Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/4jd0iGDF67BA49I8rqLk1Z_o3OE.roa
File: 4jd0iGDF67BA49I8rqLk1Z_o3OE.roa (raw, json)
Hash identifier: Vx1EwfM1U58+kVh0ZvSjAtTSuTsF4Gu1NvfKOeAzxgU=
Subject key identifier: E2:37:74:88:60:C5:EB:B0:40:E3:D2:3C:AE:A2:E4:D5:9F:E8:DC:E1
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: BEA094
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/4jd0iGDF67BA49I8rqLk1Z_o3OE.roa
Signing time: Thu 30 Jun 2022 19:01:02 +0000
ROA not before: Thu 30 Jun 2022 19:01:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56630
IP address blocks: 45.141.8.0/22 maxlen: 24
185.224.248.0/22 maxlen: 24
185.6.12.0/23 maxlen: 24
185.6.14.0/23 maxlen: 24
45.150.232.0/22 maxlen: 24
195.238.124.0/22 maxlen: 24
185.131.64.0/24 maxlen: 24
185.131.66.0/24 maxlen: 24
185.131.65.0/24 maxlen: 24
185.131.67.0/24 maxlen: 24
88.218.240.0/22 maxlen: 24
217.30.8.0/22 maxlen: 24
194.59.46.0/24 maxlen: 24
185.140.12.0/22 maxlen: 24
194.59.59.0/24 maxlen: 24
194.59.155.0/24 maxlen: 24
91.201.64.0/22 maxlen: 24
194.59.142.0/24 maxlen: 24
213.183.36.0/24 maxlen: 24
213.183.38.0/24 maxlen: 24
213.183.37.0/24 maxlen: 24
213.183.33.0/24 maxlen: 24
213.183.32.0/24 maxlen: 24
5.182.228.0/22 maxlen: 24
213.183.39.0/24 maxlen: 24
213.183.41.0/24 maxlen: 24
213.183.40.0/24 maxlen: 24
213.183.43.0/24 maxlen: 24
213.183.42.0/24 maxlen: 24
213.183.44.0/24 maxlen: 24
213.183.50.0/24 maxlen: 24
213.183.49.0/24 maxlen: 24
88.210.38.0/24 maxlen: 24
213.183.51.0/24 maxlen: 24
213.183.45.0/24 maxlen: 24
213.183.46.0/24 maxlen: 24
213.183.48.0/24 maxlen: 24
213.183.47.0/24 maxlen: 24
213.183.52.0/24 maxlen: 24
88.210.39.0/24 maxlen: 24
213.183.53.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.58.0/24 maxlen: 24
77.72.16.0/23 maxlen: 24
213.183.59.0/24 maxlen: 24
213.183.60.0/24 maxlen: 24
213.183.62.0/24 maxlen: 24
213.183.61.0/24 maxlen: 24
77.72.18.0/23 maxlen: 24
77.72.20.0/23 maxlen: 24
77.72.22.0/23 maxlen: 24
213.183.63.0/24 maxlen: 24
92.119.88.0/22 maxlen: 24
91.192.83.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
91.192.80.0/24 maxlen: 24
5.188.172.0/24 maxlen: 24
5.188.173.0/24 maxlen: 24
5.188.180.0/22 maxlen: 24
185.246.152.0/24 maxlen: 24
185.246.153.0/24 maxlen: 24
185.246.155.0/24 maxlen: 24
185.246.154.0/24 maxlen: 24
45.135.120.0/22 maxlen: 24
31.40.216.0/22 maxlen: 24
213.226.68.0/22 maxlen: 24
93.189.58.0/24 maxlen: 24
93.189.57.0/24 maxlen: 24
185.135.84.0/22 maxlen: 24
93.189.56.0/24 maxlen: 24
93.189.61.0/24 maxlen: 24
93.189.60.0/24 maxlen: 24
93.189.63.0/24 maxlen: 24
93.189.62.0/24 maxlen: 24
2a06:f906::/36 maxlen: 36
