Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PS2DWTqSJE18Zoc1Pq2-YmEVvbc.roa
File: PS2DWTqSJE18Zoc1Pq2-YmEVvbc.roa (raw, json)
Hash identifier: sO2O38i2ehgcWR2N/Gkp+37EmyOrqpookHjouXcYMXI=
Subject key identifier: 3D:2D:83:59:3A:92:24:4D:7C:66:87:35:3E:AD:BE:62:61:15:BD:B7
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018E6173A1820D908F4592D403EE674AA564
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PS2DWTqSJE18Zoc1Pq2-YmEVvbc.roa
Signing time: Thu 21 Mar 2024 14:39:11 +0000
ROA not before: Thu 21 Mar 2024 14:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.102.105.0/24 maxlen: 24
46.102.118.0/23 maxlen: 24
46.247.144.0/20 maxlen: 24
77.223.214.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
86.105.241.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.32.130.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.42.52.0/23 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.6.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.215.76.0/23 maxlen: 24
188.241.59.0/24 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.42.232.0/22 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:73:a1:82:0d:90:8f:45:92:d4:03:ee:67:4a:a5:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 21 14:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d2d83593a92244d7c6687353eadbe626115bdb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3c:24:46:d6:fc:98:a2:b9:36:c7:8d:0c:25:
48:f7:15:c9:e2:62:38:06:1d:d6:c8:e6:77:6c:18:
94:d5:c8:2a:e1:f7:f3:25:23:27:2f:4e:e4:24:b8:
38:d2:2b:83:74:7d:06:9c:9f:b2:fa:d1:ff:58:06:
e7:15:b4:15:c8:b1:7d:23:62:15:f6:87:ae:97:c5:
b5:85:47:80:c5:07:54:42:fb:2d:59:7c:4c:36:4f:
21:56:9a:54:a1:88:08:f2:32:1a:3f:31:83:8f:8e:
8a:b7:19:64:c3:7a:00:82:41:f6:33:ac:3b:13:e6:
c2:89:b9:51:8f:06:ea:37:ad:6c:2b:35:79:25:87:
d8:60:3f:c8:ba:b7:05:0d:04:6a:7e:23:a5:03:c8:
83:30:9d:eb:68:62:31:75:94:55:1a:b3:fa:b5:83:
c5:24:86:2f:34:b8:7a:81:44:13:6a:d4:e7:8b:f7:
07:6c:0e:82:ef:4e:1c:c2:70:63:a0:86:a4:13:25:
9d:53:07:5d:55:7d:21:ea:15:95:92:1a:73:d9:9c:
51:da:a7:cd:f5:b7:a9:1e:a7:69:33:c4:8b:a2:a4:
d7:92:7a:6f:b2:da:90:aa:d0:8a:81:7b:50:ce:5d:
91:1a:68:5d:d3:b7:85:ca:1d:4c:8e:5e:32:7b:4a:
cc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2D:83:59:3A:92:24:4D:7C:66:87:35:3E:AD:BE:62:61:15:BD:B7
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PS2DWTqSJE18Zoc1Pq2-YmEVvbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.105.0/24
46.102.118.0/23
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
86.105.241.0/24
86.106.108.0/24
89.32.125.0/24
89.32.130.0/23
89.37.58.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
