Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jVPAvR3sdKhIYs5cnuTgVtvBazg.roa
File: jVPAvR3sdKhIYs5cnuTgVtvBazg.roa (raw, json)
Hash identifier: E1Gj2zXjrvkQ156TTrhpPuTzXWfNOSPfmFkcjCzn6hw=
Subject key identifier: 8D:53:C0:BD:1D:EC:74:A8:48:62:CE:5C:9E:E4:E0:56:DB:C1:6B:38
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0182A1755DBDA8576BE94B6DA37F0230ACCA
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jVPAvR3sdKhIYs5cnuTgVtvBazg.roa
Signing time: Mon 15 Aug 2022 12:23:19 +0000
ROA not before: Mon 15 Aug 2022 12:23:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50113
IP address blocks: 185.174.136.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.140.0/23 maxlen: 23
185.139.68.28/32 maxlen: 32
185.40.4.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
194.67.198.108/32 maxlen: 32
185.180.230.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.208.6/32 maxlen: 32
147.78.66.7/32 maxlen: 32
213.108.198.0/24 maxlen: 24
213.108.199.0/24 maxlen: 24
194.67.208.12/32 maxlen: 32
185.180.231.87/32 maxlen: 32
5.180.136.221/32 maxlen: 32
185.188.180.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
194.67.208.48/32 maxlen: 32
192.162.103.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
194.67.203.54/32 maxlen: 32
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
185.17.3.102/32 maxlen: 32
185.189.12.0/22 maxlen: 22
185.189.13.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
185.189.12.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
185.125.50.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.139.70.116/32 maxlen: 32
2a0f:7300::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0e:d602::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5200::/32 maxlen: 32
2a0f:4680::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a0b:da00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:75:5d:bd:a8:57:6b:e9:4b:6d:a3:7f:02:30:ac:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 15 12:23:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d53c0bd1dec74a84862ce5c9ee4e056dbc16b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e8:fd:4e:c9:73:da:df:5f:f2:69:1c:65:5c:
64:4d:7f:a5:e8:e2:2f:e8:ed:2c:cd:b6:67:f6:db:
5a:9f:5d:40:68:1e:f0:28:95:e9:f3:73:f0:48:7d:
1f:dd:a8:48:65:39:34:a9:bb:a6:0c:0c:33:be:8b:
48:71:9d:93:55:ba:8f:c7:2c:11:d7:5b:c9:e1:54:
d0:2c:6d:6d:6a:11:81:18:04:c6:db:d1:b6:f5:cd:
60:f4:dd:28:e0:ca:05:d1:d7:62:a0:b7:60:a1:59:
00:78:c7:bb:2a:f4:9d:99:99:71:03:8d:25:4b:fd:
37:de:28:81:50:9d:40:84:3a:a2:e7:ee:7f:c7:a4:
e7:ab:18:27:10:b4:4f:b8:aa:5f:f4:cb:c9:e7:23:
17:61:01:0f:1d:a8:ea:f1:da:7f:46:27:a0:8e:09:
36:1a:5f:93:ce:ce:3f:1a:a8:b4:ae:c2:1c:70:e7:
61:bc:ec:fa:69:a1:05:d5:0f:99:8c:ca:6e:33:e5:
c5:94:bc:eb:67:a7:d1:f6:da:af:7e:a5:cc:f0:56:
d2:eb:4c:ec:e1:c2:6a:7a:4b:7d:82:f7:ea:1c:8b:
5e:d0:96:13:96:3d:8d:98:ad:e5:fd:6b:f7:81:82:
5e:85:18:c5:51:dd:93:56:a1:cd:04:24:a5:7e:23:
c5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:53:C0:BD:1D:EC:74:A8:48:62:CE:5C:9E:E4:E0:56:DB:C1:6B:38
