Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MYxDShhFCHRUVQh3yWUn1cO9ebI.roa
File: MYxDShhFCHRUVQh3yWUn1cO9ebI.roa (raw, json)
Hash identifier: Vg0ItdJZTrMTIncbwGn4qqZKH8OubrtditVY4Nx85oU=
Subject key identifier: 31:8C:43:4A:18:45:08:74:54:55:08:77:C9:65:27:D5:C3:BD:79:B2
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0186D6151F0EC3718078010528CCD0345B30
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MYxDShhFCHRUVQh3yWUn1cO9ebI.roa
Signing time: Sun 12 Mar 2023 13:49:13 +0000
ROA not before: Sun 12 Mar 2023 13:49:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
194.53.52.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
5.180.137.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
213.108.197.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
45.89.64.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
85.209.3.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a04:5200:fff2::/48 maxlen: 48
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0a:9300::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5205::/32 maxlen: 32
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300:aaaa::/48 maxlen: 48
2a04:5200:1::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
2a04:5200:fff7::/48 maxlen: 48
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5200:fff4::/48 maxlen: 48
2a04:5206::/32 maxlen: 32
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5207::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d6:15:1f:0e:c3:71:80:78:01:05:28:cc:d0:34:5b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 12 13:49:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=318c434a1845087454550877c96527d5c3bd79b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:51:8d:f7:56:f4:9b:61:55:ed:45:be:9e:25:
c2:0e:c4:98:13:4d:e9:fb:ae:f6:91:99:b8:56:cc:
d6:86:71:5a:9e:fe:73:12:1d:60:07:bc:47:e1:c2:
21:08:da:2d:36:e5:db:52:1a:36:f1:08:a7:bd:d4:
26:6b:7d:43:37:14:35:6b:6d:97:74:e7:3c:91:63:
b2:76:43:3e:03:e2:48:c7:57:4b:60:62:6c:42:44:
e0:50:1e:09:3a:01:ca:4d:d0:ce:4e:05:4c:ee:44:
52:96:dd:7d:81:cc:bf:c0:16:08:71:10:df:77:84:
d5:25:54:90:30:5b:65:e7:01:1f:d4:8c:df:06:b0:
48:ba:2f:2a:31:c9:d3:08:c8:29:71:21:3f:05:7b:
a3:db:a0:79:a2:b4:5a:86:3c:b2:b4:7f:e7:84:97:
db:64:44:63:70:37:3b:8d:c3:0c:25:04:d2:98:72:
ae:ff:60:3e:a3:42:28:63:ad:2e:9e:c3:b2:77:cd:
ec:b7:ff:4a:bb:a5:b6:86:a9:06:c2:d9:92:d9:22:
12:46:e0:b3:07:3f:95:1f:b5:a4:f0:2e:6e:81:b1:
f6:26:04:a6:21:7f:22:72:ac:63:4b:c4:44:ac:66:
bf:b9:f1:d6:21:73:51:da:5b:6d:21:40:21:c2:fb:
f1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8C:43:4A:18:45:08:74:54:55:08:77:C9:65:27:D5:C3:BD:79:B2
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/MYxDShhFCHRUVQh3yWUn1cO9ebI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.8.211.0/24
45.89.64.0/24
