Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/raSMzZGadQooOctvDFQddzgAJdU.roa
File: raSMzZGadQooOctvDFQddzgAJdU.roa (raw, json)
Hash identifier: vspcXmATPqV2Kbl+b3hvUSI1YaWsZWi93j19NLBb7YE=
Subject key identifier: AD:A4:8C:CD:91:9A:75:0A:28:39:CB:6F:0C:54:1D:77:38:00:25:D5
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018B1C3AC84F52A01EA7AE817D510739C017
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/raSMzZGadQooOctvDFQddzgAJdU.roa
Signing time: Wed 11 Oct 2023 00:54:56 +0000
ROA not before: Wed 11 Oct 2023 00:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.188.16.0/23 maxlen: 23
185.194.209.0/24 maxlen: 24
185.194.210.0/24 maxlen: 24
185.194.211.0/24 maxlen: 24
185.188.18.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
185.194.208.0/24 maxlen: 24
185.157.212.0/23 maxlen: 23
5.61.212.0/24 maxlen: 24
5.61.213.0/24 maxlen: 24
185.157.214.0/24 maxlen: 24
185.157.215.0/24 maxlen: 24
5.61.214.0/24 maxlen: 24
5.61.215.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.104.60.0/24 maxlen: 24
185.104.61.0/24 maxlen: 24
185.89.31.0/24 maxlen: 24
185.89.28.0/24 maxlen: 24
185.89.29.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
217.61.242.0/24 maxlen: 24
217.61.243.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.161.184.0/24 maxlen: 24
185.161.185.0/24 maxlen: 24
195.181.252.0/24 maxlen: 24
195.181.253.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.104.154.0/24 maxlen: 24
5.187.38.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
185.104.155.0/24 maxlen: 24
185.191.20.0/24 maxlen: 24
185.191.21.0/24 maxlen: 24
185.191.22.0/24 maxlen: 24
185.191.23.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1c:3a:c8:4f:52:a0:1e:a7:ae:81:7d:51:07:39:c0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Oct 11 00:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ada48ccd919a750a2839cb6f0c541d77380025d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:b6:b8:a4:ac:b0:03:2c:3c:da:4f:5f:35:
43:77:e8:65:61:60:77:41:68:79:ad:7f:4c:38:3f:
f6:56:54:6d:b6:5e:36:f8:6a:6f:17:57:3a:a6:6a:
8b:d8:c1:09:cb:a7:e7:c9:d6:d6:cf:e2:b6:0e:5b:
fe:f5:2d:83:19:27:d8:3d:9b:5f:7a:20:12:bc:01:
13:a8:59:b1:4e:99:3c:3c:22:b2:f3:67:fa:02:ea:
32:2e:59:b0:78:b9:7f:88:67:87:5a:21:67:b3:67:
d5:4f:30:05:b3:e5:ce:0d:94:18:5d:30:dc:22:e4:
ea:b6:19:0d:02:d4:75:49:f8:97:47:eb:85:12:42:
8c:e6:43:67:80:da:17:8a:94:0c:89:23:9e:9a:b2:
e4:cb:08:d1:03:a0:b7:a3:5e:33:27:5a:68:db:8f:
2e:97:25:21:59:d2:45:ab:69:53:f4:45:05:19:5c:
55:15:5e:59:f4:90:9e:f7:b2:2d:d1:0f:85:39:1d:
25:bf:7f:c4:ee:34:60:be:d7:b1:92:ea:f3:5a:7f:
67:94:0c:72:69:c8:73:28:cf:97:3c:29:5b:5e:42:
38:f9:ee:2d:04:d8:b1:51:ac:dd:ee:64:b5:c2:d8:
0f:8f:5c:56:03:ac:75:a7:4b:06:2e:cd:ce:7c:d0:
a1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A4:8C:CD:91:9A:75:0A:28:39:CB:6F:0C:54:1D:77:38:00:25:D5
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/raSMzZGadQooOctvDFQddzgAJdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.212.0/22
5.187.38.0/23
95.156.204.0/22
185.76.78.0/23
185.89.28.0/23
185.89.31.0/24
185.104.60.0/23
185.104.153.0-185.104.155.255
185.122.186.0/23
185.157.212.0/22
185.161.184.0/23
185.188.16.0/22
185.191.20.0/22
185.194.208.0/22
195.181.252.0/23
217.61.241.0-217.61.243.255
Signature Algorithm: sha256WithRSAEncryption
89:df:3b:ae:1a:1c:d4:c2:c9:03:59:aa:df:08:39:02:02:ed:
23:07:56:d5:79:5a:37:64:7d:c3:50:13:54:df:92:27:ae:15:
b5:d5:10:3a:d0:4a:50:8d:0b:f0:38:20:6f:b9:77:3f:19:5e:
05:65:3b:57:fc:35:98:c0:0d:1c:fa:06:ab:1a:8b:44:af:15:
98:c3:74:da:e6:97:f3:27:c1:b3:95:f2:62:c3:24:fc:8a:80:
93:88:61:73:4e:e6:0f:bc:6c:2a:6a:ae:d0:0b:3d:43:ce:2d:
d5:69:8f:cf:f5:07:0b:08:33:37:dc:f8:ac:51:39:d8:7f:0f:
38:f9:90:07:c8:2e:7b:f7:9f:25:c7:0b:83:e1:7e:fc:a5:75:
90:df:ab:31:47:71:76:bf:b2:34:46:71:60:4f:9b:95:9c:6b:
6b:d8:91:2f:23:ab:a0:78:2a:5d:a5:29:57:df:15:90:95:cb:
11:90:77:8b:b5:74:11:ec:ca:7f:9e:d7:51:8f:d2:5d:6d:a2:
5e:17:e0:b2:c9:74:d5:ba:ad:a4:96:72:b7:41:f7:1b:4b:a5:
bd:76:8e:2e:d0:e0:11:96:c8:64:46:2d:0b:54:ed:0f:e3:8b:
99:1a:c9:1e:06:e0:00:8a:e7:8a:c8:56:68:55:cd:a8:9e:ce:
84:1a:ae:7d
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYscOshPUqAep66BfVEHOcAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMDExMDA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE0OGNjZDkxOWE3NTBhMjgzOWNiNmYwYzU0MWQ3NzM4MDAyNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnla2uKSssAMsPNpPXzVDd+hlYWB3
QWh5rX9MOD/2VlRttl42+GpvF1c6pmqL2MEJy6fnydbWz+K2Dlv+9S2DGSfYPZtf
eiASvAETqFmxTpk8PCKy82f6AuoyLlmweLl/iGeHWiFns2fVTzAFs+XODZQYXTDc
IuTqthkNAtR1SfiXR+uFEkKM5kNngNoXipQMiSOemrLkywjRA6C3o14zJ1po248u
lyUhWdJFq2lT9EUFGVxVFV5Z9JCe97It0Q+FOR0lv3/E7jRgvtexkurzWn9nlAxy
achzKM+XPClbXkI4+e4tBNixUazd7mS1wtgPj1xWA6x1p0sGLs3OfNChGQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFK2kjM2RmnUKKDnLbwxUHXc4ACXVMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvcmFTTXpaR2FkUW9vT2N0dkRGUWRkemdBSmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAgU91AME
AQW7JgMEAl+czAMEAblMTgMEAblZHAMEALlZHwMEAbloPDAMAwQAuWiZAwQCuWiY
AwQBuXq6AwQCuZ3UAwQBuaG4AwQCubwQAwQCub8UAwQCucLQAwQBw7X8MAwDBADZ
PfEDBALZPfAwDQYJKoZIhvcNAQELBQADggEBAInfO64aHNTCyQNZqt8IOQIC7SMH
VtV5WjdkfcNQE1TfkieuFbXVEDrQSlCNC/A4IG+5dz8ZXgVlO1f8NZjADRz6Bqsa
i0SvFZjDdNrml/MnwbOV8mLDJPyKgJOIYXNO5g+8bCpqrtALPUPOLdVpj8/1BwsI
Mzfc+KxROdh/Dzj5kAfILnv3nyXHC4PhfvyldZDfqzFHcXa/sjRGcWBPm5Wca2vY
kS8jq6B4Kl2lKVffFZCVyxGQd4u1dBHsyn+e11GP0l1tol4X4LLJdNW6raSWcrdB
9xtLpb12ji7Q4BGWyGRGLQtU7Q/ji5kayR4G4ACK54rIVmhVzaiezoQarn0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org