Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/amuIVGwoemnk8cqBW_4_v3BQsEE.roa
File: amuIVGwoemnk8cqBW_4_v3BQsEE.roa (raw, json)
Hash identifier: FD1H9/YMxhUC2eYCaPUA4N0nHfMpvIhKB5jlH/mnXCI=
Subject key identifier: 6A:6B:88:54:6C:28:7A:69:E4:F1:CA:81:5B:FE:3F:BF:70:50:B0:41
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA3D84693371135557ED6C009917F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/amuIVGwoemnk8cqBW_4_v3BQsEE.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 94.142.136.0/23 maxlen: 23
94.142.137.0/24 maxlen: 24
94.142.136.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
185.114.72.0/23 maxlen: 23
185.114.73.0/24 maxlen: 24
185.114.72.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a3:d8:46:93:37:11:35:55:7e:d6:c0:09:91:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a6b88546c287a69e4f1ca815bfe3fbf7050b041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:39:13:6b:5b:37:51:11:4e:fc:bf:db:64:be:
46:99:d1:a8:90:d2:f4:92:fe:09:db:f0:fa:64:d4:
7a:5f:86:f7:df:f2:23:0e:23:98:95:ef:6f:b4:ba:
bd:49:fe:64:d3:3c:1f:3e:b6:de:55:0d:b8:90:fd:
53:10:7e:2e:24:41:03:4b:d6:35:71:fa:52:bc:42:
52:6c:c8:17:96:4d:ec:05:61:48:71:6a:13:b7:d3:
26:48:1a:43:fd:44:4d:17:c1:e4:1f:ae:64:b6:14:
dc:61:5c:db:6d:03:c1:40:f9:53:25:a0:31:ca:22:
7b:e2:d5:11:13:67:e3:fa:5a:47:33:aa:87:a1:ed:
e5:00:3c:1b:24:9e:c1:5d:4e:35:2b:0d:33:75:54:
02:08:2e:6c:a5:27:a0:d7:f6:b0:d9:9b:fc:1a:c1:
06:dd:96:ed:0f:a6:fb:c1:2b:94:9b:a6:d7:a7:1f:
d0:91:e9:00:d2:8c:9b:03:b8:06:9b:13:d6:45:9f:
00:7e:d1:ac:a2:dc:00:85:56:f1:a6:6f:5a:8b:bf:
91:8a:86:a4:ef:55:79:0a:86:0a:5d:1f:39:92:2d:
b5:fd:99:2f:ca:39:72:48:59:89:72:31:73:c4:61:
1d:34:76:7c:32:e5:7d:87:c9:97:3d:3e:13:46:da:
94:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:6B:88:54:6C:28:7A:69:E4:F1:CA:81:5B:FE:3F:BF:70:50:B0:41
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/amuIVGwoemnk8cqBW_4_v3BQsEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
22:cb:73:cc:9e:2e:36:8a:b5:10:3a:ae:91:1e:95:19:58:a0:
7c:10:58:02:69:a5:7b:6d:bc:55:57:d6:61:9e:38:c1:9c:b8:
a9:9b:74:c4:18:14:10:bd:bb:03:49:67:6d:81:11:ee:56:79:
e0:d0:07:c5:81:d4:3d:4a:14:d1:f6:f7:50:67:fe:3d:91:26:
b5:9d:0d:1a:9d:8f:a9:61:ed:01:26:8a:e4:df:f4:04:78:13:
c6:22:69:17:f2:c2:d0:4b:4d:6d:07:35:8b:6d:47:63:ab:22:
ad:93:52:c8:d2:1b:12:dd:57:c7:fd:b2:3b:84:55:5e:51:f2:
e4:d8:53:45:db:d6:d2:d6:4b:02:55:6e:ac:0d:35:00:52:43:
29:61:b1:1c:a6:24:b2:83:c4:6c:51:d4:4e:68:dc:05:46:4f:
92:2c:d8:59:3b:ea:dc:e4:23:24:9e:73:a4:fd:d0:75:7f:98:
3e:44:b2:3f:6f:1f:93:1f:91:7b:ae:94:43:44:66:d1:be:ae:
d9:70:79:85:72:35:e5:cb:2c:0b:a1:ab:eb:54:9b:f7:7e:46:
b7:be:2a:8e:eb:3b:eb:b3:9d:a5:0c:ce:56:2f:5a:44:79:f3:
79:cc:f9:91:78:0f:2b:79:3b:8b:a1:bc:da:2d:4b:b9:8a:f8:
5d:6b:1b:87
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYzI36PYRpM3ETVVftbACZF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZiODg1NDZjMjg3YTY5ZTRmMWNhODE1YmZlM2ZiZjcwNTBiMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzkTa1s3URFO/L/bZL5GmdGokNL0
kv4J2/D6ZNR6X4b33/IjDiOYle9vtLq9Sf5k0zwfPrbeVQ24kP1TEH4uJEEDS9Y1
cfpSvEJSbMgXlk3sBWFIcWoTt9MmSBpD/URNF8HkH65kthTcYVzbbQPBQPlTJaAx
yiJ74tURE2fj+lpHM6qHoe3lADwbJJ7BXU41Kw0zdVQCCC5spSeg1/aw2Zv8GsEG
3ZbtD6b7wSuUm6bXpx/QkekA0oybA7gGmxPWRZ8AftGsotwAhVbxpm9ai7+Rioak
71V5CoYKXR85ki21/ZkvyjlySFmJcjFzxGEdNHZ8MuV9h8mXPT4TRtqU8QIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFGpriFRsKHpp5PHKgVv+P79wULBBMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYW11SVZHd29lbW5rOGNxQldfNF92M0JRc0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBjwQCAAEwgYgDBAAt
CUgDBAAuEWkDBAJQTCADBABb2UwDBAFejogwDAMEAF/WCQMEAl/WCAMEALkoBwME
AblepAMEALlmiAMEArln/AMEALlwUQMEAblySAMEALl1dAMEALl1dwMEALnIvgME
AbnoqjAMAwQEuelQAwQAuelSAwQBuenKAwQAufyQAwQBwiSyMEMEAgACMD0DBwAq
BFIAAGgDBwAqBFIBAAIDBwAqBFIBAAQDBwEqBFIBAAYDBwAqBFIBAAkDBwAqBFIB
gBgDBQMqDSzAMA0GCSqGSIb3DQEBCwUAA4IBAQAiy3PMni42irUQOq6RHpUZWKB8
EFgCaaV7bbxVV9ZhnjjBnLipm3TEGBQQvbsDSWdtgRHuVnng0AfFgdQ9ShTR9vdQ
Z/49kSa1nQ0anY+pYe0BJork3/QEeBPGImkX8sLQS01tBzWLbUdjqyKtk1LI0hsS
3VfH/bI7hFVeUfLk2FNF29bS1ksCVW6sDTUAUkMpYbEcpiSyg8RsUdROaNwFRk+S
LNhZO+rc5CMknnOk/dB1f5g+RLI/bx+TH5F7rpRDRGbRvq7ZcHmFcjXlyywLoavr
VJv3fka3viqO6zvrs52lDM5WL1pEefN5zPmReA8reTuLobzaLUu5ivhdaxuH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org