Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PhByg3iBqEKAfsn0wwdh-jmFLfc.roa
File: PhByg3iBqEKAfsn0wwdh-jmFLfc.roa (raw, json)
Hash identifier: ZQJ9DSVyYtrjPdhM21PF+T9/KkWguPGrHHd9bsgpQXY=
Subject key identifier: 3E:10:72:83:78:81:A8:42:80:7E:C9:F4:C3:07:61:FA:39:85:2D:F7
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018E7B0A44E7522806B3BB07415C7EB10DBD
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PhByg3iBqEKAfsn0wwdh-jmFLfc.roa
Signing time: Tue 26 Mar 2024 13:54:14 +0000
ROA not before: Tue 26 Mar 2024 13:54:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.102.105.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
77.223.214.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
86.105.241.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.32.130.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.42.52.0/23 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.6.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.215.76.0/23 maxlen: 24
188.241.59.0/24 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.42.232.0/22 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7b:0a:44:e7:52:28:06:b3:bb:07:41:5c:7e:b1:0d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 26 13:54:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e1072837881a842807ec9f4c30761fa39852df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f5:11:3f:24:26:ca:ca:1d:3b:d2:11:15:86:
09:ae:61:c6:63:4f:ac:5c:76:7e:e0:2b:80:0d:a7:
17:d3:5f:9d:fe:2c:18:87:7f:3d:fd:97:f4:06:31:
36:19:5d:3c:ee:ea:f4:4e:54:e6:26:3d:05:f0:66:
7a:c6:87:0b:c8:dd:01:3c:f6:d7:31:83:4b:4f:49:
be:46:58:23:5d:eb:c0:4a:8a:93:c7:cd:2d:da:0f:
da:d0:9b:df:0e:26:5e:13:cd:1a:25:10:c1:24:cf:
25:41:3f:8c:e2:20:b2:b3:6c:21:a9:28:50:50:98:
4f:79:48:b8:84:90:a8:af:ef:4e:d8:41:c3:8c:e9:
e9:a6:a8:62:b8:1c:07:be:3d:c1:7f:a8:96:6a:8c:
34:8c:7e:4a:ac:6b:63:7b:9a:64:eb:c0:06:0e:79:
b8:53:38:6c:d6:5d:ea:27:5e:a3:89:64:33:16:76:
1a:5c:4e:3c:a7:75:f4:b0:82:15:2f:9d:c0:46:f7:
c6:c5:ce:c5:98:55:ca:5b:03:09:82:06:ac:70:9c:
56:04:a7:f9:4e:6f:40:ed:ef:f1:7f:f3:1d:55:23:
6c:04:d0:80:1b:97:df:2f:73:5c:a0:73:1b:6d:6e:
87:d6:36:d8:fb:f3:7c:18:e6:e9:9f:b1:4c:aa:e3:
2b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:10:72:83:78:81:A8:42:80:7E:C9:F4:C3:07:61:FA:39:85:2D:F7
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/PhByg3iBqEKAfsn0wwdh-jmFLfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.105.0/24
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
86.105.241.0/24
86.106.108.0/24
89.32.125.0/24
89.32.130.0/23
89.37.58.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:a5:14:09:5d:bf:cf:d7:b3:ee:5d:ee:51:b5:f9:2a:32:33:
