Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2dwxQLjYskRQp7K2uOnsKi_ioow.roa
File: 2dwxQLjYskRQp7K2uOnsKi_ioow.roa (raw, json)
Hash identifier: xjWKoCb2lF/O4u4AZuJ8FjvhCVVTu2vJubIJ4zz0ZB0=
Subject key identifier: D9:DC:31:40:B8:D8:B2:44:50:A7:B2:B6:B8:E9:EC:2A:2F:E2:A2:8C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 049B6520
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2dwxQLjYskRQp7K2uOnsKi_ioow.roa
Signing time: Fri 15 Apr 2022 10:59:32 +0000
ROA not before: Fri 15 Apr 2022 10:59:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
45.8.210.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77292832 (0x49b6520)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Apr 15 10:59:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9dc3140b8d8b24450a7b2b6b8e9ec2a2fe2a28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d6:89:85:f0:8b:ba:e2:95:fe:c4:46:7a:95:
83:51:aa:b5:d1:09:18:f5:9f:c1:47:f1:b3:4f:f4:
fa:3c:c0:c2:ac:a6:f0:aa:1c:b1:82:c4:42:35:17:
21:e7:ec:e6:53:99:59:b5:f7:27:d9:90:6d:19:d9:
b0:b1:71:bd:99:ea:97:17:ec:2c:31:b9:15:a4:06:
8e:50:8c:0b:23:b2:c5:e4:42:4e:18:33:7d:df:8e:
00:27:b6:c3:ce:7b:11:c1:d3:9c:bc:8c:08:4c:69:
9e:b1:8b:66:7b:59:00:d6:7c:8a:d5:90:fc:e1:db:
5b:d9:6a:2a:b4:da:a2:ae:30:7c:20:80:63:6f:21:
b5:3b:ff:8e:13:2f:ff:82:18:44:d2:cd:de:6c:76:
7e:80:02:fa:16:ed:19:86:cf:a9:e8:38:ef:f4:a9:
93:d2:1f:96:df:9c:d2:8e:3d:f7:cd:cf:8b:4d:fd:
35:c7:30:b0:dd:de:42:d1:d5:8b:24:9c:f8:63:5e:
95:f4:20:36:b9:7f:f4:f3:ae:a9:3c:9c:32:8f:26:
5e:8c:56:d2:3b:21:63:97:6b:c9:0a:dd:1f:ea:72:
2f:97:39:08:8d:21:b6:7c:07:67:a2:7f:19:07:cc:
ed:2b:e5:d4:1d:05:17:b5:d6:c5:54:8f:22:bd:42:
92:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DC:31:40:B8:D8:B2:44:50:A7:B2:B6:B8:E9:EC:2A:2F:E2:A2:8C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2dwxQLjYskRQp7K2uOnsKi_ioow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.210.0/23
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.102.137.0/24
185.104.248.0/24
185.112.100.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
5b:ba:f5:20:43:0b:f3:d6:72:e7:33:6f:dc:e3:6d:bd:95:35:
75:88:a7:7d:29:ef:63:18:dd:a5:d0:b4:67:a4:00:6e:d8:4b:
14:70:54:0d:71:c5:dd:e3:fd:2d:b9:4b:bb:df:09:b9:d2:c4:
06:91:23:53:1a:4b:4f:17:34:a5:e4:1b:15:59:6c:4e:e2:09:
23:91:cd:83:64:61:c6:77:f3:58:21:fc:d4:e0:9f:49:b6:e6:
68:ae:c3:45:83:b4:eb:56:e3:a8:00:ec:a3:fd:0b:8d:2e:d8:
d1:35:5a:e2:ac:68:29:e5:89:38:67:78:94:09:3b:07:6c:3b:
dd:92:da:8d:34:8a:74:ee:06:d1:95:5f:3b:c0:cc:5e:dc:49:
b0:80:af:50:52:56:10:45:32:c7:56:7a:88:03:09:8d:68:1c:
43:41:44:34:b3:a8:6c:e2:7e:a0:1e:3c:b7:c6:0c:9d:c6:5e:
47:32:5b:0c:42:f9:fc:94:bd:b8:5f:c1:19:68:8e:d2:7c:91:
55:5d:1a:3e:c0:60:9a:77:68:c8:d9:5b:a7:61:ee:ed:7a:08:
27:11:13:1b:a3:f2:bf:d7:48:60:af:83:5a:e3:83:cc:35:d1:
6e:60:d0:00:3d:9d:55:54:8f:41:72:ba:75:8f:5a:2c:66:6e:
f3:2a:81:69
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIEBJtlIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDQx
NTEwNTkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlkYzMxNDBiOGQ4
YjI0NDUwYTdiMmI2YjhlOWVjMmEyZmUyYTI4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrWiYXwi7rilf7ERnqVg1GqtdEJGPWfwUfxs0/0+jzAwqym
8KocsYLEQjUXIefs5lOZWbX3J9mQbRnZsLFxvZnqlxfsLDG5FaQGjlCMCyOyxeRC
Thgzfd+OACe2w857EcHTnLyMCExpnrGLZntZANZ8itWQ/OHbW9lqKrTaoq4wfCCA
Y28htTv/jhMv/4IYRNLN3mx2foAC+hbtGYbPqeg47/Spk9Iflt+c0o49983Pi039
NccwsN3eQtHViySc+GNelfQgNrl/9POuqTycMo8mXoxW0jshY5dryQrdH+pyL5c5
CI0htnwHZ6J/GQfM7Svl1B0FF7XWxVSPIr1CkmcCAwEAAaOCAz8wggM7MB0GA1Ud
DgQWBBTZ3DFAuNiyRFCnsra46ewqL+KijDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzJkd3hRTGpZc2tSUXA3SzJ1T25zS2lfaW9vdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVMGCCsGAQUFBwEHAQH/BIIBQjCCAT4wgc8EAgABMIHIAwUABbSITAMFAAW0iN0D
BAEtCNIDBQCTTkIHAwUAuREDZgMEAbkoBAMEALlmiQMEALlo+AMEALlwZAMFALmL
RBwDBQC5i0Z0AwQBuayCAwQAua6IAwQAua6LAwQAubTkAwQAubTmAwUAubTnVwME
ALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAsI/jAMFAMJDxH8D
BQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwagQCAAIw
ZAMFACoEUgAwDgMFASoEUgIDBQMqBFIAAwUDKgdKAAMFACoJUwMDBQAqCpMAAwUD
KgvaAAMFAyoMaYADBQEqDPZAAwUAKg7WAgMFACoPRoADBQAqD3MAAwUDKg98gAMF
AyoPx4AwDQYJKoZIhvcNAQELBQADggEBAFu69SBDC/PWcuczb9zjbb2VNXWIp30p
72MY3aXQtGekAG7YSxRwVA1xxd3j/S25S7vfCbnSxAaRI1MaS08XNKXkGxVZbE7i
CSORzYNkYcZ381gh/NTgn0m25miuw0WDtOtW46gA7KP9C40u2NE1WuKsaCnliThn
eJQJOwdsO92S2o00inTuBtGVXzvAzF7cSbCAr1BSVhBFMsdWeogDCY1oHENBRDSz
qGzifqAePLfGDJ3GXkcyWwxC+fyUvbhfwRlojtJ8kVVdGj7AYJp3aMjZW6dh7u16
CCcRExuj8r/XSGCvg1rjg8w10W5g0AA9nVVUj0FyunWPWixmbvMqgWk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org