Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/kHx6uQY6PsgBONDuksDeFZTqHsM.roa
File: kHx6uQY6PsgBONDuksDeFZTqHsM.roa (raw, json)
Hash identifier: z9bkUHVKEp5PZe1Z3Iy5yIyIhSWHNwFi8EeEKTs60XE=
Subject key identifier: 90:7C:7A:B9:06:3A:3E:C8:01:38:D0:EE:92:C0:DE:15:94:EA:1E:C3
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 0186835FBCFE23F500D5B449D1A58FF02A91
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/kHx6uQY6PsgBONDuksDeFZTqHsM.roa
Signing time: Fri 24 Feb 2023 12:22:14 +0000
ROA not before: Fri 24 Feb 2023 12:22:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3292
IP address blocks: 195.215.0.0/16 maxlen: 16
62.242.0.0/15 maxlen: 15
192.66.175.0/24 maxlen: 24
192.66.180.0/24 maxlen: 24
192.66.181.0/24 maxlen: 24
2.104.0.0/13 maxlen: 13
176.20.0.0/17 maxlen: 17
195.97.128.0/18 maxlen: 18
194.239.0.0/16 maxlen: 16
176.20.0.0/14 maxlen: 14
93.178.128.0/18 maxlen: 18
195.249.0.0/16 maxlen: 16
80.160.0.0/13 maxlen: 13
93.160.0.0/13 maxlen: 13
193.163.158.0/23 maxlen: 23
128.76.0.0/16 maxlen: 16
193.163.160.0/21 maxlen: 21
212.130.0.0/16 maxlen: 16
176.22.0.0/15 maxlen: 15
194.247.188.0/23 maxlen: 23
131.164.0.0/16 maxlen: 16
193.39.139.0/24 maxlen: 24
192.66.25.0/24 maxlen: 24
192.66.33.0/24 maxlen: 24
192.66.38.0/24 maxlen: 24
192.66.36.0/24 maxlen: 24
195.184.32.0/19 maxlen: 19
194.182.240.0/20 maxlen: 20
188.176.0.0/13 maxlen: 13
95.166.64.0/18 maxlen: 18
193.162.145.0/24 maxlen: 24
193.162.152.0/21 maxlen: 21
193.162.146.0/24 maxlen: 24
95.166.0.0/16 maxlen: 16
85.129.0.0/17 maxlen: 17
194.182.232.0/21 maxlen: 21
81.31.80.0/20 maxlen: 20
91.199.190.0/24 maxlen: 24
87.48.0.0/12 maxlen: 12
193.163.10.0/24 maxlen: 24
195.95.181.0/24 maxlen: 24
193.163.24.0/22 maxlen: 22
80.62.0.0/15 maxlen: 15
95.166.128.0/17 maxlen: 17
94.189.0.0/17 maxlen: 17
128.77.128.0/17 maxlen: 17
194.192.0.0/16 maxlen: 16
193.3.130.0/23 maxlen: 23
193.3.140.0/24 maxlen: 24
193.3.141.0/24 maxlen: 24
193.3.142.0/24 maxlen: 24
83.88.0.0/13 maxlen: 13
194.182.144.0/21 maxlen: 21
193.162.98.0/23 maxlen: 23
80.196.0.0/14 maxlen: 14
62.135.128.0/17 maxlen: 17
176.21.0.0/16 maxlen: 16
193.162.32.0/23 maxlen: 23
193.88.0.0/15 maxlen: 15
193.3.224.0/22 maxlen: 22
176.20.192.0/18 maxlen: 18
194.182.128.0/20 maxlen: 20
195.41.0.0/16 maxlen: 16
