Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Y02BwyuzeuJmo25Chppg5syGXDc.roa
File: Y02BwyuzeuJmo25Chppg5syGXDc.roa (raw, json)
Hash identifier: gB7VvJB6K8HTv2B5K2++5V4sCbHv6P4wfM0MlSscTzc=
Subject key identifier: 63:4D:81:C3:2B:B3:7A:E2:66:A3:6E:42:86:9A:60:E6:CC:86:5C:37
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 042CBC13
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Y02BwyuzeuJmo25Chppg5syGXDc.roa
Signing time: Thu 17 Mar 2022 18:01:23 +0000
ROA not before: Thu 17 Mar 2022 18:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/22 maxlen: 22
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
185.112.81.0/24 maxlen: 24
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.94.165.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70040595 (0x42cbc13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 17 18:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=634d81c32bb37ae266a36e42869a60e6cc865c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5a:42:e4:c3:3a:44:d0:6c:e0:ed:bd:f5:c5:
9f:94:a9:97:7d:df:59:95:62:04:48:a0:d7:33:94:
9d:cb:78:19:58:06:ad:9c:98:53:22:c2:42:87:88:
07:c1:83:63:0c:b2:44:b6:99:64:cc:dc:cb:5e:e3:
60:44:2b:76:ee:a0:e3:94:5b:b9:70:b9:23:bf:59:
26:34:8d:49:11:c9:65:70:ae:3e:37:f3:37:c1:ba:
7a:0d:d8:ef:b1:20:78:80:c8:d0:fc:1b:39:04:69:
33:7f:28:28:7d:eb:bc:64:bc:01:27:29:6e:f1:b2:
ef:dc:29:3e:a2:f1:58:9a:2d:e5:2d:5a:99:d9:25:
54:a2:39:77:5a:fd:71:da:19:3e:56:e3:6d:e9:4c:
4b:0f:3d:f6:da:c6:f9:86:27:30:6d:21:74:1c:78:
7d:f0:41:b0:77:4a:84:28:b4:c9:31:92:40:77:81:
0e:db:d3:25:40:3a:99:86:b3:c6:b7:16:8c:a8:1e:
7d:d9:af:9e:88:d6:e1:ae:22:39:01:21:b7:2d:2e:
53:40:fa:a6:b2:73:e3:a2:43:c3:5d:d9:ff:d6:c6:
cb:ec:9a:b7:d7:f2:a3:d0:a0:0c:8a:df:e1:ef:28:
fc:52:f3:e8:c8:23:87:6f:02:4c:72:07:8d:62:9b:
a4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4D:81:C3:2B:B3:7A:E2:66:A3:6E:42:86:9A:60:E6:CC:86:5C:37
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Y02BwyuzeuJmo25Chppg5syGXDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.94.165.0/24
185.94.167.0/24
185.102.137.0/24
185.102.139.0/24
185.104.248.0/24
185.104.251.0/24
185.112.81.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
75:dd:03:c4:54:5c:a7:b6:89:74:4c:ea:13:4a:34:44:83:46:
36:1d:8c:8c:08:69:5b:be:7e:43:25:14:d0:78:41:c2:4f:b6:
87:83:69:85:ef:87:36:24:2e:db:a9:61:3e:a6:25:c2:2d:15:
8b:7d:f4:1b:4f:a6:19:85:a0:a5:a2:88:75:23:8e:5f:35:81:
8a:c9:da:62:df:77:d5:92:91:87:67:ac:40:dd:63:35:3d:8b:
02:b2:91:53:74:ed:fd:8f:d6:72:fd:4b:9f:25:31:7d:66:5e:
ee:70:20:77:1e:43:8e:1c:f6:be:fc:bc:73:c6:c0:95:c4:c2:
a9:53:40:07:da:1c:77:9e:21:67:2a:e7:2a:fc:3f:a5:1c:27:
d5:c3:5b:78:e0:56:38:5d:7c:ab:40:02:9b:92:a9:c6:79:ce:
9f:7a:36:af:0f:71:31:5e:72:c6:90:77:13:f1:ac:04:9a:d9:
15:b5:80:46:7e:16:1f:b0:fc:15:2d:be:33:09:f6:c7:59:1f:
67:95:e8:3f:be:70:7a:b1:56:fa:97:89:3e:68:34:e5:13:04:
4c:ee:eb:88:e9:5f:8a:cc:d5:78:48:3e:56:b2:e6:18:db:af:
55:94:ce:28:7b:68:e0:a2:cd:f5:a3:84:83:09:d0:38:be:7d:
6c:b2:d6:d1
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgIEBCy8EzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
NzE4MDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM0ZDgxYzMyYmIz
N2FlMjY2YTM2ZTQyODY5YTYwZTZjYzg2NWMzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJdaQuTDOkTQbODtvfXFn5Spl33fWZViBEig1zOUnct4GVgG
rZyYUyLCQoeIB8GDYwyyRLaZZMzcy17jYEQrdu6g45RbuXC5I79ZJjSNSRHJZXCu
PjfzN8G6eg3Y77EgeIDI0PwbOQRpM38oKH3rvGS8AScpbvGy79wpPqLxWJot5S1a
mdklVKI5d1r9cdoZPlbjbelMSw899trG+YYnMG0hdBx4ffBBsHdKhCi0yTGSQHeB
DtvTJUA6mYazxrcWjKgefdmvnojW4a4iOQEhty0uU0D6prJz46JDw13Z/9bGy+ya
t9fyo9CgDIrf4e8o/FLz6Mgjh28CTHIHjWKbpIsCAwEAAaOCA2kwggNlMB0GA1Ud
DgQWBBRjTYHDK7N64majbkKGmmDmzIZcNzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1kwMkJ3eXV6ZXVKbW8yNUNocHBnNXN5R1hEYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AX0GCCsGAQUFBwEHAQH/BIIBbDCCAWgwgfkEAgABMIHyAwUABbSITAMFAAW0iN0D
BAAtCNMDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEALlepQMEALlepwMEALlm
iQMEALlmiwMEALlo+AMEALlo+wMEALlwUQMEALlwZAMEALl1dQMFALmLRBwDBQC5
i0Z0AwQBuayCAwQBua6IAwQAua6LAwQAubTkAwQAubTmAwUAubTnVwMEALm8tAME
Arm9DAMEAsCiZAMEAMEAyAMEAcEAygMEAMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YH
AwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUAwkPQDAMFAMJD0DAwagQCAAIwZAMFACoE
UgAwDgMFASoEUgIDBQMqBFIAAwUDKgdKAAMFACoJUwMDBQAqCpMAAwUDKgvaAAMF
AyoMaYADBQEqDPZAAwUAKg7WAgMFACoPRoADBQAqD3MAAwUDKg98gAMFAyoPx4Aw
DQYJKoZIhvcNAQELBQADggEBAHXdA8RUXKe2iXRM6hNKNESDRjYdjIwIaVu+fkMl
FNB4QcJPtoeDaYXvhzYkLtupYT6mJcItFYt99BtPphmFoKWiiHUjjl81gYrJ2mLf
d9WSkYdnrEDdYzU9iwKykVN07f2P1nL9S58lMX1mXu5wIHceQ44c9r78vHPGwJXE
wqlTQAfaHHeeIWcq5yr8P6UcJ9XDW3jgVjhdfKtAApuSqcZ5zp96Nq8PcTFecsaQ
dxPxrASa2RW1gEZ+Fh+w/BUtvjMJ9sdZH2eV6D++cHqxVvqXiT5oNOUTBEzu64jp
X4rM1XhIPlay5hjbr1WUzih7aOCizfWjhIMJ0Di+fWyy1tE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:29 2023 by rpki-client on console-ams.rpki-client.org