Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3Gdin4Hn9st3kAN0GSeMxtUSIgg.roa
File: 3Gdin4Hn9st3kAN0GSeMxtUSIgg.roa (raw, json)
Hash identifier: 0wkY3vlWiW1ZFEls6cX9U+hpca5itH83cAs7TwQlhqg=
Subject key identifier: DC:67:62:9F:81:E7:F6:CB:77:90:03:74:19:27:8C:C6:D5:12:22:08
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C2AC45C6B9473759B9C84F68B3AA3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3Gdin4Hn9st3kAN0GSeMxtUSIgg.roa
Signing time: Mon 02 Jan 2023 05:55:00 +0000
ROA not before: Mon 02 Jan 2023 05:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200740
IP address blocks: 94.142.136.0/23 maxlen: 23
94.142.137.0/24 maxlen: 24
94.142.136.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
185.232.170.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:2a:c4:5c:6b:94:73:75:9b:9c:84:f6:8b:3a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc67629f81e7f6cb7790037419278cc6d5122208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:41:b5:f1:e2:c1:8d:03:92:cf:ca:4d:98:3b:
a7:86:1f:26:8e:7e:70:25:4d:f1:37:32:1b:44:74:
36:b8:56:a8:26:b4:ff:de:64:26:b1:28:4d:25:0b:
9f:06:2c:ba:0f:fb:50:c0:07:23:10:00:9e:c2:b1:
7b:31:34:dc:91:54:32:be:d3:bc:dc:5d:4c:9c:20:
87:e8:06:55:74:d5:b5:fc:2e:9d:4a:35:7f:c6:5e:
13:fe:dc:6d:b7:af:3c:db:7b:5c:24:34:0b:ea:e9:
75:59:62:a9:81:7c:ef:9a:dd:57:6a:8a:f1:d4:a6:
ff:a1:9b:65:78:87:18:58:4a:d0:5e:2d:46:93:cd:
00:17:53:42:07:6c:cd:2e:f5:41:ea:72:b3:5e:5d:
a1:d6:37:b8:c2:2e:13:85:e6:92:7c:59:2c:65:05:
fb:26:5d:35:4c:1a:7c:cb:4c:15:6c:f6:89:0b:09:
3c:b7:c2:97:3a:94:e2:31:c1:75:91:98:15:b9:4a:
94:27:4b:d3:eb:af:d0:5b:98:13:57:b8:d8:11:77:
b9:60:df:b9:d7:9d:5d:dc:a3:8a:9b:d9:8f:66:46:
96:6b:9d:1a:dc:1f:0e:bd:46:ff:66:f5:55:16:db:
6f:66:dd:4f:1b:b1:68:78:64:95:77:a4:82:67:b8:
eb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:67:62:9F:81:E7:F6:CB:77:90:03:74:19:27:8C:C6:D5:12:22:08
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/3Gdin4Hn9st3kAN0GSeMxtUSIgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
94.142.136.0/23
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
19:3b:ba:32:89:12:e7:2f:7d:51:b0:3b:3f:ca:20:6b:08:b2:
8f:97:c5:8b:25:e6:34:e0:61:4b:8a:c4:05:bc:11:f6:d1:4c:
3a:b1:ed:c9:67:9f:ba:1d:9f:16:e3:bf:4c:cb:71:e4:60:ff:
86:00:15:8d:ed:ba:f0:5c:20:77:f3:b9:b0:a3:dc:5b:16:b2:
12:89:30:ee:7f:a5:f1:c8:55:8d:b7:d5:24:7b:a0:c1:de:f8:
32:99:77:d1:61:0d:01:03:4b:cd:13:34:d6:c9:9a:35:63:eb:
99:ca:29:c1:63:31:0a:71:f9:71:34:90:f4:17:57:59:8a:7c:
e7:6a:2a:aa:b5:e4:7f:d0:f5:62:98:2a:48:ce:3b:cf:93:73:
ed:94:3e:7b:88:e1:7b:87:aa:88:ab:33:1c:dc:9d:7f:09:ff:
43:11:d9:9f:b8:43:2c:0d:ac:ec:82:70:dc:6b:8c:69:7c:f6:
27:71:39:f0:55:e3:53:11:ee:56:8f:84:25:58:02:a0:90:97:
ec:f5:c1:e4:c8:a5:f8:6c:84:5b:89:07:2c:53:c1:3f:ed:a2:
fd:e6:01:8d:0a:92:da:07:d2:d2:92:6c:62:b9:e4:23:60:67:
4d:5b:c3:26:39:72:46:b3:a1:40:04:32:bc:8c:4e:90:51:42:
92:a5:41:f3
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYVxDCrEXGuUc3WbnIT2izqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzY3NjI5ZjgxZTdmNmNiNzc5MDAzNzQxOTI3OGNjNmQ1MTIyMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUG18eLBjQOSz8pNmDunhh8mjn5w
JU3xNzIbRHQ2uFaoJrT/3mQmsShNJQufBiy6D/tQwAcjEACewrF7MTTckVQyvtO8
3F1MnCCH6AZVdNW1/C6dSjV/xl4T/txtt68823tcJDQL6ul1WWKpgXzvmt1Xaorx
1Kb/oZtleIcYWErQXi1Gk80AF1NCB2zNLvVB6nKzXl2h1je4wi4TheaSfFksZQX7
Jl01TBp8y0wVbPaJCwk8t8KXOpTiMcF1kZgVuUqUJ0vT66/QW5gTV7jYEXe5YN+5
151d3KOKm9mPZkaWa50a3B8OvUb/ZvVVFttvZt1PG7FoeGSVd6SCZ7jrnwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFNxnYp+B5/bLd5ADdBknjMbVEiIIMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvM0dkaW40SG45c3Qza0FOMEdTZU14dFVTSWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDBuBAIAATBoAwQALQlI
AwQALhFpAwQAW9lMAwQBXo6IAwQAuSgHAwQBuV6kAwQAuWaIAwQCuWf8AwQAuXV0
AwQAuXV3AwQAuci+AwQBueiqMAwDBAS56VADBAC56VIDBAG56coDBAC5/JADBAHC
JLIwOgQCAAIwNAMHACoEUgAAaAMHACoEUgEAAgMHACoEUgEABAMHASoEUgEABgMH
ACoEUgGAGAMFAyoNLMAwDQYJKoZIhvcNAQELBQADggEBABk7ujKJEucvfVGwOz/K
IGsIso+XxYsl5jTgYUuKxAW8EfbRTDqx7clnn7odnxbjv0zLceRg/4YAFY3tuvBc
IHfzubCj3FsWshKJMO5/pfHIVY231SR7oMHe+DKZd9FhDQEDS80TNNbJmjVj65nK
KcFjMQpx+XE0kPQXV1mKfOdqKqq15H/Q9WKYKkjOO8+Tc+2UPnuI4XuHqoirMxzc
nX8J/0MR2Z+4QywNrOyCcNxrjGl89idxOfBV41MR7laPhCVYAqCQl+z1weTIpfhs
hFuJByxTwT/tov3mAY0KktoH0tKSbGK55CNgZ01bwyY5ckazoUAEMryMTpBRQpKl
QfM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org