Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UpsIO4UuAW9NXmly2jX1TurZ7kc.roa
File: UpsIO4UuAW9NXmly2jX1TurZ7kc.roa (raw, json)
Hash identifier: p9xnNdoiEgdL0XC8M3197P2Xct2N+/7z1QvjoU6X71E=
Subject key identifier: 52:9B:08:3B:85:2E:01:6F:4D:5E:69:72:DA:35:F5:4E:EA:D9:EE:47
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 04CAB4EB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UpsIO4UuAW9NXmly2jX1TurZ7kc.roa
Signing time: Mon 02 May 2022 10:59:26 +0000
ROA not before: Mon 02 May 2022 10:59:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80393451 (0x4cab4eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: May 2 10:59:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=529b083b852e016f4d5e6972da35f54eead9ee47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c3:6e:6e:c7:c0:31:43:69:ef:69:c4:c4:d9:
ff:48:c4:b7:87:37:fa:43:08:2f:d6:c2:97:ed:18:
6b:a5:c3:5b:4e:53:f5:b2:f0:35:88:a7:00:53:54:
6e:3b:29:03:23:9f:37:0d:21:c1:49:54:c7:9a:d2:
c6:0b:99:f4:a2:85:0a:af:ef:59:09:39:16:a0:3c:
1c:03:26:54:c4:21:d0:bc:aa:d1:e3:9a:d6:9d:ca:
de:90:06:c2:5e:33:9e:76:5b:4c:16:e5:8c:b6:f9:
c4:95:ef:cc:25:31:10:58:1c:b8:95:3e:30:3b:64:
35:45:14:08:fa:c9:a7:19:75:93:68:73:fd:86:5f:
b3:7e:a9:6b:34:95:0c:14:4c:cc:c1:cf:01:c3:2c:
18:e8:a3:b4:68:b1:3a:4a:bb:48:b8:a2:5d:b6:1a:
45:d7:57:e9:05:42:d6:75:10:48:d8:e9:24:b8:e3:
1b:9e:7b:be:4c:97:40:dd:9c:d6:7a:73:ca:8d:3a:
69:c1:ee:2a:c6:06:86:df:0c:e6:e2:37:da:d5:b9:
48:f0:00:d3:57:a2:d5:de:48:c1:15:9a:ae:24:0d:
80:9e:95:82:6d:3e:79:65:88:41:b7:f8:4e:97:2b:
a1:51:13:ec:86:c0:fb:53:11:04:f7:f0:07:ce:7e:
1c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9B:08:3B:85:2E:01:6F:4D:5E:69:72:DA:35:F5:4E:EA:D9:EE:47
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UpsIO4UuAW9NXmly2jX1TurZ7kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.102.137.0/24
185.104.248.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
09:71:fc:78:bb:f2:5d:a5:0e:5e:2a:6b:f1:64:c8:50:96:1e:
6f:f0:a4:ea:56:54:ec:4b:6a:cc:7c:10:2a:5a:d3:c6:ff:00:
4a:de:c2:de:c8:15:34:35:f6:64:6b:a9:77:52:a1:01:da:a2:
6e:27:cc:cb:78:67:fb:c2:01:f8:02:7a:1f:f9:5a:69:b7:6f:
28:04:f9:e0:1e:ce:71:5f:34:d5:2d:54:c2:82:d3:af:23:8f:
24:3a:a4:e7:78:5d:4d:88:57:fe:c3:5a:6d:28:d0:ae:39:7f:
ca:b6:0c:2a:48:03:1e:1a:80:7c:0a:b0:f2:f5:39:4d:6b:3f:
57:ab:2d:3b:fe:18:1f:4e:fd:18:3e:c8:bd:e9:d7:16:6b:97:
c9:75:da:39:0c:97:bf:1c:ae:2d:91:a8:fe:38:20:30:3d:56:
6f:6b:a2:09:d7:3a:b0:90:c6:99:c9:49:a2:68:73:26:e9:67:
da:59:d3:2e:f4:d7:91:89:d4:9a:cc:f7:12:d3:f1:79:ee:74:
d0:76:b3:e3:f5:56:a1:df:cd:c8:0f:86:4c:b2:30:13:c6:8e:
ef:64:ce:73:19:df:8c:40:b5:b5:de:30:d5:13:6b:03:99:c8:
59:e8:20:1e:b1:ae:db:00:30:e2:ae:09:47:1b:dc:4c:47:32:
86:37:43:5d
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIEBMq06zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDUw
MjEwNTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI5YjA4M2I4NTJl
MDE2ZjRkNWU2OTcyZGEzNWY1NGVlYWQ5ZWU0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjDbm7HwDFDae9pxMTZ/0jEt4c3+kMIL9bCl+0Ya6XDW05T
9bLwNYinAFNUbjspAyOfNw0hwUlUx5rSxguZ9KKFCq/vWQk5FqA8HAMmVMQh0Lyq
0eOa1p3K3pAGwl4znnZbTBbljLb5xJXvzCUxEFgcuJU+MDtkNUUUCPrJpxl1k2hz
/YZfs36pazSVDBRMzMHPAcMsGOijtGixOkq7SLiiXbYaRddX6QVC1nUQSNjpJLjj
G557vkyXQN2c1npzyo06acHuKsYGht8M5uI32tW5SPAA01ei1d5IwRWariQNgJ6V
gm0+eWWIQbf4TpcroVET7IbA+1MRBPfwB85+HCUCAwEAAaOCAzkwggM1MB0GA1Ud
DgQWBBRSmwg7hS4Bb01eaXLaNfVO6tnuRzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1Vwc0lPNFV1QVc5TlhtbHkyalgxVHVyWjdrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AU0GCCsGAQUFBwEHAQH/BIIBPDCCATgwgckEAgABMIHCAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEALkoBAMEALlmiQMEALlo+AMFALmLRBwDBQC5
i0Z0AwQBuayCAwQAua6IAwQAua6LAwQAubTkAwQAubTmAwUAubTnVwMEALm8tAME
Arm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YH
AwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwagQCAAIwZAMFACoE
UgAwDgMFASoEUgIDBQMqBFIAAwUDKgdKAAMFACoJUwMDBQAqCpMAAwUDKgvaAAMF
AyoMaYADBQEqDPZAAwUAKg7WAgMFACoPRoADBQAqD3MAAwUDKg98gAMFAyoPx4Aw
DQYJKoZIhvcNAQELBQADggEBAAlx/Hi78l2lDl4qa/FkyFCWHm/wpOpWVOxLasx8
ECpa08b/AErewt7IFTQ19mRrqXdSoQHaom4nzMt4Z/vCAfgCeh/5Wmm3bygE+eAe
znFfNNUtVMKC068jjyQ6pOd4XU2IV/7DWm0o0K45f8q2DCpIAx4agHwKsPL1OU1r
P1erLTv+GB9O/Rg+yL3p1xZrl8l12jkMl78cri2RqP44IDA9Vm9rognXOrCQxpnJ
SaJocybpZ9pZ0y7015GJ1JrM9xLT8XnudNB2s+P1VqHfzcgPhkyyMBPGju9kznMZ
34xAtbXeMNUTawOZyFnoIB6xrtsAMOKuCUcb3ExHMoY3Q10=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org