Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/OQR3e10IRM5upQFB-vE_fc_YLrM.roa
File: OQR3e10IRM5upQFB-vE_fc_YLrM.roa (raw, json)
Hash identifier: MGTwD+7R8zWHkL9K+OCDCIQuvU5aEpDnVPvl9t353Fs=
Subject key identifier: 39:04:77:7B:5D:08:44:CE:6E:A5:01:41:FA:F1:3F:7D:CF:D8:2E:B3
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0181F939E6A007629AEE9BABCF4CE69564DE
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/OQR3e10IRM5upQFB-vE_fc_YLrM.roa
Signing time: Wed 13 Jul 2022 20:22:10 +0000
ROA not before: Wed 13 Jul 2022 20:22:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f9:39:e6:a0:07:62:9a:ee:9b:ab:cf:4c:e6:95:64:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 13 20:22:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3904777b5d0844ce6ea50141faf13f7dcfd82eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:25:fc:2b:cb:f3:ce:2b:fc:1f:4e:76:72:8b:
18:8a:49:25:8e:b1:e2:a3:69:66:9b:d5:ab:23:f4:
07:b6:87:9e:14:0b:54:04:b0:52:e5:21:1c:52:bc:
40:89:18:15:5e:ba:f9:b4:20:ca:0f:d5:be:1a:22:
34:01:82:80:62:37:07:7e:78:f4:8b:ad:55:25:50:
d6:14:74:cb:ae:42:c7:a5:c5:1c:3b:1a:55:0d:c2:
c2:3a:e8:6d:17:5d:f0:5b:4e:fe:be:63:f1:24:ac:
95:35:ed:34:8f:06:43:46:7e:f3:05:d6:da:76:8b:
07:f0:c9:ac:34:f4:f7:8f:49:e2:6a:fa:25:c6:12:
be:12:b8:f0:cb:89:11:62:74:90:d8:9b:81:c0:7d:
4e:e7:f2:d4:48:66:eb:c1:3b:77:16:fc:c3:9b:00:
84:c3:c5:af:50:a3:e7:ae:56:4d:b5:16:62:c6:11:
1a:b3:c2:39:63:d8:ff:5d:50:79:bd:3a:4e:9f:62:
94:5b:d9:16:a6:e4:31:14:88:6f:ba:dc:47:69:0d:
48:02:96:dc:d7:43:f8:82:c0:31:08:4a:06:32:93:
f5:a0:3e:56:01:b5:b3:ba:45:f2:7c:90:aa:3b:39:
50:2c:75:bb:8d:15:5b:d1:51:20:63:28:f3:f5:c5:
fa:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:04:77:7B:5D:08:44:CE:6E:A5:01:41:FA:F1:3F:7D:CF:D8:2E:B3
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/OQR3e10IRM5upQFB-vE_fc_YLrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.198.0/23
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
82:e3:77:ce:c1:46:79:08:3e:e5:ee:af:aa:f7:d6:0e:28:89:
cb:f2:03:c4:e3:7b:e1:e5:fb:65:7f:f0:7a:d4:27:1d:dd:0d:
87:23:87:28:11:6a:ba:be:de:3a:fd:e8:2f:d3:04:66:ca:0f:
df:04:8c:1a:cf:fc:58:27:8b:8e:7d:60:d8:4f:6b:2e:3c:78:
1b:21:c8:db:d9:16:4d:24:f1:79:9e:02:c0:9d:c9:57:51:f2:
