Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f8ENQdKJftJFqxfgc1wVUcSZECI.roa
File: f8ENQdKJftJFqxfgc1wVUcSZECI.roa (raw, json)
Hash identifier: ZCSzUA46zuqIRHbYwy/K5fTX0ChhXKoQS7cN5CPKBBo=
Subject key identifier: 7F:C1:0D:41:D2:89:7E:D2:45:AB:17:E0:73:5C:15:51:C4:99:10:22
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 03CA8D26
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f8ENQdKJftJFqxfgc1wVUcSZECI.roa
Signing time: Fri 11 Feb 2022 13:02:22 +0000
ROA not before: Fri 11 Feb 2022 13:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.139.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/23 maxlen: 23
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
185.117.116.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.106.92.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.106.95.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
185.180.228.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
185.112.81.0/24 maxlen: 24
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
185.112.100.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
194.67.208.12/32 maxlen: 32
185.102.137.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
5.180.136.221/32 maxlen: 32
185.17.1.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
5.180.136.76/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:c780::/29 maxlen: 29
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a0c:6980::/29 maxlen: 29
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0c:f640::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63606054 (0x3ca8d26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Feb 11 13:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fc10d41d2897ed245ab17e0735c1551c4991022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:55:7e:ca:1c:dd:ab:3a:04:9f:dd:37:72:0b:
b2:da:9d:cd:bd:9f:80:4c:f2:f4:ac:0c:59:6c:8b:
42:7b:07:8b:23:52:8e:e1:2e:d3:f2:54:7a:2e:04:
de:b0:06:b5:08:94:b9:ee:08:2d:de:40:e9:3d:0b:
13:a4:59:5b:70:b1:3d:a8:c0:8c:70:ee:78:ba:c2:
55:a0:a3:6c:cf:05:ff:40:66:a0:51:0e:81:44:b0:
96:a0:44:ee:a8:e4:c4:84:30:f7:66:22:d5:b6:f0:
3e:f3:ff:4f:f1:68:3e:08:33:5c:7a:af:9a:cc:1b:
b8:ec:2d:c1:de:f3:1b:d4:4e:57:1a:b6:ff:77:3a:
29:f6:13:9e:5f:45:48:87:ad:01:c4:e3:97:7e:2e:
b1:03:5d:46:3d:42:e1:d4:79:4d:d2:1d:ec:ae:4a:
b9:50:ec:cc:24:89:59:61:90:6c:75:0b:f6:53:b9:
2f:76:31:55:d4:cc:1a:fa:99:0d:53:f0:e7:e7:e2:
bb:21:71:29:47:48:d1:70:03:fc:35:6c:96:ca:c3:
17:46:2f:02:54:71:8f:1c:a8:a9:d7:9b:de:71:8b:
59:88:8d:5d:23:53:0c:0f:cf:0d:a9:ed:1e:5b:16:
68:52:13:4c:5e:7e:b3:65:d4:01:15:cb:39:c3:c9:
92:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C1:0D:41:D2:89:7E:D2:45:AB:17:E0:73:5C:15:51:C4:99:10:22
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f8ENQdKJftJFqxfgc1wVUcSZECI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
147.78.66.7/32
185.17.1.0/24
185.17.3.102/32
185.40.4.0/23
185.40.7.0/24
185.94.164.0/23
185.94.167.0/24
185.102.137.0/24
185.102.139.0/24
185.103.252.0/23
