Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cFeyruMARVsfA4UiKQg0Sn8c5Qk.roa
File: cFeyruMARVsfA4UiKQg0Sn8c5Qk.roa (raw, json)
Hash identifier: sdL36HU2/h1wiAb09wFwIJnOS+A6TU1VU5tFPDTxKi8=
Subject key identifier: 70:57:B2:AE:E3:00:45:5B:1F:03:85:22:29:08:34:4A:7F:1C:E5:09
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AC61286147C6FB74FB21F02DCF7901F9A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cFeyruMARVsfA4UiKQg0Sn8c5Qk.roa
Signing time: Sun 24 Sep 2023 07:23:37 +0000
ROA not before: Sun 24 Sep 2023 07:23:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.33.14.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.250.0/24 maxlen: 24
213.32.248.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
213.32.251.0/24 maxlen: 24
103.205.24.0/24 maxlen: 24
103.205.26.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.251.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.53.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.134.0/24 maxlen: 24
62.197.133.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.103.74.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
185.115.147.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
77.75.63.0/24 maxlen: 24
194.4.158.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
78.142.241.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
45.159.155.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
89.40.160.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.209.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.212.0/22 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.239.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
185.121.229.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
178.239.202.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
185.236.60.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
185.236.61.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.195.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:12:86:14:7c:6f:b7:4f:b2:1f:02:dc:f7:90:1f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 24 07:23:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7057b2aee300455b1f0385222908344a7f1ce509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e4:e7:fd:b1:66:0e:5d:ee:9a:6a:fa:f1:d6:
c2:ec:b1:31:51:3c:e3:dd:b9:61:58:44:9e:ae:41:
45:fb:25:49:29:31:dc:4b:10:f1:85:3f:ba:3c:dd:
0e:5e:be:0c:34:65:b2:03:80:c2:5c:a4:07:bd:cb:
a0:5f:14:5b:a9:dc:f9:0d:7c:29:18:e0:f2:18:4e:
1b:91:0f:ca:3f:39:f8:94:9e:47:f5:9f:09:7b:e9:
43:14:db:9e:f2:ee:cc:28:4b:45:d5:41:4d:66:ff:
8c:94:d0:26:2b:66:94:73:ab:38:7c:81:3c:eb:ff:
d0:c3:a3:3d:d2:c0:c3:82:de:02:23:12:23:3c:1f:
9d:7f:88:cc:d8:1a:05:74:b4:cd:25:4f:39:01:37:
c6:56:4e:a1:9f:af:9a:74:d3:90:ed:54:e7:f3:85:
4b:56:36:05:48:fd:16:31:95:41:b6:aa:af:82:22:
a5:c3:79:a2:62:0f:98:ce:67:87:6d:ae:d0:9a:0d:
6f:ab:43:a0:d9:56:5a:ff:d7:96:93:c4:a7:a5:c7:
ae:c8:b5:0f:39:71:e4:35:20:2f:54:dc:07:ed:c9:
64:21:0d:e4:c7:43:f6:cf:fc:4d:cc:c9:3e:4a:e6:
ad:47:17:bd:66:21:af:46:32:2f:86:4e:62:00:ea:
9e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:57:B2:AE:E3:00:45:5B:1F:03:85:22:29:08:34:4A:7F:1C:E5:09
