Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/OXRr_6w26MNvxuV7iIeN2C84JWE.roa
File: OXRr_6w26MNvxuV7iIeN2C84JWE.roa (raw, json)
Hash identifier: KHOZuw3JrHVLLl+4d7+o1p5HCm3Pm1bonE2SXBIEiTc=
Subject key identifier: 39:74:6B:FF:AC:36:E8:C3:6F:C6:E5:7B:88:87:8D:D8:2F:38:25:61
Certificate issuer: /CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Certificate serial: 05527066
Authority key identifier: 27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/OXRr_6w26MNvxuV7iIeN2C84JWE.roa
Signing time: Thu 17 Mar 2022 09:32:29 +0000
ROA not before: Thu 17 Mar 2022 09:32:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48314
IP address blocks: 185.245.96.0/24 maxlen: 24
185.245.96.0/22 maxlen: 22
185.245.97.0/24 maxlen: 24
185.245.98.0/24 maxlen: 24
185.245.99.0/24 maxlen: 24
185.194.238.0/24 maxlen: 24
185.194.236.0/22 maxlen: 22
185.194.239.0/24 maxlen: 24
185.194.236.0/24 maxlen: 24
185.194.237.0/24 maxlen: 24
193.32.221.0/24 maxlen: 24
193.32.220.0/22 maxlen: 22
193.32.222.0/24 maxlen: 24
193.32.220.0/24 maxlen: 24
193.32.223.0/24 maxlen: 24
185.248.141.0/24 maxlen: 24
185.248.140.0/22 maxlen: 22
185.248.142.0/24 maxlen: 24
185.248.140.0/24 maxlen: 24
185.248.143.0/24 maxlen: 24
46.251.251.0/24 maxlen: 24
185.242.112.0/22 maxlen: 22
185.242.112.0/24 maxlen: 24
88.218.224.0/24 maxlen: 24
88.218.225.0/24 maxlen: 24
88.218.224.0/22 maxlen: 22
185.242.113.0/24 maxlen: 24
185.242.114.0/24 maxlen: 24
185.242.115.0/24 maxlen: 24
88.218.226.0/24 maxlen: 24
134.255.244.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
134.255.247.0/24 maxlen: 24
45.10.24.0/24 maxlen: 24
194.26.182.0/24 maxlen: 24
194.26.183.0/24 maxlen: 24
194.26.180.0/22 maxlen: 22
194.26.180.0/24 maxlen: 24
194.26.181.0/24 maxlen: 24
91.210.224.0/24 maxlen: 24
91.210.225.0/24 maxlen: 24
91.210.224.0/22 maxlen: 22
91.210.226.0/24 maxlen: 24
91.210.227.0/24 maxlen: 24
185.250.248.0/24 maxlen: 24
185.250.249.0/24 maxlen: 24
185.250.248.0/22 maxlen: 22
185.250.250.0/24 maxlen: 24
185.250.251.0/24 maxlen: 24
5.180.64.0/24 maxlen: 24
5.180.67.0/24 maxlen: 24
5.180.65.0/24 maxlen: 24
5.180.66.0/24 maxlen: 24
109.230.219.0/24 maxlen: 24
152.89.239.0/24 maxlen: 24
31.214.144.0/24 maxlen: 24
94.199.212.0/22 maxlen: 22
94.199.213.0/24 maxlen: 24
94.199.212.0/24 maxlen: 24
94.199.214.0/24 maxlen: 24
94.199.215.0/24 maxlen: 24
213.190.28.0/24 maxlen: 24
213.190.28.0/22 maxlen: 22
213.190.31.0/24 maxlen: 24
213.190.29.0/24 maxlen: 24
213.190.30.0/24 maxlen: 24
194.48.171.0/24 maxlen: 24
194.48.169.0/24 maxlen: 24
194.48.168.0/22 maxlen: 22
194.48.170.0/24 maxlen: 24
194.48.168.0/24 maxlen: 24
45.133.9.0/24 maxlen: 24