bd:bb:25:f1:74:14:a3:4a:f8:99:3a:52:b5:13:5d:cb:be:7a:
8c:5f:34:ef:36:9b:e5:53:43:71:0c:81:e6:44:66:c5:fe:ed:
6e:9a:aa:1a:8f:d6:62:48:1e:44:27:e5:ae:e6:de:27:55:a1:
bd:17:12:9b:b0:d9:85:cd:65:ab:06:e2:f6:9b:67:e7:dc:2f:
0b:a9:cf:87:30:b4:65:86:51:a4:0e:96:f0:5e:fd:6b:f2:d9:
cc:34:d4:d1:b7:1b:16:eb:4e:eb:66:d2:48:37:f3:0a:37:e6:
a8:51:ce:d8:9b:b2:b9:d4:a7:0d:3a:93:e2:25:91:25:e0:9d:
38:47:8a:b6:1d:b1:56:91:da:06:a9:f7:0a:91:bc:94:20:6c:
1e:30:cb:04:60:72:e5:37:35:c3:72:92:36:ca:25:a6:c2:13:
a7:b1:f6:85
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgISAYH5OeagB2Ka7purz0zmlWTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwNzEzMjAyMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA0Nzc3YjVkMDg0NGNlNmVhNTAxNDFmYWYxM2Y3ZGNmZDgyZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyX8K8vzziv8H052cosYikkljrHi
o2lmm9WrI/QHtoeeFAtUBLBS5SEcUrxAiRgVXrr5tCDKD9W+GiI0AYKAYjcHfnj0
i61VJVDWFHTLrkLHpcUcOxpVDcLCOuhtF13wW07+vmPxJKyVNe00jwZDRn7zBdba
dosH8MmsNPT3j0niavolxhK+Erjwy4kRYnSQ2JuBwH1O5/LUSGbrwTt3FvzDmwCE
w8WvUKPnrlZNtRZixhEas8I5Y9j/XVB5vTpOn2KUW9kWpuQxFIhvutxHaQ1IApbc
10P4gsAxCEoGMpP1oD5WAbWzukXyfJCqOzlQLHW7jRVb0VEgYyjz9cX6SwIDAQAB
o4IDODCCAzQwHQYDVR0OBBYEFDkEd3tdCETObqUBQfrxP33P2C6zMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvT1FSM2UxMElSTTV1cFFGQi12RV9mY19ZTHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTAYIKwYBBQUHAQcBAf8EggE7MIIBNzCBzwQCAAEwgcgD
BQAFtIhMAwUABbSI3QMEAC0I0wMEAFvZTQMFAJNOQgcDBQC5EQNmAwQAuSgEAwQA
uWj4AwQAuX0yAwUAuYtEHAMFALmLRnQDBAG5rIIDBAC5rogDBAC5rosDBAC5tOYD
BQC5tOdXAwQAuby0AwQCub0MAwQCwKJkAwQAwQDIAwQBwQDKAwQAwajiAwQCwj+M
AwUAwkPEfwMFAMJDxgcDBQDCQ8ZsAwUAwkPLNgMFAMJD0AYDBQDCQ9AMAwUAwkPQ
MAMEAdVsxjBjBAIAAjBdAwUAKgRSADAOAwUBKgRSAgMFAyoEUgADBQAqCVMDAwUA
KgqTAAMFAyoL2gADBQMqDGmAAwUBKgz2QAMFACoO1gIDBQAqD0aAAwUAKg9zAAMF
AyoPfIADBQMqD8eAMA0GCSqGSIb3DQEBCwUAA4IBAQCC43fOwUZ5CD7l7q+q99YO
KInL8gPE43vh5ftlf/B61Ccd3Q2HI4coEWq6vt46/egv0wRmyg/fBIwaz/xYJ4uO
fWDYT2suPHgbIcjb2RZNJPF5ngLAnclXUfK9uyXxdBSjSviZOlK1E13LvnqMXzTv
NpvlU0NxDIHmRGbF/u1umqoaj9ZiSB5EJ+Wu5t4nVaG9FxKbsNmFzWWrBuL2m2fn
3C8Lqc+HMLRlhlGkDpbwXv1r8tnMNNTRtxsW607rZtJIN/MKN+aoUc7Ym7K51KcN
OpPiJZEl4J04R4q2HbFWkdoGqfcKkbyUIGweMMsEYHLlNzXDcpI2yiWmwhOnsfaF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org