Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/5YgM2NRoR1z-Y-ohcn7JfXLBAy4.roa
File: 5YgM2NRoR1z-Y-ohcn7JfXLBAy4.roa (raw, json)
Hash identifier: srAJywlpE6tegNwHNPDLItZZcEUQKjSpEHQoxS85P3g=
Subject key identifier: E5:88:0C:D8:D4:68:47:5C:FE:63:EA:21:72:7E:C9:7D:72:C1:03:2E
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018E9F1DA6F0E59E753F79AA878FAEB85418
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/5YgM2NRoR1z-Y-ohcn7JfXLBAy4.roa
Signing time: Tue 02 Apr 2024 14:01:44 +0000
ROA not before: Tue 02 Apr 2024 14:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.102.105.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
77.223.214.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
86.105.241.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.32.130.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.6.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.215.76.0/23 maxlen: 24
188.241.59.0/24 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.42.232.0/22 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:1d:a6:f0:e5:9e:75:3f:79:aa:87:8f:ae:b8:54:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Apr 2 14:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5880cd8d468475cfe63ea21727ec97d72c1032e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:de:46:5e:80:b6:6f:ce:b4:3f:29:38:ce:ee:
4f:c7:8a:8d:6c:5a:a8:a7:96:23:2d:7f:7a:a7:54:
1a:b8:ab:56:ef:d4:91:16:46:e2:d5:2d:c4:4f:91:
81:cf:30:af:98:91:86:74:08:bc:56:bc:6f:bb:93:
be:68:92:be:fc:bc:fb:f5:39:27:d8:29:a1:bb:f4:
7b:37:79:70:30:48:51:ca:e8:33:ce:c4:05:85:c4:
6d:8e:22:c2:d8:be:52:f6:cb:40:eb:1c:e2:7b:3e:
79:2c:64:13:e0:3a:25:fa:f5:98:05:e2:a2:18:a6:
48:1e:d5:dd:a1:01:83:fb:f5:b5:69:4a:37:01:3c:
d0:50:63:85:e2:3e:65:b9:b4:3f:9c:06:4b:ef:99:
9d:f8:b9:0c:cc:27:ea:6a:66:ad:6b:50:37:5e:9e:
74:a7:43:e4:6f:c8:73:f1:bf:0b:de:b6:91:e7:14:
5a:f0:46:b8:e2:f8:eb:01:27:a0:1c:98:cf:48:ae:
76:dc:b2:ba:57:2c:65:a9:d4:d0:74:2c:6c:77:85:
3b:37:94:ee:7c:9c:7c:db:7e:50:a4:98:4c:c4:ab:
a3:d0:a0:a5:97:a9:9d:49:a1:ab:b0:f3:84:a9:e3:
46:44:3e:7d:98:d0:29:cf:ea:fe:91:40:2a:77:4a:
46:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:88:0C:D8:D4:68:47:5C:FE:63:EA:21:72:7E:C9:7D:72:C1:03:2E
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/5YgM2NRoR1z-Y-ohcn7JfXLBAy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.105.0/24
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
86.105.241.0/24
86.106.108.0/24
89.32.125.0/24
89.32.130.0/23
89.37.58.0/24
89.40.41.0/24
89.40.164.0/23
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
