Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/tIFmlA90yb185mTijMZSPw2tWK4.roa
File: tIFmlA90yb185mTijMZSPw2tWK4.roa (raw, json)
Hash identifier: jiDlKuZ9tIBiPCUUdDebDXOGvg2BdRzymbIp5K+t454=
Subject key identifier: B4:81:66:94:0F:74:C9:BD:7C:E6:64:E2:8C:C6:52:3F:0D:AD:58:AE
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 0188FC5E198407F2DDC8C0CC2ECAC4D51894
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/tIFmlA90yb185mTijMZSPw2tWK4.roa
Signing time: Tue 27 Jun 2023 10:20:05 +0000
ROA not before: Tue 27 Jun 2023 10:20:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3292
IP address blocks: 195.215.0.0/16 maxlen: 16
87.60.0.0/14 maxlen: 14
62.242.0.0/15 maxlen: 15
87.56.128.0/17 maxlen: 17
192.66.175.0/24 maxlen: 24
192.66.180.0/24 maxlen: 24
192.66.181.0/24 maxlen: 24
2.104.0.0/13 maxlen: 13
176.20.0.0/17 maxlen: 17
195.97.128.0/18 maxlen: 18
194.239.0.0/16 maxlen: 16
93.178.128.0/18 maxlen: 18
87.57.0.0/16 maxlen: 16
195.249.0.0/16 maxlen: 16
80.160.0.0/13 maxlen: 13
93.160.0.0/13 maxlen: 13
193.163.158.0/23 maxlen: 23
128.76.0.0/16 maxlen: 16
193.163.160.0/21 maxlen: 21
212.130.0.0/16 maxlen: 16
87.59.0.0/16 maxlen: 16
176.22.0.0/15 maxlen: 15
194.247.188.0/23 maxlen: 23
131.164.0.0/16 maxlen: 16
193.39.139.0/24 maxlen: 24
192.66.25.0/24 maxlen: 24
87.56.0.0/18 maxlen: 18
192.66.33.0/24 maxlen: 24
192.66.38.0/24 maxlen: 24
192.66.36.0/24 maxlen: 24
195.184.32.0/19 maxlen: 19
194.182.240.0/20 maxlen: 20
87.48.0.0/13 maxlen: 13
188.176.0.0/13 maxlen: 13
95.166.64.0/18 maxlen: 18
87.58.128.0/17 maxlen: 17
193.162.145.0/24 maxlen: 24
193.162.152.0/21 maxlen: 21
193.162.146.0/24 maxlen: 24
85.129.0.0/17 maxlen: 17
194.182.232.0/21 maxlen: 21
81.31.80.0/20 maxlen: 20
91.199.190.0/24 maxlen: 24
193.163.10.0/24 maxlen: 24
195.95.181.0/24 maxlen: 24
193.163.24.0/22 maxlen: 22
80.62.0.0/15 maxlen: 15
95.166.128.0/17 maxlen: 17
94.189.0.0/17 maxlen: 17
128.77.128.0/17 maxlen: 17
194.192.0.0/16 maxlen: 16
193.3.130.0/23 maxlen: 23
193.3.140.0/24 maxlen: 24
193.3.141.0/24 maxlen: 24
193.3.142.0/24 maxlen: 24
83.88.0.0/13 maxlen: 13
194.182.144.0/21 maxlen: 21
193.162.98.0/23 maxlen: 23
87.58.0.0/18 maxlen: 18
80.196.0.0/14 maxlen: 14
62.135.128.0/17 maxlen: 17
176.21.0.0/16 maxlen: 16
193.162.32.0/23 maxlen: 23
193.88.0.0/15 maxlen: 15
193.3.224.0/22 maxlen: 22
176.20.192.0/18 maxlen: 18
194.182.128.0/20 maxlen: 20
195.41.0.0/16 maxlen: 16
