Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/pcP9L6cE_pIViDo0l5ZgLrEOLwE.roa
File: pcP9L6cE_pIViDo0l5ZgLrEOLwE.roa (raw, json)
Hash identifier: SQkn75hSSThSIMNHrVQRBH996ZgyTsGHB81h+HDJ0TE=
Subject key identifier: A5:C3:FD:2F:A7:04:FE:92:15:88:3A:34:97:96:60:2E:B1:0E:2F:01
Certificate issuer: /CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Certificate serial: 04AD2AB4
Authority key identifier: 27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/pcP9L6cE_pIViDo0l5ZgLrEOLwE.roa
Signing time: Sat 01 Jan 2022 10:59:27 +0000
ROA not before: Sat 01 Jan 2022 10:59:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48314
IP address blocks: 185.245.96.0/24 maxlen: 24
185.245.96.0/22 maxlen: 22
185.245.97.0/24 maxlen: 24
185.245.98.0/24 maxlen: 24
185.245.99.0/24 maxlen: 24
185.194.238.0/24 maxlen: 24
185.194.236.0/22 maxlen: 22
185.194.239.0/24 maxlen: 24
185.194.236.0/24 maxlen: 24
185.194.237.0/24 maxlen: 24
193.32.221.0/24 maxlen: 24
193.32.220.0/22 maxlen: 22
193.32.222.0/24 maxlen: 24
193.32.220.0/24 maxlen: 24
193.32.223.0/24 maxlen: 24
185.248.141.0/24 maxlen: 24
185.248.140.0/22 maxlen: 22
185.248.142.0/24 maxlen: 24
185.248.140.0/24 maxlen: 24
185.248.143.0/24 maxlen: 24
46.251.251.0/24 maxlen: 24
185.242.112.0/22 maxlen: 22
185.242.112.0/24 maxlen: 24
88.218.224.0/24 maxlen: 24
88.218.225.0/24 maxlen: 24
88.218.224.0/22 maxlen: 22
185.242.113.0/24 maxlen: 24
185.242.114.0/24 maxlen: 24
185.242.115.0/24 maxlen: 24
88.218.226.0/24 maxlen: 24
134.255.244.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
134.255.247.0/24 maxlen: 24
194.26.182.0/24 maxlen: 24
194.26.183.0/24 maxlen: 24
194.26.180.0/22 maxlen: 22
194.26.180.0/24 maxlen: 24
194.26.181.0/24 maxlen: 24
91.210.224.0/24 maxlen: 24
91.210.225.0/24 maxlen: 24
91.210.224.0/22 maxlen: 22
91.210.226.0/24 maxlen: 24
91.210.227.0/24 maxlen: 24
185.250.248.0/24 maxlen: 24
185.250.249.0/24 maxlen: 24
185.250.248.0/22 maxlen: 22
185.250.250.0/24 maxlen: 24
185.250.251.0/24 maxlen: 24
109.230.219.0/24 maxlen: 24
31.214.144.0/24 maxlen: 24
94.199.212.0/22 maxlen: 22
94.199.213.0/24 maxlen: 24
94.199.212.0/24 maxlen: 24
94.199.214.0/24 maxlen: 24
94.199.215.0/24 maxlen: 24
213.190.28.0/24 maxlen: 24
213.190.28.0/22 maxlen: 22
213.190.31.0/24 maxlen: 24
213.190.29.0/24 maxlen: 24
213.190.30.0/24 maxlen: 24
194.48.171.0/24 maxlen: 24
194.48.169.0/24 maxlen: 24
194.48.168.0/22 maxlen: 22
194.48.170.0/24 maxlen: 24