ef:43:13:a4:6e:a7:8c:81:93:ea:6a:2f:1d:f8:ca:ff:99:b7:
23:3f:96:37:c9:6e:fe:2d:63:62:69:01:bc:30:8b:63:af:8b:
33:23:04:b6:b0:4b:84:7c:50:96:42:08:92:de:4a:2e:a0:b7:
b2:ce:4a:79:79:73:6a:4b:76:9f:3a:fb:27:1d:36:3c:55:df:
cb:dd:1d:9d:d3:2e:49:1c:af:a5:9f:75:0b:5f:5c:6a:bd:8a:
5a:88:d6:fa:1d:39:ad:3f:d8:67:78:90:87:ab:60:90:f2:c5:
33:cf:18:5c:7a:9b:06:38:37:ed:82:3e:d9:cc:98:b0:33:4d:
c5:59:af:06:f7:9d:84:c3:3a:3e:07:bb:26:40:04:4c:2e:42:
5a:12:37:94:d6:17:ad:02:a2:0b:af:d9:d1:00:e3:ac:65:fe:
67:02:da:37:01:bc:33:d0:45:06:ba:26:c2:16:7f:6e:77:da:
73:fc:6b:ed:cc:85:66:f9:33:ef:42:d3:77:91:82:11:47:f9:
14:40:dc:8a:67:35:24:8c:78:ab:30:e8:a4:91:b8:ab:ac:e5:
92:57:8c:25:b7:da:d5:22:74:71:9c:82:fe:a9:ff:80:ba:1e:
64:6f:ed:5b
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgISAY57CkTnUigGs7sHQVx+sQ29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMzI2MTM1NDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTEwNzI4Mzc4ODFhODQyODA3ZWM5ZjRjMzA3NjFmYTM5ODUyZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvURPyQmysodO9IRFYYJrmHGY0+s
XHZ+4CuADacX01+d/iwYh389/Zf0BjE2GV087ur0TlTmJj0F8GZ6xocLyN0BPPbX
MYNLT0m+RlgjXevASoqTx80t2g/a0JvfDiZeE80aJRDBJM8lQT+M4iCys2whqShQ
UJhPeUi4hJCor+9O2EHDjOnppqhiuBwHvj3Bf6iWaow0jH5KrGtje5pk68AGDnm4
Uzhs1l3qJ16jiWQzFnYaXE48p3X0sIIVL53ARvfGxc7FmFXKWwMJggascJxWBKf5
Tm9A7e/xf/MdVSNsBNCAG5ffL3NcoHMbbW6H1jbY+/N8GObpn7FMquMr8QIDAQAB
o4IDaTCCA2UwHQYDVR0OBBYEFD4QcoN4gahCgH7J9MMHYfo5hS33MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvUGhCeWczaUJxRUtBZnNuMHd3ZGgtam1GTGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfQYIKwYBBQUHAQcBAf8EggFsMIIBaDCCAWQEAgABMIIB
XAMEAC5maQMEBC73kAMEAU3f1gMEAU+LUAMEAFZp8QMEAFZqbAMEAFkgfQMEAVkg
ggMEAFklOgMEAFkoKQMEAVkopAMEAVkqNAMEAVkvJgMEAFkvKwMEAVnI8AMEAFvG
FwMEAFvYigMEAFvjIQMEAFvl5AMEAVvulAMEAF1yVAMEAl200AMEAV6xBgMEAF6x
FwMEAbB+xgMEALzS/gMEALzWWQMEAbzXTAMEALzxOwMEAMEkLAMEAMEliAMEAMEn
dwMEAsFdKAMEAMFpsAMEAcGpCAMEAcHANAMEAcHvrAMEAcHv9gMEAMIIUQMEAcIY
6gMEAcIqZAMEAcJYhgMEAcJqzAMEAcJq1AMEAMKM6wMEAcL2agMEAcMCxAMEAcMN
MAMEAcMiUAMEAsMq6AMEAcNdjAMEAcOAvAMEAcOHwAMEAMO9sAMEAcO9ugMEAcO9
+gMEAcPSLAMEAcP+jDANBgkqhkiG9w0BAQsFAAOCAQEAv6UUCV2/z9ez7l3uUbX5
KjIz70MTpG6njIGT6movHfjK/5m3Iz+WN8lu/i1jYmkBvDCLY6+LMyMEtrBLhHxQ
lkIIkt5KLqC3ss5KeXlzakt2nzr7Jx02PFXfy90dndMuSRyvpZ91C19car2KWojW
+h05rT/YZ3iQh6tgkPLFM88YXHqbBjg37YI+2cyYsDNNxVmvBvedhMM6Pge7JkAE
TC5CWhI3lNYXrQKiC6/Z0QDjrGX+ZwLaNwG8M9BFBromwhZ/bnfac/xr7cyFZvkz
70LTd5GCEUf5FEDcimc1JIx4qzDopJG4q6zlkleMJbfa1SJ0cZyC/qn/gLoeZG/t
Ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:05 2024 by rpki-client on console-ams.rpki-client.org