Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/6c4cEk0pJNKYSZPdNbJudMfEqBE.roa
File: 6c4cEk0pJNKYSZPdNbJudMfEqBE.roa (raw, json)
Hash identifier: qPcKmG2fn0U9YoOG6Q2H6iWyv3dPVd+wHrjrzJ7pRP0=
Subject key identifier: E9:CE:1C:12:4D:29:24:D2:98:49:93:DD:35:B2:6E:74:C7:C4:A8:11
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018D08D4A03E59786E5F5DB476FEE649AC7E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/6c4cEk0pJNKYSZPdNbJudMfEqBE.roa
Signing time: Sun 14 Jan 2024 16:36:08 +0000
ROA not before: Sun 14 Jan 2024 16:36:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
194.53.52.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
5.180.137.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.244.174.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
213.108.197.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
45.89.64.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a04:5200:fff2::/48 maxlen: 48
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0a:9300::/48 maxlen: 48
2a04:5200:a::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5205::/32 maxlen: 32
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300:aaaa::/48 maxlen: 48
2a04:5200:1::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
2a04:5200:fff7::/48 maxlen: 48
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5200:fff4::/48 maxlen: 48
2a04:5206::/32 maxlen: 32
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5207::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200::/29 maxlen: 29
2a04:5200:ffff::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:d4:a0:3e:59:78:6e:5f:5d:b4:76:fe:e6:49:ac:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 14 16:36:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9ce1c124d2924d2984993dd35b26e74c7c4a811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bf:3b:a2:09:15:c8:c4:51:60:08:19:88:fb:
07:9c:30:43:a7:fc:44:13:47:66:62:32:71:ef:4e:
2d:f7:06:52:17:01:7d:22:37:e0:9b:2e:0c:94:ba:
f7:85:f8:03:05:36:ac:d7:14:7e:ad:ba:f5:9e:e0:
fc:be:0b:45:11:33:5c:b6:01:53:f7:ef:21:08:45:
89:c5:d2:49:8a:82:88:ba:3b:e9:3b:53:38:22:cf:
a0:3b:19:7a:e3:e3:f3:a9:f6:13:5c:7c:38:93:98:
95:7d:89:5d:bc:6c:90:b7:ea:23:b1:08:0f:d9:d1:
ba:f9:8a:05:b4:58:17:02:5d:1c:91:96:fa:45:17:
19:08:c6:9a:ce:18:50:c7:af:83:69:69:3a:7b:7c:
2d:d0:c2:4c:2a:39:2e:e1:c8:5e:73:85:9a:a6:0b:
0e:3c:70:de:6f:1d:0a:b7:fa:b4:62:71:b4:38:00:
b3:8a:bc:86:53:70:6a:06:f0:9f:d3:b3:95:28:8d:
fa:29:49:45:e2:04:46:95:eb:f3:c0:e0:6e:69:c7:
24:29:be:d3:95:c7:80:a1:52:8d:1b:e5:c4:be:2e:
27:f7:9d:ec:dc:5e:d6:9a:fd:e5:e1:23:b1:f1:c9:
d1:d4:01:e4:20:8f:e5:e2:a6:7c:da:88:2f:87:69:
de:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CE:1C:12:4D:29:24:D2:98:49:93:DD:35:B2:6E:74:C7:C4:A8:11
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/6c4cEk0pJNKYSZPdNbJudMfEqBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.8.211.0/24
