Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Lo3gO3OXxTbNKxYSnAE9Z_vP4RQ.roa
File: Lo3gO3OXxTbNKxYSnAE9Z_vP4RQ.roa (raw, json)
Hash identifier: MajjKnkC2S1QPxSX95wWAAQyeOKXPPLjyLEibtgGwcM=
Subject key identifier: 2E:8D:E0:3B:73:97:C5:36:CD:2B:16:12:9C:01:3D:67:FB:CF:E1:14
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018B38D468D6059A9D066F70A856AEB32C26
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Lo3gO3OXxTbNKxYSnAE9Z_vP4RQ.roa
Signing time: Mon 16 Oct 2023 14:12:06 +0000
ROA not before: Mon 16 Oct 2023 14:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/21 maxlen: 21
193.124.176.0/20 maxlen: 20
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0c:74c0::/29 maxlen: 29
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a07:4a00::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0a:9302:1::/48 maxlen: 48
2a0d:2cc0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:d4:68:d6:05:9a:9d:06:6f:70:a8:56:ae:b3:2c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 16 14:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e8de03b7397c536cd2b16129c013d67fbcfe114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:77:20:7b:5e:69:84:ec:18:79:0d:43:1d:b0:
0a:fe:be:6c:9c:d7:c5:29:2e:39:5e:d9:e7:ab:a8:
59:e6:8d:2e:c1:3e:e5:5b:c0:f7:05:49:c0:21:ac:
c1:9e:46:e0:04:b6:47:0e:9d:3f:c7:4e:23:df:d0:
13:c5:3d:0a:74:25:04:ee:f5:33:83:7f:38:a2:f9:
ff:fd:29:3e:f7:5b:bc:86:bb:fc:66:9f:6e:08:32:
12:2b:45:2f:16:88:3a:8d:cd:4f:88:d8:ed:a6:18:
6b:e2:07:7b:99:9d:ae:ce:8c:19:bd:20:f2:c8:5d:
d7:70:30:dc:b2:12:84:86:c7:8f:1d:63:9a:b7:2c:
62:a4:5e:05:83:d2:e8:74:13:56:86:1a:c7:a9:fd:
d7:89:9d:e4:31:21:bf:b3:41:0d:bb:9d:cd:28:f5:
7b:e9:f7:fb:56:f4:5b:ed:0f:8a:a1:55:31:8e:eb:
87:4f:e3:fd:39:81:f0:54:44:ea:fb:3e:a6:70:9b:
f0:cc:e0:4e:93:66:57:fe:38:9c:e7:17:c1:c4:9a:
23:81:a2:fe:d3:6b:f5:84:f5:c2:ce:88:f0:fc:ae:
09:9a:bd:5b:71:d9:d9:0f:ff:43:f1:cc:da:41:fb:
1d:31:4e:45:c9:c8:a3:04:e2:bc:c6:57:0e:8d:8f:
59:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8D:E0:3B:73:97:C5:36:CD:2B:16:12:9C:01:3D:67:FB:CF:E1:14
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Lo3gO3OXxTbNKxYSnAE9Z_vP4RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.109.85.0/24
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
IPv6:
2a07:4a00::/29
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:9800::/29
2a0c:74c0::/29
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:a6:76:6c:29:0d:9f:a5:18:14:be:34:a6:1d:7e:5f:5f:b5:
dd:39:53:44:3d:71:b5:6d:c9:80:67:02:66:8e:3f:58:d5:a2:
f9:42:d7:99:1c:58:35:23:b6:a0:d8:d4:98:d8:73:8b:83:02:
b0:2f:23:ad:b3:17:97:74:74:a4:b8:a2:85:b0:61:a4:19:27:
06:02:4e:19:2d:6b:4b:f3:f8:37:f8:92:60:ef:a3:eb:09:e6:
c4:45:00:86:29:a3:b2:26:8d:4c:b2:e8:d3:ad:d2:00:03:46:
d7:96:3a:c7:2d:2d:1b:60:e3:0c:f9:24:f3:c5:78:c4:6e:32:
7d:8b:72:d8:c8:d7:7a:3c:6c:06:9c:16:1e:a6:ce:c2:01:4d:
c4:dd:2f:11:30:37:81:11:66:68:9c:93:77:94:92:be:75:b7:
9d:3b:c7:65:80:36:4c:3a:df:1b:14:9f:d0:f9:3f:52:1e:5b:
f2:5f:2f:33:29:5e:3b:e3:ce:0e:f6:5d:2c:c5:a2:36:dd:c9:
bf:9b:9a:07:29:25:25:e4:87:68:16:b0:04:ee:ce:2f:c0:52:
db:17:b7:7d:21:3c:65:70:0d:20:8f:86:7f:99:7c:4a:c0:49:
98:bf:54:3a:96:b1:6c:07:de:24:02:e0:50:d2:3c:a6:87:d9:
a5:35:a7:03
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAYs41GjWBZqdBm9wqFausywmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMDE2MTQxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZThkZTAzYjczOTdjNTM2Y2QyYjE2MTI5YzAxM2Q2N2ZiY2ZlMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHcge15phOwYeQ1DHbAK/r5snNfF
KS45Xtnnq6hZ5o0uwT7lW8D3BUnAIazBnkbgBLZHDp0/x04j39ATxT0KdCUE7vUz
g384ovn//Sk+91u8hrv8Zp9uCDISK0UvFog6jc1PiNjtphhr4gd7mZ2uzowZvSDy
yF3XcDDcshKEhsePHWOatyxipF4Fg9LodBNWhhrHqf3XiZ3kMSG/s0ENu53NKPV7
6ff7VvRb7Q+KoVUxjuuHT+P9OYHwVETq+z6mcJvwzOBOk2ZX/jic5xfBxJojgaL+
02v1hPXCzojw/K4Jmr1bcdnZD/9D8czaQfsdMU5FycijBOK8xlcOjY9ZUwIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFC6N4Dtzl8U2zSsWEpwBPWf7z+EUMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTG8zZ08zT1h4VGJOS3hZU25BRTlaX3ZQNFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTBgBAIAATBaAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0AwQCuXWY
AwQCuX3YAwQCuX3kAwQAwW1VAwQEwXywAwQFwkPAAwQAwy/6MGEEAgACMFsDBQMq
B0oAAwcAKgqTAAAAAwcAKgqTAAACMBIDBwQqCpMAANADBwAqCpMAANIwEAMFACoK
kwEDBwAqCpMBAAIDBQAqCpMCAwUDKguYAAMFAyoMdMADBQMqDSzAMA0GCSqGSIb3
DQEBCwUAA4IBAQC0pnZsKQ2fpRgUvjSmHX5fX7XdOVNEPXG1bcmAZwJmjj9Y1aL5
QteZHFg1I7ag2NSY2HOLgwKwLyOtsxeXdHSkuKKFsGGkGScGAk4ZLWtL8/g3+JJg
76PrCebERQCGKaOyJo1MsujTrdIAA0bXljrHLS0bYOMM+STzxXjEbjJ9i3LYyNd6
PGwGnBYeps7CAU3E3S8RMDeBEWZonJN3lJK+dbedO8dlgDZMOt8bFJ/Q+T9SHlvy
Xy8zKV47484O9l0sxaI23cm/m5oHKSUl5IdoFrAE7s4vwFLbF7d9ITxlcA0gj4Z/
mXxKwEmYv1Q6lrFsB94kAuBQ0jymh9mlNacD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org