Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/POvnpzYnLqC_IyVWH_iSPongBxo.roa
File: POvnpzYnLqC_IyVWH_iSPongBxo.roa (raw, json)
Hash identifier: pHQ9SJbTYWsXuKxksxzVTIDig3BgZ2AUIX8lRaUsRIE=
Subject key identifier: 3C:EB:E7:A7:36:27:2E:A0:BF:23:25:56:1F:F8:92:3E:89:E0:07:1A
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01833735B60660580CA63E98D7440BFA12B1
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/POvnpzYnLqC_IyVWH_iSPongBxo.roa
Signing time: Tue 13 Sep 2022 14:16:50 +0000
ROA not before: Tue 13 Sep 2022 14:16:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
194.53.55.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:35:b6:06:60:58:0c:a6:3e:98:d7:44:0b:fa:12:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 13 14:16:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cebe7a736272ea0bf2325561ff8923e89e0071a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2d:97:d0:f5:37:fd:ed:52:13:5a:d4:3c:47:
ff:68:be:72:e8:6a:63:cb:ad:af:1a:57:ee:d3:bc:
c9:5f:46:51:8d:72:4a:9d:fc:8d:28:f2:d3:0f:f8:
b1:c4:70:92:ac:4d:9a:9b:02:d8:3b:5f:1b:81:4a:
06:d0:91:31:b4:2c:c0:e5:21:95:6d:55:16:a3:dd:
21:63:cf:36:24:82:da:66:c5:98:65:77:f8:56:6f:
0b:44:6f:6a:26:6f:32:c4:60:5d:7f:b5:f5:5a:90:
9a:ce:b0:a0:50:d5:c2:e1:2b:e0:e8:26:fa:2b:2d:
a2:ab:d0:cd:de:6d:4a:df:66:ea:fd:2e:92:50:26:
0a:9a:b0:68:8a:8a:1d:0d:1d:32:8f:b5:b2:8b:70:
49:ee:2d:c3:4a:d6:e1:d6:1c:cb:fe:62:1a:13:22:
f4:7b:ab:87:e5:a3:e5:fd:2e:89:dd:d3:81:76:56:
f2:7d:db:e9:d2:0a:a1:29:8e:1e:dc:75:8a:6f:07:
b1:68:32:2d:99:2b:7f:69:81:88:ea:46:db:9c:27:
94:96:c4:36:f6:c8:64:48:87:b5:23:3c:a5:c7:4e:
62:f4:62:dd:3f:c4:44:63:9b:b0:16:e0:eb:31:66:
79:00:0a:7e:03:be:f8:87:42:57:a2:c4:4a:13:ae:
02:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EB:E7:A7:36:27:2E:A0:BF:23:25:56:1F:F8:92:3E:89:E0:07:1A
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/POvnpzYnLqC_IyVWH_iSPongBxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.53.55.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.198.0/23
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
Signature Algorithm: sha256WithRSAEncryption
b5:f9:31:c2:95:83:24:d9:68:88:b2:a8:81:3a:de:01:01:c4:
d4:9e:da:4c:3d:42:4d:be:a5:66:7d:b2:c3:42:93:e6:37:34:
86:a3:2d:68:af:ba:45:af:70:45:8a:a6:ab:27:ea:b0:e1:65:
d9:9e:1d:97:b4:6f:0e:ec:d0:5c:9e:77:d9:23:65:ad:fc:56:
