Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n1NqeYp4T3s73AZQHB46YkPomEY.roa
File: n1NqeYp4T3s73AZQHB46YkPomEY.roa (raw, json)
Hash identifier: xf2bTX9m8GhBhvxTcIOeARyykW1aYauOXR/MBTPyZxI=
Subject key identifier: 9F:53:6A:79:8A:78:4F:7B:3B:DC:06:50:1C:1E:3A:62:43:E8:98:46
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CA046B1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n1NqeYp4T3s73AZQHB46YkPomEY.roa
Signing time: Sat 01 Jan 2022 05:04:46 +0000
ROA not before: Sat 01 Jan 2022 05:04:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 89.33.14.0/24 maxlen: 24
188.241.242.0/23 maxlen: 23
188.241.248.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
188.214.208.0/23 maxlen: 23
213.32.248.0/22 maxlen: 22
188.241.214.0/24 maxlen: 24
92.114.84.0/23 maxlen: 23
89.40.76.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
193.23.128.0/22 maxlen: 22
213.232.92.0/22 maxlen: 22
89.43.199.0/24 maxlen: 24
103.205.24.0/22 maxlen: 22
89.33.84.0/23 maxlen: 23
185.255.168.0/22 maxlen: 22
45.123.40.0/22 maxlen: 22
188.214.27.0/24 maxlen: 24
89.35.159.0/24 maxlen: 24
89.35.154.0/23 maxlen: 23
87.247.148.0/22 maxlen: 22
188.240.224.0/22 maxlen: 22
188.240.230.0/24 maxlen: 24
188.240.232.0/23 maxlen: 23
192.166.208.0/21 maxlen: 21
193.42.52.0/22 maxlen: 22
204.75.229.0/24 maxlen: 24
185.35.136.0/22 maxlen: 22
89.36.22.0/23 maxlen: 23
188.241.159.0/24 maxlen: 24
185.9.54.0/23 maxlen: 23
185.255.36.0/22 maxlen: 22
62.197.128.0/24 maxlen: 24
62.197.132.0/22 maxlen: 22
185.238.8.0/22 maxlen: 22
185.103.72.0/22 maxlen: 22
188.241.110.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
77.75.60.0/22 maxlen: 22
89.38.70.0/24 maxlen: 24
194.4.156.0/22 maxlen: 22
93.115.109.0/24 maxlen: 24
185.115.144.0/22 maxlen: 24
89.44.207.0/24 maxlen: 24
93.115.254.0/23 maxlen: 23
78.142.242.0/23 maxlen: 23
78.142.241.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
188.213.202.0/23 maxlen: 23
45.156.156.0/22 maxlen: 22
94.176.110.0/23 maxlen: 23
89.38.101.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
93.114.192.0/23 maxlen: 23
89.40.160.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
188.212.132.0/23 maxlen: 23
188.212.155.0/24 maxlen: 24
188.212.158.0/23 maxlen: 23
185.245.236.0/22 maxlen: 22
203.0.8.0/23 maxlen: 23
89.43.208.0/21 maxlen: 21
103.212.80.0/23 maxlen: 23
103.212.82.0/24 maxlen: 24
91.188.204.0/22 maxlen: 22
89.47.89.0/24 maxlen: 24
89.37.62.0/23 maxlen: 23
178.239.204.0/23 maxlen: 23
185.121.228.0/22 maxlen: 22
178.239.200.0/22 maxlen: 22
185.135.140.0/22 maxlen: 22
89.34.126.0/23 maxlen: 23
93.114.246.0/24 maxlen: 24
223.27.112.0/23 maxlen: 23
