Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Tq1vD8rxd05S4XvcuXBgDtXh8hM.roa
File: Tq1vD8rxd05S4XvcuXBgDtXh8hM.roa (raw, json)
Hash identifier: nHsQqDNz2CnDaQfKoi/fzokRfp0FxJxmPK2Xb/Bi5NU=
Subject key identifier: 4E:AD:6F:0F:CA:F1:77:4E:52:E1:7B:DC:B9:70:60:0E:D5:E1:F2:13
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 04314065
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Tq1vD8rxd05S4XvcuXBgDtXh8hM.roa
Signing time: Fri 18 Mar 2022 12:19:10 +0000
ROA not before: Fri 18 Mar 2022 12:19:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
194.63.140.0/22 maxlen: 22
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
185.112.81.0/24 maxlen: 24
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70336613 (0x4314065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 18 12:19:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ead6f0fcaf1774e52e17bdcb970600ed5e1f213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:60:05:22:d1:da:30:5e:17:63:f2:4c:d7:3a:
79:d1:0d:db:f2:68:ab:0a:e9:35:09:fa:6b:23:60:
05:a4:01:d0:96:8e:67:40:99:33:ab:60:4f:97:d1:
bb:16:6e:7e:f6:d2:8e:a7:af:88:0c:20:bf:dd:c9:
92:68:47:1e:d1:77:39:63:48:3f:c9:b7:49:8c:19:
78:e9:41:5f:a9:1c:ab:9d:f9:96:64:d6:66:79:85:
ed:bd:2b:9a:1d:13:aa:56:23:97:87:d3:e1:87:28:
7b:71:7d:a0:47:4c:f4:09:7a:fd:43:b5:cc:45:a9:
97:2e:d0:3f:57:45:eb:3c:bd:1c:59:9b:c6:8d:ee:
08:cd:6d:29:96:4f:c8:61:fd:1f:c6:b4:ba:31:a2:
be:a7:2c:94:dc:ef:07:36:2a:e8:cc:4c:74:13:b4:
bb:f5:84:c7:79:ee:47:bf:e5:c7:99:1c:f7:e8:2c:
22:37:4e:9f:91:d1:44:42:4f:09:a2:03:8a:d2:8e:
2f:6e:62:03:7d:49:5a:4e:21:5a:a5:49:6e:74:00:
f0:65:13:4f:db:6b:e5:ee:86:65:22:8c:ff:e7:9d:
6b:6a:31:4d:f3:89:8e:31:d0:4c:ee:66:49:30:a0:
8c:c5:da:87:ac:d8:c5:52:c9:fa:c3:20:48:ec:e0:
e0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AD:6F:0F:CA:F1:77:4E:52:E1:7B:DC:B9:70:60:0E:D5:E1:F2:13
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Tq1vD8rxd05S4XvcuXBgDtXh8hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.94.164.0/23
185.102.137.0/24
185.102.139.0/24
185.104.248.0/24
185.104.251.0/24
185.112.81.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
80:93:18:0e:17:7b:a1:5f:39:fa:df:ac:ce:48:58:89:97:59:
54:c7:4f:48:bd:37:c7:78:d0:15:e5:a1:9e:88:e1:0a:43:61:
7f:08:07:5e:db:48:21:ec:88:53:d5:36:82:67:46:a4:71:a0:
12:85:22:03:20:0a:cd:d0:2e:c0:c0:3e:21:52:7f:b9:7f:4b:
