cM0jorPpytVe89tyOjKn3L1WPi/Zycdk7wyyITF2vYFxCEmB1vu
mEqdRDPmZUQPjaf3WGPcT/G43S4O+E049PeQihjUYmvWtVqMY7IBeLnbKid8JQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:52:39 2025 by rpki-client