Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_JzKYNRg2OiMvMJvIs4p03Z9OBI.roa
File: _JzKYNRg2OiMvMJvIs4p03Z9OBI.roa (raw, json)
Hash identifier: WezD9n6u9q50sE+ff8au63oDHFRGdUScmc0bQVzzkzs=
Subject key identifier: FC:9C:CA:60:D4:60:D8:E8:8C:BC:C2:6F:22:CE:29:D3:76:7D:38:12
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0181DD2459464CF262408CFA69C183A1FEB5
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_JzKYNRg2OiMvMJvIs4p03Z9OBI.roa
Signing time: Fri 08 Jul 2022 09:29:15 +0000
ROA not before: Fri 08 Jul 2022 09:29:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7c80::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dd:24:59:46:4c:f2:62:40:8c:fa:69:c1:83:a1:fe:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 8 09:29:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc9cca60d460d8e88cbcc26f22ce29d3767d3812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:07:8b:35:60:55:23:63:f9:5a:5d:48:93:06:
35:20:37:d5:3b:ab:24:09:cb:75:8d:b2:27:7b:f8:
3d:e8:91:68:15:aa:2d:40:14:2c:64:de:98:4c:0f:
89:2b:12:af:55:8d:07:e7:aa:43:a0:ad:1c:32:d6:
08:a3:ca:a6:64:3a:2e:43:8e:ef:3d:6a:53:b0:10:
47:0f:db:4e:9f:70:77:62:20:34:a7:d7:4b:38:9a:
09:f1:21:47:b6:66:04:e0:9e:9f:46:4d:58:e2:d6:
d1:e7:25:4f:37:3a:69:dd:2d:1d:a5:27:e9:75:70:
e1:9c:0d:b1:cc:dc:2f:ed:27:8f:40:84:a9:a2:5b:
c6:28:80:61:1b:6b:0c:44:df:94:78:e6:7a:9e:92:
fe:14:7a:62:b6:d9:91:13:49:93:1c:85:aa:6f:32:
3b:ea:85:01:5b:47:cf:23:21:3e:57:74:b8:58:8c:
2b:e7:64:0a:a5:88:7c:76:68:0b:c5:d0:7c:4b:ab:
95:e1:22:67:fd:21:40:69:a4:4d:43:ff:2c:a8:cb:
56:89:d4:d7:8b:be:44:0f:5d:27:d7:92:f7:15:75:
98:05:e5:55:b8:b1:4b:87:4d:8b:67:0e:31:23:9e:
3d:3a:cd:a3:cc:1f:f4:e8:0c:91:99:c3:0a:bf:d1:
24:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:9C:CA:60:D4:60:D8:E8:8C:BC:C2:6F:22:CE:29:D3:76:7D:38:12
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_JzKYNRg2OiMvMJvIs4p03Z9OBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.198.0/23
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0c:6980::/29
2a0c:f640::/31
2a0f:4680::/32
2a0f:7300::/32
2a0f:7c80::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
b3:65:bd:13:a8:86:98:6a:e9:04:9f:de:5a:07:9a:ee:a8:83:
f9:fa:1d:2f:34:0d:9d:3b:ae:38:74:94:47:e1:56:d7:6e:47:
dd:20:b5:40:89:c0:7e:5a:72:ad:38:29:c7:e2:3f:0b:2b:81:
