Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NLThnbPT3xV6OMD8s-dOm_DBu4I.roa
File: NLThnbPT3xV6OMD8s-dOm_DBu4I.roa (raw, json)
Hash identifier: 0mzLFKcTqTIOfuSMWmzzH6LbWnyrY3zQSJoG6qIohx4=
Subject key identifier: 34:B4:E1:9D:B3:D3:DF:15:7A:38:C0:FC:B3:E7:4E:9B:F0:C1:BB:82
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019216137E90501118A62C0D4E357257CC4F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NLThnbPT3xV6OMD8s-dOm_DBu4I.roa
Signing time: Sat 21 Sep 2024 19:33:49 +0000
ROA not before: Sat 21 Sep 2024 19:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58057
IP address blocks: 31.42.183.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
45.136.136.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
93.88.200.0/21 maxlen: 24
94.177.122.0/24 maxlen: 24
109.61.104.0/21 maxlen: 24
139.28.96.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:16:13:7e:90:50:11:18:a6:2c:0d:4e:35:72:57:cc:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 21 19:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34b4e19db3d3df157a38c0fcb3e74e9bf0c1bb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cb:28:1d:4d:18:a1:01:6b:59:8b:15:5d:5d:
1b:b8:73:b7:f4:45:10:3a:34:22:a9:d6:1e:d1:52:
19:36:be:8c:d7:60:f2:90:c7:2f:52:77:9f:1a:70:
58:7a:08:96:5d:7a:bb:9a:08:25:97:20:12:b9:b2:
1c:8f:88:4b:a0:2f:88:76:0e:b8:71:82:45:5e:2e:
43:b4:d8:fa:52:9a:9a:f0:f3:80:89:1d:94:61:27:
fc:9e:6d:18:f1:a3:b0:2f:e7:ed:d4:b7:6e:e5:ff:
2b:b8:f4:3a:46:4f:01:49:14:dc:5e:93:c3:ec:fd:
5e:56:7f:58:da:bc:bf:fc:d9:ec:d9:d7:3e:29:bc:
cb:68:39:02:fc:f5:e4:fd:63:08:65:9d:67:3a:9f:
43:bd:71:6c:6e:b2:5a:a4:f0:d6:ab:49:1f:05:6d:
c8:f5:50:b1:d2:fa:0d:82:74:43:4e:c6:00:b3:d9:
c6:bc:38:7b:2c:60:ca:80:7d:d0:f3:74:76:b4:b2:
d2:ca:28:37:f0:4e:6e:3d:72:5a:73:d9:a6:47:cb:
63:e4:67:6f:0f:7e:b7:28:9c:f8:48:98:bd:7d:21:
db:19:ff:d9:e0:79:90:e3:a1:df:db:b0:b4:08:00:
b9:5a:98:68:6f:97:13:04:1c:7f:9a:1b:24:61:00:
a7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B4:E1:9D:B3:D3:DF:15:7A:38:C0:FC:B3:E7:4E:9B:F0:C1:BB:82
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NLThnbPT3xV6OMD8s-dOm_DBu4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.136.136.0/22
77.81.50.0/23
93.88.200.0/21
94.177.122.0/24
109.61.104.0/21
139.28.96.0/22
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
a4:46:5d:ad:e5:5c:35:06:4e:d1:38:d6:3c:2e:1c:df:8d:ef:
7a:f3:00:19:6f:51:3a:24:c8:d9:80:3f:8d:e5:66:0b:25:e2:
a1:a6:d9:6e:d5:4d:8a:f9:4b:03:d9:51:18:c2:67:10:db:51:
55:07:fe:c6:c4:f2:0d:22:13:98:5c:3d:ff:bd:32:34:fa:ec:
17:97:69:44:48:6d:67:ce:68:c6:96:cf:5f:dd:69:76:43:11:
9a:b4:1e:20:fe:2c:66:db:01:75:78:b8:51:fc:81:de:65:27:
df:9d:0a:82:99:ff:db:d8:70:a1:72:97:30:68:65:81:2a:89:
7d:4a:ed:3f:c2:58:0b:29:33:81:85:d0:97:a2:18:60:51:b6:
6e:28:c8:9f:01:41:48:aa:6f:eb:36:b8:79:98:5e:8a:92:76:
29:a9:68:89:e0:06:59:6d:fa:e0:54:c6:46:bd:ef:bf:99:92:
dc:22:41:a7:1e:f4:d7:3c:4c:33:72:d4:19:4f:8d:9f:e5:39:
88:1b:55:9c:f9:c4:bf:0a:fc:80:23:2a:fa:9f:5a:b1:fd:b4:
68:69:db:1a:cc:cf:b0:46:ac:d5:83:e2:63:87:fc:f8:4f:22:
84:44:48:16:1a:df:6b:c4:de:2c:ea:44:dc:05:15:96:0a:55:
69:d7:9c:e5
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAZIWE36QUBEYpiwNTjVyV8xPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTIxMTkzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI0ZTE5ZGIzZDNkZjE1N2EzOGMwZmNiM2U3NGU5YmYwYzFiYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAussoHU0YoQFrWYsVXV0buHO39EUQ
OjQiqdYe0VIZNr6M12DykMcvUnefGnBYegiWXXq7mggllyASubIcj4hLoC+Idg64
cYJFXi5DtNj6Upqa8POAiR2UYSf8nm0Y8aOwL+ft1Ldu5f8ruPQ6Rk8BSRTcXpPD
7P1eVn9Y2ry//Nns2dc+KbzLaDkC/PXk/WMIZZ1nOp9DvXFsbrJapPDWq0kfBW3I
9VCx0voNgnRDTsYAs9nGvDh7LGDKgH3Q83R2tLLSyig38E5uPXJac9mmR8tj5Gdv
D363KJz4SJi9fSHbGf/Z4HmQ46Hf27C0CAC5Wphob5cTBBx/mhskYQCn5QIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFDS04Z2z098VejjA/LPnTpvwwbuCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTkxUaG5iUFQzeFY2T01EOHMtZE9tX0RCdTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDBUBAIAATBOAwQA
Hyq3AwQCLQxEAwQCLYiIAwQBTVEyAwQDXVjIAwQAXrF6AwQDbT1oAwQCixxgAwQA
ueh1AwQBwSFeAwQAwaNWAwQAwjJcAwQAwjJeMIHPBAIAAjCByDAQAwcAKgTMwP//
AwUBKgTMwDAOAwUAKgTMwwMFAyoEzMADBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMH
BCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6XwwEQAwcEKg6XxAEgAwcAKg6x
BwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHAAwcEKg6xByIgAwcAKg/kBAEC
AwcAKhAvAAGNAwcAKhAvAAGPAwcAKhAvAAGTAwcEKhDMQAJQAwcEKhDMRQEwMA0G
CSqGSIb3DQEBCwUAA4IBAQCkRl2t5Vw1Bk7RONY8Lhzfje968wAZb1E6JMjZgD+N
5WYLJeKhptlu1U2K+UsD2VEYwmcQ21FVB/7GxPINIhOYXD3/vTI0+uwXl2lESG1n
zmjGls9f3Wl2QxGatB4g/ixm2wF1eLhR/IHeZSffnQqCmf/b2HChcpcwaGWBKol9
Su0/wlgLKTOBhdCXohhgUbZuKMifAUFIqm/rNrh5mF6KknYpqWiJ4AZZbfrgVMZG
ve+/mZLcIkGnHvTXPEwzctQZT42f5TmIG1Wc+cS/CvyAIyr6n1qx/bRoadsazM+w
RqzVg+Jjh/z4TyKEREgWGt9rxN4s6kTcBRWWClVp15zl
-----END CERTIFICATE-----
Generated at Thu Oct 10 12:45:06 2024 by rpki-client on console-fra.rpki-client.org