Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8FFGz_F-_YrZxW7V3rUGGPGePUw.roa
File: 8FFGz_F-_YrZxW7V3rUGGPGePUw.roa (raw, json)
Hash identifier: c5d7uyM19G6XiFSwm/FYm4iZhpr9SIEed/swGHsZtUs=
Subject key identifier: F0:51:46:CF:F1:7E:FD:8A:D9:C5:6E:D5:DE:B5:06:18:F1:9E:3D:4C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018BB53EB920702ED507B9CC65B8B2B20CED
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8FFGz_F-_YrZxW7V3rUGGPGePUw.roa
Signing time: Thu 09 Nov 2023 18:01:08 +0000
ROA not before: Thu 09 Nov 2023 18:01:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.200.188.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
193.168.224.0/24 maxlen: 24
194.67.208.0/20 maxlen: 20
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0c:77c0::/32 maxlen: 32
2a0c:74c0::/29 maxlen: 29
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0c:77c0::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0a:9302:1::/48 maxlen: 48
2a0d:2cc0::/29 maxlen: 29
2a0b:7780::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:3e:b9:20:70:2e:d5:07:b9:cc:65:b8:b2:b2:0c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 9 18:01:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f05146cff17efd8ad9c56ed5deb50618f19e3d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:a2:b7:3c:43:a8:33:e3:ff:8d:1c:2b:eb:
73:e1:d2:31:f4:a4:7e:a0:54:31:43:64:b7:04:9b:
11:e7:67:ae:32:68:35:ba:a9:29:9b:00:e1:70:48:
78:e0:3a:b3:b2:52:d3:fe:8f:5e:72:bc:d5:ec:dc:
21:d2:0c:4c:46:3a:fd:8f:9e:50:85:ff:3b:64:a3:
41:94:6c:da:86:97:2b:8f:5c:3f:3e:6f:99:72:d3:
04:20:93:8b:d8:66:e7:0d:91:ea:56:61:72:69:dd:
e6:f5:21:ea:ff:61:e1:59:b5:29:22:15:ad:a8:c4:
34:80:20:0e:91:d4:f3:35:55:31:c7:69:06:67:ca:
91:d9:0e:42:72:55:e0:31:f0:69:4e:80:ed:e0:2e:
5d:5c:0f:c6:c0:36:50:a0:45:db:87:ad:85:59:3b:
0a:7e:5c:4a:bb:82:af:b1:52:ba:d1:e7:75:16:45:
60:9f:3f:45:ec:a0:1b:80:2a:1b:a6:92:55:8d:d5:
ec:39:e5:05:ae:2b:7f:d3:8d:19:a0:a5:03:34:25:
e8:51:fa:08:a3:12:9d:7e:a3:ed:5a:51:b6:4c:7d:
98:b6:da:5d:5e:d8:cb:71:7f:4f:69:22:e0:81:ab:
27:1d:79:6e:da:11:e5:5a:d0:94:8a:88:32:55:31:
74:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:51:46:CF:F1:7E:FD:8A:D9:C5:6E:D5:DE:B5:06:18:F1:9E:3D:4C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8FFGz_F-_YrZxW7V3rUGGPGePUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a07:4a00::/29
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0b:9800::/29
2a0c:74c0::/29
2a0c:77c0::/29
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
47:13:7f:62:9a:4a:81:32:d4:e8:09:d4:11:3e:17:eb:6f:7a:
c3:6a:80:4f:8a:d9:3b:40:59:a2:aa:44:05:f6:a7:08:94:a6:
b1:59:37:ad:0d:68:fc:e8:a3:6f:2a:b5:13:8e:d5:2d:9b:9e:
e3:be:4e:de:88:59:18:bc:77:e3:9c:2a:20:1a:7b:22:66:14:
a8:bc:98:26:35:56:24:18:91:7d:13:aa:97:b7:9c:37:59:ca:
7f:b3:2c:2a:17:cb:70:59:0f:00:dc:54:1b:91:f3:91:a8:48:
b0:83:1f:5b:77:97:3d:11:35:1f:16:9a:94:cc:80:51:7a:d9:
e3:a3:0c:59:55:da:09:4f:ad:6c:f0:15:ed:af:1b:5a:cd:e2:
59:d9:4e:a0:e3:1a:a8:5a:65:c8:b7:17:07:0a:e5:10:17:a9:
23:50:16:89:3b:47:e7:a7:f8:5e:59:18:52:49:e4:3f:c2:66:
8c:d8:40:34:f6:72:15:8c:51:46:dc:ef:43:10:d3:ef:51:e7:
36:d2:af:be:9f:6e:ad:17:1d:fb:2e:4d:30:e0:dc:9a:e5:1a:
c6:ba:6e:a8:c6:4c:d2:4c:0e:e0:9d:5e:9b:da:1b:56:c4:9d:
53:3e:d6:47:d5:a7:48:12:be:25:35:73:da:5e:a4:63:b0:f1:
e3:c3:ec:91
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAYu1PrkgcC7VB7nMZbiysgztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTA5MTgwMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDUxNDZjZmYxN2VmZDhhZDljNTZlZDVkZWI1MDYxOGYxOWUzZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+SitzxDqDPj/40cK+tz4dIx9KR+
oFQxQ2S3BJsR52euMmg1uqkpmwDhcEh44DqzslLT/o9ecrzV7Nwh0gxMRjr9j55Q
hf87ZKNBlGzahpcrj1w/Pm+ZctMEIJOL2GbnDZHqVmFyad3m9SHq/2HhWbUpIhWt
qMQ0gCAOkdTzNVUxx2kGZ8qR2Q5CclXgMfBpToDt4C5dXA/GwDZQoEXbh62FWTsK
flxKu4KvsVK60ed1FkVgnz9F7KAbgCobppJVjdXsOeUFrit/040ZoKUDNCXoUfoI
oxKdfqPtWlG2TH2YttpdXtjLcX9PaSLggasnHXlu2hHlWtCUiogyVTF0VQIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFPBRRs/xfv2K2cVu1d61Bhjxnj1MMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvOEZGR3pfRi1fWXJaeFc3VjNyVUdHUEdlUFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zBsBAIAATBmAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0AwQCuXWY
AwQCuX3YAwQCuX3kAwQAuci8AwQAwW1VAwQEwXywAwQAwajgAwQFwkPAAwQAwy/6
MG8EAgACMGkDBQMqB0oAAwcAKgqTAAAAAwcAKgqTAAACMBIDBwQqCpMAANADBwAq
CpMAANIwEAMFACoKkwEDBwAqCpMBAAIDBQAqCpMCAwUDKgt3gAMFAyoLmAADBQMq
DHTAAwUDKgx3wAMFAyoNLMAwDQYJKoZIhvcNAQELBQADggEBAEcTf2KaSoEy1OgJ
1BE+F+tvesNqgE+K2TtAWaKqRAX2pwiUprFZN60NaPzoo28qtROO1S2bnuO+Tt6I
WRi8d+OcKiAaeyJmFKi8mCY1ViQYkX0Tqpe3nDdZyn+zLCoXy3BZDwDcVBuR85Go
SLCDH1t3lz0RNR8WmpTMgFF62eOjDFlV2glPrWzwFe2vG1rN4lnZTqDjGqhaZci3
FwcK5RAXqSNQFok7R+en+F5ZGFJJ5D/CZozYQDT2chWMUUbc70MQ0+9R5zbSr76f
bq0XHfsuTTDg3JrlGsa6bqjGTNJMDuCdXpvaG1bEnVM+1kfVp0gSviU1c9pepGOw
8ePD7JE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org