Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/SnII1q5VNlwmxgx_sjRhxrwW-nk.roa
File: SnII1q5VNlwmxgx_sjRhxrwW-nk.roa (raw, json)
Hash identifier: vVcQi1aaWHpHF4BdIkiw4QIHDvMBHa4x0jHIfx7tAo0=
Subject key identifier: 4A:72:08:D6:AE:55:36:5C:26:C6:0C:7F:B2:34:61:C6:BC:16:FA:79
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018E1D9F16CB1D12FC0CF1E7340D867CA42B
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/SnII1q5VNlwmxgx_sjRhxrwW-nk.roa
Signing time: Fri 08 Mar 2024 10:32:29 +0000
ROA not before: Fri 08 Mar 2024 10:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 45.14.76.0/22 maxlen: 24
46.102.105.0/24 maxlen: 24
46.102.118.0/23 maxlen: 24
46.247.144.0/20 maxlen: 24
77.223.214.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
86.104.72.0/22 maxlen: 24
86.105.241.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.32.130.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.42.52.0/23 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.223.183.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.6.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.215.76.0/23 maxlen: 24
188.241.59.0/24 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.44.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.42.232.0/22 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:9f:16:cb:1d:12:fc:0c:f1:e7:34:0d:86:7c:a4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 8 10:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a7208d6ae55365c26c60c7fb23461c6bc16fa79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:a9:e1:13:ab:79:86:bb:89:86:f2:23:a0:
50:87:e0:00:ba:f8:36:34:d9:c4:1d:e6:72:0f:a9:
b8:e6:09:22:70:d6:23:ba:28:7c:2c:ee:c2:10:08:
d1:75:ee:4b:60:d2:8f:d7:41:3b:01:7d:75:ef:8a:
40:36:75:05:06:39:48:09:a3:ad:27:66:e8:16:3a:
d8:78:1f:a0:38:d0:a3:5e:9e:fb:8d:93:ed:8c:2f:
71:dc:54:60:aa:88:14:4f:26:87:f1:09:c5:e7:7d:
d5:90:dd:96:45:f2:3b:57:31:2f:2d:79:b5:18:d1:
90:94:0b:d6:1b:38:94:af:39:07:0c:71:41:2b:76:
2d:49:03:a0:a4:52:28:22:2b:f7:fe:9e:d0:5a:69:
ea:36:2f:08:5d:74:93:08:6b:71:ef:bb:8e:17:57:
d4:73:f8:c0:5b:e7:4d:e5:18:aa:e1:ab:59:19:cf:
e6:49:41:23:d5:7e:63:e6:f5:02:16:cf:46:9a:4f:
eb:6c:7d:5c:ad:97:ae:5a:31:06:03:89:98:5c:2e:
ab:c5:f5:78:69:cb:8c:c0:6c:d5:ae:69:a0:00:4b:
84:3a:69:ba:2a:7b:85:a7:3e:29:6c:01:8f:d8:cf:
dd:a8:8c:fc:a5:d1:24:78:2a:28:17:ba:4e:fc:8c:
9f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:72:08:D6:AE:55:36:5C:26:C6:0C:7F:B2:34:61:C6:BC:16:FA:79
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/SnII1q5VNlwmxgx_sjRhxrwW-nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.76.0/22
46.102.105.0/24
46.102.118.0/23
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
86.104.72.0/22
86.105.241.0/24
86.106.108.0/24
89.32.125.0/24
89.32.130.0/23