70:0e:04:73:db:42:9d:2a:5a:18:81:a7:e4:13:f7:e9:b6:da:
60:1a:04:d0:d0:62:22:c3:d3:2f:6a:20:c0:ce:17:56:ce:2b:
da:23:63:78:80:81:f7:68:82:2c:7b:ae:b9:cb:0e:3b:0a:33:
e1:9f:d3:b8:7a:00:c3:a3:48:ea:ae:1e:ae:53:ab:61:e9:3f:
b0:7b:c3:34:85:27:04:06:e7:e0:19:d2:8f:41:38:5f:14:61:
c7:30:5e:bf:a2:67:2c:cc:e1:e8:e7:5d:61:1d:10:5f:ea:a7:
47:5c:09:e1:4c:32:65:c3:f8:61:71:26:c6:54:13:78:c2:a9:
55:e3:d1:94:89:1e:a1:90:8f:21:e3:d3:63:5c:cb:cf:24:53:
fc:8b:50:26:00:9b:85:08:8b:ba:06:46:b5:7c:cd:11:29:bc:
08:df:21:77:67:43:af:11:40:a5:8a:e6:a1:76:06:bf:f2:b8:
6e:f5:ca:85:17:4b:75:65:09:9a:1b:8e:d2:22:56:d8:6b:bf:
3d:e5:b0:59:90:fb:04:11:94:fa:5a:e4:68:22:09:45:c3:75:
87:48:d5:cc:6e:30:cf:47:9c:3e:c8:52:a5:96:72:77:ef:9e:
d8:34:d6:81:4a:b2:c4:09:d6:28:f3:31:aa:7a:96:7e:b4:fb:
23:5e:5c:6c
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAY5hc6GCDZCPRZLUA+5nSqVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMzIxMTQzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJkODM1OTNhOTIyNDRkN2M2Njg3MzUzZWFkYmU2MjYxMTViZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TwkRtb8mKK5NseNDCVI9xXJ4mI4
Bh3WyOZ3bBiU1cgq4ffzJSMnL07kJLg40iuDdH0GnJ+y+tH/WAbnFbQVyLF9I2IV
9oeul8W1hUeAxQdUQvstWXxMNk8hVppUoYgI8jIaPzGDj46Ktxlkw3oAgkH2M6w7
E+bCiblRjwbqN61sKzV5JYfYYD/IurcFDQRqfiOlA8iDMJ3raGIxdZRVGrP6tYPF
JIYvNLh6gUQTatTni/cHbA6C704cwnBjoIakEyWdUwddVX0h6hWVkhpz2ZxR2qfN
9bepHqdpM8SLoqTXknpvstqQqtCKgXtQzl2RGmhd07eFyh1Mjl4ye0rMLwIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFD0tg1k6kiRNfGaHNT6tvmJhFb23MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvUFMyRFdUcVNKRTE4Wm9jMVBxMi1ZbUVWdmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAWoEAgABMIIB
YgMEAC5maQMEAS5mdgMEBC73kAMEAU3f1gMEAU+LUAMEAFZp8QMEAFZqbAMEAFkg
fQMEAVkgggMEAFklOgMEAFkoKQMEAVkopAMEAVkqNAMEAVkvJgMEAFkvKwMEAVnI
8AMEAFvGFwMEAFvYigMEAFvjIQMEAFvl5AMEAVvulAMEAF1yVAMEAl200AMEAV6x
BgMEAF6xFwMEAbB+xgMEALzS/gMEALzWWQMEAbzXTAMEALzxOwMEAMEkLAMEAMEl
iAMEAMEndwMEAsFdKAMEAMFpsAMEAcGpCAMEAcHANAMEAcHvrAMEAcHv9gMEAMII
UQMEAcIY6gMEAcIqZAMEAcJYhgMEAcJqzAMEAcJq1AMEAMKM6wMEAcL2agMEAcMC
xAMEAcMNMAMEAcMiUAMEAsMq6AMEAcNdjAMEAcOAvAMEAcOHwAMEAMO9sAMEAcO9
ugMEAcO9+gMEAcPSLAMEAcP+jDANBgkqhkiG9w0BAQsFAAOCAQEAcA4Ec9tCnSpa
GIGn5BP36bbaYBoE0NBiIsPTL2ogwM4XVs4r2iNjeICB92iCLHuuucsOOwoz4Z/T
uHoAw6NI6q4erlOrYek/sHvDNIUnBAbn4BnSj0E4XxRhxzBev6JnLMzh6OddYR0Q
X+qnR1wJ4UwyZcP4YXEmxlQTeMKpVePRlIkeoZCPIePTY1zLzyRT/ItQJgCbhQiL
ugZGtXzNESm8CN8hd2dDrxFApYrmoXYGv/K4bvXKhRdLdWUJmhuO0iJW2Gu/PeWw
WZD7BBGU+lrkaCIJRcN1h0jVzG4wz0ecPshSpZZyd++e2DTWgUqyxAnWKPMxqnqW
frT7I15cbA==
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:17:07 2024 by rpki-client on console-ams.rpki-client.org