97:93:35:70:fd:4e:00:73:fe:f8:37:03:9f:19:04:2d:f7:5c:
2f:cf:c8:23:b5:05:73:32:a3:3b:6d:03:cb:62:6e:c2:24:85:
35:18:5e:ba:76:3a:60:fe:c8:a1:83:e9:1d:c4:e5:b6:e3:73:
ea:49:81:85:02:3a:96:59:81:48:c8:12:4d:c6:c1:d2:14:ce:
07:5b:5e:6c:77:68:09:a8:e9:a7:30:7c:d3:69:cb:71:f3:24:
92:f4:da:34:ce:20:64:fe:f0:66:f3:66:73:66:fa:34:d9:01:
c2:fd:f2:5b:05:d3:ef:99:d9:55:b7:f5:97:05:72:d5:28:33:
f9:73:d4:4f:7f:6f:80:1c:e6:41:cb:d0:67:5e:f7:24:7a:c7:
7d:4d:a8:83:9b:3b:1e:a5:02:8d:fa:42:bf:b8:61:10:cc:a0:
95:b5:19:16:67:29:37:c3:6d:aa:b5:20:db:f0:f6:d0:9f:ee:
7a:70:e3:41:84:09:d3:07:55:3d:cd:16:f5:bb:11:d2:10:eb:
8e:e9:17:f1:be:5f:c9:88:4d:96:81:ed:45:28:af:9c:4d:89:
c9:24:55:d0:b3:bc:6a:5f:50:03:0f:46:dc:94:ed:24:5f:f9:
d2:81:9e:3a:b0:61:2f:50:c6:fc:aa:e4:85:2e:62:f1:34:f0:
4c:c8:f2:16
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgISAY6fHabw5Z51P3mqh4+uuFQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNDAyMTQwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg4MGNkOGQ0Njg0NzVjZmU2M2VhMjE3MjdlYzk3ZDcyYzEwMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk95GXoC2b860Pyk4zu5Px4qNbFqo
p5YjLX96p1QauKtW79SRFkbi1S3ET5GBzzCvmJGGdAi8Vrxvu5O+aJK+/Lz79Tkn
2Cmhu/R7N3lwMEhRyugzzsQFhcRtjiLC2L5S9stA6xziez55LGQT4Dol+vWYBeKi
GKZIHtXdoQGD+/W1aUo3ATzQUGOF4j5lubQ/nAZL75md+LkMzCfqamata1A3Xp50
p0Pkb8hz8b8L3raR5xRa8Ea44vjrASegHJjPSK523LK6VyxlqdTQdCxsd4U7N5Tu
fJx8235QpJhMxKuj0KCll6mdSaGrsPOEqeNGRD59mNApz+r+kUAqd0pG9wIDAQAB
o4IDXTCCA1kwHQYDVR0OBBYEFOWIDNjUaEdc/mPqIXJ+yX1ywQMuMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvNVlnTTJOUm9SMXotWS1vaGNuN0pmWExCQXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcQYIKwYBBQUHAQcBAf8EggFgMIIBXDCCAVgEAgABMIIB
UAMEAC5maQMEBC73kAMEAU3f1gMEAU+LUAMEAFZp8QMEAFZqbAMEAFkgfQMEAVkg
ggMEAFklOgMEAFkoKQMEAVkopAMEAFkvKwMEAVnI8AMEAFvGFwMEAFvYigMEAFvj
IQMEAFvl5AMEAVvulAMEAF1yVAMEAl200AMEAV6xBgMEAF6xFwMEAbB+xgMEALzS
/gMEALzWWQMEAbzXTAMEALzxOwMEAMEkLAMEAMEliAMEAMEndwMEAsFdKAMEAMFp
sAMEAcGpCAMEAcHANAMEAcHvrAMEAcHv9gMEAMIIUQMEAcIY6gMEAcIqZAMEAcJY
hgMEAcJqzAMEAcJq1AMEAMKM6wMEAcL2agMEAcMCxAMEAcMNMAMEAcMiUAMEAsMq
6AMEAcNdjAMEAcOAvAMEAcOHwAMEAMO9sAMEAcO9ugMEAcO9+gMEAcPSLAMEAcP+
jDANBgkqhkiG9w0BAQsFAAOCAQEAl5M1cP1OAHP++DcDnxkELfdcL8/II7UFczKj
O20Dy2JuwiSFNRheunY6YP7IoYPpHcTltuNz6kmBhQI6llmBSMgSTcbB0hTOB1te
bHdoCajppzB802nLcfMkkvTaNM4gZP7wZvNmc2b6NNkBwv3yWwXT75nZVbf1lwVy
1Sgz+XPUT39vgBzmQcvQZ173JHrHfU2og5s7HqUCjfpCv7hhEMyglbUZFmcpN8Nt
qrUg2/D20J/uenDjQYQJ0wdVPc0W9bsR0hDrjukX8b5fyYhNloHtRSivnE2JySRV
0LO8al9QAw9G3JTtJF/50oGeOrBhL1DG/KrkhS5i8TTwTMjyFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:05 2024 by rpki-client on console-ams.rpki-client.org