223.27.114.0/24 maxlen: 24
178.239.192.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211830449 (0xca046b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:04:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f536a798a784f7b3bdc06501c1e3a6243e89846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:53:c3:03:a5:28:b2:5d:3c:dd:e3:ae:07:9f:
cc:63:6c:12:02:30:b8:c0:45:0b:79:80:6a:2b:c4:
b8:61:3d:52:52:c5:4a:58:4e:59:32:11:23:ab:9a:
99:ea:74:8a:60:47:df:a2:5a:6a:44:66:e6:4f:99:
61:c6:83:66:4b:88:f2:5c:2f:13:27:0a:84:e7:98:
21:61:07:08:0a:ab:d5:b8:6c:72:ab:cc:9c:01:e0:
8f:a4:5e:2b:1c:01:d6:d8:6e:79:73:e7:2a:98:58:
b7:2b:41:7e:34:90:12:5d:68:15:04:63:62:4f:9b:
e5:28:25:a7:b5:34:0c:b3:6a:a1:f3:de:cd:98:54:
17:63:c6:2a:ac:75:6d:78:d0:5f:8f:a4:cf:9f:71:
ba:0a:c8:9b:0a:e2:80:45:1a:1b:69:42:93:06:de:
93:53:04:4a:88:32:06:b5:17:6e:a6:6e:5f:27:63:
00:37:38:b3:39:fa:1f:06:4a:6c:5a:47:e4:fd:c6:
af:92:9a:78:75:ac:cc:1c:9a:0d:a7:8b:36:77:47:
5e:68:ae:de:3f:76:a0:3b:92:12:98:c8:22:04:5e:
45:c1:ae:4c:af:4e:d0:2c:94:e7:01:1a:b3:9a:89:
6f:22:36:6f:43:c1:01:be:76:55:69:ad:54:30:57:
49:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:53:6A:79:8A:78:4F:7B:3B:DC:06:50:1C:1E:3A:62:43:E8:98:46
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n1NqeYp4T3s73AZQHB46YkPomEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.40.0/22
45.156.156.0/22
62.197.128.0/24
62.197.132.0/22
77.75.60.0/22
78.142.241.0-78.142.243.255
87.247.148.0/22
89.33.14.0/24
89.33.84.0/23
89.34.126.0/23
89.35.154.0/23
89.35.159.0/24
89.36.22.0/23
89.37.62.0/23
89.38.70.0/24
89.38.101.0/24
89.38.136.0/24
89.40.76.0/24
89.40.160.0/24
89.43.199.0/24
89.43.208.0/21
89.44.207.0/24
89.46.92.0/24
89.47.89.0/24
91.188.204.0/22
91.209.12.0/24
92.114.84.0/23
92.114.107.0/24
93.114.192.0/23
93.114.195.0/24
93.114.246.0/24
93.115.109.0/24
93.115.254.0/23
94.176.110.0/23
103.205.24.0/22
103.212.80.0-103.212.82.255
178.239.192.0/22
178.239.200.0-178.239.205.255
185.9.54.0/23
185.35.136.0/22
185.103.72.0/22
185.115.144.0/22
185.121.228.0/22
185.135.140.0/22
185.238.8.0/22
185.245.236.0/22
185.255.36.0/22
185.255.168.0/22
188.212.132.0/23
188.212.155.0/24
188.212.158.0/23
188.213.202.0/23
188.214.27.0/24
188.214.208.0/23
188.240.68.0/24
188.240.224.0/22
188.240.230.0/24
188.240.232.0/23
188.241.110.0/24
188.241.159.0/24
188.241.182.0/24
188.241.214.0/24
188.241.242.0/23
188.241.248.0/24
192.166.208.0/21
193.19.106.0/24
193.23.128.0/22
193.42.52.0/22
194.4.156.0/22
203.0.8.0/23
204.75.229.0/24
213.32.248.0/22
213.232.92.0/22
223.27.112.0-223.27.114.255
Signature Algorithm: sha256WithRSAEncryption
72:5c:e8:2d:b9:35:00:1b:ac:99:ad:c3:fa:c0:af:19:35:bf:
29:12:90:a4:7a:86:39:03:fb:fc:8a:8e:69:75:03:6b:fb:ff:
6b:f9:ec:a3:d1:64:8f:48:00:e9:ec:51:53:b6:1e:e7:b2:2a:
51:47:11:e2:2e:3e:b4:29:e3:ac:47:48:4f:73:85:6d:75:04:
aa:15:ef:ea:f8:ca:7a:08:b2:0b:30:00:07:85:2a:47:31:91:
ca:71:94:be:16:02:6a:29:5e:62:a2:96:7e:39:b6:f1:44:a0:
17:07:88:cf:23:a6:f4:a1:1b:bb:60:65:0d:57:e1:8e:8e:4e:
f9:db:a3:56:58:6f:b3:b6:fb:1b:20:d9:cd:74:31:de:e2:34:
b6:50:f6:85:2d:2a:10:f9:4a:63:66:97:07:70:18:67:03:b4:
fd:72:8e:4f:3a:73:f8:a6:71:c8:42:63:39:a4:e9:27:a6:b6:
f9:d5:83:d1:a2:6e:16:87:e3:ea:a2:93:ca:b7:3c:d4:3d:a2:
51:21:be:05:41:bd:09:37:1c:c1:3a:fc:a2:15:6c:05:a9:c1:
23:d6:bd:44:85:9d:16:c9:67:6c:3a:d0:6d:6f:10:b4:3b:f2:
f1:7e:96:6a:bf:36:5e:21:19:53:18:a8:c3:8b:87:70:d3:73:
c7:f7:d2:93
-----BEGIN CERTIFICATE-----
MIIGzzCCBbegAwIBAgIEDKBGsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY1MzZhNzk4YTc4
NGY3YjNiZGMwNjUwMWMxZTNhNjI0M2U4OTg0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpTwwOlKLJdPN3jrgefzGNsEgIwuMBFC3mAaivEuGE9UlLF
SlhOWTIRI6uamep0imBH36JaakRm5k+ZYcaDZkuI8lwvEycKhOeYIWEHCAqr1bhs
cqvMnAHgj6ReKxwB1thueXPnKphYtytBfjSQEl1oFQRjYk+b5Sglp7U0DLNqofPe
zZhUF2PGKqx1bXjQX4+kz59xugrImwrigEUaG2lCkwbek1MESogyBrUXbqZuXydj
ADc4szn6HwZKbFpH5P3Gr5KaeHWszByaDaeLNndHXmiu3j92oDuSEpjIIgReRcGu
TK9O0CyU5wEas5qJbyI2b0PBAb52VWmtVDBXSSsCAwEAAaOCA+kwggPlMB0GA1Ud
DgQWBBSfU2p5inhPezvcBlAcHjpiQ+iYRjAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L24xTnFlWXA0VDNzNzNBWlFIQjQ2WWtQb21FWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
Af0GCCsGAQUFBwEHAQH/BIIB7DCCAegwggHkBAIAATCCAdwDBAIteygDBAItnJwD
BAA+xYADBAI+xYQDBAJNSzwwDAMEAE6O8QMEAk6O8AMEAlf3lAMEAFkhDgMEAVkh
VAMEAVkifgMEAVkjmgMEAFkjnwMEAVkkFgMEAVklPgMEAFkmRgMEAFkmZQMEAFkm
iAMEAFkoTAMEAFkooAMEAFkrxwMEA1kr0AMEAFkszwMEAFkuXAMEAFkvWQMEAlu8
zAMEAFvRDAMEAVxyVAMEAFxyawMEAV1ywAMEAF1ywwMEAF1y9gMEAF1zbQMEAV1z
/gMEAV6wbgMEAmfNGDAMAwQEZ9RQAwQAZ9RSAwQCsu/AMAwDBAOy78gDBAGy78wD
BAG5CTYDBAK5I4gDBAK5Z0gDBAK5c5ADBAK5eeQDBAK5h4wDBAK57ggDBAK59ewD
BAK5/yQDBAK5/6gDBAG81IQDBAC81JsDBAG81J4DBAG81coDBAC81hsDBAG81tAD
BAC88EQDBAK88OADBAC88OYDBAG88OgDBAC88W4DBAC88Z8DBAC88bYDBAC88dYD
BAG88fIDBAC88fgDBAPAptADBADBE2oDBALBF4ADBALBKjQDBALCBJwDBAHLAAgD
BADMS+UDBALVIPgDBALV6FwwDAMEBN8bcAMEAN8bcjANBgkqhkiG9w0BAQsFAAOC
AQEAclzoLbk1ABusma3D+sCvGTW/KRKQpHqGOQP7/IqOaXUDa/v/a/nso9Fkj0gA
6exRU7Ye57IqUUcR4i4+tCnjrEdIT3OFbXUEqhXv6vjKegiyCzAAB4UqRzGRynGU
vhYCaileYqKWfjm28USgFweIzyOm9KEbu2BlDVfhjo5O+dujVlhvs7b7GyDZzXQx
3uI0tlD2hS0qEPlKY2aXB3AYZwO0/XKOTzpz+KZxyEJjOaTpJ6a2+dWD0aJuFofj
6qKTyrc81D2iUSG+BUG9CTccwTr8ohVsBanBI9a9RIWdFslnbDrQbW8QtDvy8X6W
ar82XiEZUxiow4uHcNNzx/fSkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org