ca:28:a3:26:91:08:7c:da:d0:39:4c:f5:6a:9c:6b:da:a4:4b:
fa:07:6b:11:db:28:f5:06:cf:df:b3:82:cd:9d:c1:df:07:39:
4c:de:8e:7f:0b:21:f5:c2:b0:c1:bb:ce:58:af:c7:5f:b6:66:
ce:6c:b5:7e:bc:fc:50:82:b7:73:c3:88:fe:a8:1b:a8:1a:c5:
cd:e3:12:35:1e:c6:8f:0c:18:78:d1:e6:d7:01:9d:a3:31:61:
1e:51:35:5b:1f:1a:07:e9:3b:2d:df:d4:db:3e:30:39:0c:51:
80:52:e0:54:ca:7e:aa:cc:b6:b1:48:4d:30:1a:b4:2c:17:c3:
6d:7f:d9:70:c4:98:07:dc:33:a1:e8:1d:f3:aa:1b:b7:85:55:
7d:a2:c6:0b:94:18:f1:1e:5c:84:7a:15:18:19:9d:2c:a5:d6:
60:66:2f:c7:23:f8:f3:7c:eb:86:bc:06:8a:3d:51:b7:92:27:
d9:59:64:bf:b3:6b:68:9d:a7:b2:2e:de:d3:7e:3c:1d:31:91:
84:d2:35:91
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAYHdJFlGTPJiQIz6acGDof61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwNzA4MDkyOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzljY2E2MGQ0NjBkOGU4OGNiY2MyNmYyMmNlMjlkMzc2N2QzODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0weLNWBVI2P5Wl1IkwY1IDfVO6sk
Cct1jbIne/g96JFoFaotQBQsZN6YTA+JKxKvVY0H56pDoK0cMtYIo8qmZDouQ47v
PWpTsBBHD9tOn3B3YiA0p9dLOJoJ8SFHtmYE4J6fRk1Y4tbR5yVPNzpp3S0dpSfp
dXDhnA2xzNwv7SePQISpolvGKIBhG2sMRN+UeOZ6npL+FHpittmRE0mTHIWqbzI7
6oUBW0fPIyE+V3S4WIwr52QKpYh8dmgLxdB8S6uV4SJn/SFAaaRNQ/8sqMtWidTX
i75ED10n15L3FXWYBeVVuLFLh02LZw4xI549Os2jzB/06AyRmcMKv9EkLwIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFPycymDUYNjojLzCbyLOKdN2fTgSMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvX0p6S1lOUmcyT2lNdk1KdklzNHAwM1o5T0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCBzwQCAAEwgcgD
BQAFtIhMAwUABbSI3QMEAC0I0wMEAFvZTQMFAJNOQgcDBQC5EQNmAwQAuSgEAwQA
uWj4AwQAuX0yAwUAuYtEHAMFALmLRnQDBAG5rIIDBAC5rogDBAC5rosDBAC5tOYD
BQC5tOdXAwQAuby0AwQCub0MAwQCwKJkAwQAwQDIAwQBwQDKAwQAwajiAwQCwj+M
AwUAwkPEfwMFAMJDxgcDBQDCQ8ZsAwUAwkPLNgMFAMJD0AYDBQDCQ9AMAwUAwkPQ
MAMEAdVsxjBcBAIAAjBWAwUAKgRSADAOAwUBKgRSAgMFAyoEUgADBQAqCVMDAwUA
KgqTAAMFAyoL2gADBQMqDGmAAwUBKgz2QAMFACoPRoADBQAqD3MAAwUDKg98gAMF
AyoPx4AwDQYJKoZIhvcNAQELBQADggEBALNlvROohphq6QSf3loHmu6og/n6HS80
DZ07rjh0lEfhVtduR90gtUCJwH5acq04KcfiPwsrgcoooyaRCHza0DlM9Wqca9qk
S/oHaxHbKPUGz9+zgs2dwd8HOUzejn8LIfXCsMG7zlivx1+2Zs5stX68/FCCt3PD
iP6oG6gaxc3jEjUexo8MGHjR5tcBnaMxYR5RNVsfGgfpOy3f1Ns+MDkMUYBS4FTK
fqrMtrFITTAatCwXw21/2XDEmAfcM6HoHfOqG7eFVX2ixguUGPEeXIR6FRgZnSyl
1mBmL8cj+PN864a8Boo9UbeSJ9lZZL+za2idp7Iu3tN+PB0xkYTSNZE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org