Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/G_fMcSnH3SAMx5jywhAu-AUmek0.roa
File: G_fMcSnH3SAMx5jywhAu-AUmek0.roa (raw, json)
Hash identifier: uCxu7TXhizb4bDBG7t8SURuxQtLRmfIVOKqNsG2OYyk=
Subject key identifier: 1B:F7:CC:71:29:C7:DD:20:0C:C7:98:F2:C2:10:2E:F8:05:26:7A:4D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 042F2878
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/G_fMcSnH3SAMx5jywhAu-AUmek0.roa
Signing time: Fri 18 Mar 2022 10:07:17 +0000
ROA not before: Fri 18 Mar 2022 10:07:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/22 maxlen: 22
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
185.112.81.0/24 maxlen: 24
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70199416 (0x42f2878)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 18 10:07:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bf7cc7129c7dd200cc798f2c2102ef805267a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:02:26:a8:ab:a5:6c:74:15:8f:e3:ef:d8:28:
9b:9b:75:c5:a2:bc:65:74:de:a2:e4:30:b3:f2:c4:
22:3d:ec:55:c4:9d:0d:c2:6c:87:7f:93:c5:a1:1c:
c6:ab:5f:cb:01:41:27:82:a0:b4:5b:1f:49:bd:eb:
ff:15:9a:57:62:35:38:b5:08:60:cb:56:b9:da:c2:
39:bc:e5:2d:6d:ba:e0:a4:4a:13:6d:d3:12:01:43:
57:ed:ca:17:f1:7e:e4:d3:ae:85:93:b6:f0:31:d3:
de:14:3e:07:02:f9:05:c9:21:e4:64:af:99:6d:45:
88:d6:3a:4e:95:fb:89:50:27:d2:27:6f:ce:ec:78:
dd:65:79:7b:df:e0:35:ba:aa:f9:f4:be:e1:d9:c7:
62:f9:e9:5a:e2:e0:ee:ba:22:5c:08:a8:b9:19:0a:
80:8b:fc:33:bc:a5:96:f1:45:54:a8:f5:ca:dc:8e:
cf:27:21:14:f8:0a:ec:1d:47:df:d1:e7:a3:bf:83:
5a:11:90:bf:84:dc:62:30:c1:f0:d8:6e:3e:a6:21:
1b:c9:45:c6:d7:87:1f:30:e6:d5:80:b0:f5:79:1c:
a7:46:73:60:ac:d6:62:63:d6:4e:9f:8e:91:30:88:
80:e3:c6:f7:bf:11:2d:c3:f2:30:52:10:40:ac:08:
eb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F7:CC:71:29:C7:DD:20:0C:C7:98:F2:C2:10:2E:F8:05:26:7A:4D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/G_fMcSnH3SAMx5jywhAu-AUmek0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.94.164.0/23
185.94.167.0/24
185.102.137.0/24
185.102.139.0/24
185.104.248.0/24
185.104.251.0/24
185.112.81.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
12:7a:75:74:d4:fa:f6:92:ef:c6:6f:05:c7:3f:ef:d7:53:d6:
83:eb:dc:bf:b2:71:b3:d8:b0:1a:33:6f:ff:e3:f7:ba:ae:c0:
13:81:89:b3:f5:7a:d7:c4:c7:1d:98:6a:b9:eb:95:8c:94:d7:
79:64:af:8d:52:ad:03:be:89:1a:98:03:7e:07:95:0b:f6:06:
4c:ba:46:72:ec:30:27:1f:3e:cc:c7:85:63:ee:4c:06:b0:c1:
65:15:9d:e2:24:32:18:9d:48:51:7a:1e:5d:e6:1b:8a:64:8a:
92:1a:8f:85:fe:14:08:90:55:fa:ac:67:ff:7a:2a:c8:40:11:
3b:58:7d:62:2e:8d:d7:79:a4:6d:6b:30:4f:a8:8f:da:dc:a4:
47:57:aa:1e:17:c1:73:f5:f0:4c:c0:53:33:08:32:49:e5:3a:
27:b3:ce:91:07:68:42:7c:33:75:80:d0:c6:47:ee:e3:29:67:
5d:60:f2:86:b3:cc:15:3b:d7:96:e9:79:05:60:23:4f:73:1e:
e2:22:9f:05:5f:7b:56:b0:da:2a:47:6f:58:a9:6d:5c:44:8e:
56:65:b7:c6:a4:2c:ec:d5:4e:3d:10:c6:12:a4:5f:fe:fa:6c:
54:88:a8:0f:b6:18:f5:8e:82:2e:91:88:8b:d2:ee:7b:79:35:
5d:8a:3c:1e
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgIEBC8oeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
ODEwMDcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJmN2NjNzEyOWM3
ZGQyMDBjYzc5OGYyYzIxMDJlZjgwNTI2N2E0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKACJqirpWx0FY/j79gom5t1xaK8ZXTeouQws/LEIj3sVcSd
DcJsh3+TxaEcxqtfywFBJ4KgtFsfSb3r/xWaV2I1OLUIYMtWudrCObzlLW264KRK
E23TEgFDV+3KF/F+5NOuhZO28DHT3hQ+BwL5Bckh5GSvmW1FiNY6TpX7iVAn0idv
zux43WV5e9/gNbqq+fS+4dnHYvnpWuLg7roiXAiouRkKgIv8M7yllvFFVKj1ytyO
zychFPgK7B1H39Hno7+DWhGQv4TcYjDB8NhuPqYhG8lFxteHHzDm1YCw9Xkcp0Zz
YKzWYmPWTp+OkTCIgOPG978RLcPyMFIQQKwI640CAwEAAaOCA2kwggNlMB0GA1Ud
DgQWBBQb98xxKcfdIAzHmPLCEC74BSZ6TTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0dfZk1jU25IM1NBTXg1anl3aEF1LUFVbWVrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AX0GCCsGAQUFBwEHAQH/BIIBbDCCAWgwgfkEAgABMIHyAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEAblepAMEALlepwMEALlm
iQMEALlmiwMEALlo+AMEALlo+wMEALlwUQMEALlwZAMEALl1dQMFALmLRBwDBQC5
i0Z0AwQBuayCAwQBua6IAwQAua6LAwQAubTkAwQAubTmAwUAubTnVwMEALm8tAME
Arm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YH
AwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwagQCAAIwZAMFACoE
UgAwDgMFASoEUgIDBQMqBFIAAwUDKgdKAAMFACoJUwMDBQAqCpMAAwUDKgvaAAMF
AyoMaYADBQEqDPZAAwUAKg7WAgMFACoPRoADBQAqD3MAAwUDKg98gAMFAyoPx4Aw
DQYJKoZIhvcNAQELBQADggEBABJ6dXTU+vaS78ZvBcc/79dT1oPr3L+ycbPYsBoz
b//j97quwBOBibP1etfExx2YarnrlYyU13lkr41SrQO+iRqYA34HlQv2Bky6RnLs
MCcfPszHhWPuTAawwWUVneIkMhidSFF6Hl3mG4pkipIaj4X+FAiQVfqsZ/96KshA
ETtYfWIujdd5pG1rME+oj9rcpEdXqh4XwXP18EzAUzMIMknlOiezzpEHaEJ8M3WA
0MZH7uMpZ11g8oazzBU715bpeQVgI09zHuIinwVfe1aw2ipHb1ipbVxEjlZlt8ak
LOzVTj0QxhKkX/76bFSIqA+2GPWOgi6RiIvS7nt5NV2KPB4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org