Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/zmQbB1Bx5p7WjPJCb0QIWBrvK78.roa
File: zmQbB1Bx5p7WjPJCb0QIWBrvK78.roa (raw, json)
Hash identifier: vF1xxn44T4xXDDP4ovqCvc3iFhMcxwDcZItNbcr98LQ=
Subject key identifier: CE:64:1B:07:50:71:E6:9E:D6:8C:F2:42:6F:44:08:58:1A:EF:2B:BF
Certificate issuer: /CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Certificate serial: 055AAA87
Authority key identifier: 27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/zmQbB1Bx5p7WjPJCb0QIWBrvK78.roa
Signing time: Thu 17 Mar 2022 12:48:50 +0000
ROA not before: Thu 17 Mar 2022 12:48:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48314
IP address blocks: 185.245.96.0/24 maxlen: 24
185.245.97.0/24 maxlen: 24
185.245.98.0/24 maxlen: 24
185.245.99.0/24 maxlen: 24
185.194.238.0/24 maxlen: 24
185.194.239.0/24 maxlen: 24
185.194.236.0/24 maxlen: 24
185.194.237.0/24 maxlen: 24
193.32.221.0/24 maxlen: 24
193.32.222.0/24 maxlen: 24
193.32.220.0/24 maxlen: 24
193.32.223.0/24 maxlen: 24
185.248.141.0/24 maxlen: 24
185.248.142.0/24 maxlen: 24
185.248.140.0/24 maxlen: 24
185.248.143.0/24 maxlen: 24
46.251.251.0/24 maxlen: 24
185.242.112.0/24 maxlen: 24
185.242.113.0/24 maxlen: 24
88.218.224.0/24 maxlen: 24
88.218.225.0/24 maxlen: 24
185.242.114.0/24 maxlen: 24
185.242.115.0/24 maxlen: 24
88.218.226.0/24 maxlen: 24
88.218.227.0/24 maxlen: 24
134.255.244.0/24 maxlen: 24
45.10.24.0/24 maxlen: 24
134.255.247.0/24 maxlen: 24
194.26.182.0/24 maxlen: 24
194.26.183.0/24 maxlen: 24
194.26.180.0/24 maxlen: 24
194.26.181.0/24 maxlen: 24
194.45.196.0/23 maxlen: 24
91.210.224.0/24 maxlen: 24
91.210.225.0/24 maxlen: 24
91.210.226.0/24 maxlen: 24
91.210.227.0/24 maxlen: 24
185.250.248.0/24 maxlen: 24
185.250.249.0/24 maxlen: 24
5.180.64.0/24 maxlen: 24
185.250.250.0/24 maxlen: 24
185.250.251.0/24 maxlen: 24
5.180.67.0/24 maxlen: 24
5.180.65.0/24 maxlen: 24
5.180.66.0/24 maxlen: 24
109.230.219.0/24 maxlen: 24
152.89.236.0/24 maxlen: 24
152.89.237.0/24 maxlen: 24
152.89.238.0/24 maxlen: 24
31.214.144.0/24 maxlen: 24
152.89.239.0/24 maxlen: 24
94.199.213.0/24 maxlen: 24
94.199.212.0/24 maxlen: 24
94.199.214.0/24 maxlen: 24
94.199.215.0/24 maxlen: 24
213.190.28.0/24 maxlen: 24
213.190.31.0/24 maxlen: 24
213.190.29.0/24 maxlen: 24
213.190.30.0/24 maxlen: 24
194.48.171.0/24 maxlen: 24
194.48.169.0/24 maxlen: 24
194.48.170.0/24 maxlen: 24
194.48.168.0/24 maxlen: 24
45.133.9.0/24 maxlen: 24
45.133.8.0/24 maxlen: 24
45.133.10.0/23 maxlen: 24
194.45.37.0/24 maxlen: 24
194.45.36.0/24 maxlen: 24
91.216.245.0/24 maxlen: 24
193.135.8.0/24 maxlen: 24
