Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2xhFUXld8WrtKHUiulDIClg2Jx4.roa
File: 2xhFUXld8WrtKHUiulDIClg2Jx4.roa (raw, json)
Hash identifier: Y/KtHtYZboDX2ArT51fUwtQ6I7bIIAWaaw5XddfTcNQ=
Subject key identifier: DB:18:45:51:79:5D:F1:6A:ED:28:75:22:BA:50:C8:0A:58:36:27:1E
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018477567197D298C09EAE9A73953248BD1B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2xhFUXld8WrtKHUiulDIClg2Jx4.roa
Signing time: Mon 14 Nov 2022 18:11:04 +0000
ROA not before: Mon 14 Nov 2022 18:11:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
5.252.116.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
45.89.64.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a04:5200:fff2::/48 maxlen: 48
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0a:9300::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5205::/32 maxlen: 32
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300:aaaa::/48 maxlen: 48
2a04:5200:1::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
2a04:5200:fff7::/48 maxlen: 48
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5200:fff4::/48 maxlen: 48
2a04:5206::/32 maxlen: 32
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5207::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:77:56:71:97:d2:98:c0:9e:ae:9a:73:95:32:48:bd:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 14 18:11:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db184551795df16aed287522ba50c80a5836271e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:10:c1:02:6a:00:9d:e6:72:59:35:e7:f1:
a8:34:fc:9c:fd:d7:74:6c:26:88:94:98:90:7a:01:
44:1b:8c:8b:be:05:0d:7c:32:78:4a:9f:56:f9:70:
c6:e2:f0:70:94:40:fa:59:85:b6:55:cd:05:e0:49:
c5:ba:85:c9:5d:f5:7f:17:d7:e7:6f:86:0b:99:ef:
8a:44:bf:d2:2f:8d:34:c8:80:18:6e:9b:58:2d:27:
d8:c8:47:ca:84:b5:33:48:2d:cb:d9:ec:11:e4:6d:
eb:5d:75:ab:b5:bc:9a:e6:f8:d9:37:82:95:b6:42:
0d:1d:ee:c7:42:89:e8:96:d1:97:72:b0:57:71:ac:
4d:16:0e:0f:63:29:56:f0:4a:a7:66:b8:49:5c:d8:
07:31:11:57:6c:ee:dc:38:a5:93:a2:9e:86:89:00:
dd:e0:8a:e0:89:a5:4f:20:5c:17:80:3d:18:a3:fa:
85:c8:ce:25:4b:0c:bc:6d:95:81:af:9a:34:cf:b5:
20:c5:d2:3a:da:0c:9a:a8:c6:4e:01:b3:9e:ba:8d:
06:af:4a:86:f6:5b:c8:a4:e9:b0:6c:d4:d5:67:63:
41:a3:58:c6:f7:3e:d3:fc:66:65:d9:39:0e:ec:57:
d2:3d:78:44:19:59:8b:15:30:03:9b:a2:4b:f7:9c:
9d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:18:45:51:79:5D:F1:6A:ED:28:75:22:BA:50:C8:0A:58:36:27:1E
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2xhFUXld8WrtKHUiulDIClg2Jx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.8.211.0/24
45.89.64.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.198.0/23
