Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/C3tUQ3BckGaU0kXVTAUFFABj5gE.roa
File: C3tUQ3BckGaU0kXVTAUFFABj5gE.roa (raw, json)
Hash identifier: fbTnSrjbDY01uIlHLd0e+gG8lui4ZvTKOVOuLxYSyP8=
Subject key identifier: 0B:7B:54:43:70:5C:90:66:94:D2:45:D5:4C:05:05:14:00:63:E6:01
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 03EB66C7
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/C3tUQ3BckGaU0kXVTAUFFABj5gE.roa
Signing time: Thu 24 Feb 2022 09:42:47 +0000
ROA not before: Thu 24 Feb 2022 09:42:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.140.0/23 maxlen: 23
194.63.140.0/22 maxlen: 22
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
185.117.116.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.106.92.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.106.95.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
185.112.81.0/24 maxlen: 24
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
5.180.136.221/32 maxlen: 32
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65758919 (0x3eb66c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Feb 24 09:42:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b7b5443705c906694d245d54c0505140063e601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:67:a0:99:40:49:89:57:ae:ca:be:6e:df:fd:
4a:62:b9:58:31:8e:43:d2:eb:81:e7:3a:05:a6:ca:
17:b4:07:86:39:98:e9:0a:ca:7e:21:bf:6d:3b:71:
29:ea:40:6f:ca:86:14:db:93:90:c0:9c:22:56:1b:
e9:53:65:02:48:ed:75:46:02:b8:54:1e:2d:a9:3b:
18:eb:16:18:78:45:f3:34:70:24:07:24:d0:6f:3f:
56:1a:f4:9c:bf:51:9a:81:4f:35:d8:3b:e5:cb:c5:
ca:78:d5:a7:c1:f3:b9:6d:07:4e:4e:87:55:ca:f6:
f5:5b:fe:fc:57:bc:58:ca:14:15:93:fc:27:5f:b2:
a9:40:04:1e:fb:5a:4c:e4:e6:e1:5c:8b:0d:6a:21:
1f:f9:a9:a8:a5:d6:0f:f6:17:03:d1:7c:ad:dd:39:
b6:49:eb:3d:07:73:56:80:cf:c9:45:48:b2:6c:32:
52:3b:95:e2:48:5e:0f:e0:15:1d:54:37:01:e6:3d:
84:b4:70:a7:66:7a:35:76:e3:c5:d2:af:8a:fe:f8:
d3:8c:da:95:39:8c:20:22:10:4f:4a:ef:20:be:e5:
f3:69:c3:b5:a2:ff:03:e4:b6:7a:de:59:d0:75:2e:
8f:77:8a:54:26:9f:de:dc:67:14:b7:c4:6a:02:fe:
75:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7B:54:43:70:5C:90:66:94:D2:45:D5:4C:05:05:14:00:63:E6:01
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/C3tUQ3BckGaU0kXVTAUFFABj5gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.94.164.0/23
185.94.167.0/24
185.102.137.0/24
185.102.139.0/24
185.103.252.0/23
185.104.248.0/24
185.104.251.0/24
185.106.92.0/22
185.112.81.0/24
185.112.100.0/24
185.117.116.0/23
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
51:59:49:c5:e3:32:2a:33:5b:4f:62:82:56:58:87:8b:04:b1:
90:14:b9:5a:15:c7:a0:38:49:89:8d:2d:ec:56:68:f2:64:03:
d2:a2:f1:69:9d:3e:4a:09:6d:c8:76:fb:80:84:b5:1e:6f:b5:
c0:83:69:66:af:19:86:12:36:d0:8a:c5:fa:80:92:1d:c1:69:
25:5b:2d:ed:e6:e7:08:5c:24:dd:93:c1:fd:b6:7b:5f:0a:7c:
0e:99:bf:70:de:73:60:08:a2:a2:ff:de:39:8e:7a:42:ac:ca:
1a:9a:d1:7d:23:aa:33:cc:98:b9:97:bb:68:9c:89:04:af:6b:
4d:16:c7:e9:29:6c:2a:16:5a:a3:21:8c:10:2b:fa:d0:93:80:
a0:bc:63:5d:eb:74:89:d7:8a:25:08:93:9b:a9:b7:22:76:00:
8e:13:ca:9f:d7:4d:bf:41:bd:74:bc:90:53:c9:b6:c3:b6:18:
39:48:86:f3:f7:28:08:df:1f:62:6b:b4:77:48:22:63:c9:e2:
fb:5b:d6:da:ee:74:d7:78:7e:a7:0c:4e:c3:9e:f5:ab:55:00:
3a:55:06:c3:a6:2e:87:73:6b:4d:ef:2f:35:ff:6a:17:29:30:
7c:49:bf:e3:01:51:db:11:fe:d8:f3:78:6d:91:07:73:6c:a6:
53:48:a7:28
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgIEA+tmxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDIy
NDA5NDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI3YjU0NDM3MDVj
OTA2Njk0ZDI0NWQ1NGMwNTA1MTQwMDYzZTYwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMlnoJlASYlXrsq+bt/9SmK5WDGOQ9Lrgec6BabKF7QHhjmY
6QrKfiG/bTtxKepAb8qGFNuTkMCcIlYb6VNlAkjtdUYCuFQeLak7GOsWGHhF8zRw
JAck0G8/Vhr0nL9RmoFPNdg75cvFynjVp8HzuW0HTk6HVcr29Vv+/Fe8WMoUFZP8
J1+yqUAEHvtaTOTm4VyLDWohH/mpqKXWD/YXA9F8rd05tknrPQdzVoDPyUVIsmwy
UjuV4kheD+AVHVQ3AeY9hLRwp2Z6NXbjxdKviv7404zalTmMICIQT0rvIL7l82nD
taL/A+S2et5Z0HUuj3eKVCaf3txnFLfEagL+dUsCAwEAAaOCA1QwggNQMB0GA1Ud
DgQWBBQLe1RDcFyQZpTSRdVMBQUUAGPmATAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0MzdFVRM0Jja0dhVTBrWFZUQVVGRkFCajVnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWgGCCsGAQUFBwEHAQH/BIIBVzCCAVMwgfkEAgABMIHyAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEAblepAMEALlepwMEALlm
iQMEALlmiwMEAbln/AMEALlo+AMEALlo+wMEArlqXAMEALlwUQMEALlwZAMEAbl1
dAMFALmLRBwDBQC5i0Z0AwQBuayCAwQBua6IAwQAua6LAwQAubTkAwQAubTmAwUA
ubTnVwMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAsI/jAMFAMJDxH8DBQDCQ8YH
AwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwVQQCAAIwTwMFACoE
UgAwDgMFASoEUgIDBQMqBFIAAwUAKglTAwMFACoKkwADBQMqDGmAAwUBKgz2QAMF
ACoO1gIDBQAqD0aAAwUAKg9zAAMFAyoPx4AwDQYJKoZIhvcNAQELBQADggEBAFFZ
ScXjMiozW09iglZYh4sEsZAUuVoVx6A4SYmNLexWaPJkA9Ki8WmdPkoJbch2+4CE
tR5vtcCDaWavGYYSNtCKxfqAkh3BaSVbLe3m5whcJN2Twf22e18KfA6Zv3Dec2AI
oqL/3jmOekKsyhqa0X0jqjPMmLmXu2iciQSva00Wx+kpbCoWWqMhjBAr+tCTgKC8
Y13rdInXiiUIk5uptyJ2AI4Typ/XTb9BvXS8kFPJtsO2GDlIhvP3KAjfH2JrtHdI
ImPJ4vtb1trudNd4fqcMTsOe9atVADpVBsOmLodza03vLzX/ahcpMHxJv+MBUdsR
/tjzeG2RB3NsplNIpyg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:28 2023 by rpki-client on console-ams.rpki-client.org