193.135.9.0/24 maxlen: 24
193.135.11.0/24 maxlen: 24
193.135.10.0/24 maxlen: 24
45.10.26.0/24 maxlen: 24
45.10.25.0/24 maxlen: 24
45.10.27.0/24 maxlen: 24
193.142.41.0/24 maxlen: 24
193.142.42.0/24 maxlen: 24
193.142.40.0/24 maxlen: 24
193.142.43.0/24 maxlen: 24
45.91.100.0/24 maxlen: 24
45.91.101.0/24 maxlen: 24
45.91.103.0/24 maxlen: 24
45.91.102.0/24 maxlen: 24
2a0a:51c3::/32 maxlen: 32
2a0a:51c1::/32 maxlen: 32
2a0a:51c0::/32 maxlen: 32
2a0a:51c2::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89827975 (0x55aaa87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Validity
Not Before: Mar 17 12:48:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce641b075071e69ed68cf2426f4408581aef2bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7a:b5:d6:6f:d3:63:69:ea:08:e4:2f:83:18:
76:33:e5:b6:64:b0:87:b3:47:55:f2:6d:77:86:a1:
9a:30:a0:8b:96:b6:7f:a2:4b:4d:d4:7c:b3:33:8b:
56:f0:bd:c4:d0:f9:d2:99:22:cf:5e:24:c9:df:d8:
27:60:0e:ef:33:33:d0:47:01:da:d6:5b:42:b6:32:
32:ec:52:9f:65:36:90:7b:85:11:b1:e7:04:5f:2a:
df:6b:ef:10:87:01:8c:b9:f6:c0:75:a3:c3:c7:a7:
54:7e:29:12:26:3e:34:a2:5e:3f:03:ad:e1:7a:b9:
3c:5b:00:a7:e6:e3:b2:2c:b4:bc:ad:67:0a:0e:37:
df:3e:fd:fb:f0:8a:61:92:a9:87:8f:93:21:a1:1d:
63:ac:53:75:8d:38:00:25:db:6e:61:1a:a2:7b:53:
32:45:61:bb:67:04:e4:00:f9:cb:c0:57:74:6b:cd:
53:7b:38:5c:f4:28:4b:18:20:da:35:a2:4f:aa:d4:
fc:a5:13:3e:66:ca:89:f6:3b:05:90:2e:f7:f3:43:
d8:3a:34:f7:c6:e7:62:06:9a:70:6b:22:80:09:45:
f6:96:aa:26:76:79:91:81:9f:ce:d1:fa:ad:50:a7:
f9:5e:ee:a2:b0:76:aa:07:b6:23:b6:9e:ea:a7:fb:
51:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:64:1B:07:50:71:E6:9E:D6:8C:F2:42:6F:44:08:58:1A:EF:2B:BF
X509v3 Authority Key Identifier:
keyid:27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/zmQbB1Bx5p7WjPJCb0QIWBrvK78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.64.0/22
31.214.144.0/24
45.10.24.0/22
45.91.100.0/22
45.133.8.0/22
46.251.251.0/24
88.218.224.0/22
91.210.224.0/22
91.216.245.0/24
94.199.212.0/22
109.230.219.0/24
134.255.244.0/24
134.255.247.0/24
152.89.236.0/22
185.194.236.0/22
185.242.112.0/22
185.245.96.0/22
185.248.140.0/22
185.250.248.0/22
193.32.220.0/22
193.135.8.0/22
193.142.40.0/22
194.26.180.0/22
194.45.36.0/23
194.45.196.0/23
194.48.168.0/22
213.190.28.0/22
IPv6:
2a0a:51c0::/30
Signature Algorithm: sha256WithRSAEncryption
a4:19:ee:eb:24:2a:a1:a0:48:93:c2:0e:e5:44:c7:10:35:bd:
3b:6a:cb:18:17:ba:e1:b9:0f:13:a4:75:e9:aa:fd:0c:3d:e1:
9e:22:94:bd:52:5a:cb:1e:fd:50:8c:a3:88:26:96:a4:05:04:
fe:c8:73:12:6c:02:21:9d:82:64:98:e6:fd:35:c2:6d:ea:57:
75:83:23:b5:81:f6:86:60:c8:b4:17:56:0f:83:3b:ad:45:58:
b0:03:6a:50:94:c6:8d:11:bc:24:51:30:84:db:d3:3e:cf:e2:
af:10:f1:9b:8c:dc:5c:a8:12:bd:15:2a:da:85:e2:27:4d:d2:
70:ef:55:d7:77:cf:e4:b3:db:27:ac:c6:c1:56:ff:df:83:7e:
41:2c:1e:21:1d:24:25:af:34:82:05:d8:8c:5c:f6:e9:44:61:
71:da:e5:9c:a2:d8:41:0d:81:53:4d:9b:7e:2a:aa:80:a7:35:
9d:ea:0e:2e:3f:c0:28:dd:c6:f9:97:12:7d:80:3c:73:e1:50:
52:b4:2c:86:b5:d1:f9:26:2e:7b:83:81:dc:47:92:7f:45:41:
6e:5f:42:1f:e7:8d:18:79:fa:e8:96:8f:f9:5c:5a:5f:d7:d8:
85:53:06:74:70:da:7c:6c:99:91:23:7b:84:bb:6c:93:c3:af:
37:8f:ea:37
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIEBVqqhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2MwMDdlNTA4MmI4ZThkODI4OTAxODcxOGNmZDUyN2E3ODkzZTVlMB4XDTIyMDMx
NzEyNDg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2U2NDFiMDc1MDcx
ZTY5ZWQ2OGNmMjQyNmY0NDA4NTgxYWVmMmJiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZ6tdZv02Np6gjkL4MYdjPltmSwh7NHVfJtd4ahmjCgi5a2
f6JLTdR8szOLVvC9xND50pkiz14kyd/YJ2AO7zMz0EcB2tZbQrYyMuxSn2U2kHuF
EbHnBF8q32vvEIcBjLn2wHWjw8enVH4pEiY+NKJePwOt4Xq5PFsAp+bjsiy0vK1n
Cg433z79+/CKYZKph4+TIaEdY6xTdY04ACXbbmEaontTMkVhu2cE5AD5y8BXdGvN
U3s4XPQoSxgg2jWiT6rU/KUTPmbKifY7BZAu9/ND2Do098bnYgaacGsigAlF9paq
JnZ5kYGfztH6rVCn+V7uorB2qge2I7ae6qf7UaECAwEAAaOCArkwggK1MB0GA1Ud
DgQWBBTOZBsHUHHmntaM8kJvRAhYGu8rvzAfBgNVHSMEGDAWgBQnwAflCCuOjYKJ
AYcYz9Unp4k+XjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o4QUg1UWdyam8yQ2lRR0hHTV9WSjZlSlBsNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvMDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8x
L3ptUWJCMUJ4NXA3V2pQSkNiMFFJV0Jydks3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
MDZmZTE0LWQxNDYtNGU2Ni1hODQxLTJjNjRjMjkxMzUzZS8xL0o4QUg1UWdyam8y
Q2lRR0hHTV9WSjZlSlBsNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zgYIKwYBBQUHAQcBAf8Egb4wgbswgakEAgABMIGiAwQCBbRAAwQAH9aQAwQCLQoY
AwQCLVtkAwQCLYUIAwQALvv7AwQCWNrgAwQCW9LgAwQAW9j1AwQCXsfUAwQAbebb
AwQAhv/0AwQAhv/3AwQCmFnsAwQCucLsAwQCufJwAwQCufVgAwQCufiMAwQCufr4
AwQCwSDcAwQCwYcIAwQCwY4oAwQCwhq0AwQBwi0kAwQBwi3EAwQCwjCoAwQC1b4c
MA0EAgACMAcDBQIqClHAMA0GCSqGSIb3DQEBCwUAA4IBAQCkGe7rJCqhoEiTwg7l
RMcQNb07assYF7rhuQ8TpHXpqv0MPeGeIpS9UlrLHv1QjKOIJpakBQT+yHMSbAIh
nYJkmOb9NcJt6ld1gyO1gfaGYMi0F1YPgzutRViwA2pQlMaNEbwkUTCE29M+z+Kv
EPGbjNxcqBK9FSraheInTdJw71XXd8/ks9snrMbBVv/fg35BLB4hHSQlrzSCBdiM
XPbpRGFx2uWcothBDYFTTZt+KqqApzWd6g4uP8Ao3cb5lxJ9gDxz4VBStCyGtdH5
Ji57g4HcR5J/RUFuX0If540Yefrolo/5XFpf19iFUwZ0cNp8bJmRI3uEu2yTw683
j+o3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:54 2024 by rpki-client on console-ams.rpki-client.org