Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AMfS03M18sudZeHS-hVfF8Js4BI.roa
File: AMfS03M18sudZeHS-hVfF8Js4BI.roa (raw, json)
Hash identifier: 5dzP/ZQSlzgnK+Je2fDlZluT/kmkoglxCxaBGDVjQSI=
Subject key identifier: 00:C7:D2:D3:73:35:F2:CB:9D:65:E1:D2:FA:15:5F:17:C2:6C:E0:12
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018988CA9C09ADFF8D1B3DB84D222F726E86
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AMfS03M18sudZeHS-hVfF8Js4BI.roa
Signing time: Mon 24 Jul 2023 16:45:26 +0000
ROA not before: Mon 24 Jul 2023 16:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.205.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
2a0f:3380::/29 maxlen: 29
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0f:a500::/29 maxlen: 29
2a0a:9301:1::/48 maxlen: 48
2a0f:4580::/29 maxlen: 29
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0c:77c0::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0d:3880::/29 maxlen: 29
2a0a:9302:1::/48 maxlen: 48
2a0f:1180::/29 maxlen: 29
2a0f:4680::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:ca:9c:09:ad:ff:8d:1b:3d:b8:4d:22:2f:72:6e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 24 16:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00c7d2d37335f2cb9d65e1d2fa155f17c26ce012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1d:fc:b8:ee:49:ac:71:9f:9f:c9:51:27:7d:
27:7a:ac:22:fe:8d:b1:58:11:8e:d2:92:8d:37:3d:
8d:35:ba:9c:c6:66:79:e3:f1:b0:89:93:71:c8:fb:
69:1b:d5:16:14:17:bb:3c:ac:11:48:b8:bc:e4:00:
fc:65:fe:ed:1c:2f:e3:a7:9f:69:38:2f:17:d3:d7:
42:fd:5b:f3:74:15:2d:7a:d0:f7:54:c1:e6:48:10:
d1:20:e4:72:f8:29:ae:ee:87:97:aa:7e:2c:7a:05:
d4:f0:d8:ae:7e:ef:26:79:c8:1a:75:8f:c0:6b:3d:
da:53:84:33:00:57:a9:d4:d2:63:d4:42:dd:af:b4:
be:60:95:3b:fd:9b:c4:bf:a1:21:1b:2c:62:3c:7a:
0a:c3:a8:c0:63:2a:95:5f:dc:81:16:3b:46:49:48:
c7:5f:ce:0a:53:4e:1e:cf:96:39:0c:e6:41:c1:b7:
a2:d2:1b:c1:de:47:8e:d6:9a:e7:88:29:12:fd:52:
bc:22:ad:a1:28:b8:6d:31:ef:12:57:e4:ad:ee:7e:
ec:9d:3a:8e:5e:31:ab:9d:3e:ab:6e:03:1e:64:e4:
b8:bd:68:05:b7:1a:08:3a:01:f1:a0:b3:84:e8:3b:
78:ec:94:f2:09:9c:33:81:5f:e9:66:26:fb:c1:b5:
61:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C7:D2:D3:73:35:F2:CB:9D:65:E1:D2:FA:15:5F:17:C2:6C:E0:12
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/AMfS03M18sudZeHS-hVfF8Js4BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.109.85.0/24
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0c:77c0::/29
2a0d:3880::/29
