Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/TtRnesIGhwkWxhePU1mwCyLTMpQ.roa
File: TtRnesIGhwkWxhePU1mwCyLTMpQ.roa (raw, json)
Hash identifier: U5xsGSOav3fV1+415GP2LPWXDDv5o4cj3nQS1dY5Eg0=
Subject key identifier: 4E:D4:67:7A:C2:06:87:09:16:C6:17:8F:53:59:B0:0B:22:D3:32:94
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 0188BF0F30578C9F35C271785A7A7ED73392
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/TtRnesIGhwkWxhePU1mwCyLTMpQ.roa
Signing time: Thu 15 Jun 2023 12:37:03 +0000
ROA not before: Thu 15 Jun 2023 12:37:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8455
IP address blocks: 95.142.96.0/20 maxlen: 24
185.223.86.0/23 maxlen: 24
89.255.203.0/24 maxlen: 24
89.255.205.0/24 maxlen: 24
89.255.204.0/24 maxlen: 24
89.255.200.0/21 maxlen: 24
89.255.200.0/24 maxlen: 24
89.255.202.0/24 maxlen: 24
89.255.201.0/24 maxlen: 24
89.255.206.0/24 maxlen: 24
195.43.158.0/24 maxlen: 24
89.255.207.0/24 maxlen: 24
195.137.242.0/24 maxlen: 24
178.237.32.0/20 maxlen: 24
193.202.88.0/23 maxlen: 24
185.234.96.0/22 maxlen: 24
185.242.220.0/22 maxlen: 22
185.27.16.0/22 maxlen: 24
185.27.19.0/24 maxlen: 24
193.202.74.0/23 maxlen: 24
31.22.84.0/24 maxlen: 24
31.22.80.0/21 maxlen: 24
45.148.184.0/22 maxlen: 24
85.222.237.0/24 maxlen: 24
85.222.236.0/24 maxlen: 24
85.222.239.0/24 maxlen: 24
85.222.238.0/24 maxlen: 24
2a00:1188:11::/48 maxlen: 64
2a00:1188:c::/48 maxlen: 64
2a00:1188:a::/48 maxlen: 64
2a00:1188:5::/48 maxlen: 64
2a00:1188::/32 maxlen: 64
2a00:1188:14::/48 maxlen: 64
2a00:1188:12::/48 maxlen: 64
2a00:1188:d::/48 maxlen: 64
2a00:1188:8::/48 maxlen: 64
2a00:1188:b::/48 maxlen: 64
2a00:1188::/29 maxlen: 64
2a00:1188:e::/48 maxlen: 64
2a00:1188:9::/48 maxlen: 64
2a00:1188:7::/48 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:0f:30:57:8c:9f:35:c2:71:78:5a:7a:7e:d7:33:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jun 15 12:37:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ed4677ac206870916c6178f5359b00b22d33294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d4:d5:09:16:31:ae:8b:5a:36:39:21:c1:59:
0c:5b:59:cc:8a:74:b5:f9:7f:c8:f7:40:93:0d:25:
b1:27:91:1c:b2:ba:24:cb:8d:33:0b:3e:e9:b8:f0:
18:ed:6e:14:c3:0e:e5:ca:3f:53:cc:15:2e:9d:35:
36:99:19:aa:9f:87:7e:b8:c5:a3:92:0c:9c:cd:73:
53:c0:28:8f:0c:ae:d8:29:c4:5b:14:3a:d4:15:86:
c2:6d:d2:45:29:b3:e4:e6:1f:4e:95:f8:2a:5e:f6:
5f:9d:13:25:03:74:83:04:41:a4:75:ee:f0:e9:ee:
12:cd:2b:a1:e3:ee:24:55:98:46:ca:64:c2:4f:c9:
a3:15:61:38:6b:1d:42:b5:c9:af:e5:8c:23:8c:8d:
f0:a1:89:43:4c:0c:bd:45:45:03:59:ea:d8:ea:ba:
da:8e:74:28:12:ad:53:72:32:a3:1d:55:7a:81:1a:
ac:a2:e6:fd:19:98:cd:24:89:37:71:2d:81:f2:3c:
54:b5:87:5a:37:5a:0a:98:58:e5:f5:82:96:89:a2:
44:86:65:8e:4a:4f:f6:50:06:99:8f:af:6a:3d:f5:
06:4f:16:b8:6d:d8:eb:ab:c0:65:4d:f6:ab:c6:ea:
0d:84:7d:a1:45:c5:b0:0d:b7:27:5d:28:ad:42:aa:
cf:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D4:67:7A:C2:06:87:09:16:C6:17:8F:53:59:B0:0B:22:D3:32:94
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/TtRnesIGhwkWxhePU1mwCyLTMpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.80.0/21
45.148.184.0/22
85.222.236.0/22
89.255.200.0/21
95.142.96.0/20
178.237.32.0/20
185.27.16.0/22
185.223.86.0/23
185.234.96.0/22
185.242.220.0/22
193.202.74.0/23
193.202.88.0/23
195.43.158.0/24
195.137.242.0/24
IPv6:
2a00:1188::/29
Signature Algorithm: sha256WithRSAEncryption
7a:6c:77:b9:ee:10:85:c8:93:05:e3:cb:76:68:f8:12:bb:df:
27:34:78:77:ea:b4:b9:6b:e3:a5:62:30:33:41:0f:fc:1c:66:
04:e8:6b:5f:2b:88:41:95:81:3e:36:8e:c9:a8:1e:45:43:fd:
4d:ad:7a:51:6d:3a:5b:fd:eb:7e:59:93:be:0d:63:2a:39:1a:
13:d9:45:33:05:06:41:7c:a2:44:33:8d:c3:25:27:15:64:03:
5c:07:6f:95:d3:aa:46:4c:c2:03:52:ac:33:3f:fa:7d:22:14:
46:8f:36:23:ad:39:1e:4e:3d:08:21:4e:4f:27:a6:34:0a:57:
e8:da:18:c1:0a:81:cf:30:67:ee:3f:9d:b6:93:b6:01:7c:6b:
2f:07:48:6f:d7:1f:9a:85:39:fb:6a:ff:7e:16:fa:7b:f3:37:
df:69:c1:96:b4:0b:da:ff:6e:af:14:1c:de:6f:f7:17:e0:7d:
81:f0:2b:6d:c1:ec:cc:36:37:34:eb:14:6f:0f:b1:bc:06:45:
62:02:90:f3:aa:0b:3f:d2:4f:c8:f5:7f:e4:b1:da:5b:0f:d0:
8c:f7:09:22:1b:ef:ac:90:2e:d0:c5:87:a6:c9:69:82:67:ec:
5d:b9:d9:43:09:c1:b3:87:f0:59:3a:dd:8f:64:fe:79:aa:c1:
45:ec:91:1f
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYi/DzBXjJ81wnF4Wnp+1zOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjMwNjE1MTIzNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ0Njc3YWMyMDY4NzA5MTZjNjE3OGY1MzU5YjAwYjIyZDMzMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tTVCRYxrotaNjkhwVkMW1nMinS1
+X/I90CTDSWxJ5Ecsroky40zCz7puPAY7W4Uww7lyj9TzBUunTU2mRmqn4d+uMWj
kgyczXNTwCiPDK7YKcRbFDrUFYbCbdJFKbPk5h9OlfgqXvZfnRMlA3SDBEGkde7w
6e4SzSuh4+4kVZhGymTCT8mjFWE4ax1Ctcmv5YwjjI3woYlDTAy9RUUDWerY6rra
jnQoEq1TcjKjHVV6gRqsoub9GZjNJIk3cS2B8jxUtYdaN1oKmFjl9YKWiaJEhmWO
Sk/2UAaZj69qPfUGTxa4bdjrq8BlTfarxuoNhH2hRcWwDbcnXSitQqrP/wIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFE7UZ3rCBocJFsYXj1NZsAsi0zKUMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvVHRSbmVzSUdod2tXeGhlUFUxbXdDeUxUTXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQDHxZQAwQC
LZS4AwQCVd7sAwQDWf/IAwQEX45gAwQEsu0gAwQCuRsQAwQBud9WAwQCuepgAwQC
ufLcAwQBwcpKAwQBwcpYAwQAwyueAwQAw4nyMA0EAgACMAcDBQMqABGIMA0GCSqG
SIb3DQEBCwUAA4IBAQB6bHe57hCFyJMF48t2aPgSu98nNHh36rS5a+OlYjAzQQ/8
HGYE6GtfK4hBlYE+No7JqB5FQ/1NrXpRbTpb/et+WZO+DWMqORoT2UUzBQZBfKJE
M43DJScVZANcB2+V06pGTMIDUqwzP/p9IhRGjzYjrTkeTj0IIU5PJ6Y0Clfo2hjB
CoHPMGfuP522k7YBfGsvB0hv1x+ahTn7av9+Fvp78zffacGWtAva/26vFBzeb/cX
4H2B8CttwezMNjc06xRvD7G8BkViApDzqgs/0k/I9X/ksdpbD9CM9wkiG++skC7Q
xYemyWmCZ+xdudlDCcGzh/BZOt2PZP55qsFF7JEf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:03 2024 by rpki-client on console-ams.rpki-client.org