Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AE9KQlhLfnr0UMpLP2-YwSLe6_E.roa
File: AE9KQlhLfnr0UMpLP2-YwSLe6_E.roa (raw, json)
Hash identifier: vZfQopK/CoPNIbunYMS8tZOSgA35kpkmc2uAXSjlJac=
Subject key identifier: 00:4F:4A:42:58:4B:7E:7A:F4:50:CA:4B:3F:6F:98:C1:22:DE:EB:F1
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 044DD3A8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AE9KQlhLfnr0UMpLP2-YwSLe6_E.roa
Signing time: Wed 23 Mar 2022 10:00:23 +0000
ROA not before: Wed 23 Mar 2022 10:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
185.112.81.0/24 maxlen: 24
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72209320 (0x44dd3a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 23 10:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=004f4a42584b7e7af450ca4b3f6f98c122deebf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d7:d4:9f:d1:12:62:48:62:fa:65:75:d9:e4:
13:50:d0:0f:47:26:b7:c9:7b:3f:4e:dc:2d:50:d1:
b2:d6:63:ea:fb:ed:54:23:77:4b:d0:c9:0a:df:b5:
6d:1d:e7:e0:99:a3:27:4e:ae:49:ba:e3:1c:14:de:
7f:6f:4f:8b:dd:52:77:18:6a:7a:23:b2:9a:ba:2a:
50:30:c6:b8:1b:aa:95:45:6c:ac:4a:8e:ef:ae:cc:
f7:f4:ad:79:75:3e:19:56:b9:10:f2:e1:17:77:94:
33:12:3f:bc:93:23:90:1f:32:e2:ff:9f:11:87:26:
b9:24:12:6f:c1:53:80:bd:f6:a1:c2:3d:bd:48:e3:
9b:94:3d:f9:c3:c3:41:84:fb:cf:db:72:f9:1a:de:
61:86:2d:bf:4b:d2:40:18:d8:21:8f:20:6f:7d:f8:
46:7d:f0:89:b6:0b:7a:c6:e5:d5:1c:1d:2d:8d:76:
e6:ad:33:de:6a:59:ad:99:e9:a4:6a:6a:f7:b9:6a:
6b:05:e0:4c:ae:14:2c:af:d2:79:24:2a:de:81:b7:
af:7e:b8:02:8a:f0:cf:53:0c:ac:21:2c:af:1f:52:
6c:c5:a7:a4:79:e1:1e:ed:31:ef:d4:b1:26:0c:c8:
81:ad:14:a0:74:63:bc:f4:f1:dd:77:e4:8a:80:4d:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4F:4A:42:58:4B:7E:7A:F4:50:CA:4B:3F:6F:98:C1:22:DE:EB:F1
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AE9KQlhLfnr0UMpLP2-YwSLe6_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.102.137.0/24
185.102.139.0/24
185.104.248.0/24
185.104.251.0/24
185.112.81.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
3f:b8:b1:46:ec:2c:45:c1:ef:bb:d1:7f:71:19:00:0e:41:ba:
e9:1a:37:06:00:14:6b:e5:4e:51:69:ca:04:e9:e9:9c:fe:85:
5c:01:52:f4:de:ed:45:84:9f:3a:b1:69:53:36:07:b3:f2:54:
68:2d:9d:d6:f6:69:b2:1f:17:4a:fa:d0:6b:49:ce:96:5d:cb:
fb:52:9c:78:23:b1:8a:1a:62:22:d5:4a:12:d4:7c:84:bd:0f:
2e:e0:b4:93:90:60:a1:40:86:4a:1f:9a:9e:58:d7:98:80:3c:
88:9e:69:d6:30:30:1d:87:85:88:32:47:64:f6:23:f9:8c:71:
03:67:4f:e9:07:03:f3:e2:50:12:0f:a3:91:74:70:47:03:cb:
c1:8f:bc:4a:c3:c8:bf:c0:1e:87:d1:ee:b9:db:b8:61:5f:ee:
ee:2c:f3:e3:52:38:2b:43:79:30:9e:58:08:a7:18:f9:5c:7e:
67:91:f6:08:86:b8:90:54:3b:25:42:1f:40:f6:ff:01:85:e9:
74:2c:50:4f:66:65:c5:00:0d:31:04:8e:d1:92:cd:be:ee:72:
88:fc:55:59:fa:50:68:6f:5d:25:d3:5a:65:df:9e:a8:ed:5d:
ad:53:71:8b:cc:95:ab:19:1b:a8:79:ce:89:1d:9c:5b:8c:f0:
55:09:95:ed
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIEBE3TqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
MzEwMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0ZjRhNDI1ODRi
N2U3YWY0NTBjYTRiM2Y2Zjk4YzEyMmRlZWJmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPX1J/REmJIYvplddnkE1DQD0cmt8l7P07cLVDRstZj6vvt
VCN3S9DJCt+1bR3n4JmjJ06uSbrjHBTef29Pi91SdxhqeiOymroqUDDGuBuqlUVs
rEqO767M9/SteXU+GVa5EPLhF3eUMxI/vJMjkB8y4v+fEYcmuSQSb8FTgL32ocI9
vUjjm5Q9+cPDQYT7z9ty+RreYYYtv0vSQBjYIY8gb334Rn3wibYLesbl1RwdLY12
5q0z3mpZrZnppGpq97lqawXgTK4ULK/SeSQq3oG3r364Aorwz1MMrCEsrx9SbMWn
pHnhHu0x79SxJgzIga0UoHRjvPTx3XfkioBNEc0CAwEAAaOCA10wggNZMB0GA1Ud
DgQWBBQAT0pCWEt+evRQyks/b5jBIt7r8TAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0FFOUtRbGhMZm5yMFVNcExQMi1Zd1NMZTZfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AXEGCCsGAQUFBwEHAQH/BIIBYDCCAVwwge0EAgABMIHmAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEALlmiQMEALlmiwMEALlo
+AMEALlo+wMEALlwUQMEALlwZAMEALl1dQMFALmLRBwDBQC5i0Z0AwQBuayCAwQB
ua6IAwQAua6LAwQAubTkAwQAubTmAwUAubTnVwMEALm8tAMEArm9DAMEAsCiZAME
AMEAyAMEAcEAygMEAMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJD
yzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwagQCAAIwZAMFACoEUgAwDgMFASoEUgID
BQMqBFIAAwUDKgdKAAMFACoJUwMDBQAqCpMAAwUDKgvaAAMFAyoMaYADBQEqDPZA
AwUAKg7WAgMFACoPRoADBQAqD3MAAwUDKg98gAMFAyoPx4AwDQYJKoZIhvcNAQEL
BQADggEBAD+4sUbsLEXB77vRf3EZAA5BuukaNwYAFGvlTlFpygTp6Zz+hVwBUvTe
7UWEnzqxaVM2B7PyVGgtndb2abIfF0r60GtJzpZdy/tSnHgjsYoaYiLVShLUfIS9
Dy7gtJOQYKFAhkofmp5Y15iAPIieadYwMB2HhYgyR2T2I/mMcQNnT+kHA/PiUBIP
o5F0cEcDy8GPvErDyL/AHofR7rnbuGFf7u4s8+NSOCtDeTCeWAinGPlcfmeR9giG
uJBUOyVCH0D2/wGF6XQsUE9mZcUADTEEjtGSzb7ucoj8VVn6UGhvXSXTWmXfnqjt
Xa1TcYvMlasZG6h5zokdnFuM8FUJle0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org