Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/xEDu7vaMaGxRsILLNKtDBUepguk.roa
File: xEDu7vaMaGxRsILLNKtDBUepguk.roa (raw, json)
Hash identifier: mJZTOv5ECTEBJg1jfl1W2nk047rs7RPpAiyzOhHwQ+A=
Subject key identifier: C4:40:EE:EE:F6:8C:68:6C:51:B0:82:CB:34:AB:43:05:47:A9:82:E9
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 0189C0519184625AAAC5DDC92D5D3A7CF0DA
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/xEDu7vaMaGxRsILLNKtDBUepguk.roa
Signing time: Fri 04 Aug 2023 11:31:58 +0000
ROA not before: Fri 04 Aug 2023 11:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56630
IP address blocks: 45.141.8.0/22 maxlen: 24
185.224.248.0/22 maxlen: 24
185.6.12.0/23 maxlen: 24
185.6.14.0/23 maxlen: 24
45.150.232.0/22 maxlen: 24
195.238.124.0/22 maxlen: 24
185.140.209.0/24 maxlen: 24
185.140.208.0/24 maxlen: 24
185.131.64.0/24 maxlen: 24
185.131.66.0/24 maxlen: 24
185.131.65.0/24 maxlen: 24
185.131.67.0/24 maxlen: 24
88.218.240.0/22 maxlen: 24
89.36.161.0/24 maxlen: 24
89.36.160.0/24 maxlen: 24
217.30.8.0/22 maxlen: 24
194.59.46.0/24 maxlen: 24
185.140.12.0/22 maxlen: 24
194.59.59.0/24 maxlen: 24
194.59.155.0/24 maxlen: 24
91.201.64.0/22 maxlen: 24
194.59.142.0/24 maxlen: 24
213.183.36.0/24 maxlen: 24
89.34.238.0/24 maxlen: 24
213.183.38.0/24 maxlen: 24
213.183.37.0/24 maxlen: 24
213.183.33.0/24 maxlen: 24
213.183.32.0/24 maxlen: 24
5.182.228.0/22 maxlen: 24
213.183.39.0/24 maxlen: 24
213.183.41.0/24 maxlen: 24
213.183.40.0/24 maxlen: 24
213.183.43.0/24 maxlen: 24
213.183.42.0/24 maxlen: 24
213.183.44.0/24 maxlen: 24
213.183.50.0/24 maxlen: 24
213.183.49.0/24 maxlen: 24
88.210.38.0/24 maxlen: 24
213.183.51.0/24 maxlen: 24
213.183.45.0/24 maxlen: 24
213.183.46.0/24 maxlen: 24
213.183.48.0/24 maxlen: 24
213.183.47.0/24 maxlen: 24
213.183.52.0/24 maxlen: 24
88.210.39.0/24 maxlen: 24
213.183.53.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.58.0/24 maxlen: 24
77.72.16.0/23 maxlen: 24
213.183.59.0/24 maxlen: 24
213.183.60.0/24 maxlen: 24
213.183.62.0/24 maxlen: 24
213.183.61.0/24 maxlen: 24
77.72.18.0/23 maxlen: 24
77.72.20.0/23 maxlen: 24
77.72.22.0/23 maxlen: 24
213.183.63.0/24 maxlen: 24
92.119.88.0/22 maxlen: 24
91.192.83.0/24 maxlen: 24
91.192.80.0/24 maxlen: 24
5.188.172.0/24 maxlen: 24
5.188.173.0/24 maxlen: 24
5.188.180.0/22 maxlen: 24
185.246.152.0/24 maxlen: 24
185.246.153.0/24 maxlen: 24
185.246.155.0/24 maxlen: 24
185.246.154.0/24 maxlen: 24
45.135.120.0/22 maxlen: 24
31.40.216.0/22 maxlen: 24
213.226.68.0/22 maxlen: 24
93.189.58.0/24 maxlen: 24
93.189.57.0/24 maxlen: 24