2001:6c8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:5e:19:84:07:f2:dd:c8:c0:cc:2e:ca:c4:d5:18:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Jun 27 10:20:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b48166940f74c9bd7ce664e28cc6523f0dad58ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:20:70:33:f4:52:7e:bd:eb:a0:b9:47:7c:67:
cb:b7:89:e5:8b:1c:99:ae:cd:93:81:04:62:2d:65:
54:a1:0f:da:f0:ff:f6:94:cd:eb:1f:86:01:b6:07:
cf:50:12:e1:e1:d3:6d:80:27:9a:d1:94:25:83:1b:
b9:40:3b:4c:07:b8:1a:f5:b4:c5:0e:2a:1b:6a:48:
aa:2f:52:b5:db:7e:f2:ce:5c:df:fa:ba:a6:d4:45:
fc:e8:7c:8a:c1:25:c8:d7:78:0d:e0:16:60:f5:51:
87:91:fa:53:5a:ec:06:95:73:52:c4:14:a4:56:a5:
96:91:c1:16:30:f0:52:a3:0c:0b:0b:4f:48:c6:77:
d9:79:e2:48:90:cb:14:aa:0c:2e:b1:ad:cd:50:a3:
7d:db:67:d6:29:27:e2:5a:47:51:36:5e:62:77:00:
b1:40:7a:d3:49:e7:75:15:fe:d5:4c:a6:da:fe:e1:
8a:76:8b:b2:f5:cb:37:5b:95:28:c5:72:35:ce:5c:
b7:1a:23:8a:3a:d8:91:2c:0a:87:bb:af:f3:d7:cb:
b7:f5:70:20:a4:68:15:07:be:89:d3:17:f4:f3:7a:
12:d4:9f:c0:63:be:61:70:cd:b2:49:c6:da:ec:cd:
76:39:b4:f2:f6:9c:28:95:fd:07:b9:09:3a:ee:6e:
98:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:81:66:94:0F:74:C9:BD:7C:E6:64:E2:8C:C6:52:3F:0D:AD:58:AE
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/tIFmlA90yb185mTijMZSPw2tWK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.104.0.0/13
62.135.128.0/17
62.242.0.0/15
80.62.0.0/15
80.160.0.0/13
80.196.0.0/14
81.31.80.0/20
83.88.0.0/13
85.129.0.0/17
87.48.0.0-87.56.63.255
87.56.128.0-87.58.63.255
87.58.128.0-87.63.255.255
91.199.190.0/24
93.160.0.0/13
93.178.128.0/18
94.189.0.0/17
95.166.64.0-95.166.255.255
128.76.0.0/16
128.77.128.0/17
131.164.0.0/16
176.20.0.0/17
176.20.192.0-176.23.255.255
188.176.0.0/13
192.66.25.0/24
192.66.33.0/24
192.66.36.0/24
192.66.38.0/24
192.66.175.0/24
192.66.180.0/23
193.3.130.0/23
193.3.140.0-193.3.142.255
193.3.224.0/22
193.39.139.0/24
193.88.0.0/15
193.162.32.0/23
193.162.98.0/23
193.162.145.0-193.162.146.255
193.162.152.0/21
193.163.10.0/24
193.163.24.0/22
193.163.158.0-193.163.167.255
194.182.128.0-194.182.151.255
194.182.232.0-194.182.255.255
194.192.0.0/16
194.239.0.0/16
194.247.188.0/23
195.41.0.0/16
195.95.181.0/24
195.97.128.0/18
195.184.32.0/19
195.215.0.0/16
195.249.0.0/16
212.130.0.0/16
IPv6:
2001:6c8::/29
Signature Algorithm: sha256WithRSAEncryption
6b:b1:aa:e0:f8:b6:34:71:5c:8d:93:c8:32:c2:0c:51:0d:5d:
6b:b2:66:64:f8:ed:57:ec:87:91:46:a2:a6:97:f1:4a:f2:b8:
89:ce:8f:eb:05:f6:69:17:29:95:8f:68:9f:5b:63:2d:d9:02:
97:45:f7:95:ae:97:8a:da:3e:40:b0:67:e8:c5:12:8b:ba:45:
55:ae:27:4d:0b:f4:54:06:b0:c0:01:9f:fa:6a:48:16:e2:92:
74:55:ff:8b:39:26:c3:01:7c:99:fa:52:32:e7:06:0f:1e:85:
e4:78:63:87:b8:7e:b1:03:71:9d:7d:cb:60:9a:f4:ce:25:4e:
da:e9:28:1c:80:bb:68:72:4c:53:1d:37:11:66:85:49:77:5f:
01:bf:a8:38:55:a9:8e:45:c2:ac:af:50:7f:9b:97:b6:77:35:
2e:2b:5a:14:ef:db:71:24:26:74:1e:1a:19:f1:dd:ee:36:57:
01:49:6a:de:62:d2:84:86:63:e7:e1:f0:f6:84:32:c4:66:58:
dc:8a:d4:4d:7d:9e:46:a8:0b:06:c9:19:69:93:72:23:8c:0a:
63:a8:77:d0:80:e1:3b:f4:27:e7:71:aa:11:db:c4:2e:45:e7:
63:7b:74:06:d0:25:e2:c8:75:ed:e2:24:1d:dc:43:bd:b9:12:
ca:1c:ac:00
-----BEGIN CERTIFICATE-----
MIIGiDCCBXCgAwIBAgISAYj8XhmEB/LdyMDMLsrE1RiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjMwNjI3MTAyMDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgxNjY5NDBmNzRjOWJkN2NlNjY0ZTI4Y2M2NTIzZjBkYWQ1OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziBwM/RSfr3roLlHfGfLt4nlixyZ
rs2TgQRiLWVUoQ/a8P/2lM3rH4YBtgfPUBLh4dNtgCea0ZQlgxu5QDtMB7ga9bTF
DiobakiqL1K1237yzlzf+rqm1EX86HyKwSXI13gN4BZg9VGHkfpTWuwGlXNSxBSk
VqWWkcEWMPBSowwLC09IxnfZeeJIkMsUqgwusa3NUKN922fWKSfiWkdRNl5idwCx
QHrTSed1Ff7VTKba/uGKdouy9cs3W5UoxXI1zly3GiOKOtiRLAqHu6/z18u39XAg
pGgVB76J0xf083oS1J/AY75hcM2yScba7M12ObTy9pwolf0HuQk67m6YcQIDAQAB
o4IDlDCCA5AwHQYDVR0OBBYEFLSBZpQPdMm9fOZk4ozGUj8NrViuMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvdElGbWxBOTB5YjE4NW1UaWpNWlNQdzJ0V0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqAYIKwYBBQUHAQcBAf8EggGXMIIBkzCCAYAEAgABMIIB
eAMDAwJoAwQHPoeAAwMBPvIDAwFQPgMDA1CgAwMCUMQDBARRH1ADAwNTWAMEB1WB
ADALAwMEVzADBAZXOAAwDAMEB1c4gAMEBlc6ADALAwQHVzqAAwMGVwADBABbx74D
AwNdoAMEBl2ygAMEB169ADALAwQGX6ZAAwMAX6YDAwCATAMEB4BNgAMDAIOkAwQH
sBQAMAsDBAawFMADAwOwEAMDA7ywAwQAwEIZAwQAwEIhAwQAwEIkAwQAwEImAwQA
wEKvAwQBwEK0AwQBwQOCMAwDBALBA4wDBADBA44DBALBA+ADBADBJ4sDAwHBWAME
AcGiIAMEAcGiYjAMAwQAwaKRAwQAwaKSAwQDwaKYAwQAwaMKAwQCwaMYMAwDBAHB
o54DBAPBo6AwDAMEB8K2gAMEA8K2kDALAwQDwrboAwMAwrYDAwDCwAMDAMLvAwQB
wve8AwMAwykDBADDX7UDBAbDYYADBAXDuCADAwDD1wMDAMP5AwMA1IIwDQQCAAIw
BwMFAyABBsgwDQYJKoZIhvcNAQELBQADggEBAGuxquD4tjRxXI2TyDLCDFENXWuy
ZmT47Vfsh5FGoqaX8UryuInOj+sF9mkXKZWPaJ9bYy3ZApdF95Wul4raPkCwZ+jF
Eou6RVWuJ00L9FQGsMABn/pqSBbiknRV/4s5JsMBfJn6UjLnBg8eheR4Y4e4frED
cZ19y2Ca9M4lTtrpKByAu2hyTFMdNxFmhUl3XwG/qDhVqY5FwqyvUH+bl7Z3NS4r
WhTv23EkJnQeGhnx3e42VwFJat5i0oSGY+fh8PaEMsRmWNyK1E19nkaoCwbJGWmT
ciOMCmOod9CA4Tv0J+dxqhHbxC5F52N7dAbQJeLIde3iJB3cQ725EsocrAA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:52 2024 by rpki-client on console-ams.rpki-client.org