Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/xnMfH71QBvI0q8FX4kk6_JgmaHs.roa
File: xnMfH71QBvI0q8FX4kk6_JgmaHs.roa (raw, json)
Hash identifier: Nj093bogpVSMic9zjLcAGwRRTB3LT3NdkhYUsOwDb5Y=
Subject key identifier: C6:73:1F:1F:BD:50:06:F2:34:AB:C1:57:E2:49:3A:FC:98:26:68:7B
Certificate issuer: /CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Certificate serial: 01856ECB5DB36D55209680093AE336213C99
Authority key identifier: 27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/xnMfH71QBvI0q8FX4kk6_JgmaHs.roa
Signing time: Sun 01 Jan 2023 19:24:59 +0000
ROA not before: Sun 01 Jan 2023 19:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 185.245.96.0/24 maxlen: 24
185.245.97.0/24 maxlen: 24
185.245.98.0/24 maxlen: 24
185.245.99.0/24 maxlen: 24
185.194.238.0/24 maxlen: 24
185.194.239.0/24 maxlen: 24
185.194.236.0/24 maxlen: 24
185.194.237.0/24 maxlen: 24
193.32.221.0/24 maxlen: 24
193.32.222.0/24 maxlen: 24
193.32.220.0/24 maxlen: 24
193.32.223.0/24 maxlen: 24
185.248.141.0/24 maxlen: 24
185.248.142.0/24 maxlen: 24
185.248.140.0/24 maxlen: 24
185.248.143.0/24 maxlen: 24
46.251.251.0/24 maxlen: 24
185.242.112.0/24 maxlen: 24
185.242.113.0/24 maxlen: 24
88.218.224.0/24 maxlen: 24
88.218.225.0/24 maxlen: 24
185.242.114.0/24 maxlen: 24
185.242.115.0/24 maxlen: 24
88.218.226.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
134.255.244.0/24 maxlen: 24
45.10.24.0/24 maxlen: 24
134.255.247.0/24 maxlen: 24
194.26.182.0/24 maxlen: 24
194.26.183.0/24 maxlen: 24
194.26.180.0/24 maxlen: 24
194.26.181.0/24 maxlen: 24
194.45.196.0/23 maxlen: 24
91.210.224.0/24 maxlen: 24
91.210.225.0/24 maxlen: 24
91.210.226.0/24 maxlen: 24
91.210.227.0/24 maxlen: 24
185.250.248.0/24 maxlen: 24
185.250.249.0/24 maxlen: 24
5.180.64.0/24 maxlen: 24
185.250.250.0/24 maxlen: 24
185.250.251.0/24 maxlen: 24
5.180.67.0/24 maxlen: 24
5.180.65.0/24 maxlen: 24
5.180.66.0/24 maxlen: 24
109.230.219.0/24 maxlen: 24
152.89.236.0/24 maxlen: 24
152.89.237.0/24 maxlen: 24
152.89.238.0/24 maxlen: 24
31.214.144.0/24 maxlen: 24
152.89.239.0/24 maxlen: 24
94.199.213.0/24 maxlen: 24
94.199.212.0/24 maxlen: 24
94.199.214.0/24 maxlen: 24
94.199.215.0/24 maxlen: 24
213.190.28.0/24 maxlen: 24
213.190.31.0/24 maxlen: 24
213.190.29.0/24 maxlen: 24
213.190.30.0/24 maxlen: 24
194.48.171.0/24 maxlen: 24
194.48.169.0/24 maxlen: 24
194.48.170.0/24 maxlen: 24
194.48.168.0/24 maxlen: 24
45.133.9.0/24 maxlen: 24
45.133.8.0/24 maxlen: 24
45.133.10.0/23 maxlen: 24
194.45.37.0/24 maxlen: 24
194.45.36.0/24 maxlen: 24
91.216.245.0/24 maxlen: 24
193.135.8.0/24 maxlen: 24