89.37.58.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.223.183.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.44.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:60:ba:63:f3:08:5a:c4:a5:f9:24:2d:d9:0f:1b:3d:32:08:
e7:2c:71:1d:ce:6e:03:69:17:bb:c5:b3:11:65:79:11:e2:e3:
83:8c:7d:3d:27:e5:3b:f2:58:6f:72:02:5a:da:2e:ec:b4:02:
63:10:b2:0d:fd:5c:22:30:e1:b1:f0:8d:8b:ee:14:51:ce:27:
f4:76:af:35:d6:30:2d:35:dc:7e:b0:dc:f1:13:5b:22:81:e9:
2e:dd:fa:95:e3:90:11:84:dd:3c:5a:e3:15:b0:de:93:44:e6:
c2:a4:8e:35:c2:20:6d:9f:5e:81:3e:06:bc:97:fb:7a:12:28:
f8:58:15:66:fa:46:ce:38:41:ac:1e:4f:f8:35:b4:11:87:96:
03:ba:58:2c:a2:14:24:96:0e:06:e6:03:2f:37:84:08:b1:9b:
34:de:4a:b2:da:43:bb:5c:5c:e0:25:c3:77:e5:49:b4:03:de:
c3:e9:87:32:25:9c:84:01:35:b4:c9:d5:05:70:5e:45:c1:6d:
9e:84:21:2e:f5:ba:a7:dc:64:bb:91:10:05:66:36:4e:06:53:
92:77:37:0d:89:79:e4:f0:97:c7:c8:38:db:31:91:75:35:61:
7b:08:ff:1c:df:ef:12:c1:37:5a:3f:81:b9:4c:9e:09:80:db:
f8:8f:7e:f2
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAY4dnxbLHRL8DPHnNA2GfKQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMzA4MTAzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTcyMDhkNmFlNTUzNjVjMjZjNjBjN2ZiMjM0NjFjNmJjMTZmYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnKp4ROreYa7iYbyI6BQh+AAuvg2
NNnEHeZyD6m45gkicNYjuih8LO7CEAjRde5LYNKP10E7AX1174pANnUFBjlICaOt
J2boFjrYeB+gONCjXp77jZPtjC9x3FRgqogUTyaH8QnF533VkN2WRfI7VzEvLXm1
GNGQlAvWGziUrzkHDHFBK3YtSQOgpFIoIiv3/p7QWmnqNi8IXXSTCGtx77uOF1fU
c/jAW+dN5Riq4atZGc/mSUEj1X5j5vUCFs9Gmk/rbH1crZeuWjEGA4mYXC6rxfV4
acuMwGzVrmmgAEuEOmm6KnuFpz4pbAGP2M/dqIz8pdEkeCooF7pO/IyfzwIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFEpyCNauVTZcJsYMf7I0Yca8Fvp5MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvU25JSTFxNVZObHdteGd4X3NqUmh4cndXLW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIB
egMEAi0OTAMEAC5maQMEAS5mdgMEBC73kAMEAU3f1gMEAU+LUAMEAlZoSAMEAFZp
8QMEAFZqbAMEAFkgfQMEAVkgggMEAFklOgMEAFkoKQMEAVkopAMEAVkqNAMEAVkv
JgMEAFkvKwMEAVnI8AMEAFvGFwMEAFvYigMEAFvftwMEAFvjIQMEAFvl5AMEAVvu
lAMEAF1yVAMEAl200AMEAV6xBgMEAF6xFwMEAbB+xgMEALzS/gMEALzWWQMEAbzX
TAMEALzxOwMEAMEkLAMEAMEliAMEAMEndwMEAsFdKAMEAMFpsAMEAcGpCAMEAcHA
LAMEAcHANAMEAcHvrAMEAcHv9gMEAMIIUQMEAcIY6gMEAcIqZAMEAcJYhgMEAcJq
zAMEAcJq1AMEAMKM6wMEAcL2agMEAcMCxAMEAcMNMAMEAcMiUAMEAsMq6AMEAcNd
jAMEAcOAvAMEAcOHwAMEAMO9sAMEAcO9ugMEAcO9+gMEAcPSLAMEAcP+jDANBgkq
hkiG9w0BAQsFAAOCAQEAtmC6Y/MIWsSl+SQt2Q8bPTII5yxxHc5uA2kXu8WzEWV5
EeLjg4x9PSflO/JYb3ICWtou7LQCYxCyDf1cIjDhsfCNi+4UUc4n9HavNdYwLTXc
frDc8RNbIoHpLt36leOQEYTdPFrjFbDek0TmwqSONcIgbZ9egT4GvJf7ehIo+FgV
ZvpGzjhBrB5P+DW0EYeWA7pYLKIUJJYOBuYDLzeECLGbNN5KstpDu1xc4CXDd+VJ
tAPew+mHMiWchAE1tMnVBXBeRcFtnoQhLvW6p9xku5EQBWY2TgZTknc3DYl55PCX
x8g42zGRdTVhewj/HN/vEsE3Wj+BuUyeCYDb+I9+8g==
-----END CERTIFICATE-----
Generated at Mon Mar 18 17:05:25 2024 by rpki-client on console-fra.rpki-client.org