Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/w4uIzBjXo3vwwyO5Hf3kHQKdPkg.roa
File: w4uIzBjXo3vwwyO5Hf3kHQKdPkg.roa (raw, json)
Hash identifier: TZEnU6h0A0vGF2f1K3UEBBJJiaJcOKA5skOcwEBiGaA=
Subject key identifier: C3:8B:88:CC:18:D7:A3:7B:F0:C3:23:B9:1D:FD:E4:1D:02:9D:3E:48
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018D3184A011BFE8D241CC553CC0ADEB1738
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/w4uIzBjXo3vwwyO5Hf3kHQKdPkg.roa
Signing time: Mon 22 Jan 2024 14:13:11 +0000
ROA not before: Mon 22 Jan 2024 14:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
94.142.136.0/23 maxlen: 23
94.142.136.0/24 maxlen: 24
94.142.137.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.103.254.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.233.202.0/23 maxlen: 23
185.252.144.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc2::/31 maxlen: 31
2a0d:2cc4::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:84:a0:11:bf:e8:d2:41:cc:55:3c:c0:ad:eb:17:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 22 14:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c38b88cc18d7a37bf0c323b91dfde41d029d3e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:14:3a:fc:86:cd:35:b5:a5:22:78:29:34:d4:
03:06:70:14:1c:d0:c0:d7:88:5d:50:1f:56:a9:a9:
f6:e1:7e:1b:76:0e:b4:47:30:a8:08:76:7a:1a:1b:
8a:d2:a7:cf:40:ca:4a:5d:bb:8c:b1:78:59:8c:a5:
a7:15:37:b7:86:7a:ab:3e:02:8b:95:8f:82:6f:61:
ce:3f:87:ab:af:82:36:d0:cf:74:49:8e:b8:01:a4:
7e:f0:b4:97:4d:33:6f:95:dd:f1:b3:c7:2b:d0:77:
fb:0f:a9:cc:ca:c4:ee:6c:1c:dd:06:d5:d1:16:67:
d2:87:a4:76:ad:f1:87:96:1e:70:6b:73:b6:7c:bd:
c2:ed:e6:72:69:a3:4c:b8:37:23:e2:18:0a:d8:c6:
85:26:ef:d0:4a:41:9c:9a:26:ac:a1:cd:e9:72:97:
d3:ce:fb:d4:54:a1:8f:7e:e5:7c:a6:d4:63:54:3b:
5b:9d:4c:8f:8d:05:34:8d:33:14:b6:55:eb:9e:37:
a8:87:f9:70:db:87:30:72:b3:b2:28:6c:d6:da:57:
49:fb:6b:fc:70:20:d9:03:86:34:d3:ed:65:f6:aa:
bb:58:81:4a:df:d1:b0:c0:7e:96:b4:b2:9a:e8:d7:
65:81:6c:79:bd:fa:d6:2b:bd:8a:21:b7:5f:16:f5:
e0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8B:88:CC:18:D7:A3:7B:F0:C3:23:B9:1D:FD:E4:1D:02:9D:3E:48
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/w4uIzBjXo3vwwyO5Hf3kHQKdPkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
01:bb:ff:73:2c:16:64:93:e2:ff:d0:35:9e:68:7e:df:6d:8e:
