Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TtscdUMuQIWAujFfNNzonuesE9M.roa
File: TtscdUMuQIWAujFfNNzonuesE9M.roa (raw, json)
Hash identifier: 3mlj1rq9+w6Aea+CZXhDS9nk0FU14q5RfgAWmntBElY=
Subject key identifier: 4E:DB:1C:75:43:2E:40:85:80:BA:31:5F:34:DC:E8:9E:E7:AC:13:D3
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 05584355
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TtscdUMuQIWAujFfNNzonuesE9M.roa
Signing time: Fri 24 Jun 2022 14:47:59 +0000
ROA not before: Fri 24 Jun 2022 14:47:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89670485 (0x5584355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 24 14:47:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4edb1c75432e408580ba315f34dce89ee7ac13d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ce:a0:b6:08:2d:01:73:81:6e:c5:ae:e1:e5:
3a:4f:53:c9:d9:3c:be:19:c3:d6:e4:d6:6e:83:24:
31:25:da:90:47:6f:5a:bf:9f:d6:89:91:10:36:a7:
c3:6b:59:25:3e:8e:3b:2c:c7:73:00:38:16:25:d6:
cc:93:4b:6c:aa:8b:85:4d:da:09:a1:7c:92:ff:60:
73:35:a4:99:83:d0:da:91:1d:87:85:ec:3b:2a:4f:
03:98:ca:fd:6a:38:1b:2c:b4:d5:ff:81:b4:41:76:
63:42:94:c2:87:44:a6:d3:88:94:56:d3:28:32:97:
29:6a:d6:a5:cc:e4:32:c8:2b:aa:2f:99:d7:f3:20:
0a:f7:80:e3:63:95:ce:78:ed:8b:50:c7:b4:50:dd:
33:d1:f3:7e:cf:6d:8b:2a:f8:17:9a:7f:29:d8:0d:
d9:3e:e3:3a:4f:14:81:0c:32:2d:b4:3f:43:57:de:
31:30:f9:04:3f:44:6d:ef:5e:56:fc:60:dd:d9:6f:
57:5e:56:5b:f4:00:98:6e:1b:4b:18:13:04:90:ce:
88:2d:30:5d:e2:4f:fe:25:fb:ef:fc:d7:82:1c:ea:
13:be:a1:d7:8f:b4:1a:65:80:38:ab:96:2b:36:42:
da:40:d1:0b:ec:d5:21:fb:2a:f8:6e:1b:d5:42:1e:
96:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DB:1C:75:43:2E:40:85:80:BA:31:5F:34:DC:E8:9E:E7:AC:13:D3
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TtscdUMuQIWAujFfNNzonuesE9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.102.137.0/24
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.198.0/23
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
b7:ce:d7:53:e7:44:76:5f:22:92:c8:ee:e0:c3:a3:1c:9f:b6:
34:64:20:3c:5c:2b:a0:c4:2b:4a:b1:01:f1:91:e7:e2:36:16:
13:61:56:67:cc:2b:9e:1a:8b:74:de:9b:ba:68:87:8d:9c:55:
28:74:3c:ae:cb:16:d5:cd:40:ed:ae:99:fc:f3:3b:cc:61:e8:
5a:28:5a:81:3a:b2:fd:80:77:5c:8c:27:a2:e7:df:44:3a:4b:
23:12:19:8b:cd:03:ad:93:76:0a:dc:ea:6d:ea:3d:a5:14:54:
62:ba:69:c5:12:f4:09:ef:15:ce:02:2d:36:44:bf:0c:61:fb:
a2:04:47:cc:e3:e9:4a:b8:16:bc:07:ef:40:1a:1d:d3:df:ba:
15:66:d4:ca:14:8f:a3:77:6f:55:fc:c1:64:50:b2:d8:36:07:
b6:df:f0:25:06:b8:18:f5:41:ac:38:30:2a:4b:42:c5:eb:02:
e7:1f:bd:4e:64:8b:1a:db:24:f2:d1:13:cd:28:0a:34:83:52:
41:b0:61:5b:e1:1a:d2:55:95:41:b9:bc:93:45:46:95:62:03:
cd:1e:03:87:45:7c:dc:42:92:a3:0c:7b:25:43:7f:c8:ad:d7:
5f:55:01:f9:25:5f:20:34:46:da:d3:22:7d:5c:4e:31:23:be:
e8:34:23:ef
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIEBVhDVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDYy
NDE0NDc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVkYjFjNzU0MzJl
NDA4NTgwYmEzMTVmMzRkY2U4OWVlN2FjMTNkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXOoLYILQFzgW7FruHlOk9Tydk8vhnD1uTWboMkMSXakEdv
Wr+f1omREDanw2tZJT6OOyzHcwA4FiXWzJNLbKqLhU3aCaF8kv9gczWkmYPQ2pEd
h4XsOypPA5jK/Wo4Gyy01f+BtEF2Y0KUwodEptOIlFbTKDKXKWrWpczkMsgrqi+Z
1/MgCveA42OVznjti1DHtFDdM9Hzfs9tiyr4F5p/KdgN2T7jOk8UgQwyLbQ/Q1fe
MTD5BD9Ebe9eVvxg3dlvV15WW/QAmG4bSxgTBJDOiC0wXeJP/iX77/zXghzqE76h
14+0GmWAOKuWKzZC2kDRC+zVIfsq+G4b1UIelikCAwEAAaOCA0swggNHMB0GA1Ud
DgQWBBRO2xx1Qy5AhYC6MV803Oie56wT0zAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1R0c2NkVU11UUlXQXVqRmZOTnpvbnVlc0U5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AV8GCCsGAQUFBwEHAQH/BIIBTjCCAUowgdsEAgABMIHUAwUABbSITAMFAAW0iN0D
BAAtCNMDBABb2U0DBQCTTkIHAwUAuREDZgMEALkoBAMEALlmiQMEALlo+AMEALl9
MgMFALmLRBwDBQC5i0Z0AwQBuayCAwQAua6IAwQAua6LAwQAubTkAwQAubTmAwUA
ubTnVwMEALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAsI/jAMF
AMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAD
BAHVbMYwagQCAAIwZAMFACoEUgAwDgMFASoEUgIDBQMqBFIAAwUDKgdKAAMFACoJ
UwMDBQAqCpMAAwUDKgvaAAMFAyoMaYADBQEqDPZAAwUAKg7WAgMFACoPRoADBQAq
D3MAAwUDKg98gAMFAyoPx4AwDQYJKoZIhvcNAQELBQADggEBALfO11PnRHZfIpLI
7uDDoxyftjRkIDxcK6DEK0qxAfGR5+I2FhNhVmfMK54ai3Tem7poh42cVSh0PK7L
FtXNQO2umfzzO8xh6FooWoE6sv2Ad1yMJ6Ln30Q6SyMSGYvNA62Tdgrc6m3qPaUU
VGK6acUS9AnvFc4CLTZEvwxh+6IER8zj6Uq4FrwH70AaHdPfuhVm1MoUj6N3b1X8
wWRQstg2B7bf8CUGuBj1Qaw4MCpLQsXrAucfvU5kixrbJPLRE80oCjSDUkGwYVvh
GtJVlUG5vJNFRpViA80eA4dFfNxCkqMMeyVDf8it119VAfklXyA0RtrTIn1cTjEj
vug0I+8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org