Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/pyWI7Z6UkdOOkLNv5HkQFN05RdM.roa
File: pyWI7Z6UkdOOkLNv5HkQFN05RdM.roa (raw, json)
Hash identifier: rTghGTUk7LqI1j5xHVL/Ziet6HKjtm9Co2za2ITmTWI=
Subject key identifier: A7:25:88:ED:9E:94:91:D3:8E:90:B3:6F:E4:79:10:14:DD:39:45:D3
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018BB00322721395B2E60F6472B65F5A2CE5
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/pyWI7Z6UkdOOkLNv5HkQFN05RdM.roa
Signing time: Wed 08 Nov 2023 17:37:57 +0000
ROA not before: Wed 08 Nov 2023 17:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.188.17.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.209.0/24 maxlen: 24
185.157.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
5.61.212.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:03:22:72:13:95:b2:e6:0f:64:72:b6:5f:5a:2c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Nov 8 17:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a72588ed9e9491d38e90b36fe4791014dd3945d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:47:50:69:3f:bb:fe:e7:c9:e2:c8:78:60:
ce:bb:ff:80:68:53:d2:eb:d2:95:2e:7c:5e:16:b5:
50:54:c2:11:7c:17:d6:82:be:d6:3a:54:d3:c4:e2:
9a:cb:d1:cf:c5:a8:7b:f6:92:ba:c1:61:74:d9:64:
9b:d6:4b:07:e3:e1:1e:31:4a:31:aa:00:70:91:6d:
56:f4:fd:c8:89:2d:c2:21:81:ae:17:20:98:5e:58:
3f:4b:52:08:3d:4f:5d:d3:f5:33:ee:26:79:02:90:
20:65:cb:77:6c:20:e2:27:d0:50:68:13:4b:47:12:
64:20:bf:2c:c5:df:d5:ae:73:d4:e3:35:99:9d:fd:
70:12:fb:56:4c:75:20:db:d2:24:3e:19:54:6d:ac:
a0:7d:a7:1a:21:80:a6:3a:1e:7c:d0:df:5c:e0:69:
8e:bb:4a:6a:2c:c5:ad:c7:11:5e:3b:03:02:71:b7:
90:6a:22:e2:af:9e:cc:bb:b4:30:f5:a1:1f:ae:77:
32:31:a8:c8:dc:f7:5a:dc:32:ff:55:42:72:ea:79:
90:20:47:b7:28:98:bf:9a:20:7c:57:0a:02:fe:0d:
b3:62:dc:97:fc:ca:bc:61:f2:ac:15:96:43:c0:98:
3c:f6:02:29:75:d8:e9:fd:9e:5c:3d:0f:93:a6:64:
9c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:25:88:ED:9E:94:91:D3:8E:90:B3:6F:E4:79:10:14:DD:39:45:D3
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/pyWI7Z6UkdOOkLNv5HkQFN05RdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.76.78.0/23
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/24
185.157.214.0/23
185.161.184.0/24
185.188.17.0/24
185.188.19.0/24
185.191.20.0/22
185.194.208.0/22
195.181.252.0/23
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
a5:0d:9d:ad:b9:85:6a:29:6c:e1:58:61:15:da:e3:c6:43:a0:
aa:ed:84:4e:49:56:ec:28:2a:10:84:a8:fa:2f:e2:af:22:05:
d0:33:d5:ec:c9:29:88:88:00:5e:e8:ab:7a:1c:7e:98:79:8b:
d8:0d:a9:b4:57:f1:7f:5b:30:a6:c9:9e:72:fb:e5:c4:21:74:
46:35:a7:a8:0f:03:f2:af:e5:5a:23:99:c2:a4:64:87:0a:cd:
eb:ef:89:27:d4:ec:80:bf:92:db:f8:48:9c:7d:65:3b:4f:70:
4c:a6:66:a1:b9:c9:7b:81:69:7c:a1:02:c8:56:cf:2c:99:aa:
80:48:98:ae:b5:f6:d9:2a:d4:07:5d:66:0d:01:1d:9d:83:46:
c4:a1:bc:06:00:a8:38:95:3d:fc:f6:a9:b9:a2:c9:a1:cf:bd:
6a:13:21:a7:78:dd:92:76:ee:9b:d4:fb:07:2a:16:7e:16:f8:
77:38:4e:a7:2e:4a:30:c3:1c:7d:78:93:b8:8d:b5:4c:0b:b6:
95:72:f4:fc:44:60:b8:04:bf:08:42:64:10:ac:e0:82:15:3b:
aa:35:97:e6:eb:70:d4:46:36:b6:c7:6b:e4:14:58:bd:19:16:
34:28:be:80:86:a0:4a:55:78:f2:50:21:5a:b1:9c:b7:55:9a:
67:d3:6a:4e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYuwAyJyE5Wy5g9kcrZfWizlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMTA4MTczNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI1ODhlZDllOTQ5MWQzOGU5MGIzNmZlNDc5MTAxNGRkMzk0NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFBHUGk/u/7nyeLIeGDOu/+AaFPS
69KVLnxeFrVQVMIRfBfWgr7WOlTTxOKay9HPxah79pK6wWF02WSb1ksH4+EeMUox
qgBwkW1W9P3IiS3CIYGuFyCYXlg/S1IIPU9d0/Uz7iZ5ApAgZct3bCDiJ9BQaBNL
RxJkIL8sxd/VrnPU4zWZnf1wEvtWTHUg29IkPhlUbaygfacaIYCmOh580N9c4GmO
u0pqLMWtxxFeOwMCcbeQaiLir57Mu7Qw9aEfrncyMajI3Pda3DL/VUJy6nmQIEe3
KJi/miB8VwoC/g2zYtyX/Mq8YfKsFZZDwJg89gIpddjp/Z5cPQ+TpmScLQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFKcliO2elJHTjpCzb+R5EBTdOUXTMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvcHlXSTdaNlVrZE9Pa0xOdjVIa1FGTjA1UmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAgU9
1AMEAQW7JgMEAl+czAMEAblMTgMEAblZHAMEALlZHwMEAbloPDAMAwQAuWiZAwQC
uWiYAwQBuXq6AwQAuZ3UAwQBuZ3WAwQAuaG4AwQAubwRAwQAubwTAwQCub8UAwQC
ucLQAwQBw7X8MAwDBADZPfEDBALZPfAwDQYJKoZIhvcNAQELBQADggEBAKUNna25
hWopbOFYYRXa48ZDoKrthE5JVuwoKhCEqPov4q8iBdAz1ezJKYiIAF7oq3ocfph5
i9gNqbRX8X9bMKbJnnL75cQhdEY1p6gPA/Kv5VojmcKkZIcKzevviSfU7IC/ktv4
SJx9ZTtPcEymZqG5yXuBaXyhAshWzyyZqoBImK619tkq1AddZg0BHZ2DRsShvAYA
qDiVPfz2qbmiyaHPvWoTIad43ZJ27pvU+wcqFn4W+Hc4TqcuSjDDHH14k7iNtUwL
tpVy9PxEYLgEvwhCZBCs4IIVO6o1l+brcNRGNrbHa+QUWL0ZFjQovoCGoEpVePJQ
IVqxnLdVmmfTak4=
-----END CERTIFICATE-----
Generated at Thu Nov 23 10:56:20 2023 by rpki-client on console-ams.rpki-client.org