3a:bf:cf:ff:e1:7f:54:f3:db:2f:66:fd:52:1a:d2:76:8f:62:
ad:7e:6a:6d:f4:e8:92:cb:ed:cb:5c:48:02:8c:ff:57:a4:87:
3a:ed:fc:c4:b0:2b:38:2e:f5:7f:4d:11:9a:60:95:bc:9e:9a:
9c:8b:8c:0e:d8:76:6a:98:ea:b2:b3:4b:53:00:7b:93:32:ed:
9d:d9:23:b9:39:e7:9e:bb:cf:94:88:d6:16:ec:b7:68:f0:1d:
f7:b5:17:23:ad:fe:69:f0:40:2c:4c:7b:d7:7b:8b:ef:f7:3f:
07:cf:1e:98:54:d6:d6:17:dc:f9:55:72:ec:04:e9:08:3e:87:
44:79:17:27:0c:e8:71:68:a7:b1:18:e1:f2:74:de:01:90:db:
98:b4:ea:d8:50:ad:ab:45:df:7f:82:14:44:4d:03:94:f3:d7:
b3:28:c1:e7:d4:55:ae:fe:7b:7c:f0:ba:45:eb:3e:cf:4b:7c:
53:d8:6c:9b:c5:9e:03:11:1d:c1:71:cb:86:9c:f5:6a:35:a5:
99:18:3c:d8:06:22:fc:d5:d5:9e:55:25:95:61:82:cf:69:9b:
df:63:9b:0d:46:62:00:14:2d:4f:80:3f:0e:86:80:cd:4d:a4:
61:2e:c2:ea
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgISAY0xhKARv+jSQcxVPMCt6xc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTIyMTQxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhiODhjYzE4ZDdhMzdiZjBjMzIzYjkxZGZkZTQxZDAyOWQzZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRQ6/IbNNbWlIngpNNQDBnAUHNDA
14hdUB9Wqan24X4bdg60RzCoCHZ6GhuK0qfPQMpKXbuMsXhZjKWnFTe3hnqrPgKL
lY+Cb2HOP4err4I20M90SY64AaR+8LSXTTNvld3xs8cr0Hf7D6nMysTubBzdBtXR
FmfSh6R2rfGHlh5wa3O2fL3C7eZyaaNMuDcj4hgK2MaFJu/QSkGcmiasoc3pcpfT
zvvUVKGPfuV8ptRjVDtbnUyPjQU0jTMUtlXrnjeoh/lw24cwcrOyKGzW2ldJ+2v8
cCDZA4Y00+1l9qq7WIFK39GwwH6WtLKa6NdlgWx5vfrWK72KIbdfFvXgWQIDAQAB
o4IC2zCCAtcwHQYDVR0OBBYEFMOLiMwY16N78MMjuR395B0CnT5IMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdzR1SXpCalhvM3Z3d3lPNUhmM2tIUUtkUGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHwBggrBgEFBQcBBwEB/wSB4DCB3TCBlQQCAAEwgY4DBAAt
CUgDBAAtikkDBAAuEWkDBAJQTCADBABb2UwDBAFejogwDAMEAF/WCQMEAl/WCAME
ALkoBwMEAblepAMEALlmiAMEArln/AMEALlwUQMEAblySAMEALl1dAMEALl1dwME
ALnIvgMEAbnoqjAMAwQEuelQAwQAuelSAwQBuenKAwQAufyQAwQBwiSyMEMEAgAC
MD0DBwAqBFIAAGgDBwAqBFIBAAIDBwAqBFIBAAQDBwEqBFIBAAYDBwAqBFIBAAkD
BwAqBFIBgBgDBQMqDSzAMA0GCSqGSIb3DQEBCwUAA4IBAQABu/9zLBZkk+L/0DWe
aH7fbY46v8//4X9U89svZv1SGtJ2j2Ktfmpt9OiSy+3LXEgCjP9XpIc67fzEsCs4
LvV/TRGaYJW8npqci4wO2HZqmOqys0tTAHuTMu2d2SO5Oeeeu8+UiNYW7Ldo8B33
tRcjrf5p8EAsTHvXe4vv9z8Hzx6YVNbWF9z5VXLsBOkIPodEeRcnDOhxaKexGOHy
dN4BkNuYtOrYUK2rRd9/ghRETQOU89ezKMHn1FWu/nt88LpF6z7PS3xT2GybxZ4D
ER3BccuGnPVqNaWZGDzYBiL81dWeVSWVYYLPaZvfY5sNRmIAFC1PgD8OhoDNTaRh
LsLq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org