2a06:f903::/36 maxlen: 36
2a06:f905::/36 maxlen: 36
2a06:f900:4000::/36 maxlen: 36
2a06:f900::/36 maxlen: 36
2a06:f902::/36 maxlen: 36
2a06:f904::/36 maxlen: 36
2a06:f907:4000::/36 maxlen: 36
2a06:f907::/36 maxlen: 36
2a06:f901::/36 maxlen: 36
2a0d:8400::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12492948 (0xbea094)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jun 30 19:01:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e237748860c5ebb040e3d23caea2e4d59fe8dce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:14:e0:25:7d:8d:14:69:64:49:c7:67:65:
c9:7c:23:27:6f:c8:0c:6f:85:43:ec:cf:e5:32:c0:
fe:53:f1:9d:8e:0c:61:d7:51:82:08:90:b6:37:9c:
6a:b6:c3:53:d4:81:37:96:d5:32:95:d4:f2:4b:29:
6b:77:5a:e1:3b:4a:cf:8d:7d:0f:1d:dd:7f:6d:c3:
6e:0e:04:0c:01:af:48:f8:ac:eb:dc:0e:71:fc:04:
77:8e:d6:39:af:89:cb:d7:9a:7c:d4:d4:3d:89:f3:
b7:9c:c3:99:d6:e2:29:a4:c7:6f:1b:57:34:32:f2:
1a:6a:38:40:4f:1a:db:de:30:36:7b:07:49:55:12:
53:7a:2f:82:ef:a9:74:a7:c7:3d:32:40:a1:b5:d7:
5c:84:2e:9a:0c:a1:4e:aa:62:4d:14:3b:a9:82:b1:
e1:ff:38:db:3c:50:63:77:ee:ca:58:1b:65:02:fc:
17:3a:c4:c5:25:d0:f8:70:03:20:9a:e0:05:95:69:
d5:b8:b9:4b:91:d9:e0:7a:9b:f2:ab:ae:04:68:9c:
90:e3:61:aa:ad:43:8f:d3:5c:64:e8:5e:e5:df:65:
d3:a3:63:94:e5:6a:3c:2a:b3:df:db:06:c6:5a:06:
aa:7b:1d:92:64:e7:2a:5e:ef:ea:de:a5:a1:70:42:
e9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:37:74:88:60:C5:EB:B0:40:E3:D2:3C:AE:A2:E4:D5:9F:E8:DC:E1
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/4jd0iGDF67BA49I8rqLk1Z_o3OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.228.0/22
5.188.172.0/23
5.188.180.0/22
31.40.216.0/22
45.135.120.0/22
45.141.8.0/22
45.150.232.0/22
77.72.16.0/21
88.210.38.0/23
88.218.240.0/22
91.192.80.0/23
91.192.83.0/24
91.201.64.0/22
92.119.88.0/22
93.189.56.0-93.189.58.255
93.189.60.0/22
185.6.12.0/22
185.131.64.0/22
185.135.84.0/22
185.140.12.0/22
185.224.248.0/22
185.246.152.0/22
194.59.46.0/24
194.59.59.0/24
194.59.142.0/24
194.59.155.0/24
195.238.124.0/22
213.183.32.0/23
213.183.36.0-213.183.63.255
213.226.68.0/22
217.30.8.0/22
IPv6:
2a06:f900::/36
2a06:f900:4000::/36
2a06:f901::/36
2a06:f902::/36
2a06:f903::/36
2a06:f904::/36
2a06:f905::/36
2a06:f906::/36
2a06:f907::/36
2a06:f907:4000::/36
2a0d:8400::/32
Signature Algorithm: sha256WithRSAEncryption
74:32:3d:7d:42:1d:f5:eb:f8:98:7d:c0:61:1e:4e:cd:ec:c9:
6a:4f:e4:b0:8b:2e:5a:be:13:b9:66:e2:68:49:e1:17:07:27:
18:88:7b:d2:5e:ef:e0:3c:d4:ac:1d:13:cc:e4:60:c1:28:10:
7a:0b:14:7d:97:d1:07:d1:17:1f:ec:72:b9:cb:21:13:3f:01:
30:8f:fd:50:01:fe:6e:03:e6:ba:96:ad:e1:fa:6b:7d:60:bc:
18:e2:52:76:7e:fc:87:9c:4c:e0:8c:a1:c8:e1:2f:e5:44:d9:
