Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/7IGZxmfrF7FaKgb9GgCfQ_eMNUc.roa
File: 7IGZxmfrF7FaKgb9GgCfQ_eMNUc.roa (raw, json)
Hash identifier: x2JKzPQb0U07kegUVTPYfZniFBHZKkhy+tyoAtkOG7c=
Subject key identifier: EC:81:99:C6:67:EB:17:B1:5A:2A:06:FD:1A:00:9F:43:F7:8C:35:47
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 04226C6C
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/7IGZxmfrF7FaKgb9GgCfQ_eMNUc.roa
Signing time: Tue 15 Mar 2022 16:43:55 +0000
ROA not before: Tue 15 Mar 2022 16:43:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/23 maxlen: 23
194.63.142.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
185.112.81.0/24 maxlen: 24
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69364844 (0x4226c6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 15 16:43:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec8199c667eb17b15a2a06fd1a009f43f78c3547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:d5:76:ab:ee:53:89:47:4b:b8:79:bc:fe:
3b:46:fe:ac:29:90:84:53:e6:63:f5:be:2a:21:5c:
96:ed:dd:70:ca:27:24:fa:17:e4:44:19:05:d3:93:
8a:2d:73:31:99:de:73:6f:9a:39:fe:49:3a:b0:b2:
f3:50:9c:07:7e:af:4c:5e:a0:b8:42:e7:41:84:12:
ce:76:2f:c4:c9:c6:5e:24:4f:c9:af:d0:5d:b4:bc:
02:df:22:b6:db:61:61:f5:d9:30:ca:aa:10:17:00:
6c:94:e0:3d:dc:50:53:f6:02:52:1f:ec:77:3b:6b:
c3:3c:78:99:6c:d9:8f:bd:91:73:99:0a:77:75:12:
aa:9c:a5:c2:bc:85:ac:fc:74:2f:16:4d:b9:e5:1c:
0e:cc:42:86:e5:04:f7:fc:84:ad:5c:45:d4:9a:e9:
02:85:a6:af:76:6e:e1:83:77:d6:1c:22:b3:5e:e4:
7e:4e:89:77:52:ac:8b:42:a6:72:a7:1b:dc:0f:b0:
86:eb:6f:8b:e6:f4:87:18:fe:96:b1:f7:6f:17:81:
6f:e7:45:db:ca:81:ad:10:f9:11:b9:a0:b2:96:81:
a3:dd:8e:65:39:16:5a:55:97:e5:ee:93:80:b2:8b:
3a:b6:5f:1c:20:b9:22:91:3f:22:82:b1:97:40:57:
56:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:81:99:C6:67:EB:17:B1:5A:2A:06:FD:1A:00:9F:43:F7:8C:35:47
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/7IGZxmfrF7FaKgb9GgCfQ_eMNUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.94.164.0/23
185.94.167.0/24
185.102.137.0/24
185.102.139.0/24
185.103.252.0/23
185.104.248.0/24
185.104.251.0/24
185.112.81.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
97:c9:b8:70:fa:b1:3a:8a:b1:b7:c8:32:fc:55:56:1c:e4:43:
2a:01:3a:16:e6:44:fd:e2:76:7b:07:e1:0f:dd:5c:19:48:97:
05:35:d9:ca:c8:83:1c:47:4f:60:30:58:28:70:e2:76:aa:cd:
e0:b6:98:2b:f7:45:68:d9:12:d1:35:61:86:47:fa:52:98:3b:
e9:8c:53:66:57:2c:4a:f9:c0:f4:93:7e:e4:6f:fc:0a:c2:01:
b8:61:62:f6:ea:b0:f1:2c:5f:07:5a:50:92:c1:7d:e8:66:44:
1d:ba:ee:ec:8f:b1:38:d2:69:2f:65:a6:73:77:8d:e0:92:1d:
05:f0:a3:2f:13:e0:e7:d7:da:02:97:3e:02:fe:0a:75:43:68:
7a:9b:69:81:63:32:e2:65:63:79:b8:28:af:a8:30:3e:96:ce:
ce:6e:1e:05:f2:8e:da:b4:c8:d6:30:c2:3d:52:fe:56:ed:98:
92:de:93:51:15:9a:43:e2:96:8c:11:27:66:6f:24:a3:93:3d:
d3:ff:d8:5a:e0:74:63:7f:a4:ea:d6:e5:4d:4c:5a:b8:e8:73:
2e:9e:9f:95:2a:77:b1:83:43:dc:fc:2d:d7:26:4f:5b:37:9c:
81:9d:3d:d9:97:7c:e4:e4:66:12:32:15:20:f5:98:5b:ad:e9:
3e:72:e0:f4
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgIEBCJsbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
NTE2NDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWM4MTk5YzY2N2Vi
MTdiMTVhMmEwNmZkMWEwMDlmNDNmNzhjMzU0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALV11Xar7lOJR0u4ebz+O0b+rCmQhFPmY/W+KiFclu3dcMon
JPoX5EQZBdOTii1zMZnec2+aOf5JOrCy81CcB36vTF6guELnQYQSznYvxMnGXiRP
ya/QXbS8At8ittthYfXZMMqqEBcAbJTgPdxQU/YCUh/sdztrwzx4mWzZj72Rc5kK
d3USqpylwryFrPx0LxZNueUcDsxChuUE9/yErVxF1JrpAoWmr3Zu4YN31hwis17k
fk6Jd1Ksi0Kmcqcb3A+whutvi+b0hxj+lrH3bxeBb+dF28qBrRD5EbmgspaBo92O
ZTkWWlWX5e6TgLKLOrZfHCC5IpE/IoKxl0BXVoECAwEAAaOCA28wggNrMB0GA1Ud
DgQWBBTsgZnGZ+sXsVoqBv0aAJ9D94w1RzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzdJR1p4bWZyRjdGYUtnYjlHZ0NmUV9lTU5VYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AYMGCCsGAQUFBwEHAQH/BIIBcjCCAW4wgf8EAgABMIH4AwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEAblepAMEALlepwMEALlm
iQMEALlmiwMEAbln/AMEALlo+AMEALlo+wMEALlwUQMEALlwZAMEALl1dQMFALmL
RBwDBQC5i0Z0AwQBuayCAwQBua6IAwQAua6LAwQAubTkAwQAubTmAwUAubTnVwME
ALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAsI/jAMFAMJDxH8D
BQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwagQCAAIw
ZAMFACoEUgAwDgMFASoEUgIDBQMqBFIAAwUDKgdKAAMFACoJUwMDBQAqCpMAAwUD
KgvaAAMFAyoMaYADBQEqDPZAAwUAKg7WAgMFACoPRoADBQAqD3MAAwUDKg98gAMF
AyoPx4AwDQYJKoZIhvcNAQELBQADggEBAJfJuHD6sTqKsbfIMvxVVhzkQyoBOhbm
RP3idnsH4Q/dXBlIlwU12crIgxxHT2AwWChw4naqzeC2mCv3RWjZEtE1YYZH+lKY
O+mMU2ZXLEr5wPSTfuRv/ArCAbhhYvbqsPEsXwdaUJLBfehmRB267uyPsTjSaS9l
pnN3jeCSHQXwoy8T4OfX2gKXPgL+CnVDaHqbaYFjMuJlY3m4KK+oMD6Wzs5uHgXy
jtq0yNYwwj1S/lbtmJLek1EVmkPilowRJ2ZvJKOTPdP/2FrgdGN/pOrW5U1MWrjo
cy6en5Uqd7GDQ9z8LdcmT1s3nIGdPdmXfOTkZhIyFSD1mFut6T5y4PQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org