Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/qIwrTMrZUOjbhDezESZGHGTmndU.roa
File: qIwrTMrZUOjbhDezESZGHGTmndU.roa (raw, json)
Hash identifier: g77+AHKQN43xcH8mvbiBM0WYJ2yQD+mbKK5i+R470H0=
Subject key identifier: A8:8C:2B:4C:CA:D9:50:E8:DB:84:37:B3:11:26:46:1C:64:E6:9D:D5
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018BFBAF10EDBC84017DF6549DBF1A1144EC
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/qIwrTMrZUOjbhDezESZGHGTmndU.roa
Signing time: Thu 23 Nov 2023 10:17:16 +0000
ROA not before: Thu 23 Nov 2023 10:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:af:10:ed:bc:84:01:7d:f6:54:9d:bf:1a:11:44:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Nov 23 10:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a88c2b4ccad950e8db8437b31126461c64e69dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d5:3c:d1:bb:68:12:41:d2:5e:c0:ab:1c:d2:
a4:59:76:5c:ea:3e:97:0a:0b:b2:96:a5:37:89:4d:
4b:55:c2:d7:2e:be:82:02:36:e1:b5:51:80:89:0e:
49:40:89:77:54:39:bb:fc:ce:ba:82:27:6a:12:7e:
03:58:60:14:bc:be:18:07:84:83:3c:02:53:08:d2:
99:de:bb:c4:59:a1:98:c2:6f:30:45:00:c2:34:62:
d0:b5:57:82:42:d4:2c:c5:a5:59:87:5f:e7:37:ae:
55:49:ac:63:ca:11:28:ac:36:bf:df:2a:84:38:13:
a5:fc:35:f5:4e:dd:6b:eb:bb:01:59:97:55:e6:24:
07:c0:46:11:eb:9b:10:fc:b5:73:e7:cb:d4:72:73:
0a:67:32:99:21:fd:1b:fe:f6:fd:a3:93:f5:33:11:
77:5e:94:ef:8b:85:fa:1b:af:96:5c:82:b3:64:16:
6a:a2:05:96:bf:64:89:87:9d:48:d3:b9:81:92:a0:
05:6c:22:c2:85:92:90:32:69:f9:87:6b:67:5e:6a:
34:e2:82:1f:7c:b0:ac:be:a8:08:94:c2:9d:e2:5b:
41:ce:cb:bc:b4:14:15:1a:cc:fc:c6:2b:c4:13:19:
15:94:55:3c:8b:a2:f4:eb:7d:90:6d:83:95:ff:52:
01:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8C:2B:4C:CA:D9:50:E8:DB:84:37:B3:11:26:46:1C:64:E6:9D:D5
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/qIwrTMrZUOjbhDezESZGHGTmndU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.76.78.0/23
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.19.0/24
185.194.208.0/22
195.181.252.0/23
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
3f:e2:5d:71:7a:13:4d:8c:3c:ca:ba:58:b7:4b:65:0f:81:35:
a7:9c:da:fc:10:c3:44:c9:56:94:03:38:5d:6b:03:4b:81:51:
47:4c:dc:4e:2e:f2:e3:ec:56:26:da:d9:4d:18:b8:16:9e:eb:
77:9a:b2:56:bb:88:3f:de:18:dd:a2:e0:3f:17:63:7a:b9:44:
ca:68:26:2a:91:74:8d:7f:8f:7b:86:67:09:27:7c:4e:0d:ec:
28:14:1f:16:54:98:5e:e4:20:b9:99:b1:97:b0:8c:d6:09:ad:
ee:b6:b8:c3:73:9f:9c:a4:6b:ba:02:b7:34:05:db:14:78:28:
ee:48:88:e9:34:1e:eb:8d:86:d7:67:61:11:4a:30:67:7c:23:
2c:66:a1:a3:23:64:13:3c:4c:00:1b:9e:70:5b:b9:27:e8:a9:
6e:0f:e1:96:f7:49:77:fd:4d:dd:9e:b9:a2:24:52:f2:31:32:
f6:97:f8:3a:29:92:18:c5:66:d8:e0:46:c8:14:5e:2a:a9:24:
97:2a:1a:a5:a7:e0:e8:8e:1b:3b:b0:92:eb:49:4e:df:e7:83:
2a:9a:7a:68:3c:43:2c:f2:95:de:e5:3e:84:aa:90:bd:60:cd:
fb:05:c6:43:6e:21:f5:dc:ee:30:6d:19:e0:ed:2b:b9:80:a9:
58:5f:7f:3f
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYv7rxDtvIQBffZUnb8aEUTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMTIzMTAxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhjMmI0Y2NhZDk1MGU4ZGI4NDM3YjMxMTI2NDYxYzY0ZTY5ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNU80btoEkHSXsCrHNKkWXZc6j6X
CguylqU3iU1LVcLXLr6CAjbhtVGAiQ5JQIl3VDm7/M66gidqEn4DWGAUvL4YB4SD
PAJTCNKZ3rvEWaGYwm8wRQDCNGLQtVeCQtQsxaVZh1/nN65VSaxjyhEorDa/3yqE
OBOl/DX1Tt1r67sBWZdV5iQHwEYR65sQ/LVz58vUcnMKZzKZIf0b/vb9o5P1MxF3
XpTvi4X6G6+WXIKzZBZqogWWv2SJh51I07mBkqAFbCLChZKQMmn5h2tnXmo04oIf
fLCsvqgIlMKd4ltBzsu8tBQVGsz8xivEExkVlFU8i6L0632QbYOV/1IBuwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFKiMK0zK2VDo24Q3sxEmRhxk5p3VMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvcUl3clRNclpVT2piaERlekVTWkdIR1RtbmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAgU91AME
AQW7JgMEAl+czAMEAblMTgMEAblZHAMEALlZHwMEAbloPDAMAwQAuWiZAwQCuWiY
AwQBuXq6AwQCuZ3UAwQBuaG4AwQAubwTAwQCucLQAwQBw7X8MAwDBADZPfEDBALZ
PfAwDQYJKoZIhvcNAQELBQADggEBAD/iXXF6E02MPMq6WLdLZQ+BNaec2vwQw0TJ
VpQDOF1rA0uBUUdM3E4u8uPsViba2U0YuBae63easla7iD/eGN2i4D8XY3q5RMpo
JiqRdI1/j3uGZwknfE4N7CgUHxZUmF7kILmZsZewjNYJre62uMNzn5yka7oCtzQF
2xR4KO5IiOk0HuuNhtdnYRFKMGd8IyxmoaMjZBM8TAAbnnBbuSfoqW4P4Zb3SXf9
Td2euaIkUvIxMvaX+DopkhjFZtjgRsgUXiqpJJcqGqWn4OiOGzuwkutJTt/ngyqa
emg8Qyzyld7lPoSqkL1gzfsFxkNuIfXc7jBtGeDtK7mAqVhffz8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org