7c:ab:62:ac:7a:11:17:fe:80:bd:72:43:7e:19:9c:22:93:b2:
e0:dc:28:b6:3a:6b:68:58:c4:48:1a:54:de:cc:a1:96:78:09:
a8:8c:21:f7:9b:6a:fc:11:c8:b2:a7:e1:15:4c:fb:bc:d4:14:
c6:df:c3:f8:e1:5d:88:70:fd:be:73:11:6a:2d:4c:e5:e4:17:
87:4a:85:b9:ff:46:0d:69:14:08:80:4e:df:09:84:cb:6f:60:
49:06:d2:53:7b:8b:89:a0:9c:8e:77:a3:92:10:8c:64:f7:9f:
a3:a9:9c:e3:e9:46:74:39:dc:18:7b:d7:d9:39:87:2a:ea:1a:
e5:a6:c8:c5:ff:25:54:35:e6:8c:ec:3c:9f:d9:aa:3a:64:f8:
19:65:b6:54
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIEAL6glDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmViZmJmZDZmOTM3YzVhZTM5ZTNlMzhlOGFiODM4NDEwNzQyMWE2MB4XDTIyMDYz
MDE5MDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTIzNzc0ODg2MGM1
ZWJiMDQwZTNkMjNjYWVhMmU0ZDU5ZmU4ZGNlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3tFOAlfY0UaWRJx2dlyXwjJ2/IDG+FQ+zP5TLA/lPxnY4M
YddRggiQtjecarbDU9SBN5bVMpXU8kspa3da4TtKz419Dx3df23Dbg4EDAGvSPis
69wOcfwEd47WOa+Jy9eafNTUPYnzt5zDmdbiKaTHbxtXNDLyGmo4QE8a294wNnsH
SVUSU3ovgu+pdKfHPTJAobXXXIQumgyhTqpiTRQ7qYKx4f842zxQY3fuylgbZQL8
FzrExSXQ+HADIJrgBZVp1bi5S5HZ4Hqb8quuBGickONhqq1Dj9NcZOhe5d9l06Nj
lOVqPCqz39sGxloGqnsdkmTnKl7v6t6loXBC6TUCAwEAAaOCAzQwggMwMB0GA1Ud
DgQWBBTiN3SIYMXrsEDj0jyuouTVn+jc4TAfBgNVHSMEGDAWgBQP6/v9b5N8WuOe
Pjjoq4OEEHQhpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QtdjdfVy1UZkZyam5qNDQ2S3VEaEJCMElhWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNjdkODM0LTI2MTItNDczOS05ZjRiLTdkNzAzNzRkNzZkMi8x
LzRqZDBpR0RGNjdCQTQ5SThycUxrMVpfbzNPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NjdkODM0LTI2MTItNDczOS05ZjRiLTdkNzAzNzRkNzZkMi8xL0QtdjdfVy1UZkZy
am5qNDQ2S3VEaEJCMElhWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUgGCCsGAQUFBwEHAQH/BIIBNzCCATMwgdEEAgABMIHKAwQCBbbkAwQBBbysAwQC
Bby0AwQCHyjYAwQCLYd4AwQCLY0IAwQCLZboAwQDTUgQAwQBWNImAwQCWNrwAwQB
W8BQAwQAW8BTAwQCW8lAAwQCXHdYMAwDBANdvTgDBABdvToDBAJdvTwDBAK5BgwD
BAK5g0ADBAK5h1QDBAK5jAwDBAK54PgDBAK59pgDBADCOy4DBADCOzsDBADCO44D
BADCO5sDBALD7nwDBAHVtyAwDAMEAtW3JAMEBtW3AAMEAtXiRAMEAtkeCDBdBAIA
AjBXAwYEKgb5AAADBgQqBvkAQAMGBCoG+QEAAwYEKgb5AgADBgQqBvkDAAMGBCoG
+QQAAwYEKgb5BQADBgQqBvkGAAMGBCoG+QcAAwYEKgb5B0ADBQAqDYQAMA0GCSqG
SIb3DQEBCwUAA4IBAQB0Mj19Qh316/iYfcBhHk7N7MlqT+Swiy5avhO5ZuJoSeEX
BycYiHvSXu/gPNSsHRPM5GDBKBB6CxR9l9EH0Rcf7HK5yyETPwEwj/1QAf5uA+a6
lq3h+mt9YLwY4lJ2fvyHnEzgjKHI4S/lRNl8q2KsehEX/oC9ckN+GZwik7Lg3Ci2
OmtoWMRIGlTezKGWeAmojCH3m2r8Eciyp+EVTPu81BTG38P44V2IcP2+cxFqLUzl
5BeHSoW5/0YNaRQIgE7fCYTLb2BJBtJTe4uJoJyOd6OSEIxk95+jqZzj6UZ0OdwY
e9fZOYcq6hrlpsjF/yVUNeaM7Dyf2ao6ZPgZZbZU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:37 2024 by rpki-client on console-ams.rpki-client.org