Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/K7EvEMwodulJ_ZXE5wN1KNFxaJ4.roa
File: K7EvEMwodulJ_ZXE5wN1KNFxaJ4.roa (raw, json)
Hash identifier: u0XjVyCehS4yXJFcxoFo7g4Dl7ey+EY1MiwXW+9RdD4=
Subject key identifier: 2B:B1:2F:10:CC:28:76:E9:49:FD:95:C4:E7:03:75:28:D1:71:68:9E
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018F5B342C9CD6352C1435D672FC2504A20C
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/K7EvEMwodulJ_ZXE5wN1KNFxaJ4.roa
Signing time: Thu 09 May 2024 02:34:56 +0000
ROA not before: Thu 09 May 2024 02:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.102.105.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
86.105.241.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.23.0/24 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5b:34:2c:9c:d6:35:2c:14:35:d6:72:fc:25:04:a2:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: May 9 02:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bb12f10cc2876e949fd95c4e7037528d171689e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bf:fd:61:7d:0b:51:c4:c7:ab:0b:f8:52:6a:
1e:d0:d7:51:6f:1d:2b:f2:b5:76:41:66:36:01:21:
8a:49:06:1f:0b:96:2d:19:ad:86:ee:ed:b4:86:02:
b9:e2:c3:ff:d8:f3:eb:6d:77:99:85:f4:fb:96:18:
68:50:64:cf:43:92:71:51:1e:0a:69:09:49:39:a7:
5b:04:10:68:44:97:d5:32:ac:5d:18:86:20:fa:c5:
ca:af:62:16:e6:3f:e4:6c:f9:4e:78:63:c8:ee:f7:
b3:30:1e:87:d8:11:85:32:62:89:8e:a2:10:5d:27:
41:2e:a0:8f:ab:8a:3d:52:56:a5:8d:f8:c4:b2:e0:
af:31:1e:56:ee:55:e9:03:64:49:ee:6d:f0:64:63:
51:08:38:b0:19:75:c9:46:6b:20:35:4b:fb:53:c2:
f2:af:95:7f:cc:01:2c:70:f7:20:35:db:b3:53:37:
25:65:4a:e1:0c:29:79:9f:8a:49:3d:a6:fa:f3:60:
74:fa:79:2f:35:05:52:d3:41:22:e5:45:48:5b:41:
a8:30:42:10:7c:ee:d0:71:ff:10:ee:ff:17:a2:61:
8d:62:3a:d8:2f:5a:ad:db:a1:d8:d7:50:02:32:11:
c8:df:56:63:ee:81:99:cb:54:a0:97:09:29:00:06:
8f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B1:2F:10:CC:28:76:E9:49:FD:95:C4:E7:03:75:28:D1:71:68:9E
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/K7EvEMwodulJ_ZXE5wN1KNFxaJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.105.0/24
46.247.144.0/20
86.105.241.0/24
89.32.125.0/24
89.37.58.0/24
89.40.41.0/24
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.23.0/24
188.210.254.0/24
188.214.89.0/24
188.241.59.0/24
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
33:b3:5a:18:15:29:d8:de:04:73:09:b4:84:da:1d:d1:f3:05:
7f:97:79:76:1f:73:01:11:1e:5e:b0:a5:1a:fe:73:67:df:ee:
