Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/dbwcps3tC8b9S46Aa_Iv2uA9XBI.roa
File: dbwcps3tC8b9S46Aa_Iv2uA9XBI.roa (raw, json)
Hash identifier: YcA5j/aRBQ25Se8xgIm2tQk8fVVAHYBYesdGlc0YoIw=
Subject key identifier: 75:BC:1C:A6:CD:ED:0B:C6:FD:4B:8E:80:6B:F2:2F:DA:E0:3D:5C:12
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0189300FD3378AF2AFF91964031A57B8AFDC
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/dbwcps3tC8b9S46Aa_Iv2uA9XBI.roa
Signing time: Fri 07 Jul 2023 11:14:50 +0000
ROA not before: Fri 07 Jul 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.250.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.218.0/23 maxlen: 23
185.125.216.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.205.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/21 maxlen: 21
193.124.176.0/20 maxlen: 20
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.200.0/23 maxlen: 23
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0c:77c0::/29 maxlen: 29
2a0a:9300:d0::/48 maxlen: 48
2a0d:3880::/29 maxlen: 29
2a0a:9302:1::/48 maxlen: 48
2a0f:4680::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:0f:d3:37:8a:f2:af:f9:19:64:03:1a:57:b8:af:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 7 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75bc1ca6cded0bc6fd4b8e806bf22fdae03d5c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fe:83:7b:e3:f2:75:e2:f8:63:17:f5:37:dd:
ff:c1:9f:5e:07:92:a2:b6:9c:8a:c3:bb:10:ca:43:
9f:dc:f6:08:10:a2:2a:3a:32:6c:cc:ad:eb:11:e4:
7d:9a:2e:4b:89:5f:69:81:ff:75:2b:20:b8:5e:27:
82:35:e3:34:40:6b:0b:6a:f4:08:9d:18:27:10:af:
dd:2a:b8:1a:ec:4a:74:31:8f:f1:f0:0c:45:45:33:
36:5f:68:cb:0a:0f:bd:cb:a1:d8:8b:73:2e:0a:6f:
f0:9c:f3:f8:d5:5a:8a:f8:04:82:41:ef:c6:03:e5:
8d:8f:5b:de:da:77:58:55:40:71:66:e1:ae:c8:3c:
4a:f2:f3:b9:2a:30:f2:5b:17:00:20:e5:ec:cc:2c:
01:73:cf:55:10:a1:4b:67:a0:6a:29:63:ee:84:29:
41:d0:4b:d8:d3:3d:67:d6:1e:5e:ce:6d:8e:8c:56:
26:6a:05:7c:c9:95:de:e6:3a:f7:73:b0:be:7d:3b:
b7:c7:00:06:97:5e:57:16:1d:3d:f6:30:1e:bc:26:
d1:4f:37:0c:51:84:d8:00:31:a1:cc:a2:19:e1:2c:
5b:16:b4:8b:28:93:83:e8:4d:48:a9:1b:91:6c:03:
fe:96:f0:fc:60:ca:9c:85:47:26:fb:4e:16:d2:18:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BC:1C:A6:CD:ED:0B:C6:FD:4B:8E:80:6B:F2:2F:DA:E0:3D:5C:12
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/dbwcps3tC8b9S46Aa_Iv2uA9XBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.109.85.0/24
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0c:77c0::/29
2a0d:3880::/29
2a0f:4680::/29
Signature Algorithm: sha256WithRSAEncryption
12:72:da:e5:88:bb:ca:67:10:8e:8f:91:04:87:9a:11:87:a1:
6c:47:9d:a4:37:e1:96:a5:ee:35:e7:0d:29:f4:67:f2:80:2c:
f9:eb:5d:82:7f:cd:7e:15:80:0d:41:40:36:8c:28:01:75:05:
2a:c5:dd:72:18:d1:7c:a2:45:b8:39:9b:60:77:ab:24:45:04:
b6:74:6c:e0:59:9f:7e:f2:01:f3:dd:a1:af:61:10:b2:c8:80:
7c:23:77:80:46:f9:86:85:14:d9:b9:6c:d9:5d:ee:c8:3b:fa:
f5:1f:d9:4d:b1:39:89:6a:48:57:b1:78:34:b5:42:31:04:06:
90:a6:b0:24:5e:96:02:ab:fb:c4:60:11:50:92:0d:73:4f:68:
de:12:b8:cc:80:97:b9:0e:c5:cf:d5:7d:25:69:5c:f6:d7:ee:
2e:52:ad:65:da:13:7b:00:88:64:f0:80:3d:15:32:25:63:28:
a3:dc:8e:72:ee:4d:39:1e:c7:38:98:a2:5c:27:92:ab:cc:17:
48:ea:e5:53:f7:f8:f5:47:75:28:57:a8:e9:86:75:ae:e0:38:
df:23:32:fc:c9:97:94:92:6f:2b:a3:83:b6:fa:15:67:23:41:
9e:74:09:67:24:e5:82:43:c1:8f:59:bc:fe:86:77:6f:49:3a:
9f:69:20:4d
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYkwD9M3ivKv+RlkAxpXuK/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNzA3MTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJjMWNhNmNkZWQwYmM2ZmQ0YjhlODA2YmYyMmZkYWUwM2Q1YzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP6De+PydeL4Yxf1N93/wZ9eB5Ki
tpyKw7sQykOf3PYIEKIqOjJszK3rEeR9mi5LiV9pgf91KyC4XieCNeM0QGsLavQI
nRgnEK/dKrga7Ep0MY/x8AxFRTM2X2jLCg+9y6HYi3MuCm/wnPP41VqK+ASCQe/G
A+WNj1ve2ndYVUBxZuGuyDxK8vO5KjDyWxcAIOXszCwBc89VEKFLZ6BqKWPuhClB
0EvY0z1n1h5ezm2OjFYmagV8yZXe5jr3c7C+fTu3xwAGl15XFh099jAevCbRTzcM
UYTYADGhzKIZ4SxbFrSLKJOD6E1IqRuRbAP+lvD8YMqchUcm+04W0hihQQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFHW8HKbN7QvG/UuOgGvyL9rgPVwSMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvZGJ3Y3BzM3RDOGI5UzQ2QWFfSXYydUE5WEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjBgBAIAATBaAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0AwQCuXWY
AwQCuX3YAwQCuX3kAwQAwW1VAwQEwXywAwQFwkPAAwQAwy/6MFoEAgACMFQDBwAq
CpMAAAADBwAqCpMAAAIwEgMHBCoKkwAA0AMHACoKkwAA0jAQAwUAKgqTAQMHACoK
kwEAAgMFACoKkwIDBQMqDHfAAwUDKg04gAMFAyoPRoAwDQYJKoZIhvcNAQELBQAD
ggEBABJy2uWIu8pnEI6PkQSHmhGHoWxHnaQ34Zal7jXnDSn0Z/KALPnrXYJ/zX4V
gA1BQDaMKAF1BSrF3XIY0XyiRbg5m2B3qyRFBLZ0bOBZn37yAfPdoa9hELLIgHwj
d4BG+YaFFNm5bNld7sg7+vUf2U2xOYlqSFexeDS1QjEEBpCmsCRelgKr+8RgEVCS
DXNPaN4SuMyAl7kOxc/VfSVpXPbX7i5SrWXaE3sAiGTwgD0VMiVjKKPcjnLuTTke
xziYolwnkqvMF0jq5VP3+PVHdShXqOmGda7gON8jMvzJl5SSbyujg7b6FWcjQZ50
CWck5YJDwY9ZvP6Gd29JOp9pIE0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org