Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qf7DNG0BB9yolhn42K-qIWXtG3g.roa
File: Qf7DNG0BB9yolhn42K-qIWXtG3g.roa (raw, json)
Hash identifier: Xss11ACZ6Eja8dRRXyHxwtniFr5bLnUIUxuDWuagqgU=
Subject key identifier: 41:FE:C3:34:6D:01:07:DC:A8:96:19:F8:D8:AF:AA:21:65:ED:1B:78
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189508441B61055C62ED1BFA2C37BF160AF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qf7DNG0BB9yolhn42K-qIWXtG3g.roa
Signing time: Thu 13 Jul 2023 18:29:52 +0000
ROA not before: Thu 13 Jul 2023 18:29:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.33.14.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.248.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
103.205.26.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.251.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.74.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
185.115.147.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
77.75.63.0/24 maxlen: 24
194.4.158.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
89.40.160.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
185.245.239.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
185.121.229.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:50:84:41:b6:10:55:c6:2e:d1:bf:a2:c3:7b:f1:60:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 13 18:29:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41fec3346d0107dca89619f8d8afaa2165ed1b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:f6:cd:f6:0c:49:7c:19:6e:ec:ed:54:7a:
34:dd:30:8e:4e:18:ea:c9:bf:8b:54:8b:81:62:66:
97:05:2e:a1:1f:18:7b:bd:2e:c3:34:15:97:f0:24:
92:97:57:8b:5a:4e:af:62:33:d7:70:f1:4c:fa:16:
6a:9a:0d:36:67:22:03:04:38:4b:ed:3d:02:31:e3:
8a:34:d5:18:19:31:5b:b9:b7:88:9b:dc:dd:72:0a:
42:24:7a:e0:68:07:b6:8a:20:8e:54:50:bc:b5:d1:
40:a1:11:ac:2f:5e:10:7b:77:4a:1d:3f:93:bb:4e:
47:d5:e1:bc:68:a3:a4:6b:bc:26:08:b3:51:43:b6:
34:e1:32:74:f2:0a:38:9c:37:ec:be:c6:f9:b9:86:
b3:47:be:88:28:40:56:25:71:ed:fe:a2:e9:74:8d:
cc:d7:c2:d2:89:7f:a3:8a:4f:e9:9c:e0:c0:be:4a:
28:93:94:6b:6b:9a:b9:0c:3a:07:b8:18:e4:98:71:
28:2d:88:df:be:b0:ec:7d:9b:c2:3c:69:78:e4:08:
c9:63:82:8e:09:90:09:dd:3a:95:73:81:33:bc:11:
a3:6a:63:f3:e9:f0:26:0c:2a:7f:62:a3:48:a1:87:
f1:69:f4:a3:de:7f:f3:c6:aa:03:9a:e0:dc:79:2b:
56:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FE:C3:34:6D:01:07:DC:A8:96:19:F8:D8:AF:AA:21:65:ED:1B:78
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qf7DNG0BB9yolhn42K-qIWXtG3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
77.75.60.0/24
77.75.62.0/23
78.142.242.0/23
89.33.14.0/24
89.38.101.0/24
89.40.160.0/24
89.43.208.0/24
89.43.210.0/23
89.47.89.0/24
93.114.246.0/24
103.205.25.0-103.205.27.255
103.212.82.0/24
178.239.192.0-178.239.194.255