bb:ea:4b:d5:0e:9c:47:e1:3d:0d:d5:e8:8f:03:0e:71:f4:6f:
08:ed:56:e2:9b:1a:b6:47:2c:00:d5:da:b1:6e:45:40:da:c8:
ef:c1:99:1b:4d:6e:67:37:ad:0b:d3:2b:14:8c:95:cc:3e:fe:
1b:01:30:d3:fa:13:1f:84:58:c1:f5:7b:09:24:cd:01:b0:8e:
04:a1:8a:ae:4e:4c:6e:6c:4e:ee:34:1c:2d:29:02:21:cc:65:
67:9e:d5:87:af:13:d1:b4:24:d0:4d:45:93:c7:93:bc:3c:6c:
e8:86:10:fc:e6:d2:fd:2c:98:34:9b:a7:c3:02:0d:47:2e:0e:
07:a5:0b:8b:14:4d:a2:50:00:c1:83:20:da:95:e5:36:97:3c:
79:62:5f:3b:ff:10:ee:8c:b0:50:77:69:32:a4:8d:f7:ed:d5:
ea:61:e9:9c:98:24:78:e0:90:6d:04:56:af:e0:a9:85:7a:6d:
75:c6:13:92:a2:88:de:b6:a2:a7:0a:1e:7d:b9:1c:b2:71:93:
77:34:22:65:f5:1f:6b:9c:bf:b6:cc:d7:6c:3a:a0:6b:2c:6b:
45:85:4e:79
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAY9bNCyc1jUsFDXWcvwlBKIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNTA5MDIzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmIxMmYxMGNjMjg3NmU5NDlmZDk1YzRlNzAzNzUyOGQxNzE2ODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL/9YX0LUcTHqwv4Umoe0NdRbx0r
8rV2QWY2ASGKSQYfC5YtGa2G7u20hgK54sP/2PPrbXeZhfT7lhhoUGTPQ5JxUR4K
aQlJOadbBBBoRJfVMqxdGIYg+sXKr2IW5j/kbPlOeGPI7vezMB6H2BGFMmKJjqIQ
XSdBLqCPq4o9UlaljfjEsuCvMR5W7lXpA2RJ7m3wZGNRCDiwGXXJRmsgNUv7U8Ly
r5V/zAEscPcgNduzUzclZUrhDCl5n4pJPab682B0+nkvNQVS00Ei5UVIW0GoMEIQ
fO7Qcf8Q7v8XomGNYjrYL1qt26HY11ACMhHI31Zj7oGZy1SglwkpAAaPGQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFCuxLxDMKHbpSf2VxOcDdSjRcWieMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvSzdFdkVNd29kdWxKX1pYRTV3TjFLTkZ4YUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAC5maQMEBC73kAMEAFZp8QMEAFkgfQMEAFklOgMEAFkoKQMEAFkvKwMEAVnI
8AMEAFvGFwMEAFvYigMEAFvjIQMEAFvl5AMEAVvulAMEAF1yVAMEAl200AMEAF6x
FwMEALzS/gMEALzWWQMEALzxOwMEAMEkLAMEAMEliAMEAMEndwMEAsFdKAMEAMFp
sAMEAcGpCAMEAcHANAMEAcHvrAMEAcHv9gMEAMIIUQMEAcIY6gMEAcIqZAMEAcJY
hgMEAcJq1AMEAMKM6wMEAcL2agMEAcMCxAMEAcMNMAMEAcMiUAMEAcNdjAMEAcOA
vAMEAcOHwAMEAMO9sAMEAcO9ugMEAcO9+gMEAcPSLAMEAcP+jDANBgkqhkiG9w0B
AQsFAAOCAQEAM7NaGBUp2N4Ecwm0hNod0fMFf5d5dh9zAREeXrClGv5zZ9/uu+pL
1Q6cR+E9DdXojwMOcfRvCO1W4psatkcsANXasW5FQNrI78GZG01uZzetC9MrFIyV
zD7+GwEw0/oTH4RYwfV7CSTNAbCOBKGKrk5MbmxO7jQcLSkCIcxlZ57Vh68T0bQk
0E1Fk8eTvDxs6IYQ/ObS/SyYNJunwwINRy4OB6ULixRNolAAwYMg2pXlNpc8eWJf
O/8Q7oywUHdpMqSN9+3V6mHpnJgkeOCQbQRWr+CphXptdcYTkqKI3raipwoefbkc
snGTdzQiZfUfa5y/tszXbDqgayxrRYVOeQ==
-----END CERTIFICATE-----
Generated at Fri May 10 19:24:31 2024 by rpki-client on console-fra.rpki-client.org