185.104.248.0/24
185.104.251.0/24
185.106.92.0/22
185.112.81.0/24
185.112.100.0/24
185.117.116.0/23
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/23
185.174.139.0/24
185.180.228.0/24
185.180.230.0/24
185.180.231.87/32
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0c:6980::/29
2a0c:f640::/31
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
3b:21:f6:37:f3:7d:d5:c7:6d:c8:31:d8:fd:f1:cf:93:05:4f:
18:d2:5d:52:a0:c4:2f:e9:8a:8b:63:65:4c:8b:93:20:c3:ef:
63:48:8f:3f:26:06:af:15:42:02:3e:33:69:0d:52:ca:08:fe:
5c:fe:13:81:2f:2a:2f:8a:22:e5:16:8a:dc:ad:32:ae:55:df:
ff:96:33:29:a4:54:4b:85:7e:d0:25:79:56:28:6c:4f:a4:c7:
b3:a3:18:35:4e:a9:11:e9:a2:56:bd:f4:56:03:93:44:6f:63:
7a:b3:bf:4f:40:0d:17:b5:8e:e4:56:a2:10:fc:45:07:61:a0:
b4:b4:d0:9a:5f:45:6f:65:2e:7f:4c:92:d4:8f:13:35:8b:bc:
a0:99:48:ae:0c:91:76:3f:e0:4e:93:82:6f:2b:3b:12:4b:8e:
e9:5b:30:c4:52:b5:f3:fd:43:d9:63:da:80:da:de:79:74:94:
a1:0a:6b:01:75:52:4b:3a:cb:b4:82:28:0a:9d:ed:df:fe:be:
ba:53:3c:57:c4:c6:09:7e:cd:6d:6f:51:ae:9c:75:44:3e:b4:
3d:cc:52:93:45:9b:ec:f5:7c:6d:d8:29:75:78:a2:cb:49:56:
7f:d7:75:f2:18:88:f4:e1:d3:49:94:5c:16:c0:45:d7:99:f4:
22:0d:73:a4
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgIEA8qNJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDIx
MTEzMDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZjMTBkNDFkMjg5
N2VkMjQ1YWIxN2UwNzM1YzE1NTFjNDk5MTAyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAONVfsoc3as6BJ/dN3ILstqdzb2fgEzy9KwMWWyLQnsHiyNS
juEu0/JUei4E3rAGtQiUue4ILd5A6T0LE6RZW3CxPajAjHDueLrCVaCjbM8F/0Bm
oFEOgUSwlqBE7qjkxIQw92Yi1bbwPvP/T/FoPggzXHqvmswbuOwtwd7zG9ROVxq2
/3c6KfYTnl9FSIetAcTjl34usQNdRj1C4dR5TdId7K5KuVDszCSJWWGQbHUL9lO5
L3YxVdTMGvqZDVPw5+fiuyFxKUdI0XAD/DVslsrDF0YvAlRxjxyoqdeb3nGLWYiN
XSNTDA/PDantHlsWaFITTF5+s2XUARXLOcPJkjMCAwEAAaOCA2EwggNdMB0GA1Ud
DgQWBBR/wQ1B0ol+0kWrF+BzXBVRxJkQIjAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L2Y4RU5RZEtKZnRKRnF4ZmdjMXdWVWNTWkVDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AXUGCCsGAQUFBwEHAQH/BIIBZDCCAWAwggEFBAIAATCB/gMFAAW0iEwDBQAFtIjd
AwQALQjTAwUAk05CBwMEALkRAQMFALkRA2YDBAG5KAQDBAC5KAcDBAG5XqQDBAC5
XqcDBAC5ZokDBAC5ZosDBAG5Z/wDBAC5aPgDBAC5aPsDBAK5alwDBAC5cFEDBAC5
cGQDBAG5dXQDBQC5i0QcAwUAuYtGdAMEAbmsggMEAbmuiAMEALmuiwMEALm05AME
ALm05gMFALm051cDBAK5vQwDBALAomQDBADBAMgDBAHBAMoDBADBqOIDBALCP4wD
BQDCQ8R/AwUAwkPGBwMFAMJDxmwDBQDCQ8s2AwUAwkPQBgMFAMJD0AwDBQDCQ9Aw
MFUEAgACME8DBQAqBFIAMA4DBQEqBFICAwUDKgRSAAMFACoJUwMDBQAqCpMAAwUD
KgxpgAMFASoM9kADBQAqDtYCAwUAKg9GgAMFACoPcwADBQMqD8eAMA0GCSqGSIb3
DQEBCwUAA4IBAQA7IfY3833Vx23IMdj98c+TBU8Y0l1SoMQv6YqLY2VMi5Mgw+9j
SI8/JgavFUICPjNpDVLKCP5c/hOBLyoviiLlForcrTKuVd//ljMppFRLhX7QJXlW
KGxPpMezoxg1TqkR6aJWvfRWA5NEb2N6s79PQA0XtY7kVqIQ/EUHYaC0tNCaX0Vv
ZS5/TJLUjxM1i7ygmUiuDJF2P+BOk4JvKzsSS47pWzDEUrXz/UPZY9qA2t55dJSh
CmsBdVJLOsu0gigKne3f/r66UzxXxMYJfs1tb1GunHVEPrQ9zFKTRZvs9Xxt2Cl1
eKLLSVZ/13XyGIj04dNJlFwWwEXXmfQiDXOk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:37 2023 by rpki-client on console-fra.rpki-client.org