Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ITg7agkCS5pNO9ViAaJ_cFniXgo.roa
File: ITg7agkCS5pNO9ViAaJ_cFniXgo.roa (raw, json)
Hash identifier: b3bRNh87fDzhSPo/TkMg0+9G8EcMe2hkLs5SE2O6euE=
Subject key identifier: 21:38:3B:6A:09:02:4B:9A:4D:3B:D5:62:01:A2:7F:70:59:E2:5E:0A
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 1530CF
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ITg7agkCS5pNO9ViAaJ_cFniXgo.roa
Signing time: Sun 17 Apr 2022 15:15:53 +0000
ROA not before: Sun 17 Apr 2022 15:15:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56630
IP address blocks: 185.224.248.0/22 maxlen: 22
195.238.124.0/22 maxlen: 24
185.131.64.0/24 maxlen: 24
185.131.66.0/24 maxlen: 24
185.131.65.0/24 maxlen: 24
185.131.67.0/24 maxlen: 24
88.218.240.0/22 maxlen: 24
217.30.8.0/22 maxlen: 22
185.140.12.0/22 maxlen: 22
91.201.64.0/22 maxlen: 24
213.183.33.0/24 maxlen: 24
213.183.32.0/24 maxlen: 24
213.183.36.0/24 maxlen: 24
213.183.38.0/24 maxlen: 24
213.183.37.0/24 maxlen: 24
213.183.39.0/24 maxlen: 24
213.183.41.0/24 maxlen: 24
213.183.40.0/24 maxlen: 24
213.183.43.0/24 maxlen: 24
213.183.42.0/24 maxlen: 24
213.183.44.0/24 maxlen: 24
213.183.50.0/24 maxlen: 24
213.183.49.0/24 maxlen: 24
88.210.38.0/24 maxlen: 24
213.183.51.0/24 maxlen: 24
213.183.45.0/24 maxlen: 24
213.183.46.0/24 maxlen: 24
213.183.48.0/24 maxlen: 24
213.183.47.0/24 maxlen: 24
213.183.52.0/24 maxlen: 24
88.210.39.0/24 maxlen: 24
213.183.53.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
77.72.16.0/23 maxlen: 24
213.183.58.0/24 maxlen: 24
77.72.18.0/23 maxlen: 24
213.183.59.0/24 maxlen: 24
213.183.60.0/24 maxlen: 24
77.72.20.0/23 maxlen: 24
213.183.62.0/24 maxlen: 24
77.72.22.0/23 maxlen: 24
213.183.61.0/24 maxlen: 24
213.183.63.0/24 maxlen: 24
92.119.88.0/22 maxlen: 24
91.192.83.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
91.192.80.0/24 maxlen: 24
5.188.172.0/24 maxlen: 24
5.188.173.0/24 maxlen: 24
5.188.180.0/22 maxlen: 24
185.246.152.0/24 maxlen: 24
185.246.153.0/24 maxlen: 24
185.246.155.0/24 maxlen: 24
185.246.154.0/24 maxlen: 24
31.40.216.0/22 maxlen: 24
213.226.68.0/22 maxlen: 24
93.189.56.0/24 maxlen: 24
93.189.58.0/24 maxlen: 24
93.189.57.0/24 maxlen: 24
185.135.84.0/22 maxlen: 24
93.189.61.0/24 maxlen: 24
93.189.60.0/24 maxlen: 24
93.189.63.0/24 maxlen: 24
93.189.62.0/24 maxlen: 24
2a06:f906::/36 maxlen: 36
2a06:f903::/36 maxlen: 36
2a06:f905::/36 maxlen: 36
