Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/NLL5ZeOGMbafsFLua51035umVM8.roa
File: NLL5ZeOGMbafsFLua51035umVM8.roa (raw, json)
Hash identifier: LWk8w0YLEHCozdblNdOnw+ZQToOF5NMqZj/cMdAmJko=
Subject key identifier: 34:B2:F9:65:E3:86:31:B6:9F:B0:52:EE:6B:9D:74:DF:9B:A6:54:CF
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 04582B56
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/NLL5ZeOGMbafsFLua51035umVM8.roa
Signing time: Fri 25 Mar 2022 14:08:53 +0000
ROA not before: Fri 25 Mar 2022 14:08:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
194.63.140.0/22 maxlen: 22
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72887126 (0x4582b56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 25 14:08:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34b2f965e38631b69fb052ee6b9d74df9ba654cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e1:17:ee:9e:16:50:52:f7:9c:64:9f:e7:02:
9e:c2:27:43:d7:a7:da:f3:ff:af:12:7f:a5:d7:a3:
d4:e1:82:ba:58:04:4f:91:f7:7e:fd:7e:4f:28:78:
9b:cc:3e:4b:57:36:09:0e:dc:5c:24:7d:10:d9:51:
c5:07:a1:41:a2:db:60:3f:94:6d:9c:ab:ed:f1:bc:
9e:02:e0:38:08:b9:09:95:f9:85:f2:a8:d3:81:d3:
27:85:3e:90:b5:cc:a2:a3:67:b8:0d:5a:5f:82:76:
76:04:1f:77:08:66:f3:6d:56:fa:f2:22:f8:82:d0:
43:1f:68:34:fa:b7:56:75:91:e1:c1:2c:05:58:44:
27:55:e8:1d:b1:11:95:c0:c0:06:43:51:38:09:5b:
02:a8:fb:84:71:cd:a2:9f:b4:78:5a:11:aa:e2:01:
ea:bb:58:b6:8f:86:e0:6b:88:f3:be:99:cd:b3:94:
34:d4:bd:de:27:9b:7e:c9:9c:b0:05:cb:2a:86:2d:
92:dd:75:c6:c0:63:46:83:e5:28:77:3f:6a:2d:b7:
a4:d3:4a:ba:66:4a:af:de:24:e0:11:11:4d:ed:5c:
17:81:b0:b3:44:93:4b:52:15:bd:0c:9a:73:27:8b:
90:c6:ee:51:51:45:2e:50:c6:8f:f7:d1:3e:31:c4:
10:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B2:F9:65:E3:86:31:B6:9F:B0:52:EE:6B:9D:74:DF:9B:A6:54:CF
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/NLL5ZeOGMbafsFLua51035umVM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.102.137.0/24
185.102.139.0/24
185.104.248.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
9f:64:99:a3:dc:19:79:d0:48:9e:97:d5:61:48:00:f7:c3:ca:
63:a8:f7:ee:e1:87:30:fc:4e:ee:3e:59:ee:51:39:f4:8a:f1:
48:92:bc:9b:d7:e3:d5:f7:78:28:f1:39:b3:ee:27:48:76:ea:
1e:7b:1d:17:37:95:9b:4f:5d:55:4f:42:3e:41:a1:53:77:8b:
b4:ea:05:d9:a5:c5:37:0c:17:44:07:3e:65:eb:93:4c:cc:a1:
f4:ac:43:bf:f9:e9:e5:bd:5e:65:99:03:65:56:59:84:a1:e4:
80:09:c0:e5:23:c2:41:35:8c:69:c9:7c:b6:94:96:b2:e6:6f:
6f:ac:b0:42:ac:6c:5e:e7:ee:61:8c:6d:57:1c:35:4c:d9:ad:
c0:5d:d4:80:d3:04:9e:2b:8a:e8:4f:c6:2c:4a:bb:b4:78:ff:
24:5d:62:5d:27:1f:56:a3:e5:d5:f8:25:8f:31:9b:63:e2:63:
e7:98:59:07:4a:39:fa:d7:a9:68:15:9c:71:8d:65:ce:c2:1c:
b2:80:97:d5:1e:78:7b:e3:f8:72:b5:31:d1:36:73:5d:3e:6e:
fa:c4:ad:ba:47:4b:36:68:86:8a:18:c4:29:bd:33:86:12:12:
11:a9:c7:84:dc:ca:43:96:d8:05:13:2d:47:cd:83:11:f8:db:
ae:c5:11:2e
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIEBFgrVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
NTE0MDg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRiMmY5NjVlMzg2
MzFiNjlmYjA1MmVlNmI5ZDc0ZGY5YmE2NTRjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPhF+6eFlBS95xkn+cCnsInQ9en2vP/rxJ/pdej1OGCulgE
T5H3fv1+Tyh4m8w+S1c2CQ7cXCR9ENlRxQehQaLbYD+UbZyr7fG8ngLgOAi5CZX5
hfKo04HTJ4U+kLXMoqNnuA1aX4J2dgQfdwhm821W+vIi+ILQQx9oNPq3VnWR4cEs
BVhEJ1XoHbERlcDABkNROAlbAqj7hHHNop+0eFoRquIB6rtYto+G4GuI876ZzbOU
NNS93iebfsmcsAXLKoYtkt11xsBjRoPlKHc/ai23pNNKumZKr94k4BERTe1cF4Gw
s0STS1IVvQyacyeLkMbuUVFFLlDGj/fRPjHEENsCAwEAAaOCA1EwggNNMB0GA1Ud
DgQWBBQ0svll44Yxtp+wUu5rnXTfm6ZUzzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L05MTDVaZU9HTWJhZnNGTHVhNTEwMzV1bVZNOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWUGCCsGAQUFBwEHAQH/BIIBVDCCAVAwgeEEAgABMIHaAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEALlmiQMEALlmiwMEALlo
+AMEALlwZAMEALl1dQMFALmLRBwDBQC5i0Z0AwQBuayCAwQBua6IAwQAua6LAwQA
ubTkAwQAubTmAwUAubTnVwMEALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygME
AMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUA
wkPQDAMFAMJD0DAwagQCAAIwZAMFACoEUgAwDgMFASoEUgIDBQMqBFIAAwUDKgdK
AAMFACoJUwMDBQAqCpMAAwUDKgvaAAMFAyoMaYADBQEqDPZAAwUAKg7WAgMFACoP
RoADBQAqD3MAAwUDKg98gAMFAyoPx4AwDQYJKoZIhvcNAQELBQADggEBAJ9kmaPc
GXnQSJ6X1WFIAPfDymOo9+7hhzD8Tu4+We5ROfSK8UiSvJvX49X3eCjxObPuJ0h2
6h57HRc3lZtPXVVPQj5BoVN3i7TqBdmlxTcMF0QHPmXrk0zMofSsQ7/56eW9XmWZ
A2VWWYSh5IAJwOUjwkE1jGnJfLaUlrLmb2+ssEKsbF7n7mGMbVccNUzZrcBd1IDT
BJ4riuhPxixKu7R4/yRdYl0nH1aj5dX4JY8xm2PiY+eYWQdKOfrXqWgVnHGNZc7C
HLKAl9UeeHvj+HK1MdE2c10+bvrErbpHSzZohooYxCm9M4YSEhGpx4TcykOW2AUT
LUfNgxH4267FES4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org