2001:6c8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:5f:bc:fe:23:f5:00:d5:b4:49:d1:a5:8f:f0:2a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Feb 24 12:22:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=907c7ab9063a3ec80138d0ee92c0de1594ea1ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:aa:92:74:85:6e:18:27:72:47:b7:48:1d:e2:
66:85:82:8d:1e:86:88:74:c5:04:5e:52:68:0e:62:
7c:70:ef:26:9d:af:d1:60:11:28:79:14:08:ae:37:
d4:02:ad:3d:24:2a:73:f6:a4:e1:1d:ea:96:78:74:
f7:42:11:17:d0:58:a7:b8:f6:72:e5:9d:a6:b9:f4:
d9:03:c4:4a:ce:23:24:7b:ac:a5:d9:2e:f5:af:66:
72:13:5f:3a:be:b3:83:2f:9c:9e:92:1a:7f:da:5e:
4e:5f:0c:c4:66:48:47:21:31:f2:76:56:e3:66:d0:
c5:c9:9e:8d:f0:b8:64:d3:d2:67:8e:a8:fd:2c:67:
37:c8:39:5b:45:de:07:af:90:1c:b3:35:ad:dd:9b:
88:39:a1:37:e5:91:dd:3f:4b:1a:d3:56:29:6d:f8:
ae:31:61:9e:93:b1:84:68:8d:2a:64:bc:32:82:5e:
87:8b:cb:f1:c3:cc:6c:9f:e3:e4:e6:86:91:72:02:
ef:fc:47:a0:98:b3:d4:be:53:b9:b7:8b:34:f4:1b:
44:a4:e7:23:55:74:90:60:71:3b:53:00:5f:41:e5:
c5:47:0c:87:b5:41:6a:12:68:79:be:2d:ad:2e:1a:
68:11:66:dc:e8:9f:15:2a:1f:bc:62:e4:8d:7f:0f:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7C:7A:B9:06:3A:3E:C8:01:38:D0:EE:92:C0:DE:15:94:EA:1E:C3
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/kHx6uQY6PsgBONDuksDeFZTqHsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.104.0.0/13
62.135.128.0/17
62.242.0.0/15
80.62.0.0/15
80.160.0.0/13
80.196.0.0/14
81.31.80.0/20
83.88.0.0/13
85.129.0.0/17
87.48.0.0/12
91.199.190.0/24
93.160.0.0/13
93.178.128.0/18
94.189.0.0/17
95.166.0.0/16
128.76.0.0/16
128.77.128.0/17
131.164.0.0/16
176.20.0.0/14
188.176.0.0/13
192.66.25.0/24
192.66.33.0/24
192.66.36.0/24
192.66.38.0/24
192.66.175.0/24
192.66.180.0/23
193.3.130.0/23
193.3.140.0-193.3.142.255
193.3.224.0/22
193.39.139.0/24
193.88.0.0/15
193.162.32.0/23
193.162.98.0/23
193.162.145.0-193.162.146.255
193.162.152.0/21
193.163.10.0/24
193.163.24.0/22
193.163.158.0-193.163.167.255
194.182.128.0-194.182.151.255
194.182.232.0-194.182.255.255
194.192.0.0/16
194.239.0.0/16
194.247.188.0/23
195.41.0.0/16
195.95.181.0/24
195.97.128.0/18
195.184.32.0/19
195.215.0.0/16
195.249.0.0/16
212.130.0.0/16
IPv6:
2001:6c8::/29
Signature Algorithm: sha256WithRSAEncryption
2b:03:ea:12:ff:bc:c3:04:56:e9:6a:8c:0f:d3:56:3e:2b:d1:
35:b3:17:ae:4a:da:1a:27:d5:59:8a:1a:b2:4c:da:fe:c5:de:
43:7c:87:47:d0:9d:24:82:6a:1c:7c:32:dd:fa:fc:2c:e4:d0:
f9:37:dd:6c:29:cf:92:86:21:9c:80:07:b9:e9:c3:1b:8b:3d:
86:97:5c:e3:a0:96:91:b8:1c:55:54:77:79:ae:5f:71:94:75:
b0:7f:fa:04:f1:88:79:1c:f6:d9:ec:74:97:f4:e6:c9:44:4c:
75:e8:e2:2e:a1:c6:0c:5c:63:c4:88:92:9c:de:a9:84:25:4b:
db:66:f2:d8:56:14:ad:c0:25:15:25:87:29:4b:dd:76:78:41:
f4:12:84:b2:a3:f1:b8:47:55:ff:64:49:7a:7f:33:f7:00:77:
13:30:06:b0:e4:5c:56:22:ae:8f:2d:6d:e8:6f:00:8d:46:11:
82:24:16:69:96:4f:48:05:ca:35:7c:c3:fa:c8:a5:a0:5c:39:
9f:9d:46:b1:d1:cf:03:79:99:ec:4c:e1:e9:48:cb:c4:01:8b:
0f:4b:8c:72:ea:55:02:7f:d1:eb:50:c2:2b:44:d2:c9:7d:1d:
5c:94:26:2e:cb:a9:dc:81:3e:83:07:ba:f2:c6:a3:d4:e1:a0:
54:b3:19:c0
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAYaDX7z+I/UA1bRJ0aWP8CqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjMwMjI0MTIyMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdjN2FiOTA2M2EzZWM4MDEzOGQwZWU5MmMwZGUxNTk0ZWExZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6qSdIVuGCdyR7dIHeJmhYKNHoaI
dMUEXlJoDmJ8cO8mna/RYBEoeRQIrjfUAq09JCpz9qThHeqWeHT3QhEX0FinuPZy
5Z2mufTZA8RKziMke6yl2S71r2ZyE186vrODL5yekhp/2l5OXwzEZkhHITHydlbj
ZtDFyZ6N8Lhk09Jnjqj9LGc3yDlbRd4Hr5AcszWt3ZuIOaE35ZHdP0sa01Ypbfiu
MWGek7GEaI0qZLwygl6Hi8vxw8xsn+Pk5oaRcgLv/EegmLPUvlO5t4s09BtEpOcj
VXSQYHE7UwBfQeXFRwyHtUFqEmh5vi2tLhpoEWbc6J8VKh+8YuSNfw86CwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFJB8erkGOj7IATjQ7pLA3hWU6h7DMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEva0h4NnVRWTZQc2dCT05EdWtzRGVGWlRxSHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAUcEAgABMIIB
PwMDAwJoAwQHPoeAAwMBPvIDAwFQPgMDA1CgAwMCUMQDBARRH1ADAwNTWAMEB1WB
AAMDBFcwAwQAW8e+AwMDXaADBAZdsoADBAdevQADAwBfpgMDAIBMAwQHgE2AAwMA
g6QDAwKwFAMDA7ywAwQAwEIZAwQAwEIhAwQAwEIkAwQAwEImAwQAwEKvAwQBwEK0
AwQBwQOCMAwDBALBA4wDBADBA44DBALBA+ADBADBJ4sDAwHBWAMEAcGiIAMEAcGi
YjAMAwQAwaKRAwQAwaKSAwQDwaKYAwQAwaMKAwQCwaMYMAwDBAHBo54DBAPBo6Aw
DAMEB8K2gAMEA8K2kDALAwQDwrboAwMAwrYDAwDCwAMDAMLvAwQBwve8AwMAwykD
BADDX7UDBAbDYYADBAXDuCADAwDD1wMDAMP5AwMA1IIwDQQCAAIwBwMFAyABBsgw
DQYJKoZIhvcNAQELBQADggEBACsD6hL/vMMEVulqjA/TVj4r0TWzF65K2hon1VmK
GrJM2v7F3kN8h0fQnSSCahx8Mt36/Czk0Pk33Wwpz5KGIZyAB7npwxuLPYaXXOOg
lpG4HFVUd3muX3GUdbB/+gTxiHkc9tnsdJf05slETHXo4i6hxgxcY8SIkpzeqYQl
S9tm8thWFK3AJRUlhylL3XZ4QfQShLKj8bhHVf9kSXp/M/cAdxMwBrDkXFYiro8t
behvAI1GEYIkFmmWT0gFyjV8w/rIpaBcOZ+dRrHRzwN5mexM4elIy8QBiw9LjHLq
VQJ/0etQwitE0sl9HVyUJi7LqdyBPoMHuvLGo9ThoFSzGcA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:52 2024 by rpki-client on console-ams.rpki-client.org