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jVPAvR3sdKhIYs5cnuTgVtvBazg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.76/32
5.180.136.221/32
45.8.211.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.40.4.0/24
185.104.248.0/24
185.125.50.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.136.0/24
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.198.0/23
IPv6:
2a04:5200::/32
2a04:5202::-2a04:5207:ffff:ffff:ffff:ffff:ffff:ffff
2a09:5303::/32
2a0a:9300::/32
2a0b:da00::/29
2a0e:d602::/32
2a0f:4680::/32
2a0f:7300::/32
Signature Algorithm: sha256WithRSAEncryption
94:b5:0f:da:03:ea:13:ea:6c:57:45:ab:fb:7d:5c:98:e1:07:
0f:5b:27:d4:e7:97:4d:8d:51:f0:f4:75:e2:33:79:3e:77:a8:
69:d2:88:47:47:a7:9b:0c:92:49:bf:06:67:e3:20:9b:7f:28:
12:9f:24:b0:45:78:8f:19:49:25:92:e5:34:c3:ff:97:d8:3d:
43:2d:2f:89:03:ac:64:bf:2c:b9:c7:cb:0b:48:98:f3:3c:68:
33:af:78:e7:9c:3e:fa:92:e4:bc:0a:80:a0:e9:6a:08:5f:95:
fc:81:17:b4:13:3a:2c:6d:e4:90:31:ad:9f:e4:c7:9c:f5:ca:
b3:05:d3:27:a3:3e:04:89:b7:f8:02:d7:2b:c7:41:13:16:76:
54:a4:dc:fb:8d:55:bb:2e:31:75:2c:2b:83:17:68:f8:0f:c7:
82:20:ae:e2:92:a0:2c:6b:1b:f2:a0:03:b6:d9:ab:79:c3:e3:
86:bc:a4:4f:3d:be:bc:bf:9a:e4:a0:0f:c5:97:d5:c8:aa:6a:
ec:f5:6b:66:bc:23:c7:05:ca:16:28:ed:08:d9:6f:7d:6f:6f:
ab:ef:33:e5:55:b1:7f:af:2e:23:c6:70:7e:48:d4:d7:b3:fd:
3a:49:40:d3:c0:4a:68:30:c0:c6:48:ab:a9:63:41:88:a3:7f:
8e:ec:0f:57
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAYKhdV29qFdr6Utto38CMKzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwODE1MTIyMzE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDUzYzBiZDFkZWM3NGE4NDg2MmNlNWM5ZWU0ZTA1NmRiYzE2YjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+j9Tslz2t9f8mkcZVxkTX+l6OIv
6O0szbZn9ttan11AaB7wKJXp83PwSH0f3ahIZTk0qbumDAwzvotIcZ2TVbqPxywR
11vJ4VTQLG1tahGBGATG29G29c1g9N0o4MoF0ddioLdgoVkAeMe7KvSdmZlxA40l
S/033iiBUJ1AhDqi5+5/x6TnqxgnELRPuKpf9MvJ5yMXYQEPHajq8dp/Riegjgk2
Gl+Tzs4/Gqi0rsIccOdhvOz6aaEF1Q+ZjMpuM+XFlLzrZ6fR9tqvfqXM8FbS60zs
4cJqekt9gvfqHIte0JYTlj2NmK3l/Wv3gYJehRjFUd2TVqHNBCSlfiPFJQIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFI1TwL0d7HSoSGLOXJ7k4FbbwWs4MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvalZQQXZSM3NkS2hJWXM1Y251VGdWdHZCYXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCBzwQCAAEwgcgD
BQAFtIhMAwUABbSI3QMEAC0I0wMEAFvZTQMFAJNOQgcDBQC5EQNmAwQAuSgEAwQA
uWj4AwQAuX0yAwUAuYtEHAMFALmLRnQDBAG5rIIDBAC5rogDBAC5rosDBAC5tOYD
BQC5tOdXAwQAuby0AwQCub0MAwQCwKJkAwQAwQDIAwQBwQDKAwQAwajiAwQCwj+M
AwUAwkPEfwMFAMJDxgcDBQDCQ8ZsAwUAwkPLNgMFAMJD0AYDBQDCQ9AMAwUAwkPQ
MAMEAdVsxjBHBAIAAjBBAwUAKgRSADAOAwUBKgRSAgMFAyoEUgADBQAqCVMDAwUA
KgqTAAMFAyoL2gADBQAqDtYCAwUAKg9GgAMFACoPcwAwDQYJKoZIhvcNAQELBQAD
ggEBAJS1D9oD6hPqbFdFq/t9XJjhBw9bJ9Tnl02NUfD0deIzeT53qGnSiEdHp5sM
kkm/BmfjIJt/KBKfJLBFeI8ZSSWS5TTD/5fYPUMtL4kDrGS/LLnHywtImPM8aDOv
eOecPvqS5LwKgKDpaghflfyBF7QTOixt5JAxrZ/kx5z1yrMF0yejPgSJt/gC1yvH
QRMWdlSk3PuNVbsuMXUsK4MXaPgPx4IgruKSoCxrG/KgA7bZq3nD44a8pE89vry/
muSgD8WX1ciqauz1a2a8I8cFyhYo7QjZb31vb6vvM+VVsX+vLiPGcH5I1Nez/TpJ
QNPASmgwwMZIq6ljQYijf47sD1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org