45.133.8.0/24 maxlen: 24
45.133.10.0/23 maxlen: 24
194.45.37.0/24 maxlen: 24
194.45.36.0/24 maxlen: 24
91.216.245.0/24 maxlen: 24
193.135.8.0/24 maxlen: 24
193.135.9.0/24 maxlen: 24
193.135.8.0/22 maxlen: 22
193.135.11.0/24 maxlen: 24
193.135.10.0/24 maxlen: 24
45.10.26.0/24 maxlen: 24
45.10.25.0/24 maxlen: 24
45.10.27.0/24 maxlen: 24
193.142.41.0/24 maxlen: 24
193.142.40.0/22 maxlen: 22
193.142.42.0/24 maxlen: 24
193.142.40.0/24 maxlen: 24
193.142.43.0/24 maxlen: 24
45.91.100.0/24 maxlen: 24
45.91.101.0/24 maxlen: 24
45.91.103.0/24 maxlen: 24
45.91.102.0/24 maxlen: 24
2a0a:51c1::/32 maxlen: 32
2a0a:51c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89288806 (0x5527066)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Validity
Not Before: Mar 17 09:32:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39746bffac36e8c36fc6e57b88878dd82f382561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:71:fc:f9:f3:73:6e:70:b7:28:c0:d2:f5:54:
2e:2f:93:c4:fe:af:61:7a:75:e1:f2:32:71:9e:1d:
94:3c:98:1d:cb:7b:c0:57:8c:69:81:e4:9d:f1:93:
a5:f0:c4:4b:44:7b:10:aa:24:ef:ec:da:68:7f:2d:
eb:59:25:ea:9a:ea:00:98:6b:15:d4:ea:7c:98:d6:
29:fe:d5:71:3e:dc:8f:9a:a6:1b:d9:56:8d:6a:d2:
99:a7:3b:5d:5b:49:43:ac:71:1d:ed:c8:33:98:78:
f6:b5:0a:db:c2:62:72:96:c2:6a:e6:e4:46:89:1c:
de:a4:61:c6:f6:e7:8d:e5:b3:22:69:0d:6c:06:a5:
46:c9:d4:92:9e:72:1c:0c:17:c4:ea:8d:43:72:fd:
79:dc:d2:40:68:9a:b8:9f:ac:92:9d:7f:5f:da:3e:
7e:a9:69:4e:66:2b:99:c1:55:31:4e:90:b9:36:37:
8b:c8:70:a3:3e:6e:ef:54:3c:84:bc:09:56:f1:39:
40:51:f4:a2:b2:20:48:bb:83:d6:30:f3:8b:49:ad:
f4:a8:ca:97:aa:28:77:52:89:90:97:41:1b:c7:88:
37:36:ae:d6:ec:7b:41:16:18:21:ad:5c:4b:2d:9a:
8e:ce:4a:89:4e:48:61:05:6c:6c:8d:1e:72:b6:f5:
74:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:74:6B:FF:AC:36:E8:C3:6F:C6:E5:7B:88:87:8D:D8:2F:38:25:61
X509v3 Authority Key Identifier:
keyid:27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/OXRr_6w26MNvxuV7iIeN2C84JWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.64.0/22
31.214.144.0/24
45.10.24.0/22
45.91.100.0/22
45.133.8.0/22
46.251.251.0/24
88.218.224.0/22
91.210.224.0/22
91.216.245.0/24
94.199.212.0/22
109.230.219.0/24
134.255.244.0/24
134.255.247.0/24
152.89.239.0/24
185.194.236.0/22
185.242.112.0/22
185.245.96.0/22
185.248.140.0/22
185.250.248.0/22
193.32.220.0/22
193.135.8.0/22
193.142.40.0/22
194.26.180.0/22
194.45.36.0/23
194.48.168.0/22
213.190.28.0/22
IPv6:
2a0a:51c0::/31
Signature Algorithm: sha256WithRSAEncryption
7b:81:ff:30:9d:75:1d:9f:b0:f6:eb:5b:56:18:99:cd:55:97:
58:62:85:e1:49:5b:82:e3:3d:2e:ad:27:94:84:ed:b5:00:32:
b5:d8:6b:27:bf:e3:12:ac:ad:d1:89:88:27:6e:31:39:31:7e:
00:2f:39:a5:b6:19:ed:53:9e:4a:70:32:0d:6b:2e:9f:d1:0f:
a0:ca:5b:d0:45:28:af:bb:ff:40:84:2d:b6:29:6c:ae:4a:3e:
54:cb:3b:58:80:52:a7:55:9c:16:e5:ef:a0:e8:2b:f7:e8:b9:
02:e7:22:33:ba:ab:87:5e:a6:76:83:22:85:99:c2:f7:87:c4:
ed:2f:1d:c2:f2:c7:81:4c:d8:8f:6f:9e:2f:39:31:a8:e1:89:
2c:e9:e8:a5:55:0b:be:35:ec:be:72:bd:64:8d:b6:87:13:e4:
31:92:e6:0e:dd:66:a4:b5:d9:34:03:3c:76:47:bf:c1:da:f2:
6c:58:73:47:38:7e:9c:62:b7:d3:f6:5f:b5:43:bb:45:09:52:
12:18:a6:74:45:af:09:c3:d3:2e:19:06:44:ce:4d:6d:b3:6b:
9f:12:4c:29:7e:92:20:02:12:05:d9:75:ce:25:7d:c6:e9:ed:
6b:61:6d:c0:93:6f:72:1e:09:54:5f:d6:98:9f:9e:72:d3:cd:
89:68:f5:b5
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIEBVJwZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2MwMDdlNTA4MmI4ZThkODI4OTAxODcxOGNmZDUyN2E3ODkzZTVlMB4XDTIyMDMx
NzA5MzIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk3NDZiZmZhYzM2
ZThjMzZmYzZlNTdiODg4NzhkZDgyZjM4MjU2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhx/Pnzc25wtyjA0vVULi+TxP6vYXp14fIycZ4dlDyYHct7
wFeMaYHknfGTpfDES0R7EKok7+zaaH8t61kl6prqAJhrFdTqfJjWKf7VcT7cj5qm
G9lWjWrSmac7XVtJQ6xxHe3IM5h49rUK28JicpbCaubkRokc3qRhxvbnjeWzImkN
bAalRsnUkp5yHAwXxOqNQ3L9edzSQGiauJ+skp1/X9o+fqlpTmYrmcFVMU6QuTY3
i8hwoz5u71Q8hLwJVvE5QFH0orIgSLuD1jDzi0mt9KjKl6ood1KJkJdBG8eINzau
1ux7QRYYIa1cSy2ajs5KiU5IYQVsbI0ecrb1dDECAwEAAaOCArMwggKvMB0GA1Ud
DgQWBBQ5dGv/rDbow2/G5XuIh43YLzglYTAfBgNVHSMEGDAWgBQnwAflCCuOjYKJ
AYcYz9Unp4k+XjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o4QUg1UWdyam8yQ2lRR0hHTV9WSjZlSlBsNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvMDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8x
L09YUnJfNncyNk1Odnh1VjdpSWVOMkM4NEpXRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
MDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8xL0o4QUg1UWdyam8y
Q2lRR0hHTV9WSjZlSlBsNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
yAYIKwYBBQUHAQcBAf8EgbgwgbUwgaMEAgABMIGcAwQCBbRAAwQAH9aQAwQCLQoY
AwQCLVtkAwQCLYUIAwQALvv7AwQCWNrgAwQCW9LgAwQAW9j1AwQCXsfUAwQAbebb
AwQAhv/0AwQAhv/3AwQAmFnvAwQCucLsAwQCufJwAwQCufVgAwQCufiMAwQCufr4
AwQCwSDcAwQCwYcIAwQCwY4oAwQCwhq0AwQBwi0kAwQCwjCoAwQC1b4cMA0EAgAC
MAcDBQEqClHAMA0GCSqGSIb3DQEBCwUAA4IBAQB7gf8wnXUdn7D261tWGJnNVZdY
YoXhSVuC4z0urSeUhO21ADK12Gsnv+MSrK3RiYgnbjE5MX4ALzmlthntU55KcDIN
ay6f0Q+gylvQRSivu/9AhC22KWyuSj5UyztYgFKnVZwW5e+g6Cv36LkC5yIzuquH
XqZ2gyKFmcL3h8TtLx3C8seBTNiPb54vOTGo4Yks6eilVQu+Ney+cr1kjbaHE+Qx
kuYO3Waktdk0Azx2R7/B2vJsWHNHOH6cYrfT9l+1Q7tFCVISGKZ0Ra8Jw9MuGQZE
zk1ts2ufEkwpfpIgAhIF2XXOJX3G6e1rYW3Ak29yHglUX9aYn55y082JaPW1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:51 2024 by rpki-client on console-fra.rpki-client.org