Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XVRv4RLOR5jn_3i3ipnx6HJHsAo.roa
File: XVRv4RLOR5jn_3i3ipnx6HJHsAo.roa (raw, json)
Hash identifier: vPt6+mjI4rT8gG9XAhTg+KwKT0c/nxS8vuKbUVVqhBU=
Subject key identifier: 5D:54:6F:E1:12:CE:47:98:E7:FF:78:B7:8A:99:F1:E8:72:47:B0:0A
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0182728C77B6275545680E552AFCEA7669D2
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XVRv4RLOR5jn_3i3ipnx6HJHsAo.roa
Signing time: Sat 06 Aug 2022 09:46:24 +0000
ROA not before: Sat 06 Aug 2022 09:46:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:72:8c:77:b6:27:55:45:68:0e:55:2a:fc:ea:76:69:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 6 09:46:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d546fe112ce4798e7ff78b78a99f1e87247b00a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:da:26:45:a5:ec:67:e4:f9:f2:25:4b:81:16:
64:34:75:72:00:2d:5a:b8:ce:ac:7e:f2:e9:aa:7b:
25:fd:f6:75:1b:75:a9:fe:bc:55:e0:d0:b4:74:28:
37:d0:a0:28:a9:0a:bb:38:a0:8a:3c:74:b2:a4:93:
de:1e:61:61:0a:9a:e8:c5:9d:19:c4:cd:ca:59:af:
8d:4f:d0:c5:b1:a9:76:99:ed:0a:e6:07:6b:10:41:
38:46:36:f1:29:cf:54:5c:c9:88:a3:06:69:3c:be:
88:eb:80:91:6f:b5:c4:fb:f5:9b:2f:5d:66:55:2c:
46:96:5e:18:09:42:d9:3c:a5:e6:0c:f2:13:60:c5:
c8:4f:38:64:b3:45:3d:2a:7c:31:cc:6f:37:f4:88:
d5:d3:a4:83:0b:af:c9:f8:5d:a0:01:d2:dc:8c:7d:
dd:eb:c2:1b:50:fa:6c:3e:7b:f5:f7:e9:6e:46:ac:
ae:9a:18:cd:eb:6c:42:91:86:49:95:17:63:ba:8b:
96:c5:d4:8d:84:3c:b7:1d:69:df:ba:a9:3f:e7:05:
04:66:70:50:48:8f:dc:5b:9b:12:18:60:c1:48:71:
10:ef:58:29:57:b3:d0:ce:c1:96:25:1d:31:7c:03:
89:92:14:eb:7a:3e:3f:e7:c8:21:da:39:cb:a4:11:
c2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:54:6F:E1:12:CE:47:98:E7:FF:78:B7:8A:99:F1:E8:72:47:B0:0A
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XVRv4RLOR5jn_3i3ipnx6HJHsAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.198.0/23
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:f640::/32
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
Signature Algorithm: sha256WithRSAEncryption
5b:0a:41:84:99:3f:9f:a7:a3:6f:39:aa:82:c4:d9:11:cc:b7:
8d:f7:1c:33:ae:a7:ea:b3:86:56:b8:4d:14:fd:7d:51:26:b0:
d8:05:00:94:b6:b3:b6:e7:3d:48:d1:9c:df:be:e6:53:5f:35:
5f:63:18:74:40:d4:56:80:0f:67:a5:13:7e:48:3d:14:ef:8b:
96:24:ec:d9:48:a4:01:d7:fd:24:0f:f6:9c:e3:15:f8:6d:86:
28:46:55:54:67:b5:e1:aa:f2:8c:c4:21:a1:6d:0a:8f:40:3f:
24:43:2b:e1:77:d6:b0:da:98:95:5e:c6:2f:1a:29:aa:92:e0:
3d:3f:36:55:b9:ba:b1:c6:da:55:16:74:9e:24:78:fe:9b:85:
3a:8e:82:57:ee:fd:b6:58:b8:5d:91:2f:8d:c8:c8:b4:b7:6d:
68:2b:2b:86:57:96:ff:54:77:39:9c:51:70:a3:87:aa:2b:6e:
ef:60:b4:53:e6:bd:2c:a3:ab:d1:00:e7:14:da:6a:7b:d4:cb:
da:96:90:db:72:33:4a:fa:37:0c:4a:d9:cf:ac:d0:d2:c2:63:
0d:4a:a3:87:c2:02:22:e2:f0:58:49:91:14:c5:56:f8:79:00:
f1:79:4e:73:ad:a2:8a:47:c4:b9:a3:20:5a:98:7d:51:65:6a:
3e:87:55:4c
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYJyjHe2J1VFaA5VKvzqdmnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwODA2MDk0NjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU0NmZlMTEyY2U0Nzk4ZTdmZjc4Yjc4YTk5ZjFlODcyNDdiMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtomRaXsZ+T58iVLgRZkNHVyAC1a
uM6sfvLpqnsl/fZ1G3Wp/rxV4NC0dCg30KAoqQq7OKCKPHSypJPeHmFhCproxZ0Z
xM3KWa+NT9DFsal2me0K5gdrEEE4RjbxKc9UXMmIowZpPL6I64CRb7XE+/WbL11m
VSxGll4YCULZPKXmDPITYMXITzhks0U9KnwxzG839IjV06SDC6/J+F2gAdLcjH3d
68IbUPpsPnv19+luRqyumhjN62xCkYZJlRdjuouWxdSNhDy3HWnfuqk/5wUEZnBQ
SI/cW5sSGGDBSHEQ71gpV7PQzsGWJR0xfAOJkhTrej4/58gh2jnLpBHClwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFF1Ub+ESzkeY5/94t4qZ8ehyR7AKMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWFZSdjRSTE9SNWpuXzNpM2lwbng2SEpIc0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCBzwQCAAEwgcgD
BQAFtIhMAwUABbSI3QMEAC0I0wMEAFvZTQMFAJNOQgcDBQC5EQNmAwQAuSgEAwQA
uWj4AwQAuX0yAwUAuYtEHAMFALmLRnQDBAG5rIIDBAC5rogDBAC5rosDBAC5tOYD
BQC5tOdXAwQAuby0AwQCub0MAwQCwKJkAwQAwQDIAwQBwQDKAwQAwajiAwQCwj+M
AwUAwkPEfwMFAMJDxgcDBQDCQ8ZsAwUAwkPLNgMFAMJD0AYDBQDCQ9AMAwUAwkPQ
MAMEAdVsxjBOBAIAAjBIAwUAKgRSADAOAwUBKgRSAgMFAyoEUgADBQAqCVMDAwUA
KgqTAAMFAyoL2gADBQAqDPZAAwUAKg7WAgMFACoPRoADBQAqD3MAMA0GCSqGSIb3
DQEBCwUAA4IBAQBbCkGEmT+fp6NvOaqCxNkRzLeN9xwzrqfqs4ZWuE0U/X1RJrDY
BQCUtrO25z1I0ZzfvuZTXzVfYxh0QNRWgA9npRN+SD0U74uWJOzZSKQB1/0kD/ac
4xX4bYYoRlVUZ7XhqvKMxCGhbQqPQD8kQyvhd9aw2piVXsYvGimqkuA9PzZVubqx
xtpVFnSeJHj+m4U6joJX7v22WLhdkS+NyMi0t21oKyuGV5b/VHc5nFFwo4eqK27v
YLRT5r0so6vRAOcU2mp71MvalpDbcjNK+jcMStnPrNDSwmMNSqOHwgIi4vBYSZEU
xVb4eQDxeU5zraKKR8S5oyBamH1RZWo+h1VM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org