Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/GULeU2qMhv7M-DJ3W2YzuBEyqsc.roa
File: GULeU2qMhv7M-DJ3W2YzuBEyqsc.roa (raw, json)
Hash identifier: WjSosx/Cb5AdLUYianCgTQmUaWrLj8VysiU3XtFfQTg=
Subject key identifier: 19:42:DE:53:6A:8C:86:FE:CC:F8:32:77:5B:66:33:B8:11:32:AA:C7
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018B994019D27B9DD124D6EAD066E4E2BF54
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/GULeU2qMhv7M-DJ3W2YzuBEyqsc.roa
Signing time: Sat 04 Nov 2023 07:33:16 +0000
ROA not before: Sat 04 Nov 2023 07:33:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.200.188.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
193.168.224.0/24 maxlen: 24
194.67.208.0/20 maxlen: 20
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0c:74c0::/29 maxlen: 29
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0a:9302:1::/48 maxlen: 48
2a0d:2cc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:40:19:d2:7b:9d:d1:24:d6:ea:d0:66:e4:e2:bf:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 4 07:33:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1942de536a8c86feccf832775b6633b81132aac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:67:fc:4d:af:4e:6e:61:6e:a1:50:92:f0:19:
e7:7e:68:6a:73:a3:2a:8d:d4:31:9c:d5:25:cd:99:
43:45:75:2a:94:2f:a2:a7:32:57:34:4b:a7:bd:ba:
71:21:b1:05:09:9f:fe:1e:e5:47:24:f6:0b:4b:cb:
85:62:2d:0b:be:61:bb:7f:ee:46:db:b4:a6:1c:d1:
37:e3:55:22:a6:33:ec:49:cf:02:3f:6e:64:f5:57:
4b:f5:e3:0a:bc:ab:ae:38:ac:04:b0:65:cc:30:29:
75:42:93:6d:d9:43:c1:d8:c7:4f:4e:8a:b7:f0:73:
b6:e9:cd:3b:2d:33:ee:d7:cb:ff:72:d0:e2:02:53:
e0:32:e6:96:64:47:57:8e:98:ee:ce:1c:03:9f:45:
bc:03:19:c0:e7:0b:a3:0f:8c:33:2d:fd:14:76:8f:
0b:d0:e6:ed:ee:f6:52:23:b6:8f:57:7b:8c:24:76:
37:84:69:a4:6c:76:9c:b9:29:4f:78:96:d6:39:1b:
26:73:3a:04:d2:3e:8e:86:6f:c3:18:0e:d8:f5:06:
d8:15:38:48:e0:5e:4e:88:d1:69:da:e9:0d:73:0d:
8c:f1:69:89:fa:dd:4d:52:3a:42:18:df:46:d1:d1:
d5:47:09:0c:f6:60:2c:49:ff:d3:c4:fc:27:7b:92:
ad:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:42:DE:53:6A:8C:86:FE:CC:F8:32:77:5B:66:33:B8:11:32:AA:C7
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/GULeU2qMhv7M-DJ3W2YzuBEyqsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a07:4a00::/29
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:9800::/29
2a0c:74c0::/29
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
80:31:12:e6:52:63:17:fc:7b:9e:42:56:a2:a0:14:f2:ee:d3:
cd:d9:37:d4:b3:1d:69:88:33:51:79:8f:b9:b8:aa:63:ff:e6:
5b:e8:8a:24:73:47:c3:8d:1e:01:9b:da:69:61:07:3c:7b:f0:
06:53:6d:e4:d2:55:78:3b:46:85:35:6d:91:8f:c5:a7:ef:0b:
df:f2:d8:92:4b:c0:b1:fc:a3:a1:13:b0:58:6f:89:9b:ca:40:
48:90:d8:ff:0a:ac:a0:7b:a8:c1:ae:53:24:85:fb:88:3f:e0:
d1:2a:81:c4:34:cd:f5:18:1b:15:c1:c2:ef:e5:f8:8b:14:37:
f9:f8:15:6e:fb:0d:c5:9b:69:0e:ea:ec:5a:c6:23:c5:44:d2:
5c:22:75:14:11:8a:19:20:48:76:9d:c6:91:dc:b7:9e:16:d4:
cb:12:59:71:bb:d3:be:22:7d:7e:bc:4a:c5:74:d1:d4:d5:c3:
20:80:de:69:e1:bc:d3:0d:d9:9c:bf:a0:31:38:88:da:01:af:
6e:43:de:02:b2:08:2e:a9:59:2b:a7:74:3e:6a:3b:c4:2b:2d:
07:40:4c:0a:07:5d:6b:fd:ca:18:7d:43:e9:97:6e:e7:12:89:
50:ac:8a:fa:12:d6:4d:0b:d8:84:f1:86:2f:33:05:75:db:35:
d2:57:2c:26
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYuZQBnSe53RJNbq0Gbk4r9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTA0MDczMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTQyZGU1MzZhOGM4NmZlY2NmODMyNzc1YjY2MzNiODExMzJhYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2f8Ta9ObmFuoVCS8Bnnfmhqc6Mq
jdQxnNUlzZlDRXUqlC+ipzJXNEunvbpxIbEFCZ/+HuVHJPYLS8uFYi0LvmG7f+5G
27SmHNE341UipjPsSc8CP25k9VdL9eMKvKuuOKwEsGXMMCl1QpNt2UPB2MdPToq3
8HO26c07LTPu18v/ctDiAlPgMuaWZEdXjpjuzhwDn0W8AxnA5wujD4wzLf0Udo8L
0Obt7vZSI7aPV3uMJHY3hGmkbHacuSlPeJbWORsmczoE0j6Ohm/DGA7Y9QbYFThI
4F5OiNFp2ukNcw2M8WmJ+t1NUjpCGN9G0dHVRwkM9mAsSf/TxPwne5KtOwIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFBlC3lNqjIb+zPgyd1tmM7gRMqrHMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvR1VMZVUycU1odjdNLURKM1cyWXp1QkV5cXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TBsBAIAATBmAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0AwQCuXWY
AwQCuX3YAwQCuX3kAwQAuci8AwQAwW1VAwQEwXywAwQAwajgAwQFwkPAAwQAwy/6
MGEEAgACMFsDBQMqB0oAAwcAKgqTAAAAAwcAKgqTAAACMBIDBwQqCpMAANADBwAq
CpMAANIwEAMFACoKkwEDBwAqCpMBAAIDBQAqCpMCAwUDKguYAAMFAyoMdMADBQMq
DSzAMA0GCSqGSIb3DQEBCwUAA4IBAQCAMRLmUmMX/HueQlaioBTy7tPN2TfUsx1p
iDNReY+5uKpj/+Zb6Iokc0fDjR4Bm9ppYQc8e/AGU23k0lV4O0aFNW2Rj8Wn7wvf
8tiSS8Cx/KOhE7BYb4mbykBIkNj/Cqyge6jBrlMkhfuIP+DRKoHENM31GBsVwcLv
5fiLFDf5+BVu+w3Fm2kO6uxaxiPFRNJcInUUEYoZIEh2ncaR3LeeFtTLEllxu9O+
In1+vErFdNHU1cMggN5p4bzTDdmcv6AxOIjaAa9uQ94CsgguqVkrp3Q+ajvEKy0H
QEwKB11r/coYfUPpl27nEolQrIr6EtZNC9iE8YYvMwV12zXSVywm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org