Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QyAcvCeC4Xp04vA5lipmKb-g9sk.roa
File: QyAcvCeC4Xp04vA5lipmKb-g9sk.roa (raw, json)
Hash identifier: MsHKiIXs/N9wJQPGK3pSps/+gEmbpk4MTta7UmnJ1Xk=
Subject key identifier: 43:20:1C:BC:27:82:E1:7A:74:E2:F0:39:96:2A:66:29:BF:A0:F6:C9
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018AED06CC60060C9C0DF8BE3316DCA1F608
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QyAcvCeC4Xp04vA5lipmKb-g9sk.roa
Signing time: Sun 01 Oct 2023 20:56:00 +0000
ROA not before: Sun 01 Oct 2023 20:56:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200740
IP address blocks: 94.142.136.0/23 maxlen: 23
94.142.137.0/24 maxlen: 24
94.142.136.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
185.114.72.0/23 maxlen: 23
185.114.73.0/24 maxlen: 24
185.114.72.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ed:06:cc:60:06:0c:9c:0d:f8:be:33:16:dc:a1:f6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 1 20:56:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43201cbc2782e17a74e2f039962a6629bfa0f6c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:34:0b:23:b5:87:14:bc:21:04:10:a6:0d:4d:
da:2e:e0:e1:d6:0e:6c:22:ad:c8:86:37:0c:0a:71:
be:c1:0d:37:2f:14:38:5a:18:3b:10:70:c1:a3:45:
64:0d:90:e3:e8:d5:e5:ab:21:d4:51:18:e8:a0:63:
34:76:89:a0:62:13:03:4d:33:b9:10:d4:3b:34:34:
77:f2:6d:dd:b9:41:63:23:21:f4:24:6c:ba:fe:4a:
31:70:1b:72:e4:91:6f:8c:38:08:3f:95:d7:4c:78:
3f:99:06:e8:2f:d2:e8:aa:b5:e3:b6:31:47:11:1b:
29:41:23:9c:b8:9a:0f:a0:56:98:df:e3:60:1d:d8:
5e:87:f1:ba:21:45:c9:aa:22:d9:fc:38:94:89:2d:
51:1b:8e:88:1a:11:53:50:44:8f:fc:24:8c:41:7a:
2f:c9:2a:be:c2:fe:8f:04:78:5c:c2:08:48:5d:20:
27:29:94:eb:96:aa:0c:86:d4:af:17:23:00:6c:28:
51:b6:41:29:89:2d:27:9c:d0:b0:c7:bf:c0:48:73:
43:f9:01:48:fe:96:1d:09:98:bd:77:63:e4:0f:1c:
69:7e:fc:dc:c8:8e:e7:95:3f:8e:1f:77:c4:24:ea:
ef:31:e9:8d:29:74:bf:46:8c:5a:b1:87:f3:be:b0:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:20:1C:BC:27:82:E1:7A:74:E2:F0:39:96:2A:66:29:BF:A0:F6:C9
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QyAcvCeC4Xp04vA5lipmKb-g9sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
68:8e:af:ca:b3:e4:7c:7d:eb:d5:a6:97:79:ac:bd:83:82:1d:
3b:b0:1f:74:7a:0f:2b:d8:9e:37:0d:c4:1c:b9:c3:ff:71:15:
60:da:f7:fe:35:96:80:de:95:a6:0f:f1:39:df:2f:ce:92:a9:
82:80:39:88:0a:6c:b2:48:1b:43:52:74:f7:fc:9b:85:0b:e9:
d5:c4:c6:9a:5b:2e:8b:2e:f9:1d:88:d5:bf:ea:8f:3a:8b:45:
58:e3:3c:b7:b3:fb:37:1c:a8:5b:54:28:71:2d:25:aa:c5:b3:
16:8c:45:47:06:13:73:b4:af:eb:ca:0c:2a:d4:79:75:07:09:
1d:4c:33:e9:cd:df:94:d7:1d:33:4c:94:b1:0d:b7:fc:1f:9d:
27:24:97:63:bd:25:9d:1f:df:5e:a0:6b:45:5a:4e:00:1f:22:
c0:b2:6e:00:71:6d:d3:cf:d9:76:90:7b:d8:51:a2:a8:0c:63:
c0:60:2f:2f:8c:4c:3f:8a:29:42:b0:8b:8f:bb:ab:7c:f5:56:
02:7b:15:fa:15:f2:bd:de:3e:c6:fd:02:cf:b0:82:4f:32:a1:
bd:5c:c0:4f:fe:d7:4a:cd:f5:02:15:a0:f1:eb:37:aa:f6:a3:
fe:36:9d:9f:02:18:0c:fd:b5:b8:43:74:bf:ea:cd:e0:e8:90:
83:ae:4b:b3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYrtBsxgBgycDfi+MxbcofYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMDAxMjA1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzIwMWNiYzI3ODJlMTdhNzRlMmYwMzk5NjJhNjYyOWJmYTBmNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzQLI7WHFLwhBBCmDU3aLuDh1g5s
Iq3IhjcMCnG+wQ03LxQ4Whg7EHDBo0VkDZDj6NXlqyHUURjooGM0domgYhMDTTO5
ENQ7NDR38m3duUFjIyH0JGy6/koxcBty5JFvjDgIP5XXTHg/mQboL9LoqrXjtjFH
ERspQSOcuJoPoFaY3+NgHdheh/G6IUXJqiLZ/DiUiS1RG46IGhFTUESP/CSMQXov
ySq+wv6PBHhcwghIXSAnKZTrlqoMhtSvFyMAbChRtkEpiS0nnNCwx7/ASHND+QFI
/pYdCZi9d2PkDxxpfvzcyI7nlT+OH3fEJOrvMemNKXS/RoxasYfzvrANzwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFEMgHLwnguF6dOLwOZYqZim/oPbJMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUXlBY3ZDZUM0WHAwNHZBNWxpcG1LYi1nOXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBjwQCAAEwgYgDBAAt
CUgDBAAuEWkDBAJQTCADBABb2UwDBAFejogwDAMEAF/WCQMEAl/WCAMEALkoBwME
AblepAMEALlmiAMEArln/AMEALlwUQMEAblySAMEALl1dAMEALl1dwMEALnIvgME
AbnoqjAMAwQEuelQAwQAuelSAwQBuenKAwQAufyQAwQBwiSyMDoEAgACMDQDBwAq
BFIAAGgDBwAqBFIBAAIDBwAqBFIBAAQDBwEqBFIBAAYDBwAqBFIBgBgDBQMqDSzA
MA0GCSqGSIb3DQEBCwUAA4IBAQBojq/Ks+R8fevVppd5rL2Dgh07sB90eg8r2J43
DcQcucP/cRVg2vf+NZaA3pWmD/E53y/OkqmCgDmICmyySBtDUnT3/JuFC+nVxMaa
Wy6LLvkdiNW/6o86i0VY4zy3s/s3HKhbVChxLSWqxbMWjEVHBhNztK/rygwq1Hl1
BwkdTDPpzd+U1x0zTJSxDbf8H50nJJdjvSWdH99eoGtFWk4AHyLAsm4AcW3Tz9l2
kHvYUaKoDGPAYC8vjEw/iilCsIuPu6t89VYCexX6FfK93j7G/QLPsIJPMqG9XMBP
/tdKzfUCFaDx6zeq9qP+Np2fAhgM/bW4Q3S/6s3g6JCDrkuz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org