2a06:f900:4000::/36 maxlen: 36
2a06:f900::/36 maxlen: 36
2a06:f902::/36 maxlen: 36
2a06:f904::/36 maxlen: 36
2a06:f907:4000::/36 maxlen: 36
2a06:f907::/36 maxlen: 36
2a06:f901::/36 maxlen: 36
2a0d:8400::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1388751 (0x1530cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Apr 17 15:15:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21383b6a09024b9a4d3bd56201a27f7059e25e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:20:75:05:66:56:8a:ed:be:8f:72:3e:ca:af:
23:53:42:ea:dc:86:f0:25:df:fc:76:e8:bb:42:0f:
88:30:01:70:cc:b0:3d:be:5b:71:55:94:47:ed:b2:
96:40:f4:ea:b1:a3:25:25:9f:62:29:06:36:67:07:
b8:f3:52:5d:6a:d9:c4:58:11:cd:69:d8:b7:5f:91:
03:66:62:4d:5c:2f:62:be:96:81:02:5c:b8:39:6b:
aa:9f:9e:4f:1e:96:1f:8e:a8:de:00:af:0d:a6:be:
5d:4d:07:2c:6f:a8:68:6b:5e:8c:a8:52:c2:99:67:
78:63:1b:59:b3:7e:67:0d:22:5f:e2:62:9d:fd:ef:
06:e4:21:8e:9b:d5:c3:5b:75:38:43:96:e2:ff:7e:
e5:ce:77:80:cc:2b:92:f3:78:e6:63:4a:32:12:5f:
89:06:ac:e3:0e:a3:52:fa:21:80:a5:24:70:4e:97:
88:27:fa:55:cc:cb:ec:87:76:92:9d:c3:66:8d:d1:
71:38:1b:c8:f4:19:3f:5f:d6:8a:71:ff:86:0b:79:
4f:e6:3c:01:a7:4a:ab:e2:50:b8:f4:e3:a5:fb:73:
99:76:f8:68:15:69:9d:d5:a4:25:05:fd:b5:88:b2:
b6:a8:db:3c:82:ef:7c:8b:46:24:eb:bd:49:37:5f:
28:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:38:3B:6A:09:02:4B:9A:4D:3B:D5:62:01:A2:7F:70:59:E2:5E:0A
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ITg7agkCS5pNO9ViAaJ_cFniXgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.172.0/23
5.188.180.0/22
31.40.216.0/22
77.72.16.0/21
88.210.38.0/23
88.218.240.0/22
91.192.80.0/23
91.192.83.0/24
91.201.64.0/22
92.119.88.0/22
93.189.56.0-93.189.58.255
93.189.60.0/22
185.131.64.0/22
185.135.84.0/22
185.140.12.0/22
185.224.248.0/22
185.246.152.0/22
195.238.124.0/22
213.183.32.0/23
213.183.36.0-213.183.63.255
213.226.68.0/22
217.30.8.0/22
IPv6:
2a06:f900::/36
2a06:f900:4000::/36
2a06:f901::/36
2a06:f902::/36
2a06:f903::/36
2a06:f904::/36
2a06:f905::/36
2a06:f906::/36
2a06:f907::/36
2a06:f907:4000::/36
2a0d:8400::/32
Signature Algorithm: sha256WithRSAEncryption
6f:c7:8a:10:f4:41:62:b1:be:50:ae:69:97:8d:fd:78:30:09:
ad:36:30:3a:f5:0f:ac:a3:bf:48:14:b4:57:51:68:6f:0d:74:
c0:ed:cf:51:6a:92:1c:5f:ed:00:ea:ed:88:24:15:ba:81:c8:
1e:78:83:1d:33:8c:d7:27:f0:b7:98:06:49:50:d5:68:18:2c:
9a:a0:32:bf:10:71:9b:43:47:44:6b:42:b1:30:05:90:db:62:
6c:ef:06:aa:41:2a:bc:f4:71:54:46:33:21:cc:14:24:f0:8e:
30:55:9e:ae:53:92:0c:57:3e:f7:dd:28:1f:51:c1:e2:c7:5b:
fe:18:45:b7:7f:e4:f2:0e:16:b4:43:55:c6:98:c7:75:c9:23:
1d:8a:e1:79:74:33:23:a1:10:70:7c:45:f6:2a:49:a9:2f:89:
fc:4f:a0:0a:15:35:ff:0e:f5:c9:bd:ee:47:4a:ab:bc:2a:3d:
d2:7b:9f:01:dc:e5:cc:f8:03:62:3f:eb:61:0c:1c:6a:4c:0e:
f5:70:97:02:b9:3b:ed:7e:e1:1a:2a:89:66:ca:88:0a:8d:aa:
b4:02:0d:32:02:21:7e:2e:a2:e0:7c:71:92:71:c2:f7:e3:98:
b7:12:b1:4b:95:6a:22:3a:b9:09:ae:14:58:2a:7c:51:a9:7b:
60:5c:65:bd
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIDFTDPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBm
ZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3NDIxYTYwHhcNMjIwNDE3
MTUxNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMTM4M2I2YTA5MDI0
YjlhNGQzYmQ1NjIwMWEyN2Y3MDU5ZTI1ZTBhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjiB1BWZWiu2+j3I+yq8jU0Lq3IbwJd/8dui7Qg+IMAFwzLA9
vltxVZRH7bKWQPTqsaMlJZ9iKQY2Zwe481JdatnEWBHNadi3X5EDZmJNXC9ivpaB
Aly4OWuqn55PHpYfjqjeAK8Npr5dTQcsb6hoa16MqFLCmWd4YxtZs35nDSJf4mKd
/e8G5CGOm9XDW3U4Q5bi/37lzneAzCuS83jmY0oyEl+JBqzjDqNS+iGApSRwTpeI
J/pVzMvsh3aSncNmjdFxOBvI9Bk/X9aKcf+GC3lP5jwBp0qr4lC49OOl+3OZdvho
FWmd1aQlBf21iLK2qNs8gu98i0Yk671JN18oYQIDAQABo4IC/TCCAvkwHQYDVR0O
BBYEFCE4O2oJAkuaTTvVYgGif3BZ4l4KMB8GA1UdIwQYMBaAFA/r+/1vk3xa454+
OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQyLzEv
SVRnN2Fna0NTNXBOTzlWaUFhSl9jRm5pWGdvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82
N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQyLzEvRC12N19XLVRmRnJq
bmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIB
EQYIKwYBBQUHAQcBAf8EggEAMIH9MIGbBAIAATCBlAMEAQW8rAMEAgW8tAMEAh8o
2AMEA01IEAMEAVjSJgMEAlja8AMEAVvAUAMEAFvAUwMEAlvJQAMEAlx3WDAMAwQD
Xb04AwQAXb06AwQCXb08AwQCuYNAAwQCuYdUAwQCuYwMAwQCueD4AwQCufaYAwQC
w+58AwQB1bcgMAwDBALVtyQDBAbVtwADBALV4kQDBALZHggwXQQCAAIwVwMGBCoG
+QAAAwYEKgb5AEADBgQqBvkBAAMGBCoG+QIAAwYEKgb5AwADBgQqBvkEAAMGBCoG
+QUAAwYEKgb5BgADBgQqBvkHAAMGBCoG+QdAAwUAKg2EADANBgkqhkiG9w0BAQsF
AAOCAQEAb8eKEPRBYrG+UK5pl439eDAJrTYwOvUPrKO/SBS0V1Fobw10wO3PUWqS
HF/tAOrtiCQVuoHIHniDHTOM1yfwt5gGSVDVaBgsmqAyvxBxm0NHRGtCsTAFkNti
bO8GqkEqvPRxVEYzIcwUJPCOMFWerlOSDFc+990oH1HB4sdb/hhFt3/k8g4WtENV
xpjHdckjHYrheXQzI6EQcHxF9ipJqS+J/E+gChU1/w71yb3uR0qrvCo90nufAdzl
zPgDYj/rYQwcakwO9XCXArk77X7hGiqJZsqICo2qtAINMgIhfi6i4HxxknHC9+OY
txKxS5VqIjq5Ca4UWCp8Ual7YFxlvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org