Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/w7tlhaov24r-dwszBqHqF6iJlmw.roa
File: w7tlhaov24r-dwszBqHqF6iJlmw.roa (raw, json)
Hash identifier: dCUP/j/8nq6EadsZd/WuSxXVvUGMRXFDE0s8kG1Wf9U=
Subject key identifier: C3:BB:65:85:AA:2F:DB:8A:FE:77:0B:33:06:A1:EA:17:A8:89:96:6C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018B5B6C737B480A1AF657DC0E9FA6A947AF
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/w7tlhaov24r-dwszBqHqF6iJlmw.roa
Signing time: Mon 23 Oct 2023 07:25:15 +0000
ROA not before: Mon 23 Oct 2023 07:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200740
IP address blocks: 94.142.136.0/23 maxlen: 23
94.142.137.0/24 maxlen: 24
94.142.136.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
185.114.72.0/23 maxlen: 23
185.114.73.0/24 maxlen: 24
185.114.72.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5b:6c:73:7b:48:0a:1a:f6:57:dc:0e:9f:a6:a9:47:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 23 07:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3bb6585aa2fdb8afe770b3306a1ea17a889966c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:3a:cd:73:93:cf:87:d4:2d:d0:7d:be:d3:
ec:a9:a1:3f:9e:ba:4d:70:37:e9:c5:c7:5a:4c:4c:
84:76:78:fc:f5:ed:88:e1:cd:39:48:97:79:98:61:
41:f9:49:9d:bd:83:30:16:d0:5b:c5:12:68:7b:5e:
27:34:5f:be:57:c7:a0:0b:1c:7c:6a:74:30:0d:97:
08:07:7e:25:c6:e3:fa:b0:64:61:a0:28:2d:25:37:
c7:f4:66:a7:b6:87:44:5a:55:19:e8:5b:66:d6:e2:
cf:bb:30:1f:a1:29:d7:b8:d2:a4:70:4d:1d:4f:54:
33:ca:33:ef:54:8e:32:97:0e:10:a7:22:35:f4:72:
36:08:db:c8:ce:27:ac:8e:61:5e:e3:7d:66:88:8b:
7e:4f:0f:ae:5a:3c:ce:e5:cb:d0:c1:f6:b3:d9:e4:
6f:2a:46:1d:e0:23:39:d5:ce:c9:30:f4:2c:f1:ca:
9a:05:09:5c:29:ba:b7:86:0d:4c:10:73:b7:9c:ab:
02:0b:09:97:38:a8:84:01:15:20:d9:c0:06:f6:2e:
73:99:ec:7f:83:3d:55:e8:ba:64:a4:8a:54:b4:f2:
19:ef:c2:b2:2c:11:78:e9:d1:55:16:04:cc:1d:b5:
d8:cb:38:f6:33:90:17:41:e8:8d:b4:7c:c4:ec:aa:
8c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BB:65:85:AA:2F:DB:8A:FE:77:0B:33:06:A1:EA:17:A8:89:96:6C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/w7tlhaov24r-dwszBqHqF6iJlmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
21:6e:2e:86:7a:d3:da:2d:94:e8:b2:08:8d:99:a1:10:7a:5a:
4a:46:68:41:c8:8d:33:ae:1f:c3:bb:3d:a5:d6:01:ec:de:65:
c4:7f:66:9a:20:d9:40:3a:14:b6:01:90:c3:40:5a:66:fa:d5:
40:0e:40:37:42:f3:31:2d:e3:5f:75:bb:ee:61:e6:b3:05:b0:
3e:90:ac:a3:fd:28:71:a2:4d:4d:af:f9:89:89:f1:a7:b0:0f:
0c:f3:ae:48:6e:d6:c4:74:36:86:7b:f0:4f:a5:3d:d9:92:9e:
12:42:7b:67:a9:8f:af:9c:3e:a1:8f:33:69:8c:81:a7:73:7c:
34:9d:41:69:62:2e:49:8c:66:45:20:6d:83:99:ec:66:49:13:
a9:71:bc:8e:20:1f:5b:2f:26:1e:d9:76:ac:b8:f0:a5:d3:0e:
cd:0e:b6:1c:8d:5d:5f:37:2e:52:f3:41:cc:ec:63:ea:4c:fa:
c8:98:ca:25:b5:b6:b4:19:05:ca:1d:0a:54:6d:49:57:f1:7a:
e4:b0:ff:a4:f8:d6:55:f9:95:95:85:f9:e4:fc:f6:41:08:40:
eb:82:08:09:3d:13:d7:b8:12:80:61:aa:f6:16:76:8b:12:7d:
b6:8a:75:0f:83:eb:c8:5c:e2:30:81:fb:88:3e:9d:34:4b:c2:
f8:f4:62:bc
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYtbbHN7SAoa9lfcDp+mqUevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMDIzMDcyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JiNjU4NWFhMmZkYjhhZmU3NzBiMzMwNmExZWExN2E4ODk5NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDo6zXOTz4fULdB9vtPsqaE/nrpN
cDfpxcdaTEyEdnj89e2I4c05SJd5mGFB+UmdvYMwFtBbxRJoe14nNF++V8egCxx8
anQwDZcIB34lxuP6sGRhoCgtJTfH9GantodEWlUZ6Ftm1uLPuzAfoSnXuNKkcE0d
T1QzyjPvVI4ylw4QpyI19HI2CNvIziesjmFe431miIt+Tw+uWjzO5cvQwfaz2eRv
KkYd4CM51c7JMPQs8cqaBQlcKbq3hg1MEHO3nKsCCwmXOKiEARUg2cAG9i5zmex/
gz1V6LpkpIpUtPIZ78KyLBF46dFVFgTMHbXYyzj2M5AXQeiNtHzE7KqMVwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFMO7ZYWqL9uK/ncLMwah6heoiZZsMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdzd0bGhhb3YyNHItZHdzekJxSHFGNmlKbG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBjwQCAAEwgYgDBAAt
CUgDBAAuEWkDBAJQTCADBABb2UwDBAFejogwDAMEAF/WCQMEAl/WCAMEALkoBwME
AblepAMEALlmiAMEArln/AMEALlwUQMEAblySAMEALl1dAMEALl1dwMEALnIvgME
AbnoqjAMAwQEuelQAwQAuelSAwQBuenKAwQAufyQAwQBwiSyMEMEAgACMD0DBwAq
BFIAAGgDBwAqBFIBAAIDBwAqBFIBAAQDBwEqBFIBAAYDBwAqBFIBAAkDBwAqBFIB
gBgDBQMqDSzAMA0GCSqGSIb3DQEBCwUAA4IBAQAhbi6GetPaLZTosgiNmaEQelpK
RmhByI0zrh/Duz2l1gHs3mXEf2aaINlAOhS2AZDDQFpm+tVADkA3QvMxLeNfdbvu
YeazBbA+kKyj/Shxok1Nr/mJifGnsA8M865IbtbEdDaGe/BPpT3Zkp4SQntnqY+v
nD6hjzNpjIGnc3w0nUFpYi5JjGZFIG2DmexmSROpcbyOIB9bLyYe2XasuPCl0w7N
DrYcjV1fNy5S80HM7GPqTPrImMoltba0GQXKHQpUbUlX8XrksP+k+NZV+ZWVhfnk
/PZBCEDrgggJPRPXuBKAYar2FnaLEn22inUPg+vIXOIwgfuIPp00S8L49GK8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org