8a:d3:8f:d1:06:db:40:5a:d6:a2:53:fd:cb:d6:1e:be:45:30:
60:d0:a9:9e:f4:65:37:db:cc:e1:61:2a:84:51:1b:65:d8:23:
21:1b:3b:1b:2e:29:01:b5:cd:33:36:c1:bd:f3:3e:0a:de:fd:
1a:0d:d3:cd:62:52:02:43:5b:ac:22:41:78:a1:50:49:e8:2e:
46:99:3d:a5:b1:e8:a5:70:eb:9b:65:af:bc:76:91:71:7d:ae:
4d:91:5e:a8:70:18:50:c6:c0:c7:2d:ff:f2:2b:ee:a2:63:6c:
b3:8a:61:9c:33:91:fa:7d:b8:8c:24:f8:38:64:d9:96:8b:da:
9b:80:f4:ea:16:f2:60:70:67:11:78:d6:ff:a8:46:cd:32:1c:
36:27:ca:bc:cc:59:16:ca:06:73:17:6b:db:25:41:16:ed:b4:
1a:a4:07:c7:9f:2f:16:d6:22:95:f3:c4:de:28:91:e3:d4:45:
a0:ae:a8:d7
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAYM3NbYGYFgMpj6Y10QL+hKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTEzMTQxNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ViZTdhNzM2MjcyZWEwYmYyMzI1NTYxZmY4OTIzZTg5ZTAwNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy2X0PU3/e1SE1rUPEf/aL5y6Gpj
y62vGlfu07zJX0ZRjXJKnfyNKPLTD/ixxHCSrE2amwLYO18bgUoG0JExtCzA5SGV
bVUWo90hY882JILaZsWYZXf4Vm8LRG9qJm8yxGBdf7X1WpCazrCgUNXC4Svg6Cb6
Ky2iq9DN3m1K32bq/S6SUCYKmrBoioodDR0yj7Wyi3BJ7i3DStbh1hzL/mIaEyL0
e6uH5aPl/S6J3dOBdlbyfdvp0gqhKY4e3HWKbwexaDItmSt/aYGI6kbbnCeUlsQ2
9shkSIe1Izylx05i9GLdP8REY5uwFuDrMWZ5AAp+A774h0JXosRKE64ChwIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFDzr56c2Jy6gvyMlVh/4kj6J4AcaMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUE92bnB6WW5McUNfSXlWV0hfaVNQb25nQnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNgYIKwYBBQUHAQcBAf8EggElMIIBITCB1QQCAAEwgc4D
BQAFtIhMAwUABbSI3QMEAC0I0wMEAFvZTQMFAJNOQgcDBQC5EQNmAwQAuSgEAwQA
uWj4AwQAuX0yAwUAuYtEHAMFALmLRnQDBAG5rIIDBAC5rogDBAC5rosDBAC5tOYD
BQC5tOdXAwQAuby0AwQCub0MAwQCwKJkAwQAwQDIAwQBwQDKAwQAwajiAwQAwjU3
AwQCwj+MAwUAwkPEfwMFAMJDxgcDBQDCQ8ZsAwUAwkPLNgMFAMJD0AYDBQDCQ9AM
AwUAwkPQMAMEAdVsxjBHBAIAAjBBAwUAKgRSADAOAwUBKgRSAgMFAyoEUgADBQAq
CVMDAwUAKgqTAAMFAyoL2gADBQAqDtYCAwUAKg9GgAMFACoPcwAwDQYJKoZIhvcN
AQELBQADggEBALX5McKVgyTZaIiyqIE63gEBxNSe2kw9Qk2+pWZ9ssNCk+Y3NIaj
LWivukWvcEWKpqsn6rDhZdmeHZe0bw7s0Fyed9kjZa38VorTj9EG20Ba1qJT/cvW
Hr5FMGDQqZ70ZTfbzOFhKoRRG2XYIyEbOxsuKQG1zTM2wb3zPgre/RoN081iUgJD
W6wiQXihUEnoLkaZPaWx6KVw65tlr7x2kXF9rk2RXqhwGFDGwMct//Ir7qJjbLOK
YZwzkfp9uIwk+Dhk2ZaL2puA9OoW8mBwZxF41v+oRs0yHDYnyrzMWRbKBnMXa9sl
QRbttBqkB8efLxbWIpXzxN4okePURaCuqNc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org