185.135.84.0/22 maxlen: 24
93.189.56.0/24 maxlen: 24
93.189.61.0/24 maxlen: 24
93.189.60.0/24 maxlen: 24
93.189.63.0/24 maxlen: 24
93.189.62.0/24 maxlen: 24
2a06:f906::/36 maxlen: 36
2a06:f903::/36 maxlen: 36
2a06:f905::/36 maxlen: 36
2a06:f900:4000::/36 maxlen: 36
2a06:f900::/36 maxlen: 36
2a06:f902::/36 maxlen: 36
2a06:f904::/36 maxlen: 36
2a06:f907:4000::/36 maxlen: 36
2a06:f907::/36 maxlen: 36
2a06:f901::/36 maxlen: 36
2a0d:8400::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:51:91:84:62:5a:aa:c5:dd:c9:2d:5d:3a:7c:f0:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Aug 4 11:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c440eeeef68c686c51b082cb34ab430547a982e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:51:44:b3:44:de:c9:fb:b3:84:55:6f:c8:fe:
73:c9:50:91:22:46:05:e0:9a:0b:95:9e:da:7d:ed:
3e:54:59:48:44:98:78:22:e3:7b:41:3a:6a:d4:53:
9f:fb:d3:91:40:21:33:00:ea:85:d3:10:81:85:b8:
b4:14:54:62:f1:bd:7a:f6:ac:7d:ae:1c:0b:0a:6e:
d2:57:6a:9d:38:ab:c7:98:74:c1:b0:f9:29:7e:76:
a1:61:62:ca:74:11:d3:1d:9e:c6:27:27:73:93:a1:
40:33:7a:e5:ee:e7:f9:66:c9:6a:69:17:9e:72:67:
13:14:f2:69:9a:0c:25:a4:9d:71:6c:1c:1f:95:15:
4f:46:80:6d:f4:ec:ee:14:d5:c5:29:b6:ca:9c:c0:
5c:78:55:f1:ca:b3:28:a2:de:2a:aa:a5:cd:61:7a:
7f:c9:5a:5a:82:31:cf:e5:3d:10:d2:72:ea:a7:c8:
33:5f:ac:0c:b7:eb:f8:bf:55:9b:d1:7a:fe:26:d0:
be:9a:68:ec:f0:c8:aa:42:82:6d:3d:80:29:e2:01:
da:fb:1c:b9:bc:60:10:8b:cf:34:50:11:b3:93:88:
db:c7:7c:c1:f3:6a:d6:85:04:a0:2d:6d:a5:86:c3:
7b:59:42:c1:27:f3:d0:c8:18:40:6c:8e:7c:7a:dc:
62:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:40:EE:EE:F6:8C:68:6C:51:B0:82:CB:34:AB:43:05:47:A9:82:E9
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/xEDu7vaMaGxRsILLNKtDBUepguk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.228.0/22
5.188.172.0/23
5.188.180.0/22
31.40.216.0/22
45.135.120.0/22
45.141.8.0/22
45.150.232.0/22
77.72.16.0/21
88.210.38.0/23
88.218.240.0/22
89.34.238.0/24
89.36.160.0/23
91.192.80.0/24
91.192.83.0/24
91.201.64.0/22
92.119.88.0/22
93.189.56.0-93.189.58.255
93.189.60.0/22
185.6.12.0/22
185.131.64.0/22
185.135.84.0/22
185.140.12.0/22
185.140.208.0/23
185.224.248.0/22
185.246.152.0/22
194.59.46.0/24
194.59.59.0/24
194.59.142.0/24
194.59.155.0/24
195.238.124.0/22
213.183.32.0/23
213.183.36.0-213.183.63.255
213.226.68.0/22
217.30.8.0/22
IPv6:
2a06:f900::/36
2a06:f900:4000::/36
2a06:f901::/36
2a06:f902::/36
2a06:f903::/36
2a06:f904::/36
2a06:f905::/36
2a06:f906::/36
2a06:f907::/36
2a06:f907:4000::/36
2a0d:8400::/32
Signature Algorithm: sha256WithRSAEncryption
