Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ABccRu_uXnampupDhPyX1NSrjPA.roa
File: ABccRu_uXnampupDhPyX1NSrjPA.roa (raw, json)
Hash identifier: 8Wt7tLytafxEpPmq47wA7lDA0A9hkhSP5Ln/onpW9gE=
Subject key identifier: 00:17:1C:46:EF:EE:5E:76:A6:A6:EA:43:84:FC:97:D4:D4:AB:8C:F0
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 019010916DF6FDA0522962EF48FC6CAE74C3
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ABccRu_uXnampupDhPyX1NSrjPA.roa
Signing time: Thu 13 Jun 2024 07:48:04 +0000
ROA not before: Thu 13 Jun 2024 07:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.247.144.0/20 maxlen: 24
89.40.41.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.180.208.0/22 maxlen: 24
193.37.136.0/24 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:91:6d:f6:fd:a0:52:29:62:ef:48:fc:6c:ae:74:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jun 13 07:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00171c46efee5e76a6a6ea4384fc97d4d4ab8cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d9:a7:61:4a:6d:ad:07:bc:f0:9d:4d:30:46:
c0:fc:4b:09:07:41:51:51:fa:93:ef:93:d8:7e:22:
8d:68:16:6d:39:ea:60:64:3c:a3:94:77:ec:01:e2:
2a:f3:be:93:e8:14:7d:7e:ef:3c:3d:1b:1e:cc:b5:
73:91:19:54:13:00:ea:2c:98:d2:d2:d4:c5:d4:4a:
f5:6f:c6:6e:85:d1:df:ef:45:49:a1:49:af:6b:6c:
f5:b5:13:08:d2:6c:cb:be:4a:b8:65:d6:8c:aa:ae:
c7:98:43:39:f7:4c:69:df:de:2d:8f:9e:68:82:e9:
5a:c8:b9:8c:e5:c6:80:2d:d6:9c:78:a0:74:74:23:
ac:cf:b8:ed:de:0a:fc:f7:87:84:8d:e6:6f:6d:b6:
c0:b8:31:b8:6b:f6:7e:af:19:15:8a:a6:58:d2:be:
01:2d:67:70:cf:8f:5a:c9:5f:9a:26:59:f3:35:d9:
4c:90:f0:e2:3a:a6:f7:9b:b2:00:37:28:93:77:84:
71:2f:3c:93:35:96:b9:5c:61:c5:a3:5a:6d:8f:bd:
ee:c4:96:09:26:f9:dd:62:7e:5e:06:43:57:dc:5a:
34:9f:4d:5b:d4:90:70:65:de:73:1a:db:05:e5:4d:
57:7a:68:a4:67:88:e5:1d:4e:f1:4d:da:27:05:f8:
00:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:17:1C:46:EF:EE:5E:76:A6:A6:EA:43:84:FC:97:D4:D4:AB:8C:F0
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ABccRu_uXnampupDhPyX1NSrjPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.144.0/20
89.40.41.0/24
89.200.240.0/23
91.229.228.0/24
91.238.148.0/23
93.180.208.0/22
193.37.136.0/24
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.212.0/23
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
99:12:42:20:9d:ab:50:66:30:8c:a7:2d:b8:9b:c1:23:e5:a4:
8b:40:dc:07:7e:b3:d8:e1:dc:92:ad:f2:18:10:64:1c:4a:13:
c1:f6:39:a4:63:bd:74:c4:50:83:16:26:97:c8:c9:9f:37:00:
1b:a2:6b:e5:95:c1:6a:de:cd:e8:71:4e:7c:f5:cf:55:bd:0b:
f9:1d:aa:37:4e:11:67:aa:fa:1c:0f:8b:23:00:04:62:c6:5a:
b0:09:ad:36:58:b7:b3:68:87:9b:55:a0:3f:3f:4b:7c:34:f8:
47:34:ea:80:46:93:c8:ab:d1:cd:bb:ab:37:42:b4:89:a0:b5:
74:7f:f5:4e:4d:ac:b9:5a:6e:67:94:54:7a:96:a9:37:c4:b6:
28:1a:d2:36:71:d0:62:8f:9f:90:07:e2:89:97:7e:9e:08:60:
3a:a9:71:1d:87:bb:63:e7:a7:03:d5:01:67:ea:de:1c:89:79:
70:48:48:f2:56:e4:0e:02:23:f3:05:dc:71:5a:2e:11:c8:bf:
5e:87:df:cb:2d:ec:d7:2a:37:a2:69:5b:10:d3:a6:b4:39:20:
b2:76:aa:9a:d9:d2:ec:db:32:eb:93:1e:21:02:fa:d2:b9:21:
0f:16:f5:30:73:21:53:cd:f9:72:63:e3:f3:0c:f3:f9:01:42:
85:32:43:96
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZAQkW32/aBSKWLvSPxsrnTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNjEzMDc0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDE3MWM0NmVmZWU1ZTc2YTZhNmVhNDM4NGZjOTdkNGQ0YWI4Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytmnYUptrQe88J1NMEbA/EsJB0FR
UfqT75PYfiKNaBZtOepgZDyjlHfsAeIq876T6BR9fu88PRsezLVzkRlUEwDqLJjS
0tTF1Er1b8ZuhdHf70VJoUmva2z1tRMI0mzLvkq4ZdaMqq7HmEM590xp394tj55o
gulayLmM5caALdaceKB0dCOsz7jt3gr894eEjeZvbbbAuDG4a/Z+rxkViqZY0r4B
LWdwz49ayV+aJlnzNdlMkPDiOqb3m7IANyiTd4RxLzyTNZa5XGHFo1ptj73uxJYJ
JvndYn5eBkNX3Fo0n01b1JBwZd5zGtsF5U1XemikZ4jlHU7xTdonBfgAPQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFAAXHEbv7l52pqbqQ4T8l9TUq4zwMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvQUJjY1J1X3VYbmFtcHVwRGhQeVgxTlNyalBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAQu
95ADBABZKCkDBAFZyPADBABb5eQDBAFb7pQDBAJdtNADBADBJYgDBADBabADBAHB
qQgDBAHBwDQDBAHB76wDBAHB7/YDBADCCFEDBAHCGOoDBAHCKmQDBAHCWIYDBAHC
atQDBAHC9moDBAHDAsQDBAHDDTADBAHDIlADBAHDXYwDBAHDgLwDBAHDh8ADBADD
vbADBAHDvboDBAHDvfoDBAHD0iwDBAHD/owwDQYJKoZIhvcNAQELBQADggEBAJkS
QiCdq1BmMIynLbibwSPlpItA3Ad+s9jh3JKt8hgQZBxKE8H2OaRjvXTEUIMWJpfI
yZ83ABuia+WVwWrezehxTnz1z1W9C/kdqjdOEWeq+hwPiyMABGLGWrAJrTZYt7No
h5tVoD8/S3w0+Ec06oBGk8ir0c27qzdCtImgtXR/9U5NrLlabmeUVHqWqTfEtiga
0jZx0GKPn5AH4omXfp4IYDqpcR2Hu2PnpwPVAWfq3hyJeXBISPJW5A4CI/MF3HFa
LhHIv16H38st7NcqN6JpWxDTprQ5ILJ2qprZ0uzbMuuTHiEC+tK5IQ8W9TBzIVPN
+XJj4/MM8/kBQoUyQ5Y=
-----END CERTIFICATE-----
Generated at Thu Jun 20 15:46:00 2024 by rpki-client on console-ams.rpki-client.org