Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8eCcitqC8E2OJZxFsdn9vKaJx7g.roa
File: 8eCcitqC8E2OJZxFsdn9vKaJx7g.roa (raw, json)
Hash identifier: cwhkDL2mqgbjjKy5WZW/3lIMG5xGStMKxAGTMjOybOs=
Subject key identifier: F1:E0:9C:8A:DA:82:F0:4D:8E:25:9C:45:B1:D9:FD:BC:A6:89:C7:B8
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018B716E9C74C78410E7D85AEC0F71B9E56D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8eCcitqC8E2OJZxFsdn9vKaJx7g.roa
Signing time: Fri 27 Oct 2023 13:59:16 +0000
ROA not before: Fri 27 Oct 2023 13:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/21 maxlen: 21
193.124.176.0/20 maxlen: 20
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
193.168.224.0/24 maxlen: 24
194.67.208.0/20 maxlen: 20
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0c:74c0::/29 maxlen: 29
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0a:9302:1::/48 maxlen: 48
2a0d:2cc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:6e:9c:74:c7:84:10:e7:d8:5a:ec:0f:71:b9:e5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 27 13:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1e09c8ada82f04d8e259c45b1d9fdbca689c7b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:61:0b:82:4d:03:45:cc:b8:d6:3c:42:31:8b:
b7:1b:9e:22:32:04:20:2b:2f:20:7f:72:f2:4b:05:
9f:a6:d9:09:95:ac:ec:f1:d6:0a:92:54:5f:7b:46:
5c:06:05:df:b8:3e:3d:99:7d:c7:bc:70:e0:f2:0f:
3f:fc:cc:23:fb:64:c7:2c:22:6a:1d:24:12:d4:eb:
42:76:b9:f6:20:d9:b1:81:24:b4:ba:d2:1b:cb:81:
b4:5f:a1:e2:2f:b2:12:ed:cc:e6:7d:41:a0:13:e7:
5f:c6:23:7b:4e:58:2f:50:c7:6d:5d:c6:db:fb:2f:
a8:bb:f5:57:92:ca:5b:d2:3c:e3:51:8e:ec:42:12:
b9:09:7f:f5:05:bf:6d:45:f1:fa:4a:ec:03:80:70:
b3:76:25:1c:6d:70:5a:2a:a4:eb:e5:44:4b:84:79:
80:4f:d2:8f:a3:be:ce:94:78:a1:dd:cc:97:63:3f:
f0:a7:d9:27:68:48:d5:08:1a:47:db:da:9f:b1:a2:
78:60:56:cd:b4:8e:1a:a8:30:34:16:45:8f:dd:91:
49:5c:f7:ee:b3:a8:bf:89:c3:8d:70:49:e8:e7:59:
7f:c2:2d:b7:0e:bf:24:1c:1b:7c:7e:89:2e:2a:da:
4c:52:6e:0d:c0:1d:28:1e:f6:b0:9e:25:d1:c7:4c:
af:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E0:9C:8A:DA:82:F0:4D:8E:25:9C:45:B1:D9:FD:BC:A6:89:C7:B8
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8eCcitqC8E2OJZxFsdn9vKaJx7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a07:4a00::/29
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:9800::/29
2a0c:74c0::/29
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
40:af:ab:83:d6:cf:59:3c:e7:32:a5:ab:d7:10:75:6f:5e:61:
87:09:f7:9a:8f:ef:9c:08:8c:af:f9:53:6b:f2:59:01:f5:af:
8b:f5:0f:84:bd:13:f6:e2:d2:b0:18:a1:28:9c:11:6a:83:cf:
17:5a:cf:fe:be:06:69:7b:c5:1f:2d:d1:8d:f9:19:29:19:71:
0f:33:7d:df:53:1e:e9:5e:41:4f:59:00:05:d4:99:d8:9d:3c:
84:78:16:9b:80:be:90:f3:e4:61:91:f8:0b:db:e2:29:b2:9f:
51:36:3e:ce:61:41:6e:ac:35:fa:36:02:b2:85:48:d7:11:78:
b0:75:ef:27:00:0f:eb:f1:f5:4c:07:21:59:f3:a6:f8:b3:d1:
c0:2e:62:6e:ab:6a:e3:18:fb:b0:a4:6f:d8:d4:1f:f6:cd:2a:
9f:9f:fc:d9:6d:6c:6e:17:4b:f6:32:e7:e4:7d:07:99:08:0a:
42:c4:77:22:5c:8e:83:40:20:65:94:10:a0:28:dd:6d:e6:75:
14:8d:5a:2d:ba:46:25:65:cb:3b:ba:7f:ae:c1:e3:3c:73:5a:
6c:de:70:87:49:37:04:c6:ff:07:89:4f:3c:3c:64:e4:43:50:
25:ba:62:88:f0:96:d5:df:4b:22:60:ad:a5:85:30:25:8d:cf:
b8:b4:cc:9e
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYtxbpx0x4QQ59ha7A9xueVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMDI3MTM1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUwOWM4YWRhODJmMDRkOGUyNTljNDViMWQ5ZmRiY2E2ODljN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ELgk0DRcy41jxCMYu3G54iMgQg
Ky8gf3LySwWfptkJlazs8dYKklRfe0ZcBgXfuD49mX3HvHDg8g8//Mwj+2THLCJq
HSQS1OtCdrn2INmxgSS0utIby4G0X6HiL7IS7czmfUGgE+dfxiN7TlgvUMdtXcbb
+y+ou/VXkspb0jzjUY7sQhK5CX/1Bb9tRfH6SuwDgHCzdiUcbXBaKqTr5URLhHmA
T9KPo77OlHih3cyXYz/wp9knaEjVCBpH29qfsaJ4YFbNtI4aqDA0FkWP3ZFJXPfu
s6i/icONcEno51l/wi23Dr8kHBt8fokuKtpMUm4NwB0oHvawniXRx0yvuQIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFPHgnIragvBNjiWcRbHZ/bymice4MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvOGVDY2l0cUM4RTJPSlp4RnNkbjl2S2FKeDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzBmBAIAATBgAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0AwQCuXWY
AwQCuX3YAwQCuX3kAwQAwW1VAwQEwXywAwQAwajgAwQFwkPAAwQAwy/6MGEEAgAC
MFsDBQMqB0oAAwcAKgqTAAAAAwcAKgqTAAACMBIDBwQqCpMAANADBwAqCpMAANIw
EAMFACoKkwEDBwAqCpMBAAIDBQAqCpMCAwUDKguYAAMFAyoMdMADBQMqDSzAMA0G
CSqGSIb3DQEBCwUAA4IBAQBAr6uD1s9ZPOcypavXEHVvXmGHCfeaj++cCIyv+VNr
8lkB9a+L9Q+EvRP24tKwGKEonBFqg88XWs/+vgZpe8UfLdGN+RkpGXEPM33fUx7p
XkFPWQAF1JnYnTyEeBabgL6Q8+RhkfgL2+Ipsp9RNj7OYUFurDX6NgKyhUjXEXiw
de8nAA/r8fVMByFZ86b4s9HALmJuq2rjGPuwpG/Y1B/2zSqfn/zZbWxuF0v2Mufk
fQeZCApCxHciXI6DQCBllBCgKN1t5nUUjVotukYlZcs7un+uweM8c1ps3nCHSTcE
xv8HiU88PGTkQ1AlumKI8JbV30siYK2lhTAljc+4tMye
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org