Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jAmgPsG6LpblQewcz7uubGPfRw0.roa
File: jAmgPsG6LpblQewcz7uubGPfRw0.roa (raw, json)
Hash identifier: HwS8Wh/josRNWXGWjCiD107LphEmvgPWV2gaCdR9RvY=
Subject key identifier: 8C:09:A0:3E:C1:BA:2E:96:E5:41:EC:1C:CF:BB:AE:6C:63:DF:47:0D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018D3AF68A2223115BFA7B88B209F5284905
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jAmgPsG6LpblQewcz7uubGPfRw0.roa
Signing time: Wed 24 Jan 2024 10:14:12 +0000
ROA not before: Wed 24 Jan 2024 10:14:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.204.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a07:4a00::/29 maxlen: 29
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0c:77c0::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:2cc0::/29 maxlen: 29
2a0d:3880::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:f6:8a:22:23:11:5b:fa:7b:88:b2:09:f5:28:49:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 24 10:14:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c09a03ec1ba2e96e541ec1ccfbbae6c63df470d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:13:b2:ea:f1:b5:e4:57:fb:50:02:78:96:27:
e0:cb:ff:f3:d9:08:a5:ab:93:a7:dd:6f:4d:65:c4:
b8:da:9a:ca:a6:25:4f:7d:49:d0:3a:96:e1:fc:17:
e6:10:7e:e5:af:c5:d0:b4:54:e7:18:ac:3c:43:96:
07:5a:71:17:d5:84:07:45:7c:c9:09:a4:d7:9a:f7:
15:65:69:33:c2:57:96:ce:ec:e8:23:88:15:df:3f:
d3:f6:fc:f0:de:67:18:73:e4:10:97:6e:cd:67:96:
44:bd:98:52:0a:93:8f:d7:19:25:c3:2c:9a:f5:78:
c3:df:89:4e:fa:04:e8:bc:59:5e:ba:f3:b6:fd:81:
29:fe:f5:19:f9:fd:15:e5:a2:d0:06:d7:8b:35:21:
fe:23:4b:bd:41:60:ca:26:04:fa:c4:a8:6f:2e:2b:
c8:fd:41:71:0b:e0:23:7d:5a:f2:43:f1:65:a6:e4:
ae:c2:aa:d3:4e:ba:eb:21:0e:5f:88:42:ee:2c:6e:
08:34:f8:70:d1:5d:58:b5:7b:5e:02:82:be:d8:e0:
62:99:7d:59:a1:8c:8f:b7:27:3b:98:c3:4c:1c:29:
3c:a4:29:b4:cf:17:3a:3b:3c:89:c0:b7:87:2c:a0:
a8:3f:64:4d:99:56:4a:9e:6e:38:55:f4:8c:68:7b:
b5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:09:A0:3E:C1:BA:2E:96:E5:41:EC:1C:CF:BB:AE:6C:63:DF:47:0D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jAmgPsG6LpblQewcz7uubGPfRw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a07:4a00::/29
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0b:9800::/29
2a0c:74c0::/29
2a0c:77c0::/29
2a0d:2cc0::/29
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
b3:63:90:c2:49:cf:b5:1b:67:eb:18:cd:42:4e:21:d3:ca:74:
6e:1e:0e:ee:f2:13:55:1f:35:1e:a9:c1:11:74:7d:80:d9:5c:
5e:67:a2:b7:c6:d0:be:89:6a:16:0d:75:f8:1f:14:f7:9f:f7:
50:5a:e9:8d:8c:e4:55:d8:c0:1d:24:e5:ba:9d:89:ae:26:ac:
0f:1e:f8:a7:1e:20:a7:e8:f0:3c:59:88:e2:15:c3:98:15:d7:
9e:6d:6b:90:b1:48:dc:5c:ea:04:f4:d5:4c:ab:35:1b:6c:46:
e4:16:4e:84:2e:d4:df:16:5e:a4:13:ab:1e:39:a3:25:96:15:
99:bd:fc:9f:95:a3:8c:96:18:08:a6:d3:c1:83:68:dc:80:b2:
ec:8c:71:22:a3:13:57:26:d5:7c:64:70:11:51:98:c4:ea:ff:
d1:f2:87:4a:f8:3c:40:35:26:a1:a1:45:c4:d7:57:63:c6:c9:
e0:2f:26:23:12:4d:2a:e9:b8:f6:6e:9d:f4:a8:c5:5e:08:a1:
8a:40:ba:31:44:2b:42:6b:ba:d5:3b:65:85:6d:64:43:3e:34:
7f:e8:72:9e:63:32:05:8d:fa:c2:4b:dd:a2:57:be:fb:c7:b2:
46:b4:45:1c:5f:80:b8:08:6b:0e:62:bb:18:4d:39:ac:16:22:
22:cd:54:ab
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAY069ooiIxFb+nuIsgn1KEkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTI0MTAxNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA5YTAzZWMxYmEyZTk2ZTU0MWVjMWNjZmJiYWU2YzYzZGY0NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmROy6vG15Ff7UAJ4lifgy//z2Qil
q5On3W9NZcS42prKpiVPfUnQOpbh/BfmEH7lr8XQtFTnGKw8Q5YHWnEX1YQHRXzJ
CaTXmvcVZWkzwleWzuzoI4gV3z/T9vzw3mcYc+QQl27NZ5ZEvZhSCpOP1xklwyya
9XjD34lO+gTovFleuvO2/YEp/vUZ+f0V5aLQBteLNSH+I0u9QWDKJgT6xKhvLivI
/UFxC+AjfVryQ/FlpuSuwqrTTrrrIQ5fiELuLG4INPhw0V1YtXteAoK+2OBimX1Z
oYyPtyc7mMNMHCk8pCm0zxc6OzyJwLeHLKCoP2RNmVZKnm44VfSMaHu1hQIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFIwJoD7Bui6W5UHsHM+7rmxj30cNMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvakFtZ1BzRzZMcGJsUWV3Y3o3dXViR1BmUncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DByBAIAATBsAwQBLVlC
AwQCLYCwAwQALYT8AwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0
AwQCuXWYAwQCuX3YAwQCuX3kAwQAuci8AwQAwW1VAwQEwXywAwQAwajgAwQFwkPA
AwQAwy/6MHYEAgACMHADBQMqB0oAAwcAKgqTAAAAAwcAKgqTAAACMBIDBwQqCpMA
ANADBwAqCpMAANIwEAMFACoKkwEDBwAqCpMBAAIDBQAqCpMCAwUDKgt3gAMFAyoL
mAADBQMqDHTAAwUDKgx3wAMFAyoNLMADBQMqDTiAMA0GCSqGSIb3DQEBCwUAA4IB
AQCzY5DCSc+1G2frGM1CTiHTynRuHg7u8hNVHzUeqcERdH2A2VxeZ6K3xtC+iWoW
DXX4HxT3n/dQWumNjORV2MAdJOW6nYmuJqwPHvinHiCn6PA8WYjiFcOYFdeebWuQ
sUjcXOoE9NVMqzUbbEbkFk6ELtTfFl6kE6seOaMllhWZvfyflaOMlhgIptPBg2jc
gLLsjHEioxNXJtV8ZHARUZjE6v/R8odK+DxANSahoUXE11djxsngLyYjEk0q6bj2
bp30qMVeCKGKQLoxRCtCa7rVO2WFbWRDPjR/6HKeYzIFjfrCS92iV777x7JGtEUc
X4C4CGsOYrsYTTmsFiIizVSr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org