Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QGnaORAcfQHYaVQeMT3ISaMHtpg.roa
File: QGnaORAcfQHYaVQeMT3ISaMHtpg.roa (raw, json)
Hash identifier: NTFFp2S5x3R/ZFUI9y9dW+9YnOfSIcf4Izg/T+a7OLk=
Subject key identifier: 40:69:DA:39:10:1C:7D:01:D8:69:54:1E:31:3D:C8:49:A3:07:B6:98
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018D5F7D3E553493D2A456CBE30635245285
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QGnaORAcfQHYaVQeMT3ISaMHtpg.roa
Signing time: Wed 31 Jan 2024 12:27:39 +0000
ROA not before: Wed 31 Jan 2024 12:27:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
94.142.136.0/23 maxlen: 23
94.142.136.0/24 maxlen: 24
94.142.137.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.103.254.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.233.202.0/23 maxlen: 23
185.252.144.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc2::/31 maxlen: 31
2a0d:2cc4::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:7d:3e:55:34:93:d2:a4:56:cb:e3:06:35:24:52:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 31 12:27:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4069da39101c7d01d869541e313dc849a307b698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a8:10:bb:e3:6d:3e:01:0a:bc:98:95:d7:af:
84:27:6b:68:4e:3f:50:be:67:a6:03:19:c9:61:62:
fa:0f:4d:76:d4:a6:4e:08:56:d8:22:2c:76:c2:ae:
97:04:4c:3a:d3:94:00:8e:35:1f:aa:c1:2e:0d:06:
a9:30:22:ff:88:8a:5c:79:8a:89:7f:a2:5f:1f:65:
86:00:1c:fd:dd:19:b2:0c:e0:1c:ce:23:06:67:b0:
1a:9d:40:02:34:a4:2b:a6:c6:0f:5e:2b:2e:82:da:
32:2a:e6:50:ae:cf:10:03:10:72:47:c2:29:65:04:
5f:af:e3:e5:47:05:22:81:b4:f1:a5:88:9f:4d:86:
d3:b5:6e:74:3c:85:2e:17:20:45:e3:34:62:ad:1e:
96:1d:99:a8:d3:55:4c:73:95:6e:65:84:86:9a:ec:
91:13:3e:f2:b0:94:89:e1:32:59:46:f3:3d:20:c1:
49:5a:22:f0:af:e4:f4:52:7e:19:dd:35:29:9c:8f:
63:6e:cd:b6:67:2c:47:53:be:e3:d1:c1:74:f0:57:
a8:6b:5f:61:46:21:f0:2c:95:34:f9:f7:47:c5:bb:
c6:23:23:8d:ee:46:af:31:37:a8:dc:e7:ba:ab:62:
54:8c:fb:c8:2b:cf:36:1b:7c:41:2f:36:92:f4:5b:
dd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:69:DA:39:10:1C:7D:01:D8:69:54:1E:31:3D:C8:49:A3:07:B6:98
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QGnaORAcfQHYaVQeMT3ISaMHtpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
92.118.8.0/23
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
bc:62:d1:2a:09:18:41:bf:bb:34:48:97:58:02:f8:af:35:50:
a5:44:19:79:e6:ec:2e:cd:5d:ab:b9:5c:e4:b3:ae:be:54:37:
68:95:98:c5:60:6b:9b:2f:67:b3:ee:4e:9f:fd:f4:9c:55:26:
14:ed:dc:8d:72:72:44:d8:40:20:40:17:b3:57:0d:09:f0:74:
0d:66:9e:43:7e:5e:7d:f3:23:5f:7c:1e:8a:70:51:4e:c3:cf:
4a:54:3d:94:3b:20:e3:2c:e5:26:e6:ff:20:39:72:00:98:29:
67:ea:66:16:e8:fe:2d:80:83:7b:d0:65:bc:d9:53:f1:9a:49:
b2:f0:5c:7c:59:a7:e1:ae:1f:83:23:52:b8:2e:de:db:f2:0f:
64:5e:62:40:47:26:4a:70:90:1c:03:d2:18:5b:7b:6c:aa:b3:
04:6d:67:28:a7:f5:d1:be:b2:19:8f:b6:b2:a3:28:c4:a1:40:
d1:19:fc:a4:6e:78:09:c0:e3:bb:ee:51:76:68:c9:00:a9:d5:
3c:f3:4b:42:26:62:65:8c:85:7a:bc:4f:ca:e2:18:b7:e8:11:
cc:e1:4b:54:a0:51:e0:86:8b:5e:14:f1:68:2f:74:83:3e:18:
80:28:36:5d:a0:b2:eb:81:99:5f:81:52:f8:3a:cd:2d:f1:b5:
55:c0:f0:7b
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAY1ffT5VNJPSpFbL4wY1JFKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTMxMTIyNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY5ZGEzOTEwMWM3ZDAxZDg2OTU0MWUzMTNkYzg0OWEzMDdiNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqgQu+NtPgEKvJiV16+EJ2toTj9Q
vmemAxnJYWL6D0121KZOCFbYIix2wq6XBEw605QAjjUfqsEuDQapMCL/iIpceYqJ
f6JfH2WGABz93RmyDOAcziMGZ7AanUACNKQrpsYPXisugtoyKuZQrs8QAxByR8Ip
ZQRfr+PlRwUigbTxpYifTYbTtW50PIUuFyBF4zRirR6WHZmo01VMc5VuZYSGmuyR
Ez7ysJSJ4TJZRvM9IMFJWiLwr+T0Un4Z3TUpnI9jbs22ZyxHU77j0cF08Feoa19h
RiHwLJU0+fdHxbvGIyON7kavMTeo3Oe6q2JUjPvIK882G3xBLzaS9FvdPQIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFEBp2jkQHH0B2GlUHjE9yEmjB7aYMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUUduYU9SQWNmUUhZYVZRZU1UM0lTYU1IdHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBmwQCAAEwgZQDBAAt
CUgDBAAtikkDBAAuEWkDBAJQTCADBABb2UwDBAFcdggDBAFejogwDAMEAF/WCQME
Al/WCAMEALkoBwMEAblepAMEALlmiAMEArln/AMEALlwUQMEAblySAMEALl1dAME
ALl1dwMEALnIvgMEAbnoqjAMAwQEuelQAwQAuelSAwQBuenKAwQAufyQAwQBwiSy
MEMEAgACMD0DBwAqBFIAAGgDBwAqBFIBAAIDBwAqBFIBAAQDBwEqBFIBAAYDBwAq
BFIBAAkDBwAqBFIBgBgDBQMqDSzAMA0GCSqGSIb3DQEBCwUAA4IBAQC8YtEqCRhB
v7s0SJdYAvivNVClRBl55uwuzV2ruVzks66+VDdolZjFYGubL2ez7k6f/fScVSYU
7dyNcnJE2EAgQBezVw0J8HQNZp5Dfl598yNffB6KcFFOw89KVD2UOyDjLOUm5v8g
OXIAmCln6mYW6P4tgIN70GW82VPxmkmy8Fx8Wafhrh+DI1K4Lt7b8g9kXmJARyZK
cJAcA9IYW3tsqrMEbWcop/XRvrIZj7ayoyjEoUDRGfykbngJwOO77lF2aMkAqdU8
80tCJmJljIV6vE/K4hi36BHM4UtUoFHghoteFPFoL3SDPhiAKDZdoLLrgZlfgVL4
Os0t8bVVwPB7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org