178.239.200.0/23
178.239.203.0/24
185.9.54.0/24
185.103.73.0-185.103.74.255
185.115.144.0/22
185.121.228.0/22
185.229.104.0/22
185.230.248.0/22
185.236.62.0/23
185.245.236.0/22
188.214.27.0/24
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/22
203.0.8.0/24
213.32.248.0/23
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:99:45:0b:44:0a:39:9b:35:b0:d6:34:78:84:1f:8b:4b:eb:
7c:a4:5d:31:35:ea:d1:8a:2c:74:86:e3:5f:ae:e0:0a:22:d4:
36:a0:62:e1:01:6e:91:20:a0:ef:11:3d:5f:10:fd:c7:92:48:
6c:d8:2a:0a:fd:ec:86:00:cc:ad:2d:0f:7e:89:17:d0:c1:e3:
fd:2a:5a:a1:f9:03:60:d9:9b:6c:af:99:a0:99:ff:c7:a1:55:
98:46:ff:18:1a:73:4e:0a:14:dd:da:6f:0c:1d:9f:2e:cb:93:
2c:26:94:c8:cc:f8:de:18:3e:fa:87:28:29:b4:ef:05:d7:96:
e5:9b:0a:eb:a1:ec:44:b8:93:d3:35:19:04:6c:a3:50:89:8d:
a3:9f:81:f3:6b:53:3f:d2:c6:7c:a9:52:16:3f:91:4d:ef:b5:
b1:65:f7:01:57:c5:83:cf:1e:7d:0e:ec:e3:1a:6b:7a:33:c8:
0d:ad:30:3d:96:92:34:f6:2b:cd:c1:dd:cd:3e:87:2b:3e:16:
b2:40:d2:e1:59:74:a0:56:7a:f9:87:e8:3f:56:51:49:ee:39:
c7:6e:f8:f7:3c:24:c3:68:27:8f:79:35:33:b2:41:ae:7b:e7:
2e:d5:33:af:31:b1:7b:fc:ea:79:14:b0:9c:fd:3c:08:f5:ea:
e5:4f:56:e7
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAYlQhEG2EFXGLtG/osN78WCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzEzMTgyOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZlYzMzNDZkMDEwN2RjYTg5NjE5ZjhkOGFmYWEyMTY1ZWQxYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZn2zfYMSXwZbuztVHo03TCOThjq
yb+LVIuBYmaXBS6hHxh7vS7DNBWX8CSSl1eLWk6vYjPXcPFM+hZqmg02ZyIDBDhL
7T0CMeOKNNUYGTFbubeIm9zdcgpCJHrgaAe2iiCOVFC8tdFAoRGsL14Qe3dKHT+T
u05H1eG8aKOka7wmCLNRQ7Y04TJ08go4nDfsvsb5uYazR76IKEBWJXHt/qLpdI3M
18LSiX+jik/pnODAvkook5Rra5q5DDoHuBjkmHEoLYjfvrDsfZvCPGl45AjJY4KO
CZAJ3TqVc4EzvBGjamPz6fAmDCp/YqNIoYfxafSj3n/zxqoDmuDceStWWQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFEH+wzRtAQfcqJYZ+NivqiFl7Rt4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUWY3RE5HMEJCOXlvbGhuNDJLLXFJV1h0RzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyMAwD
BAMtn5gDBAAtn5oDBAA+xYQDBAA+xYcDBABNSzwDBAFNSz4DBAFOjvIDBABZIQ4D
BABZJmUDBABZKKADBABZK9ADBAFZK9IDBABZL1kDBABdcvYwDAMEAGfNGQMEAmfN
GAMEAGfUUjAMAwQGsu/AAwQAsu/CAwQBsu/IAwQAsu/LAwQAuQk2MAwDBAC5Z0kD
BAC5Z0oDBAK5c5ADBAK5eeQDBAK55WgDBAK55vgDBAG57D4DBAK59ewDBAC81hsD
BALAptQDBADBE2oDBADBKjQDBAHBKjYDBALCBJwDBADLAAgDBAHVIPgDBADfG3Aw
DQYJKoZIhvcNAQELBQADggEBAGyZRQtECjmbNbDWNHiEH4tL63ykXTE16tGKLHSG
41+u4Aoi1DagYuEBbpEgoO8RPV8Q/ceSSGzYKgr97IYAzK0tD36JF9DB4/0qWqH5
A2DZm2yvmaCZ/8ehVZhG/xgac04KFN3abwwdny7LkywmlMjM+N4YPvqHKCm07wXX
luWbCuuh7ES4k9M1GQRso1CJjaOfgfNrUz/SxnypUhY/kU3vtbFl9wFXxYPPHn0O
7OMaa3ozyA2tMD2WkjT2K83B3c0+hys+FrJA0uFZdKBWevmH6D9WUUnuOcdu+Pc8
JMNoJ495NTOyQa575y7VM68xsXv86nkUsJz9PAj16uVPVuc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org