Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z9Qhty70s-eLnZfGbO-BEgACg3k.roa
File: Z9Qhty70s-eLnZfGbO-BEgACg3k.roa (raw, json)
Hash identifier: IcKVTeG/3goodssQZE9ihhQVDQW2ZadFNjtVHoNIDes=
Subject key identifier: 67:D4:21:B7:2E:F4:B3:E7:8B:9D:97:C6:6C:EF:81:12:00:02:83:79
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0464CCEB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z9Qhty70s-eLnZfGbO-BEgACg3k.roa
Signing time: Tue 29 Mar 2022 10:16:05 +0000
ROA not before: Tue 29 Mar 2022 10:16:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
194.63.140.0/22 maxlen: 22
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
45.8.210.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73714923 (0x464cceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 29 10:16:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67d421b72ef4b3e78b9d97c66cef811200028379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a1:9a:2f:27:28:d9:12:63:d6:9e:87:9d:17:
25:6a:53:87:67:a2:dc:6d:df:94:e6:27:83:b4:67:
93:13:48:23:70:56:06:98:a3:51:17:43:9c:fe:4c:
22:c4:ba:f3:fd:2f:a8:07:07:9e:ca:de:18:5f:02:
38:ca:73:8d:36:0d:64:65:cc:9a:85:f8:64:96:59:
4a:7d:68:ac:da:1a:34:0a:d8:0a:94:a9:45:23:5e:
7c:e9:32:1c:40:d1:46:4a:b1:54:c3:d2:8e:9b:44:
1b:3b:85:10:51:2b:7c:53:48:10:85:f1:ed:6c:21:
ed:27:6e:61:c8:67:8c:99:b2:a5:c7:a8:c7:2d:4c:
66:5f:e0:81:de:e1:26:ad:a9:21:ee:bf:cb:97:09:
29:fb:db:56:8a:c1:82:7d:3f:30:a6:50:98:3e:92:
65:14:aa:1d:5e:06:fd:65:c9:20:02:09:04:52:1c:
de:7b:a9:be:c2:43:48:8d:e3:fb:d5:c3:f8:aa:ac:
f7:3e:b3:d7:3c:0d:c4:a0:e5:8c:d4:a7:7a:5e:ed:
6c:5e:2d:22:ba:0b:90:26:03:09:3f:6f:a5:21:2a:
fa:21:45:82:fb:8b:91:5d:f5:3c:ad:f9:d5:c3:5a:
c1:50:0e:cc:17:36:c0:b0:da:7a:2b:59:d8:ec:f2:
78:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D4:21:B7:2E:F4:B3:E7:8B:9D:97:C6:6C:EF:81:12:00:02:83:79
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z9Qhty70s-eLnZfGbO-BEgACg3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.210.0/23
147.78.66.7/32
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.102.137.0/24
185.102.139.0/24
185.104.248.0/24
185.112.100.0/24
185.117.117.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a07:4a00::/29
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
88:37:c5:ad:b0:e8:e1:b2:75:0e:83:f9:69:59:29:e0:c1:ce:
28:21:4f:c9:c8:9e:e5:17:4a:81:5b:8f:91:92:81:5b:a9:68:
ba:16:57:63:6a:ff:7a:fd:81:a8:9d:bd:83:16:42:3a:eb:38:
