Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JxaMen0PErTIBXB_uVMhduLujHA.roa
File: JxaMen0PErTIBXB_uVMhduLujHA.roa (raw, json)
Hash identifier: aUN0HzGJBhDSk+NtIBzKNn4bPzSNOwNprcjRz4p4KR8=
Subject key identifier: 27:16:8C:7A:7D:0F:12:B4:C8:05:70:7F:B9:53:21:76:E2:EE:8C:70
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 04559407
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JxaMen0PErTIBXB_uVMhduLujHA.roa
Signing time: Fri 25 Mar 2022 09:27:13 +0000
ROA not before: Fri 25 Mar 2022 09:27:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/22 maxlen: 22
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72717319 (0x4559407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 25 09:27:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27168c7a7d0f12b4c805707fb9532176e2ee8c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:5e:46:b0:6b:5c:91:2e:49:a4:8d:46:d5:
9e:98:a6:eb:f4:99:39:d0:80:44:2b:66:29:38:9d:
e5:2b:11:a4:12:2e:2d:06:62:69:dd:46:5b:84:b1:
85:4b:fe:5d:1c:7b:0a:7e:d2:95:f6:e9:62:fe:68:
53:db:aa:91:19:87:83:9e:10:78:35:2f:2b:b3:c0:
bf:af:f7:4e:1a:93:2b:c2:7d:75:2e:aa:9b:08:7c:
2b:07:12:53:99:ce:e4:39:05:63:eb:37:0a:60:43:
30:bb:12:b9:68:b5:1f:39:31:ea:3d:bc:82:da:1b:
64:92:42:46:80:75:12:52:06:4b:80:45:bb:b6:37:
bd:75:52:dc:51:de:10:46:18:cd:83:2e:2f:77:41:
fd:39:b5:f0:28:5e:9c:e5:ce:31:9a:ef:f3:ac:7e:
8a:6f:4f:e2:d1:43:e8:0b:fb:dd:d8:e7:26:07:dc:
c0:bd:f7:ab:e6:21:59:c4:ef:99:99:b5:e6:25:a4:
34:b8:81:14:b5:9c:73:21:e2:1b:f1:01:ed:bd:06:
db:b1:e1:90:83:51:80:21:a4:fd:fd:9c:0b:72:2e:
f8:45:14:bc:75:2d:f2:7f:17:1e:0d:b6:d7:06:b3:
28:ba:2c:ac:bb:8f:e4:2b:8b:3d:d6:f4:ce:64:ae:
e3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:16:8C:7A:7D:0F:12:B4:C8:05:70:7F:B9:53:21:76:E2:EE:8C:70
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JxaMen0PErTIBXB_uVMhduLujHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.102.137.0/24
185.102.139.0/24
185.104.248.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
45:6f:cb:b1:1f:39:0a:db:d5:32:6d:d5:bf:ea:23:af:a2:da:
ff:fb:ae:27:72:f8:d6:e5:ff:2a:e4:93:83:2d:cf:5d:0a:c5:
9e:09:99:b2:4d:1f:aa:00:1a:72:9e:13:c4:ee:52:15:03:1a:
5c:c0:91:05:c4:7b:58:8c:4e:12:50:3c:0a:fb:fb:87:b1:06:
ce:ad:a8:4a:2f:52:84:74:72:71:5e:8f:d0:d8:3d:02:76:6e:
59:1c:cf:e6:82:b7:b1:55:5b:66:65:e1:23:3d:fe:40:a1:87:
b0:ab:34:8a:67:d4:c2:71:f7:39:ba:2f:e1:f8:40:8d:ce:01:
9e:c4:10:a0:28:34:bc:5a:45:f0:93:49:61:b6:f6:db:94:3f:
5f:25:f2:17:85:bb:60:24:d1:b9:6d:49:e4:9e:f4:18:48:67:
9a:cf:68:af:99:3b:c7:13:1b:ba:e6:3c:b6:6f:e6:2e:df:ce:
31:e4:64:2b:6f:6a:42:1b:9a:99:90:02:9c:cc:7c:27:18:29:
58:7d:26:4f:45:0a:6e:7f:0d:4e:0e:c6:e4:1f:1e:c7:6e:d6:
24:4b:1f:3e:89:d0:58:ea:18:9b:f9:21:57:37:96:3b:cd:c8:
b0:af:64:58:b1:09:aa:ad:8f:a9:4f:ed:d5:33:69:9e:be:fa:
3e:52:1d:c7
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIEBFWUBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
NTA5MjcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjcxNjhjN2E3ZDBm
MTJiNGM4MDU3MDdmYjk1MzIxNzZlMmVlOGM3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJcXkawa1yRLkmkjUbVnpim6/SZOdCARCtmKTid5SsRpBIu
LQZiad1GW4SxhUv+XRx7Cn7SlfbpYv5oU9uqkRmHg54QeDUvK7PAv6/3ThqTK8J9
dS6qmwh8KwcSU5nO5DkFY+s3CmBDMLsSuWi1Hzkx6j28gtobZJJCRoB1ElIGS4BF
u7Y3vXVS3FHeEEYYzYMuL3dB/Tm18ChenOXOMZrv86x+im9P4tFD6Av73djnJgfc
wL33q+YhWcTvmZm15iWkNLiBFLWccyHiG/EB7b0G27HhkINRgCGk/f2cC3Iu+EUU
vHUt8n8XHg221wazKLosrLuP5CuLPdb0zmSu46UCAwEAAaOCA1EwggNNMB0GA1Ud
DgQWBBQnFox6fQ8StMgFcH+5UyF24u6McDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0p4YU1lbjBQRXJUSUJYQl91Vk1oZHVMdWpIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWUGCCsGAQUFBwEHAQH/BIIBVDCCAVAwgeEEAgABMIHaAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEALlmiQMEALlmiwMEALlo
+AMEALlwZAMEALl1dQMFALmLRBwDBQC5i0Z0AwQBuayCAwQAua6IAwQAua6LAwQA
ubTkAwQAubTmAwUAubTnVwMEALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygME
AMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUA
wkPQDAMFAMJD0DAwagQCAAIwZAMFACoEUgAwDgMFASoEUgIDBQMqBFIAAwUDKgdK
AAMFACoJUwMDBQAqCpMAAwUDKgvaAAMFAyoMaYADBQEqDPZAAwUAKg7WAgMFACoP
RoADBQAqD3MAAwUDKg98gAMFAyoPx4AwDQYJKoZIhvcNAQELBQADggEBAEVvy7Ef
OQrb1TJt1b/qI6+i2v/7ridy+Nbl/yrkk4Mtz10KxZ4JmbJNH6oAGnKeE8TuUhUD
GlzAkQXEe1iMThJQPAr7+4exBs6tqEovUoR0cnFej9DYPQJ2blkcz+aCt7FVW2Zl
4SM9/kChh7CrNIpn1MJx9zm6L+H4QI3OAZ7EEKAoNLxaRfCTSWG29tuUP18l8heF
u2Ak0bltSeSe9BhIZ5rPaK+ZO8cTG7rmPLZv5i7fzjHkZCtvakIbmpmQApzMfCcY
KVh9Jk9FCm5/DU4OxuQfHsdu1iRLHz6J0FjqGJv5IVc3ljvNyLCvZFixCaqtj6lP
7dUzaZ6++j5SHcc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org