194.48.168.0/24 maxlen: 24
91.216.245.0/24 maxlen: 24
193.135.8.0/24 maxlen: 24
193.135.9.0/24 maxlen: 24
193.135.8.0/22 maxlen: 22
193.135.11.0/24 maxlen: 24
193.135.10.0/24 maxlen: 24
193.142.41.0/24 maxlen: 24
193.142.40.0/22 maxlen: 22
193.142.42.0/24 maxlen: 24
193.142.40.0/24 maxlen: 24
193.142.43.0/24 maxlen: 24
2a0a:51c1::/32 maxlen: 32
2a0a:51c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78457524 (0x4ad2ab4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Validity
Not Before: Jan 1 10:59:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5c3fd2fa704fe9215883a349796602eb10e2f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:c1:6b:fb:81:12:0c:6b:9a:f7:38:09:77:
07:10:35:6c:71:06:41:b3:87:f9:92:d0:df:d0:41:
8b:a9:45:96:98:74:ef:28:46:9d:6f:0b:7f:9b:35:
16:48:04:15:cf:77:bd:92:2e:86:e2:00:1e:7a:11:
01:73:c1:ed:9a:e8:f5:75:24:d4:3b:86:4a:2d:b2:
2f:85:47:2c:4b:37:a4:99:59:f7:85:25:aa:50:2f:
9f:23:26:f2:e9:44:53:f3:78:91:69:81:8e:50:7f:
7c:f5:2d:dd:b1:af:a2:fd:6d:10:b4:1c:ea:ff:9e:
fa:2b:fb:2b:e2:14:5e:da:c8:ec:ab:88:f1:db:c3:
5e:e7:da:78:49:92:f1:54:c4:90:47:0c:01:e1:29:
fd:50:7f:ce:44:47:64:a4:9f:99:6a:d8:d2:f0:20:
33:50:7c:4c:6f:32:6d:67:d5:9f:df:a0:cb:e4:c7:
ff:15:38:9e:db:db:15:3c:82:f5:e7:a1:9a:71:07:
7f:f0:67:f8:66:62:e0:a8:1e:d1:dc:4d:f5:bc:09:
8b:a0:5e:8b:cb:5d:cf:b4:15:55:9e:3e:ee:87:1c:
02:8c:ac:39:2d:10:cb:88:39:d6:e4:ee:d2:34:b4:
19:0e:af:ba:56:aa:f5:cb:f3:21:c7:04:89:04:f8:
fa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C3:FD:2F:A7:04:FE:92:15:88:3A:34:97:96:60:2E:B1:0E:2F:01
X509v3 Authority Key Identifier:
keyid:27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/pcP9L6cE_pIViDo0l5ZgLrEOLwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.144.0/24
46.251.251.0/24
88.218.224.0/22
91.210.224.0/22
91.216.245.0/24
94.199.212.0/22
109.230.219.0/24
134.255.244.0/24
134.255.247.0/24
185.194.236.0/22
185.242.112.0/22
185.245.96.0/22
185.248.140.0/22
185.250.248.0/22
193.32.220.0/22
193.135.8.0/22
193.142.40.0/22
194.26.180.0/22
194.48.168.0/22
213.190.28.0/22
IPv6:
2a0a:51c0::/31
Signature Algorithm: sha256WithRSAEncryption
04:b5:29:d0:19:a7:b3:11:8a:98:2d:6c:01:55:ce:48:a4:c2:
b2:7c:88:c0:8d:ed:fb:ad:d9:c1:ec:8f:69:a0:bf:60:a0:3b:
3d:94:5c:35:30:d2:35:00:3b:84:9f:05:d5:fb:5c:31:ca:36:
0b:1a:12:51:f5:a0:f0:3d:cf:13:69:14:2d:3c:6c:0e:2a:e3:
5c:65:c9:14:fc:79:02:11:4e:4c:fa:9e:0e:18:dd:e0:24:88:
2c:55:81:8e:ed:26:dd:08:91:d6:2f:22:8d:57:06:a3:74:be:
11:1f:3e:3c:92:6b:ff:8a:80:14:bc:a3:19:6d:ec:6d:fa:6a:
ac:32:37:da:7c:c3:3e:33:df:8e:37:2b:75:60:2c:23:17:46:
08:66:1c:bc:d1:5e:bd:2e:83:5f:0a:ea:fc:63:61:c2:4d:b7:
09:6b:9c:ab:85:c4:44:ea:aa:8f:4d:70:7f:04:a0:6e:d2:b1:
32:1f:4e:33:7e:42:f6:e3:f4:10:c6:8a:1f:9f:7f:7a:c6:23:
62:10:af:66:5a:be:d5:fb:1d:cf:2d:39:02:99:ae:51:dd:d9:
4e:21:e1:01:53:13:23:4b:c8:4f:5c:8f:23:f6:0c:1b:e2:68:
67:4a:d9:70:ab:b1:38:34:2d:89:b0:8f:8b:f2:fb:a9:d1:74:
4a:74:5b:fb
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIEBK0qtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2MwMDdlNTA4MmI4ZThkODI4OTAxODcxOGNmZDUyN2E3ODkzZTVlMB4XDTIyMDEw
MTEwNTkyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVjM2ZkMmZhNzA0
ZmU5MjE1ODgzYTM0OTc5NjYwMmViMTBlMmYwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwhwWv7gRIMa5r3OAl3BxA1bHEGQbOH+ZLQ39BBi6lFlph0
7yhGnW8Lf5s1FkgEFc93vZIuhuIAHnoRAXPB7Zro9XUk1DuGSi2yL4VHLEs3pJlZ
94UlqlAvnyMm8ulEU/N4kWmBjlB/fPUt3bGvov1tELQc6v+e+iv7K+IUXtrI7KuI
8dvDXufaeEmS8VTEkEcMAeEp/VB/zkRHZKSfmWrY0vAgM1B8TG8ybWfVn9+gy+TH
/xU4ntvbFTyC9eehmnEHf/Bn+GZi4Kge0dxN9bwJi6Bei8tdz7QVVZ4+7occAoys
OS0Qy4g51uTu0jS0GQ6vulaq9cvzIccEiQT4+nMCAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBSlw/0vpwT+khWIOjSXlmAusQ4vATAfBgNVHSMEGDAWgBQnwAflCCuOjYKJ
AYcYz9Unp4k+XjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o4QUg1UWdyam8yQ2lRR0hHTV9WSjZlSlBsNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvMDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8x
L3BjUDlMNmNFX3BJVmlEbzBsNVpnTHJFT0x3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
MDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8xL0o4QUg1UWdyam8y
Q2lRR0hHTV9WSjZlSlBsNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wfgQCAAEweAMEAB/WkAMEAC77+wMEAlja4AME
AlvS4AMEAFvY9QMEAl7H1AMEAG3m2wMEAIb/9AMEAIb/9wMEArnC7AMEArnycAME
Arn1YAMEArn4jAMEArn6+AMEAsEg3AMEAsGHCAMEAsGOKAMEAsIatAMEAsIwqAME
AtW+HDANBAIAAjAHAwUBKgpRwDANBgkqhkiG9w0BAQsFAAOCAQEABLUp0BmnsxGK
mC1sAVXOSKTCsnyIwI3t+63ZweyPaaC/YKA7PZRcNTDSNQA7hJ8F1ftcMco2CxoS
UfWg8D3PE2kULTxsDirjXGXJFPx5AhFOTPqeDhjd4CSILFWBju0m3QiR1i8ijVcG
o3S+ER8+PJJr/4qAFLyjGW3sbfpqrDI32nzDPjPfjjcrdWAsIxdGCGYcvNFevS6D
Xwrq/GNhwk23CWucq4XEROqqj01wfwSgbtKxMh9OM35C9uP0EMaKH59/esYjYhCv
Zlq+1fsdzy05ApmuUd3ZTiHhAVMTI0vIT1yPI/YMG+JoZ0rZcKuxODQtibCPi/L7
qdF0SnRb+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:51 2024 by rpki-client on console-fra.rpki-client.org