b9:3b:ec:cb:67:a5:e7:46:f0:e6:1c:55:43:b6:e3:2c:17:03:
16:97:cc:67:d1:72:24:52:21:03:4d:ff:54:74:da:b9:c5:03:
e8:c0:e8:85:59:90:6d:54:97:5b:9b:03:01:7a:9e:6c:c7:c4:
8f:61:30:8e:5d:f9:66:7b:c0:ea:e2:e7:12:46:61:2a:53:e4:
b8:9f:18:66:bc:1b:4e:35:67:a2:ed:c1:be:0e:e5:60:ac:ea:
00:7c:e1:b8:5c:0a:55:6a:be:a5:28:2d:d2:f5:cd:9f:66:0e:
f0:ee:7e:8f:71:6a:fb:81:72:0e:20:fa:32:9e:f2:e1:3a:b6:
3c:e9:97:99:8b:77:c5:cd:a9:99:d8:85:d6:3e:1b:27:48:26:
7a:4b:54:5b:f2:f8:ed:6c:a6:79:9d:74:f0:9e:d4:fe:07:41:
d3:d1:c1:2e:6f:c7:f6:e4:4b:67:b7:f2:50:b6:85:a6:ea:96:
1d:43:6a:c3:e3:a1:94:83:74:0e:b5:28:e4:20:ca:fe:a3:c2:
99:8a:2e:c3
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIEBGTM6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
OTEwMTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdkNDIxYjcyZWY0
YjNlNzhiOWQ5N2M2NmNlZjgxMTIwMDAyODM3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWhmi8nKNkSY9aeh50XJWpTh2ei3G3flOYng7RnkxNII3BW
BpijURdDnP5MIsS68/0vqAcHnsreGF8COMpzjTYNZGXMmoX4ZJZZSn1orNoaNArY
CpSpRSNefOkyHEDRRkqxVMPSjptEGzuFEFErfFNIEIXx7Wwh7SduYchnjJmypceo
xy1MZl/ggd7hJq2pIe6/y5cJKfvbVorBgn0/MKZQmD6SZRSqHV4G/WXJIAIJBFIc
3nupvsJDSI3j+9XD+Kqs9z6z1zwNxKDljNSnel7tbF4tIroLkCYDCT9vpSEq+iFF
gvuLkV31PK351cNawVAOzBc2wLDaeitZ2OzyeMsCAwEAAaOCA1EwggNNMB0GA1Ud
DgQWBBRn1CG3LvSz54udl8Zs74ESAAKDeTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1o5UWh0eTcwcy1lTG5aZkdiTy1CRWdBQ2czay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWUGCCsGAQUFBwEHAQH/BIIBVDCCAVAwgeEEAgABMIHaAwUABbSITAMFAAW0iN0D
BAEtCNIDBQCTTkIHAwUAuREDZgMEAbkoBAMEALkoBwMEALlmiQMEALlmiwMEALlo
+AMEALlwZAMEALl1dQMFALmLRBwDBQC5i0Z0AwQBuayCAwQBua6IAwQAua6LAwQA
ubTkAwQAubTmAwUAubTnVwMEALm8tAMEArm9DAMEAsCiZAMEAMEAyAMEAcEAygME
AMGo4gMEAsI/jAMFAMJDxH8DBQDCQ8YHAwUAwkPGbAMFAMJDyzYDBQDCQ9AGAwUA
wkPQDAMFAMJD0DAwagQCAAIwZAMFACoEUgAwDgMFASoEUgIDBQMqBFIAAwUDKgdK
AAMFACoJUwMDBQAqCpMAAwUDKgvaAAMFAyoMaYADBQEqDPZAAwUAKg7WAgMFACoP
RoADBQAqD3MAAwUDKg98gAMFAyoPx4AwDQYJKoZIhvcNAQELBQADggEBAIg3xa2w
6OGydQ6D+WlZKeDBzighT8nInuUXSoFbj5GSgVupaLoWV2Nq/3r9gaidvYMWQjrr
OLk77MtnpedG8OYcVUO24ywXAxaXzGfRciRSIQNN/1R02rnFA+jA6IVZkG1Ul1ub
AwF6nmzHxI9hMI5d+WZ7wOri5xJGYSpT5LifGGa8G041Z6Ltwb4O5WCs6gB84bhc
ClVqvqUoLdL1zZ9mDvDufo9xavuBcg4g+jKe8uE6tjzpl5mLd8XNqZnYhdY+GydI
JnpLVFvy+O1spnmddPCe1P4HQdPRwS5vx/bkS2e38lC2habqlh1DasPjoZSDdA61
KOQgyv6jwpmKLsM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org