85.209.3.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.53.52.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.197.0-213.108.199.255
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0f:4680::/32
2a0f:7300::/32
Signature Algorithm: sha256WithRSAEncryption
32:34:7a:9e:73:51:5f:3b:5d:cf:b3:5a:f8:8a:88:5e:b0:75:
29:bb:17:a4:f7:ed:88:b8:82:dc:7a:ed:87:9f:ad:33:72:7f:
69:e0:db:ca:0b:35:d0:46:76:9f:64:2c:41:35:44:d0:05:56:
2a:83:67:2e:98:58:98:b8:56:b7:29:8e:55:4a:32:53:c7:e1:
59:7b:54:a5:8e:37:7c:34:b9:fe:f5:76:08:7d:38:17:bc:49:
26:06:a2:fb:45:d6:86:16:f9:8d:c8:51:8a:1b:47:05:ea:1d:
f7:3a:70:cd:c6:ef:e1:cb:6d:9b:5a:8e:84:d7:88:12:a1:ee:
ba:db:2f:02:a9:1d:28:b1:78:25:3d:52:c5:d1:27:79:99:f6:
35:11:21:89:30:21:63:59:db:36:b5:0c:c5:0d:fd:64:6d:94:
84:26:b9:94:d7:41:4c:b3:8b:e8:c2:0f:24:12:69:46:67:03:
a8:e8:44:6c:74:8e:72:91:67:ff:3b:4e:fd:e4:37:17:9f:5f:
06:2e:38:ac:41:c7:3a:a0:18:68:3f:e7:79:12:d3:b5:4f:34:
32:b5:39:a2:7e:49:96:4e:8f:6d:f8:b3:eb:1f:10:d7:3d:48:
05:3c:eb:fc:cb:7c:62:12:8e:95:82:bb:7d:68:88:52:3e:99:
82:c3:6c:07
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAYbWFR8Ow3GAeAEFKMzQNFswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMzEyMTM0OTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMThjNDM0YTE4NDUwODc0NTQ1NTA4NzdjOTY1MjdkNWMzYmQ3OWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1GN91b0m2FV7UW+niXCDsSYE03p
+672kZm4VszWhnFanv5zEh1gB7xH4cIhCNotNuXbUho28QinvdQma31DNxQ1a22X
dOc8kWOydkM+A+JIx1dLYGJsQkTgUB4JOgHKTdDOTgVM7kRSlt19gcy/wBYIcRDf
d4TVJVSQMFtl5wEf1IzfBrBIui8qMcnTCMgpcSE/BXuj26B5orRahjyytH/nhJfb
ZERjcDc7jcMMJQTSmHKu/2A+o0IoY60unsOyd83st/9Ku6W2hqkGwtmS2SISRuCz
Bz+VH7Wk8C5ugbH2JgSmIX8icqxjS8RErGa/ufHWIXNR2lttIUAhwvvxcwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFDGMQ0oYRQh0VFUId8llJ9XDvXmyMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTVl4RFNoaEZDSFJVVlFoM3lXVW4xY085ZWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCB4QQCAAEwgdoD
BAEFtIgDBAAF/HQDBAAtCNMDBAAtWUADBABV0QMDBABb2U0DBQCTTkIHAwUAuRED
ZgMEALlo+AMEALl9MgMFALmLRBwDBQC5i0Z0AwQBuayCAwQAua6IAwQAua6LAwQA
ubTmAwUAubTnVwMEALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gME
AMI1NAMEAsI/jAMFAMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUA
wkPQDAMFAMJD0DAwDAMEANVsxQMEA9VswDBABAIAAjA6AwUAKgRSADAOAwUBKgRS
AgMFAyoEUgADBQAqCVMDAwUAKgqTAAMFAyoL2gADBQAqD0aAAwUAKg9zADANBgkq
hkiG9w0BAQsFAAOCAQEAMjR6nnNRXztdz7Na+IqIXrB1KbsXpPftiLiC3Hrth5+t
M3J/aeDbygs10EZ2n2QsQTVE0AVWKoNnLphYmLhWtymOVUoyU8fhWXtUpY43fDS5
/vV2CH04F7xJJgai+0XWhhb5jchRihtHBeod9zpwzcbv4cttm1qOhNeIEqHuutsv
AqkdKLF4JT1SxdEneZn2NREhiTAhY1nbNrUMxQ39ZG2UhCa5lNdBTLOL6MIPJBJp
RmcDqOhEbHSOcpFn/ztO/eQ3F59fBi44rEHHOqAYaD/neRLTtU80MrU5on5Jlk6P
bfiz6x8Q1z1IBTzr/Mt8YhKOlYK7fWiIUj6ZgsNsBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org