Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/R3Ma_hEw4R9wV29JdV9fbCKGSN4.roa
File: R3Ma_hEw4R9wV29JdV9fbCKGSN4.roa (raw, json)
Hash identifier: V6DcGdt8GNtOiZVGTQvDhBWIAhyjuGjqadBtT1gLhAw=
Subject key identifier: 47:73:1A:FE:11:30:E1:1F:70:57:6F:49:75:5F:5F:6C:22:86:48:DE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0184A39F98DC6F83C6EABE28BCFA70E2C13F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/R3Ma_hEw4R9wV29JdV9fbCKGSN4.roa
Signing time: Wed 23 Nov 2022 08:34:16 +0000
ROA not before: Wed 23 Nov 2022 08:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200740
IP address blocks: 94.142.136.0/23 maxlen: 23
94.142.137.0/24 maxlen: 24
94.142.136.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
185.232.170.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:9f:98:dc:6f:83:c6:ea:be:28:bc:fa:70:e2:c1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 23 08:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47731afe1130e11f70576f49755f5f6c228648de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:64:4e:98:cb:43:3f:bd:f7:9d:b9:ad:dd:d1:
43:e2:92:bb:a1:f3:05:fc:59:f8:92:39:c7:0b:9e:
88:99:0a:59:26:6b:88:f9:68:b7:f4:cb:98:53:e7:
33:26:2c:0d:32:e2:09:31:9c:99:06:9a:4a:cd:dd:
16:22:d5:ce:bd:0f:cc:3d:b5:f7:8f:47:dd:20:91:
a8:a4:bf:5b:91:0c:db:cf:f3:18:a1:77:82:38:6c:
9a:a5:64:91:b7:c5:20:55:67:82:c0:0b:51:c0:91:
1b:0c:20:95:56:d2:12:ee:ca:c9:79:5a:55:3d:d0:
28:05:28:5f:fd:55:36:0d:e3:fe:ab:8e:ad:f8:1f:
09:5a:00:2b:6d:71:9b:df:24:50:51:f6:c9:23:67:
7d:02:27:65:10:c8:b7:3f:7c:d6:a3:49:b5:b5:fb:
41:95:2d:53:87:6d:78:1f:92:46:4f:ce:c4:e1:3d:
49:7c:19:df:dd:0f:ab:2f:56:2d:b2:63:85:11:91:
5d:ab:9e:fb:6b:d9:35:f3:1d:67:44:03:2d:82:58:
86:27:8d:d9:ee:48:9c:88:a0:7f:b1:64:cf:f5:02:
93:67:9b:11:ff:83:2b:2c:97:4f:3b:ad:5b:0c:83:
c2:61:27:9d:ea:89:a9:81:38:87:a8:16:ba:97:36:
6a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:73:1A:FE:11:30:E1:1F:70:57:6F:49:75:5F:5F:6C:22:86:48:DE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/R3Ma_hEw4R9wV29JdV9fbCKGSN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
94.142.136.0/23
185.40.7.0/24
185.94.164.0/23
185.103.252.0/22
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
10:40:74:9c:39:81:ba:54:1a:69:80:a5:fa:e6:f3:1b:03:4b:
d1:65:80:d4:d2:2e:02:80:8d:3e:22:8e:32:be:b6:e4:fb:67:
4a:f8:03:bb:49:e1:b4:49:42:b4:0b:9b:51:43:9f:f1:dd:6b:
b0:2d:f7:1b:cf:96:ce:d3:c2:5f:70:b5:9a:36:94:f4:86:90:
09:30:8f:53:25:f5:77:e6:fd:99:6c:ab:7e:d7:e5:ac:3d:e0:
54:89:6e:5c:f2:46:b2:bf:b8:b1:ac:4b:d2:25:1f:3e:c6:3d:
dc:9a:bc:8e:6b:c1:a7:cd:6c:99:bf:f5:60:e4:8f:d6:83:05:
c6:e8:31:43:5a:83:c6:ea:44:72:1e:94:f4:f1:81:0f:a1:81:
ff:54:9b:10:3e:2d:f8:77:e2:98:6a:35:7d:14:01:38:48:cd:
1e:21:24:05:50:29:37:03:45:73:bc:b4:1c:e6:b9:f2:72:14:
e2:d0:b9:68:fd:fb:71:8e:79:ad:51:31:1e:46:9b:6f:10:fa:
30:2e:e8:b2:fa:26:04:7b:e5:5d:2c:0e:21:f2:fd:40:5a:53:
55:4b:32:39:cc:d6:ee:51:c9:eb:b1:d2:90:45:eb:1a:c7:a8:
46:db:35:b0:5a:ce:09:fd:dc:b4:b5:b1:32:00:a9:3a:84:2c:
69:ca:3f:73
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYSjn5jcb4PG6r4ovPpw4sE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMTIzMDgzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzczMWFmZTExMzBlMTFmNzA1NzZmNDk3NTVmNWY2YzIyODY0OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWROmMtDP733nbmt3dFD4pK7ofMF
/Fn4kjnHC56ImQpZJmuI+Wi39MuYU+czJiwNMuIJMZyZBppKzd0WItXOvQ/MPbX3
j0fdIJGopL9bkQzbz/MYoXeCOGyapWSRt8UgVWeCwAtRwJEbDCCVVtIS7srJeVpV
PdAoBShf/VU2DeP+q46t+B8JWgArbXGb3yRQUfbJI2d9AidlEMi3P3zWo0m1tftB
lS1Th214H5JGT87E4T1JfBnf3Q+rL1YtsmOFEZFdq577a9k18x1nRAMtgliGJ43Z
7kiciKB/sWTP9QKTZ5sR/4MrLJdPO61bDIPCYSed6ompgTiHqBa6lzZqjQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFEdzGv4RMOEfcFdvSXVfX2wihkjeMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUjNNYV9oRXc0Ujl3VjI5SmRWOWZiQ0tHU040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjBoBAIAATBiAwQALQlI
AwQALhFpAwQAW9lMAwQBXo6IAwQAuSgHAwQBuV6kAwQCuWf8AwQAuXV0AwQAuXV3
AwQAuci+AwQBueiqMAwDBAS56VADBAC56VIDBAG56coDBAC5/JADBAHCJLIwOgQC
AAIwNAMHACoEUgAAaAMHACoEUgEAAgMHACoEUgEABAMHASoEUgEABgMHACoEUgGA
GAMFAyoNLMAwDQYJKoZIhvcNAQELBQADggEBABBAdJw5gbpUGmmApfrm8xsDS9Fl
gNTSLgKAjT4ijjK+tuT7Z0r4A7tJ4bRJQrQLm1FDn/Hda7At9xvPls7Twl9wtZo2
lPSGkAkwj1Ml9Xfm/Zlsq37X5aw94FSJblzyRrK/uLGsS9IlHz7GPdyavI5rwafN
bJm/9WDkj9aDBcboMUNag8bqRHIelPTxgQ+hgf9UmxA+Lfh34phqNX0UAThIzR4h
JAVQKTcDRXO8tBzmufJyFOLQuWj9+3GOea1RMR5Gm28Q+jAu6LL6JgR75V0sDiHy
/UBaU1VLMjnM1u5Ryeux0pBF6xrHqEbbNbBazgn93LS1sTIAqTqELGnKP3M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org