Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/iaLSHamVnxxbESsGcUIvzW-T1Rc.roa
File: iaLSHamVnxxbESsGcUIvzW-T1Rc.roa (raw, json)
Hash identifier: E/DXFExwkIDdd5rqJcLZnScBWuTplYCua2CjbhEITcI=
Subject key identifier: 89:A2:D2:1D:A9:95:9F:1C:5B:11:2B:06:71:42:2F:CD:6F:93:D5:17
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018A727C2A01ACD518353B2493E4FECF86A1
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/iaLSHamVnxxbESsGcUIvzW-T1Rc.roa
Signing time: Fri 08 Sep 2023 01:50:54 +0000
ROA not before: Fri 08 Sep 2023 01:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.188.17.0/24 maxlen: 24
185.188.16.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.209.0/24 maxlen: 24
185.157.212.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:72:7c:2a:01:ac:d5:18:35:3b:24:93:e4:fe:cf:86:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Sep 8 01:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89a2d21da9959f1c5b112b0671422fcd6f93d517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5d:12:e1:2a:6b:92:1f:61:9b:46:89:ef:61:
28:a4:3e:21:b9:27:7b:5d:6a:cf:b2:77:65:a1:7e:
dd:a6:f9:76:83:93:4d:7f:86:14:d0:56:a6:84:77:
74:a0:c4:5f:90:7f:6a:d4:8b:ac:05:ca:b2:93:29:
d6:7b:5f:2a:81:31:5e:d4:e8:5b:77:17:fa:41:1c:
54:7c:2d:75:cd:fe:49:63:0f:d2:ce:21:c0:35:ef:
ba:cc:80:ac:2a:51:92:f7:06:89:8b:b5:27:c5:29:
e1:3e:85:56:81:90:81:20:67:6d:e7:2b:25:59:8d:
ee:e2:c6:ce:bf:00:58:79:af:3c:1b:e2:67:f6:b2:
fb:cf:31:0f:b1:42:1c:20:dd:77:7c:ae:ee:5b:72:
78:ad:29:81:80:f5:b9:c9:65:7a:38:52:1c:05:8d:
a8:44:45:67:b1:ec:42:f4:b2:66:62:70:e2:a8:a9:
1d:18:a7:83:14:f1:3f:75:4a:9f:d2:b7:16:54:2d:
54:32:8a:de:ad:d0:cb:3f:9d:12:9d:77:dc:0e:ef:
68:fd:5b:85:28:00:12:d2:72:97:d7:b5:63:8e:6b:
9b:5f:0e:4f:a6:a4:17:13:58:97:72:4d:f2:e2:85:
69:25:f2:a0:7f:f1:10:d1:a1:6e:6f:96:ea:43:cd:
c8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A2:D2:1D:A9:95:9F:1C:5B:11:2B:06:71:42:2F:CD:6F:93:D5:17
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/iaLSHamVnxxbESsGcUIvzW-T1Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/24
185.157.214.0/23
185.161.184.0/24
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
9d:fc:93:23:7f:ec:2d:18:42:7e:6f:c9:8d:94:2a:de:6b:fa:
c2:ed:88:6e:93:58:4f:a7:9c:42:c7:1b:8e:e4:5a:e9:c2:64:
af:c4:59:0a:03:ce:4a:83:15:bb:f4:f2:a3:ee:59:f5:f0:4d:
13:fe:84:f1:90:12:b4:fb:35:f9:14:ec:8a:4f:1b:e2:57:b8:
0f:7f:44:fc:90:83:54:69:2f:a6:8b:36:83:9e:06:33:70:59:
72:86:7c:1b:81:3f:08:6a:b1:bc:ac:27:c3:12:7a:ec:61:9c:
34:eb:2d:74:0d:f3:d0:6f:5a:9d:50:6b:72:c9:28:76:5b:a2:
ac:c1:97:0b:f3:14:ce:d5:f2:5f:b6:8f:a7:5a:ca:3e:92:52:
de:10:e4:80:bb:53:74:26:7c:97:cc:84:01:75:4e:8b:17:1d:
75:c5:f9:e5:d8:39:dd:48:9e:2d:cc:d8:3e:2c:f9:af:8d:1c:
ac:94:e3:05:18:de:af:06:64:4f:fa:fd:a7:ea:63:6d:a9:7f:
6d:de:56:95:18:2f:42:39:84:71:9f:f1:4b:ac:c8:08:f9:48:
00:55:06:43:f7:73:88:cc:fb:22:ad:2f:c0:a2:98:8d:cf:f4:
38:7d:ee:16:86:4e:ed:7f:5c:04:e6:d1:67:6e:41:2c:66:e8:
8d:b4:c2:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYpyfCoBrNUYNTskk+T+z4ahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwOTA4MDE1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWEyZDIxZGE5OTU5ZjFjNWIxMTJiMDY3MTQyMmZjZDZmOTNkNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil0S4Sprkh9hm0aJ72EopD4huSd7
XWrPsndloX7dpvl2g5NNf4YU0FamhHd0oMRfkH9q1IusBcqykynWe18qgTFe1Ohb
dxf6QRxUfC11zf5JYw/SziHANe+6zICsKlGS9waJi7UnxSnhPoVWgZCBIGdt5ysl
WY3u4sbOvwBYea88G+Jn9rL7zzEPsUIcIN13fK7uW3J4rSmBgPW5yWV6OFIcBY2o
REVnsexC9LJmYnDiqKkdGKeDFPE/dUqf0rcWVC1UMorerdDLP50SnXfcDu9o/VuF
KAAS0nKX17VjjmubXw5PpqQXE1iXck3y4oVpJfKgf/EQ0aFub5bqQ83IjQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFImi0h2plZ8cWxErBnFCL81vk9UXMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvaWFMU0hhbVZueHhiRVNzR2NVSXZ6Vy1UMVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIF
PdQDBAEFuyYDBAJfnMwDBAG5SxQDBAG5TE4DBAK5VCwDBAG5WRwDBAC5WR8DBAG5
aDwwDAMEALlomQMEArlomAMEAbl6ugMEALmd1AMEAbmd1gMEALmhuAMEArm8EAME
Arm/FAMEArnC0AMEAcO1/AMEANTt5zAMAwQA2T3xAwQC2T3wMA0GCSqGSIb3DQEB
CwUAA4IBAQCd/JMjf+wtGEJ+b8mNlCrea/rC7Yhuk1hPp5xCxxuO5FrpwmSvxFkK
A85KgxW79PKj7ln18E0T/oTxkBK0+zX5FOyKTxviV7gPf0T8kINUaS+mizaDngYz
cFlyhnwbgT8IarG8rCfDEnrsYZw06y10DfPQb1qdUGtyySh2W6KswZcL8xTO1fJf
to+nWso+klLeEOSAu1N0JnyXzIQBdU6LFx11xfnl2DndSJ4tzNg+LPmvjRyslOMF
GN6vBmRP+v2n6mNtqX9t3laVGC9COYRxn/FLrMgI+UgAVQZD93OIzPsirS/AopiN
z/Q4fe4Whk7tf1wE5tFnbkEsZuiNtMLw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org