45.89.64.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.104.248.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
185.244.174.0/24
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.53.52.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.197.0-213.108.199.255
IPv6:
2a04:5200::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0f:4680::/32
2a0f:7300::/32
Signature Algorithm: sha256WithRSAEncryption
16:5a:a5:ed:89:54:ef:e8:36:d8:74:05:7c:93:bb:45:af:ca:
1b:d5:ec:5d:17:8b:c0:d0:80:6d:7d:69:36:77:4c:eb:73:6d:
98:08:3d:06:e7:fd:34:6b:f6:fa:74:cc:22:7f:4d:1a:3a:8d:
15:e9:33:1e:b3:fc:93:88:1e:dc:30:ab:5e:ba:d6:68:d2:a1:
b6:44:e1:6f:d5:d6:f3:a2:bb:86:f1:86:3d:23:d4:6d:ec:2f:
2c:64:9f:22:1e:e4:c6:39:55:e1:60:5d:d9:9c:a5:30:15:02:
46:c5:0e:76:13:3c:cb:92:4b:65:bd:4a:e2:d0:45:02:46:a1:
f8:9c:b1:36:30:96:19:13:5d:76:54:8f:59:7f:cf:ce:7c:10:
bb:43:13:11:61:51:bc:77:b1:bb:8e:f2:a4:3d:38:7d:35:37:
ec:9b:f6:29:d7:7d:c1:8d:0a:bb:c0:ea:f3:8f:4e:1d:d5:67:
5c:ff:99:73:71:ac:50:72:46:5d:66:d6:86:01:d0:76:85:e9:
b5:85:89:d0:99:d1:1a:79:89:f8:b4:3d:55:46:28:10:27:fd:
86:51:13:9a:eb:81:c8:87:15:97:f6:a2:36:a3:a7:e1:0b:82:
7b:94:83:10:b5:60:41:72:c3:12:b6:5e:61:70:32:57:a4:cf:
1f:26:73:5f
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAY0I1KA+WXhuX120dv7mSax+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTE0MTYzNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWNlMWMxMjRkMjkyNGQyOTg0OTkzZGQzNWIyNmU3NGM3YzRhODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr787ogkVyMRRYAgZiPsHnDBDp/xE
E0dmYjJx704t9wZSFwF9Ijfgmy4MlLr3hfgDBTas1xR+rbr1nuD8vgtFETNctgFT
9+8hCEWJxdJJioKIujvpO1M4Is+gOxl64+PzqfYTXHw4k5iVfYldvGyQt+ojsQgP
2dG6+YoFtFgXAl0ckZb6RRcZCMaazhhQx6+DaWk6e3wt0MJMKjku4chec4WapgsO
PHDebx0Kt/q0YnG0OACziryGU3BqBvCf07OVKI36KUlF4gRGlevzwOBuacckKb7T
lceAoVKNG+XEvi4n953s3F7Wmv3l4SOx8cnR1AHkII/l4qZ82ogvh2neMQIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFOnOHBJNKSTSmEmT3TWybnTHxKgRMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvNmM0Y0VrMHBKTktZU1pQZE5iSnVkTWZFcUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCB1QQCAAEwgc4D
BAEFtIgDBAAF/HQDBAAtCNMDBAAtWUADBABb2U0DBQCTTkIHAwUAuREDZgMEALlo
+AMFALmLRBwDBQC5i0Z0AwQBuayCAwQAua6LAwQAubTmAwUAubTnVwMEALm8tAME
Arm9DAMEALn0rgMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAMI1NAMEAsI/jAMF
AMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAw
DAMEANVsxQMEA9VswDAwBAIAAjAqAwUDKgRSAAMFACoJUwMDBQAqCpMAAwUDKgva
AAMFACoPRoADBQAqD3MAMA0GCSqGSIb3DQEBCwUAA4IBAQAWWqXtiVTv6DbYdAV8
k7tFr8ob1exdF4vA0IBtfWk2d0zrc22YCD0G5/00a/b6dMwif00aOo0V6TMes/yT
iB7cMKteutZo0qG2ROFv1dbzoruG8YY9I9Rt7C8sZJ8iHuTGOVXhYF3ZnKUwFQJG
xQ52EzzLkktlvUri0EUCRqH4nLE2MJYZE112VI9Zf8/OfBC7QxMRYVG8d7G7jvKk
PTh9NTfsm/Yp133BjQq7wOrzj04d1Wdc/5lzcaxQckZdZtaGAdB2hem1hYnQmdEa
eYn4tD1VRigQJ/2GUROa64HIhxWX9qI2o6fhC4J7lIMQtWBBcsMStl5hcDJXpM8f
JnNf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org