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cFeyruMARVsfA4UiKQg0Sn8c5Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0/22
62.197.132.0/22
77.75.60.0/24
77.75.62.0/23
78.142.241.0-78.142.243.255
89.33.14.0/24
89.38.101.0/24
89.40.160.0/24
89.43.208.0/21
89.46.92.0/24
89.47.89.0/24
93.114.195.0/24
93.114.246.0/24
103.205.24.0/22
103.212.82.0/24
178.239.192.0/22
178.239.200.0-178.239.204.255
185.9.54.0/24
185.103.72.0-185.103.74.255
185.115.144.0/22
185.121.228.0/22
185.229.104.0/22
185.230.248.0/22
185.236.60.0/22
185.245.236.0/22
188.214.27.0/24
192.166.212.0/22
193.19.106.0/24
193.42.52.0/22
194.4.156.0/22
203.0.8.0/23
213.32.248.0/22
223.27.112.0/24
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
73:98:90:aa:0e:f3:d2:6f:27:8e:35:bf:9c:28:2e:15:88:18:
1c:c3:50:9d:8a:1f:d6:69:1a:60:9f:10:eb:dc:92:97:ee:71:
c5:3b:36:11:68:2a:40:77:d4:46:be:b9:fd:9c:e7:d5:be:88:
a5:be:83:65:e2:14:ef:81:3e:ec:51:59:78:5c:61:f0:76:cf:
83:0a:70:a4:1d:61:4d:56:91:ed:bd:93:b6:22:ee:3b:1f:7c:
82:b5:31:f5:04:a1:7f:4b:70:ef:10:41:7f:d5:ac:c4:18:04:
e8:be:0e:03:5b:7c:f5:38:0f:36:e8:60:d6:87:4d:2e:53:98:
1b:d8:24:c2:b9:5d:78:d5:d1:d5:e3:7c:5a:a2:74:db:63:22:
a0:36:94:eb:1d:7c:74:da:ce:42:22:3d:15:c7:d4:4e:5f:e9:
78:33:81:3c:f7:2d:9d:20:3d:40:30:f6:fe:36:11:cb:ee:cd:
71:52:0b:3e:e5:31:8e:12:fd:77:f4:57:5e:b4:3c:9f:c3:50:
40:2e:c9:a3:89:68:1b:e3:90:96:30:af:2b:ba:18:35:6a:76:
80:8f:56:94:a2:a7:38:4c:89:e5:83:a0:de:b3:e3:f1:49:01:
80:2d:c7:1c:05:d1:37:07:60:19:17:f6:82:21:62:a6:02:bf:
e1:fc:d6:57
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYrGEoYUfG+3T7IfAtz3kB+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTI0MDcyMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU3YjJhZWUzMDA0NTViMWYwMzg1MjIyOTA4MzQ0YTdmMWNlNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuTn/bFmDl3ummr68dbC7LExUTzj
3blhWESerkFF+yVJKTHcSxDxhT+6PN0OXr4MNGWyA4DCXKQHvcugXxRbqdz5DXwp
GODyGE4bkQ/KPzn4lJ5H9Z8Je+lDFNue8u7MKEtF1UFNZv+MlNAmK2aUc6s4fIE8
6//Qw6M90sDDgt4CIxIjPB+df4jM2BoFdLTNJU85ATfGVk6hn6+adNOQ7VTn84VL
VjYFSP0WMZVBtqqvgiKlw3miYg+YzmeHba7Qmg1vq0Og2VZa/9eWk8SnpceuyLUP
OXHkNSAvVNwH7clkIQ3kx0P2z/xNzMk+SuatRxe9ZiGvRjIvhk5iAOqe5QIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFHBXsq7jAEVbHwOFIikINEp/HOUJMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvY0ZleXJ1TUFSVnNmQTRVaUtRZzBTbjhjNVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQC
LZ+YAwQCPsWEAwQATUs8AwQBTUs+MAwDBABOjvEDBAJOjvADBABZIQ4DBABZJmUD
BABZKKADBANZK9ADBABZLlwDBABZL1kDBABdcsMDBABdcvYDBAJnzRgDBABn1FID
BAKy78AwDAMEA7LvyAMEALLvzAMEALkJNjAMAwQDuWdIAwQAuWdKAwQCuXOQAwQC
uXnkAwQCueVoAwQCueb4AwQCuew8AwQCufXsAwQAvNYbAwQCwKbUAwQAwRNqAwQC
wSo0AwQCwgScAwQBywAIAwQC1SD4AwQA3xtwAwQA3xtyMA0GCSqGSIb3DQEBCwUA
A4IBAQBzmJCqDvPSbyeONb+cKC4ViBgcw1Cdih/WaRpgnxDr3JKX7nHFOzYRaCpA
d9RGvrn9nOfVvoilvoNl4hTvgT7sUVl4XGHwds+DCnCkHWFNVpHtvZO2Iu47H3yC
tTH1BKF/S3DvEEF/1azEGATovg4DW3z1OA826GDWh00uU5gb2CTCuV141dHV43xa
onTbYyKgNpTrHXx02s5CIj0Vx9ROX+l4M4E89y2dID1AMPb+NhHL7s1xUgs+5TGO
Ev139FdetDyfw1BALsmjiWgb45CWMK8ruhg1anaAj1aUoqc4TInlg6Des+PxSQGA
LcccBdE3B2AZF/aCIWKmAr/h/NZX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org