dd:e6:cc:de:c4:b3:90:56:77:f1:e5:84:ba:76:77:a3:a9:c8:
a4:12:2a:96:77:3b:f5:5b:61:27:ff:3c:14:47:c4:bf:09:54:
01:1e:a1:53:33:7a:e7:e1:a5:0a:88:b0:f8:b5:d5:8a:42:08:
13:fa:7d:a0:fd:a6:19:88:b4:4d:9b:d5:7d:0c:ce:ca:ad:8b:
e5:72:8c:03:d5:ef:ea:00:a4:81:33:ed:6f:ef:f7:da:8d:53:
1b:47:41:a8:1d:20:4f:d7:ea:7f:d9:1c:09:15:b6:e5:f1:6b:
96:c4:d3:c6:18:2a:1a:0a:ff:2d:86:e4:dc:ee:0f:28:50:37:
b4:fd:0a:d8:77:89:c2:80:82:9f:e5:0d:ec:af:78:b1:ba:f0:
6c:1c:c0:29:34:12:ad:df:d3:19:93:81:07:90:16:77:8c:78:
00:3c:77:be:33:a9:af:4a:9f:0e:d3:61:9e:24:e4:99:7b:8c:
76:c8:c0:38
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIEBDFAZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
ODEyMTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVhZDZmMGZjYWYx
Nzc0ZTUyZTE3YmRjYjk3MDYwMGVkNWUxZjIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtgBSLR2jBeF2PyTNc6edEN2/JoqwrpNQn6ayNgBaQB0JaO
Z0CZM6tgT5fRuxZufvbSjqeviAwgv93JkmhHHtF3OWNIP8m3SYwZeOlBX6kcq535
lmTWZnmF7b0rmh0TqlYjl4fT4Ycoe3F9oEdM9Al6/UO1zEWply7QP1dF6zy9HFmb
xo3uCM1tKZZPyGH9H8a0ujGivqcslNzvBzYq6MxMdBO0u/WEx3nuR7/lx5kc9+gs
IjdOn5HRREJPCaIDitKOL25iA31JWk4hWqVJbnQA8GUTT9tr5e6GZSKM/+eda2ox
TfOJjjHQTO5mSTCgjMXah6zYxVLJ+sMgSOzg4J0CAwEAAaOCA2MwggNfMB0GA1Ud
DgQWBBROrW8PyvF3TlLhe9y5cGAO1eHyEzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1RxMXZEOHJ4ZDA1UzRYdmN1WEJnRHRYaDhoTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AXcGCCsGAQUFBwEHAQH/BIIBZjCCAWIwgfMEAgABMIHsAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEAblepAMEALlmiQMEALlm
iwMEALlo+AMEALlo+wMEALlwUQMEALlwZAMEALl1dQMFALmLRBwDBQC5i0Z0AwQB
uayCAwQBua6IAwQAua6LAwQAubTkAwQAubTmAwUAubTnVwMEALm8tAMEArm9DAME
AsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YHAwUAwkPG
bAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwagQCAAIwZAMFACoEUgAwDgMF
ASoEUgIDBQMqBFIAAwUDKgdKAAMFACoJUwMDBQAqCpMAAwUDKgvaAAMFAyoMaYAD
BQEqDPZAAwUAKg7WAgMFACoPRoADBQAqD3MAAwUDKg98gAMFAyoPx4AwDQYJKoZI
hvcNAQELBQADggEBAICTGA4Xe6FfOfrfrM5IWImXWVTHT0i9N8d40BXloZ6I4QpD
YX8IB17bSCHsiFPVNoJnRqRxoBKFIgMgCs3QLsDAPiFSf7l/S93mzN7Es5BWd/Hl
hLp2d6OpyKQSKpZ3O/VbYSf/PBRHxL8JVAEeoVMzeufhpQqIsPi11YpCCBP6faD9
phmItE2b1X0Mzsqti+VyjAPV7+oApIEz7W/v99qNUxtHQagdIE/X6n/ZHAkVtuXx
a5bE08YYKhoK/y2G5NzuDyhQN7T9Cth3icKAgp/lDeyveLG68GwcwCk0Eq3f0xmT
gQeQFneMeAA8d74zqa9Knw7TYZ4k5Jl7jHbIwDg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:37 2023 by rpki-client on console-fra.rpki-client.org