2a0f:1180::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:a500::/29
Signature Algorithm: sha256WithRSAEncryption
2a:4e:35:74:d2:1e:77:0c:bb:3a:8a:34:92:e6:a4:d7:20:eb:
0e:37:77:80:20:87:c2:6f:ad:d1:40:9c:2a:c4:6d:0f:01:50:
85:a2:30:84:97:ee:ba:23:42:b9:7d:94:c3:9f:82:70:ee:e7:
bb:66:fb:62:c8:29:cb:cf:05:1e:4e:15:1f:56:50:ec:9a:e5:
8e:cf:7a:57:47:ec:9c:1d:72:e3:9f:c3:df:1b:d7:14:44:72:
95:7f:b6:4b:08:a3:78:61:a6:08:89:e7:76:60:34:b2:d4:76:
5e:3a:66:24:04:69:30:a0:71:f6:c3:3c:d4:21:f8:9b:b4:26:
45:33:d7:ed:dc:05:b9:62:4c:15:65:98:b3:f0:ed:68:80:87:
6e:18:ed:cf:a9:1c:dc:72:6b:0d:c7:b9:fb:0e:77:d5:77:e2:
11:3f:f9:e5:67:85:bf:c1:cc:7d:fe:61:6e:ee:5e:54:87:56:
be:fe:cd:b9:e9:ca:dc:19:cd:3f:92:96:08:5f:60:c5:1e:6c:
fb:9c:49:16:8d:85:df:15:1d:91:ce:42:d8:2b:3f:c5:22:25:
d7:d1:82:52:15:e8:86:9c:2b:b9:c6:3f:ea:80:c7:28:f0:5e:
83:c3:e5:eb:55:da:ca:e1:63:c7:de:91:fc:87:68:43:57:96:
9c:cf:33:7d
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYmIypwJrf+NGz24TSIvcm6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNzI0MTY0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGM3ZDJkMzczMzVmMmNiOWQ2NWUxZDJmYTE1NWYxN2MyNmNlMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR38uO5JrHGfn8lRJ30neqwi/o2x
WBGO0pKNNz2NNbqcxmZ54/GwiZNxyPtpG9UWFBe7PKwRSLi85AD8Zf7tHC/jp59p
OC8X09dC/VvzdBUtetD3VMHmSBDRIORy+Cmu7oeXqn4segXU8Niufu8mecgadY/A
az3aU4QzAFep1NJj1ELdr7S+YJU7/ZvEv6EhGyxiPHoKw6jAYyqVX9yBFjtGSUjH
X84KU04ez5Y5DOZBwbei0hvB3keO1prniCkS/VK8Iq2hKLhtMe8SV+St7n7snTqO
XjGrnT6rbgMeZOS4vWgFtxoIOgHxoLOE6Dt47JTyCZwzgV/pZib7wbVhUwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFADH0tNzNfLLnWXh0voVXxfCbOASMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvQU1mUzAzTTE4c3VkWmVIUy1oVmZGOEpzNEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jBgBAIAATBaAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0AwQCuXWY
AwQCuX3YAwQCuX3kAwQAwW1VAwQEwXywAwQFwkPAAwQAwy/6MHYEAgACMHADBwAq
CpMAAAADBwAqCpMAAAIwEgMHBCoKkwAA0AMHACoKkwAA0jAQAwUAKgqTAQMHACoK
kwEAAgMFACoKkwIDBQMqDHfAAwUDKg04gAMFAyoPEYADBQMqDzOAAwUDKg9FgAMF
AyoPRoADBQMqD6UAMA0GCSqGSIb3DQEBCwUAA4IBAQAqTjV00h53DLs6ijSS5qTX
IOsON3eAIIfCb63RQJwqxG0PAVCFojCEl+66I0K5fZTDn4Jw7ue7ZvtiyCnLzwUe
ThUfVlDsmuWOz3pXR+ycHXLjn8PfG9cURHKVf7ZLCKN4YaYIied2YDSy1HZeOmYk
BGkwoHH2wzzUIfibtCZFM9ft3AW5YkwVZZiz8O1ogIduGO3PqRzccmsNx7n7DnfV
d+IRP/nlZ4W/wcx9/mFu7l5Uh1a+/s256crcGc0/kpYIX2DFHmz7nEkWjYXfFR2R
zkLYKz/FIiXX0YJSFeiGnCu5xj/qgMco8F6Dw+XrVdrK4WPH3pH8h2hDV5aczzN9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org