Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mmKRvG2rFAKBlNWPmQoiLuPSo0I.roa
File: mmKRvG2rFAKBlNWPmQoiLuPSo0I.roa (raw, json)
Hash identifier: +wqU9TuxBPxFvlKNwPTXnSAuuifdUYqTGj5Gckbwcgg=
Subject key identifier: 9A:62:91:BC:6D:AB:14:02:81:94:D5:8F:99:0A:22:2E:E3:D2:A3:42
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01897865D9A14EDC761DB4E3FA14CF3BB167
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mmKRvG2rFAKBlNWPmQoiLuPSo0I.roa
Signing time: Fri 21 Jul 2023 12:21:28 +0000
ROA not before: Fri 21 Jul 2023 12:21:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.86.211.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.84.44.0/24 maxlen: 24
185.84.45.0/24 maxlen: 24
185.84.46.0/24 maxlen: 24
185.84.47.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
185.204.64.0/24 maxlen: 24
185.204.65.0/24 maxlen: 24
185.204.66.0/24 maxlen: 24
185.204.67.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.75.20.0/24 maxlen: 24
185.75.21.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:65:d9:a1:4e:dc:76:1d:b4:e3:fa:14:cf:3b:b1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jul 21 12:21:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a6291bc6dab14028194d58f990a222ee3d2a342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:dd:fd:fe:24:16:17:cc:ee:c3:c0:52:1c:
4e:4b:4c:cb:df:80:d1:ca:c1:b3:d2:3f:cc:50:a9:
03:7d:24:1e:d5:49:8f:43:fe:b5:96:32:e9:fe:af:
bc:23:8e:3e:6c:85:ab:19:e4:a0:9b:ce:15:d2:1a:
de:bf:fd:ce:03:29:30:d2:36:f2:00:c1:f2:74:7e:
60:f3:7d:1d:ba:0c:62:32:cd:b6:e2:af:59:b9:ec:
9d:c7:f3:20:a1:34:55:7c:89:84:02:7e:ae:40:c5:
c4:38:6e:de:be:09:54:a8:0c:bc:58:8d:84:88:e9:
e7:92:2f:4c:70:05:a1:1e:70:9e:c6:79:b5:2d:99:
a1:51:9c:ba:6b:17:2d:f7:e4:eb:8c:04:9f:bd:92:
7e:5e:3a:8d:be:f6:65:95:8a:e4:27:fd:20:71:4b:
85:1d:dd:fc:0c:27:28:1c:32:22:d6:7e:83:eb:c0:
42:c8:28:74:01:7a:e8:f5:2b:47:a1:45:58:8e:7c:
a2:e8:e7:4f:68:a8:bb:1a:b3:73:f6:bd:1b:6b:a3:
84:6c:e1:88:4b:93:a1:f0:89:30:9a:2c:a8:bb:00:
d8:cd:ac:24:38:4e:09:7a:61:c9:3d:14:42:4f:62:
af:b0:1f:b5:de:a3:2e:8c:3d:23:77:86:fc:63:2e:
13:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:62:91:BC:6D:AB:14:02:81:94:D5:8F:99:0A:22:2E:E3:D2:A3:42
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mmKRvG2rFAKBlNWPmQoiLuPSo0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.75.20.0/23
185.76.78.0/23
185.84.44.0/22
185.86.211.0/24
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
185.204.64.0/22
195.181.252.0/23
212.237.231.0/24
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
4c:dc:54:12:74:df:a7:6d:7f:80:6f:f5:9a:d8:88:71:18:fd:
4c:2b:1d:fd:97:27:d4:50:6b:03:68:78:4e:a2:f5:9b:e7:c4:
3e:b0:8e:59:69:b2:bd:c3:1a:71:2c:02:9a:1d:07:92:9d:e6:
2d:da:11:d6:45:f0:e2:38:32:5b:d7:04:61:eb:05:27:98:a6:
5b:fb:01:8d:6a:1d:7a:db:0a:3a:74:5c:56:93:6f:fc:81:0c:
88:9c:a3:7e:a6:7c:28:e7:62:f7:66:57:86:bc:7d:75:c0:c4:
ad:df:d6:31:19:66:b1:88:ac:4e:c4:0d:44:3e:bb:15:f2:ac:
c4:e6:31:99:b9:c9:54:a8:af:6a:95:01:f8:94:b3:a5:50:c2:
dd:ba:ee:e3:a2:30:71:ab:38:b2:cd:2f:60:da:9b:67:0d:6c:
ab:a1:72:ad:f9:9d:2c:6e:2e:9b:e0:a3:35:32:07:0b:eb:b8:
90:e0:0f:26:35:c5:b0:db:25:5f:ff:54:cf:4c:d8:15:38:6b:
c3:a8:05:b9:97:f5:53:d7:c9:94:3e:75:e4:fa:95:90:c0:0d:
03:12:e0:e8:53:b1:7c:c9:33:8c:cd:c4:d6:f0:4e:9a:b9:28:
42:2e:f4:c5:67:58:65:92:47:8d:cc:13:f9:31:3a:18:a1:5b:
c8:97:74:b8
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYl4ZdmhTtx2HbTj+hTPO7FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwNzIxMTIyMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTYyOTFiYzZkYWIxNDAyODE5NGQ1OGY5OTBhMjIyZWUzZDJhMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKDd/f4kFhfM7sPAUhxOS0zL34DR
ysGz0j/MUKkDfSQe1UmPQ/61ljLp/q+8I44+bIWrGeSgm84V0hrev/3OAykw0jby
AMHydH5g830dugxiMs224q9Zueydx/MgoTRVfImEAn6uQMXEOG7evglUqAy8WI2E
iOnnki9McAWhHnCexnm1LZmhUZy6axct9+TrjASfvZJ+XjqNvvZllYrkJ/0gcUuF
Hd38DCcoHDIi1n6D68BCyCh0AXro9StHoUVYjnyi6OdPaKi7GrNz9r0ba6OEbOGI
S5Oh8IkwmiyouwDYzawkOE4JemHJPRRCT2KvsB+13qMujD0jd4b8Yy4TlwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFJpikbxtqxQCgZTVj5kKIi7j0qNCMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvbW1LUnZHMnJGQUtCbE5XUG1Rb2lMdVBTbzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAIF
PdQDBAEFuyYDBAJfnMwDBAG5SxQDBAG5TE4DBAK5VCwDBAC5VtMDBAG5WRwDBAC5
WR8DBAG5aDwwDAMEALlomQMEArlomAMEAbl6ugMEArmd1AMEAbmhuAMEArm8EAME
Arm/FAMEArnC0AMEArnMQAMEAcO1/AMEANTt5zAMAwQA2T3xAwQC2T3wMA0GCSqG
SIb3DQEBCwUAA4IBAQBM3FQSdN+nbX+Ab/Wa2IhxGP1MKx39lyfUUGsDaHhOovWb
58Q+sI5ZabK9wxpxLAKaHQeSneYt2hHWRfDiODJb1wRh6wUnmKZb+wGNah162wo6
dFxWk2/8gQyInKN+pnwo52L3ZleGvH11wMSt39YxGWaxiKxOxA1EPrsV8qzE5jGZ
uclUqK9qlQH4lLOlUMLduu7jojBxqziyzS9g2ptnDWyroXKt+Z0sbi6b4KM1MgcL
67iQ4A8mNcWw2yVf/1TPTNgVOGvDqAW5l/VT18mUPnXk+pWQwA0DEuDoU7F8yTOM
zcTW8E6auShCLvTFZ1hlkkeNzBP5MToYoVvIl3S4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org