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0f:4680::/32
2a0f:7300::/32
Signature Algorithm: sha256WithRSAEncryption
88:1c:91:ac:0c:ac:cc:5b:2c:92:11:76:a6:81:48:c5:ab:3a:
f7:06:ae:31:3d:48:ca:cc:0c:03:86:a7:ee:c1:7a:54:2c:59:
3a:ee:4c:c7:02:66:2c:27:33:09:f2:64:d5:61:e9:8b:4f:85:
67:f5:1d:df:be:b7:9b:32:38:d3:c4:79:08:d5:c2:c5:d4:30:
48:38:83:f6:10:47:3c:67:f6:1e:3f:09:9f:7a:2b:f4:68:e8:
9f:94:d0:2d:f1:bd:77:02:fa:e7:71:e7:20:a3:a1:b4:67:6e:
08:53:67:1f:32:c8:73:8a:24:d5:c9:7d:d6:37:e4:ee:b2:72:
66:89:43:79:fe:42:d3:d3:e4:b1:3f:1f:3a:9f:5e:8d:e3:79:
5e:52:d2:d2:2f:29:4d:d3:85:17:cb:7d:b5:10:16:53:06:f7:
a5:dd:36:42:6c:d0:f8:31:2a:3c:df:03:87:87:df:b4:27:d8:
7c:49:b6:bd:c5:e6:0d:b4:2b:cf:63:34:b2:d3:43:ed:63:d5:
c6:7b:53:19:9c:fb:dc:dc:22:5a:d5:4f:ad:d8:4c:86:f1:87:
87:aa:d6:e2:b2:c8:4f:b8:b5:1d:20:33:14:13:23:5b:c0:10:
01:62:87:2a:fe:8c:84:51:a6:9a:9c:9e:67:b1:5f:d0:48:5d:
29:6c:e2:74
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYR3VnGX0pjAnq6ac5UySL0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMTE0MTgxMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE4NDU1MTc5NWRmMTZhZWQyODc1MjJiYTUwYzgwYTU4MzYyNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucYQwQJqAJ3mclk15/GoNPyc/dd0
bCaIlJiQegFEG4yLvgUNfDJ4Sp9W+XDG4vBwlED6WYW2Vc0F4EnFuoXJXfV/F9fn
b4YLme+KRL/SL400yIAYbptYLSfYyEfKhLUzSC3L2ewR5G3rXXWrtbya5vjZN4KV
tkINHe7HQonoltGXcrBXcaxNFg4PYylW8EqnZrhJXNgHMRFXbO7cOKWTop6GiQDd
4IrgiaVPIFwXgD0Yo/qFyM4lSwy8bZWBr5o0z7UgxdI62gyaqMZOAbOeuo0Gr0qG
9lvIpOmwbNTVZ2NBo1jG9z7T/GZl2TkO7FfSPXhEGVmLFTADm6JL95ydvwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFNsYRVF5XfFq7Sh1IrpQyApYNiceMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMnhoRlVYbGQ4V3J0S0hVaXVsRElDbGcySng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCB0wQCAAEwgcwD
BAIFtIgDBAAF/HQDBAAtCNMDBAAtWUADBABb2U0DBQCTTkIHAwUAuREDZgMEALko
BAMEALlo+AMEALl9MgMFALmLRBwDBQC5i0Z0AwQBuayCAwQAua6IAwQAua6LAwQA
ubTmAwUAubTnVwMEALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gME
AsI/jAMFAMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMF
AMJD0DADBAHVbMYwQAQCAAIwOgMFACoEUgAwDgMFASoEUgIDBQMqBFIAAwUAKglT
AwMFACoKkwADBQMqC9oAAwUAKg9GgAMFACoPcwAwDQYJKoZIhvcNAQELBQADggEB
AIgckawMrMxbLJIRdqaBSMWrOvcGrjE9SMrMDAOGp+7BelQsWTruTMcCZiwnMwny
ZNVh6YtPhWf1Hd++t5syONPEeQjVwsXUMEg4g/YQRzxn9h4/CZ96K/Ro6J+U0C3x
vXcC+udx5yCjobRnbghTZx8yyHOKJNXJfdY35O6ycmaJQ3n+QtPT5LE/HzqfXo3j
eV5S0tIvKU3ThRfLfbUQFlMG96XdNkJs0PgxKjzfA4eH37Qn2HxJtr3F5g20K89j
NLLTQ+1j1cZ7Uxmc+9zcIlrVT63YTIbxh4eq1uKyyE+4tR0gMxQTI1vAEAFihyr+
jIRRppqcnmexX9BIXSls4nQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org