5d:50:49:4e:94:8f:b9:bf:12:28:e5:da:26:5c:16:f2:89:cd:
92:32:c2:5a:c2:fb:40:8d:c7:e0:72:41:60:d9:97:a1:72:28:
1f:82:a5:69:5d:89:4e:6c:a6:68:c4:62:f7:84:a5:ba:0f:9f:
33:e5:34:87:71:4a:f1:55:f6:05:ee:57:54:32:fd:6f:cb:cd:
86:a5:5e:c3:eb:80:73:c5:ba:ac:86:6a:6a:48:11:0e:3b:7a:
48:f2:69:6c:48:62:39:ab:8e:16:3d:63:84:0d:68:f2:3e:5b:
67:c8:64:15:22:73:66:c5:f4:da:28:ba:79:c6:ee:2d:2d:b1:
3f:38:28:a5:bd:3c:2d:4c:86:ae:87:fe:81:a8:de:69:45:5b:
95:fe:bd:af:af:8b:21:d9:a7:6f:89:13:7a:a1:1b:c1:70:69:
c3:5f:1c:be:6f:51:e4:d6:b8:0b:c1:74:6a:3b:d3:84:d2:3b:
b6:d9:7f:d5:dc:a0:73:6c:fc:da:4c:68:50:a5:33:a9:ec:f7:
e3:e5:89:6f:f1:62:6b:30:6b:03:24:77:21:73:71:14:1f:b8:
f1:70:ff:ef:f8:9c:f3:0c:cb:c1:b3:b9:4c:29:6f:b4:f1:64:
91:1d:c8:c6:67:18:48:e9:bb:a0:48:87:49:b9:49:7a:7b:c7:
0c:31:fc:b2
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAYnAUZGEYlqqxd3JLV06fPDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMwODA0MTEzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQwZWVlZWY2OGM2ODZjNTFiMDgyY2IzNGFiNDMwNTQ3YTk4MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFFEs0TeyfuzhFVvyP5zyVCRIkYF
4JoLlZ7afe0+VFlIRJh4IuN7QTpq1FOf+9ORQCEzAOqF0xCBhbi0FFRi8b169qx9
rhwLCm7SV2qdOKvHmHTBsPkpfnahYWLKdBHTHZ7GJydzk6FAM3rl7uf5ZslqaRee
cmcTFPJpmgwlpJ1xbBwflRVPRoBt9OzuFNXFKbbKnMBceFXxyrMoot4qqqXNYXp/
yVpagjHP5T0Q0nLqp8gzX6wMt+v4v1Wb0Xr+JtC+mmjs8MiqQoJtPYAp4gHa+xy5
vGAQi880UBGzk4jbx3zB82rWhQSgLW2lhsN7WULBJ/PQyBhAbI58etxi9wIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFMRA7u72jGhsUbCCyzSrQwVHqYLpMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEveEVEdTd2YU1hR3hSc0lMTE5LdERCVWVwZ3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCB4wQCAAEwgdwD
BAIFtuQDBAEFvKwDBAIFvLQDBAIfKNgDBAIth3gDBAItjQgDBAItlugDBANNSBAD
BAFY0iYDBAJY2vADBABZIu4DBAFZJKADBABbwFADBABbwFMDBAJbyUADBAJcd1gw
DAMEA129OAMEAF29OgMEAl29PAMEArkGDAMEArmDQAMEArmHVAMEArmMDAMEAbmM
0AMEArng+AMEArn2mAMEAMI7LgMEAMI7OwMEAMI7jgMEAMI7mwMEAsPufAMEAdW3
IDAMAwQC1bckAwQG1bcAAwQC1eJEAwQC2R4IMF0EAgACMFcDBgQqBvkAAAMGBCoG
+QBAAwYEKgb5AQADBgQqBvkCAAMGBCoG+QMAAwYEKgb5BAADBgQqBvkFAAMGBCoG
+QYAAwYEKgb5BwADBgQqBvkHQAMFACoNhAAwDQYJKoZIhvcNAQELBQADggEBAF1Q
SU6Uj7m/Eijl2iZcFvKJzZIywlrC+0CNx+ByQWDZl6FyKB+CpWldiU5spmjEYveE
pboPnzPlNIdxSvFV9gXuV1Qy/W/LzYalXsPrgHPFuqyGampIEQ47ekjyaWxIYjmr
jhY9Y4QNaPI+W2fIZBUic2bF9NoounnG7i0tsT84KKW9PC1Mhq6H/oGo3mlFW5X+
va+viyHZp2+JE3qhG8FwacNfHL5vUeTWuAvBdGo704TSO7bZf9XcoHNs/NpMaFCl
M6ns9+PliW/xYmswawMkdyFzcRQfuPFw/+/4nPMMy8GzuUwpb7TxZJEdyMZnGEjp
u6BIh0m5SXp7xwwx/LI=
-----END CERTIFICATE-----
Generated at Tue Aug 22 10:18:05 2023 by rpki-client on console-ams.rpki-client.org