193.135.9.0/24 maxlen: 24
193.135.11.0/24 maxlen: 24
193.135.10.0/24 maxlen: 24
45.10.26.0/24 maxlen: 24
45.10.25.0/24 maxlen: 24
45.10.27.0/24 maxlen: 24
193.142.41.0/24 maxlen: 24
193.142.42.0/24 maxlen: 24
193.142.40.0/24 maxlen: 24
193.142.43.0/24 maxlen: 24
45.91.100.0/24 maxlen: 24
45.91.101.0/24 maxlen: 24
45.91.103.0/24 maxlen: 24
45.91.102.0/24 maxlen: 24
2a0a:51c3::/32 maxlen: 32
2a0a:51c1::/32 maxlen: 48
2a0a:51c4::/32 maxlen: 48
2a0a:51c0::/32 maxlen: 32
2a0a:51c2::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:5d:b3:6d:55:20:96:80:09:3a:e3:36:21:3c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Validity
Not Before: Jan 1 19:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6731f1fbd5006f234abc157e2493afc9826687b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7b:67:b1:e5:5d:42:4b:50:75:bc:25:a5:c6:
9d:e5:25:16:a8:93:f3:33:9b:8d:8b:f6:8f:cd:91:
70:9d:29:0d:e5:98:07:41:6e:80:2f:b7:87:37:9b:
9e:4c:2d:fd:c7:60:ea:cd:c7:62:9a:c0:cf:cd:51:
e3:66:24:2c:3a:df:3d:55:b3:f4:d1:13:87:7e:ab:
2b:39:c4:d9:4c:ae:37:d4:0b:d4:dc:2f:d4:5b:54:
d3:23:02:fd:2c:6c:09:77:5f:db:77:ee:fa:a1:d6:
74:de:c4:a4:65:2b:c2:29:8b:38:ec:99:8c:76:d2:
7e:33:01:49:c6:21:bf:72:5e:da:2b:ad:f3:83:b6:
18:f3:f7:6e:7c:7f:c6:f6:d2:38:82:0e:19:32:6d:
e4:83:9d:63:6a:47:b3:37:0b:1b:14:3a:73:18:7b:
05:e6:20:45:2a:66:8d:a4:bb:a6:f8:65:9a:c0:9b:
18:b0:89:6b:3b:d3:a5:03:17:81:12:e9:71:a8:5a:
3f:15:2e:39:f7:5a:d4:d2:f2:61:a5:00:f4:40:30:
31:eb:37:9d:dc:be:f3:ce:9d:89:5c:2e:83:de:5f:
7e:12:8d:06:d9:f6:d6:96:c9:4e:2a:2d:9d:42:57:
ea:4f:b6:20:7a:ff:fa:b4:18:d0:37:3d:81:d7:01:
d3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:73:1F:1F:BD:50:06:F2:34:AB:C1:57:E2:49:3A:FC:98:26:68:7B
X509v3 Authority Key Identifier:
keyid:27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/xnMfH71QBvI0q8FX4kk6_JgmaHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.64.0/22
31.214.144.0/24
45.10.24.0/22
45.91.100.0/22
45.133.8.0/22
46.251.251.0/24
88.218.224.0/22
91.210.224.0/22
91.216.245.0/24
94.199.212.0/22
109.230.219.0/24
134.255.244.0/24
134.255.247.0/24
152.89.236.0/22
185.194.236.0/22
185.242.112.0/22
185.245.96.0/22
185.248.140.0/22
185.250.248.0/22
193.32.220.0/22
193.135.8.0/22
193.142.40.0/22
194.26.180.0/22
194.45.36.0/23
194.45.196.0/23
194.48.168.0/22
213.190.28.0/22
IPv6:
2a0a:51c0::-2a0a:51c4:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:77:ee:d2:d8:02:79:01:e6:58:da:95:b6:69:66:c2:ae:a2:
61:68:e5:53:a1:ef:aa:62:59:2c:70:d9:37:ea:58:1a:e6:d4:
96:8f:6b:a3:45:cb:ac:58:61:0f:5c:d3:cf:15:e8:83:47:e4:
d5:fc:ed:51:a9:cf:aa:e5:aa:c0:64:60:43:c3:e6:a7:71:d6:
f3:ad:4d:d7:1b:21:a8:e1:20:05:fd:33:11:9e:a7:6e:f5:c1:
cb:aa:5f:81:ac:69:4f:06:61:52:83:51:0e:53:ea:34:2d:33:
7f:b6:f2:28:20:f5:61:d9:84:ef:5c:7b:d3:6f:41:e3:36:d6:
72:33:4b:e0:35:43:60:2b:7f:71:16:c4:ce:36:40:04:90:0f:
4e:b6:b5:d5:dc:e1:9a:a7:8b:f2:ca:2a:2a:f4:da:c4:47:77:
5a:64:d4:e8:d6:08:0d:8c:de:57:f7:eb:8d:8c:ea:58:f0:9c:
65:bb:6d:fd:a7:09:04:09:cf:51:7c:e0:9a:58:f6:8c:39:1c:
99:bf:4b:0d:61:87:a7:c2:11:42:90:97:de:21:59:20:21:40:
60:2e:66:93:58:33:31:f3:cd:57:7c:88:e5:4f:b3:7d:50:62:
78:7c:2b:0c:8f:34:6d:61:79:18:64:bb:b6:3e:11:6d:65:5e:
fe:f9:aa:25
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYVuy12zbVUgloAJOuM2ITyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzAwN2U1MDgyYjhlOGQ4Mjg5MDE4NzE4Y2ZkNTI3YTc4
OTNlNWUwHhcNMjMwMTAxMTkyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjczMWYxZmJkNTAwNmYyMzRhYmMxNTdlMjQ5M2FmYzk4MjY2ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3tnseVdQktQdbwlpcad5SUWqJPz
M5uNi/aPzZFwnSkN5ZgHQW6AL7eHN5ueTC39x2DqzcdimsDPzVHjZiQsOt89VbP0
0ROHfqsrOcTZTK431AvU3C/UW1TTIwL9LGwJd1/bd+76odZ03sSkZSvCKYs47JmM
dtJ+MwFJxiG/cl7aK63zg7YY8/dufH/G9tI4gg4ZMm3kg51jakezNwsbFDpzGHsF
5iBFKmaNpLum+GWawJsYsIlrO9OlAxeBEulxqFo/FS4591rU0vJhpQD0QDAx6zed
3L7zzp2JXC6D3l9+Eo0G2fbWlslOKi2dQlfqT7Ygev/6tBjQNz2B1wHTewIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFMZzHx+9UAbyNKvBV+JJOvyYJmh7MB8GA1UdIwQY
MBaAFCfAB+UIK46NgokBhxjP1SeniT5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhBSDVRZ3JqbzJDaVFHSEdNX1ZKNmVKUGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8wNmZlMTQtZDE0Ni00ZTY2LWE4NDEt
MmM2NGMyOTEzNTNlLzEveG5NZkg3MVFCdkkwcThGWDRrazZfSmdtYUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8wNmZlMTQtZDE0Ni00ZTY2LWE4NDEtMmM2NGMyOTEzNTNl
LzEvSjhBSDVRZ3JqbzJDaVFHSEdNX1ZKNmVKUGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBqQQCAAEwgaIDBAIF
tEADBAAf1pADBAItChgDBAItW2QDBAIthQgDBAAu+/sDBAJY2uADBAJb0uADBABb
2PUDBAJex9QDBABt5tsDBACG//QDBACG//cDBAKYWewDBAK5wuwDBAK58nADBAK5
9WADBAK5+IwDBAK5+vgDBALBINwDBALBhwgDBALBjigDBALCGrQDBAHCLSQDBAHC
LcQDBALCMKgDBALVvhwwFgQCAAIwEDAOAwUGKgpRwAMFACoKUcQwDQYJKoZIhvcN
AQELBQADggEBAHZ37tLYAnkB5ljalbZpZsKuomFo5VOh76piWSxw2TfqWBrm1JaP
a6NFy6xYYQ9c088V6INH5NX87VGpz6rlqsBkYEPD5qdx1vOtTdcbIajhIAX9MxGe
p271wcuqX4GsaU8GYVKDUQ5T6jQtM3+28igg9WHZhO9ce9NvQeM21nIzS+A1Q2Ar
f3EWxM42QASQD062tdXc4Zqni/LKKir02sRHd1pk1OjWCA2M3lf3642M6ljwnGW7
bf2nCQQJz1F84JpY9ow5HJm/Sw1hh6fCEUKQl94hWSAhQGAuZpNYMzHzzVd8iOVP
s31QYnh8KwyPNG1heRhku7Y+EW1lXv75qiU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:54 2024 by rpki-client on console-ams.rpki-client.org