Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/XD9eDFb82ffxGN-bJ6PLHJCNcMQ.roa
File: XD9eDFb82ffxGN-bJ6PLHJCNcMQ.roa (raw, json)
Hash identifier: cQaV8SFV0K0R7udDt7jkT6riDOhwo0qz/8lL0r3ZCAs=
Subject key identifier: 5C:3F:5E:0C:56:FC:D9:F7:F1:18:DF:9B:27:A3:CB:1C:90:8D:70:C4
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018AB66304B9CA49210BA365F357471AD700
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/XD9eDFb82ffxGN-bJ6PLHJCNcMQ.roa
Signing time: Thu 21 Sep 2023 06:17:37 +0000
ROA not before: Thu 21 Sep 2023 06:17:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208913
IP address blocks: 195.2.196.0/23 maxlen: 24
86.107.53.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
85.204.243.0/24 maxlen: 24
85.204.253.0/24 maxlen: 24
85.204.247.0/24 maxlen: 24
85.204.250.0/24 maxlen: 24
91.214.188.0/22 maxlen: 24
188.241.192.0/24 maxlen: 24
195.93.140.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
93.114.84.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
92.114.109.0/24 maxlen: 24
92.114.110.0/24 maxlen: 24
188.208.108.0/24 maxlen: 24
188.208.116.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
188.211.234.0/24 maxlen: 24
89.36.199.0/24 maxlen: 24
195.13.48.0/23 maxlen: 24
188.215.76.0/23 maxlen: 24
89.40.41.0/24 maxlen: 24
195.254.140.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
194.42.100.0/23 maxlen: 24
85.204.26.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
89.42.52.0/23 maxlen: 24
93.119.193.0/24 maxlen: 24
94.177.6.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
193.39.119.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
193.36.44.0/24 maxlen: 24
188.214.81.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
176.126.204.0/24 maxlen: 24
188.210.254.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
89.32.130.0/23 maxlen: 24
193.93.40.0/22 maxlen: 24
93.180.208.0/22 maxlen: 24
89.39.91.0/24 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
188.240.4.0/22 maxlen: 24
91.229.228.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
194.88.134.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
89.38.134.0/24 maxlen: 24
77.223.214.0/23 maxlen: 24
86.105.241.0/24 maxlen: 24
194.8.81.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
193.105.176.0/24 maxlen: 24
188.213.128.0/22 maxlen: 24
195.210.44.0/23 maxlen: 24
46.102.105.0/24 maxlen: 24
195.189.250.0/23 maxlen: 24
194.24.234.0/23 maxlen: 24
91.223.183.0/24 maxlen: 24
46.102.118.0/23 maxlen: 24
94.176.150.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
193.192.52.0/23 maxlen: 24
89.40.164.0/23 maxlen: 24
89.47.94.0/24 maxlen: 24
193.138.97.0/24 maxlen: 24
89.47.43.0/24 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.48.0/22 maxlen: 24
193.192.44.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
93.114.182.0/24 maxlen: 24
195.34.80.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
45.14.76.0/22 maxlen: 24
193.108.52.0/22 maxlen: 24
193.37.136.0/24 maxlen: 24
193.239.172.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
193.169.8.0/23 maxlen: 24
93.115.36.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:63:04:b9:ca:49:21:0b:a3:65:f3:57:47:1a:d7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Sep 21 06:17:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c3f5e0c56fcd9f7f118df9b27a3cb1c908d70c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8d:b5:e7:4a:79:cb:42:97:0d:05:2a:51:1b:
28:e1:bd:82:4b:af:11:e5:e8:f1:2e:68:b6:0a:31:
1b:69:7b:9a:fd:d3:99:2d:1c:07:76:ab:cd:f2:ad:
e5:6c:2c:e0:7b:ea:7a:93:96:ff:2b:3a:56:0c:2c:
fc:fd:4c:ff:ff:f5:db:ca:4b:0a:ce:06:05:09:3a:
81:df:1e:6a:11:f7:c1:8c:b7:12:ce:05:1e:b8:e4:
bb:4b:5b:3a:c3:7c:8f:4e:26:30:28:fc:8e:27:c3:
53:e9:06:0f:ec:ae:e7:58:44:45:6e:e6:28:6d:5f:
d1:c5:ea:fd:ce:32:57:e2:94:d9:b5:45:ee:1f:2e:
67:6e:c4:d3:b0:f9:49:4d:e6:ef:44:f0:f6:33:2e:
12:cb:1d:ef:72:59:7b:0f:43:73:a6:53:bd:33:89:
20:20:71:18:5e:97:0f:48:ad:92:aa:0a:58:c8:59:
78:49:6f:0e:09:e5:6e:77:d1:5e:0b:5d:4c:0c:98:
4a:7e:cc:63:29:59:2f:21:8c:8e:e4:d7:58:f1:d0:
71:09:d7:88:a9:16:2b:63:f1:1d:f6:2d:74:5a:db:
25:0d:ce:41:8a:4d:22:6e:32:11:69:c5:dc:c0:c6:
89:30:48:68:1a:27:6a:4f:92:7e:a6:ab:48:70:06:
27:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3F:5E:0C:56:FC:D9:F7:F1:18:DF:9B:27:A3:CB:1C:90:8D:70:C4
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/XD9eDFb82ffxGN-bJ6PLHJCNcMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.76.0/22
46.102.105.0/24
46.102.118.0/23
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
85.204.26.0/24
85.204.243.0/24
85.204.247.0/24
85.204.250.0/24
85.204.253.0/24
86.104.72.0/22
86.105.241.0/24
86.106.108.0/24
86.107.53.0/24
89.32.125.0/24
89.32.130.0/23
89.36.199.0/24
89.37.58.0/24
89.38.134.0/24
89.39.91.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.47.48.0/22
89.47.94.0/24
89.200.240.0/23
91.198.23.0/24
91.214.188.0/22
91.216.138.0/24
91.223.183.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
92.114.109.0-92.114.110.255
93.114.84.0/24
93.114.182.0/24
93.115.36.0/24
93.119.193.0/24
93.180.208.0/22
94.176.150.0/24
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
176.126.204.0/24
188.208.108.0/24
188.208.116.0/24
188.210.254.0/24
188.211.234.0/24
188.213.128.0/22
188.214.81.0/24
188.214.89.0/24
188.215.76.0/23
188.240.4.0/22
188.241.59.0/24
188.241.192.0/24
193.33.94.0/23
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.108.52.0/22
193.138.97.0/24
193.169.8.0/23
193.192.44.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
41:9e:02:88:ad:43:d0:ef:54:c6:64:29:2e:73:bc:73:99:23:
90:ce:d3:47:b8:14:2f:21:66:b1:00:89:46:db:8b:0b:8e:97:
ae:2a:07:b8:30:78:1a:a5:d4:39:d1:da:65:d7:4e:e7:3b:2f:
91:90:be:a1:ff:4f:0b:11:9d:bf:b9:0e:db:72:e2:f4:06:34:
7c:74:02:e1:62:04:57:80:2d:8d:9f:c3:7f:4a:92:88:74:d2:
cd:0b:65:14:56:76:06:4f:bc:37:e7:c7:a3:62:76:dd:d5:7a:
6e:26:8e:e4:af:a6:18:b1:8b:8a:9a:4d:3b:cf:81:c1:1f:97:
68:f4:88:7f:05:49:1c:be:83:46:e1:e6:be:5f:34:df:10:9a:
63:cf:f2:52:f2:c9:3d:ae:61:08:0e:84:d0:65:41:f1:1d:6a:
65:1e:f6:38:a8:97:ff:ae:16:b6:41:62:71:2a:40:78:95:0f:
3e:7f:74:e7:2b:2f:40:c4:73:b9:67:97:8d:7b:7a:f2:04:fd:
5d:3f:a7:47:79:af:ba:0c:ff:1c:4a:b0:06:ea:3f:44:97:a7:
4b:e2:1f:8c:b9:87:05:39:7e:1f:16:51:8a:90:2f:83:aa:eb:
cd:f3:7b:59:22:27:6b:19:0c:ff:6c:c8:43:01:92:a6:6a:09:
4f:4d:20:3b
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgISAYq2YwS5ykkhC6Nl81dHGtcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwOTIxMDYxNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNmNWUwYzU2ZmNkOWY3ZjExOGRmOWIyN2EzY2IxYzkwOGQ3MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp42150p5y0KXDQUqURso4b2CS68R
5ejxLmi2CjEbaXua/dOZLRwHdqvN8q3lbCzge+p6k5b/KzpWDCz8/Uz///XbyksK
zgYFCTqB3x5qEffBjLcSzgUeuOS7S1s6w3yPTiYwKPyOJ8NT6QYP7K7nWERFbuYo
bV/Rxer9zjJX4pTZtUXuHy5nbsTTsPlJTebvRPD2My4Syx3vcll7D0NzplO9M4kg
IHEYXpcPSK2SqgpYyFl4SW8OCeVud9FeC11MDJhKfsxjKVkvIYyO5NdY8dBxCdeI
qRYrY/Ed9i10WtslDc5Bik0ibjIRacXcwMaJMEhoGidqT5J+pqtIcAYniQIDAQAB
o4IENzCCBDMwHQYDVR0OBBYEFFw/XgxW/Nn38RjfmyejyxyQjXDEMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvWEQ5ZURGYjgyZmZ4R04tYko2UExISkNOY01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICSwYIKwYBBQUHAQcBAf8EggI6MIICNjCCAjIEAgABMIIC
KgMEAi0OTAMEAC5maQMEAS5mdgMEBC73kAMEAU3f1gMEAU+LUAMEAFXMGgMEAFXM
8wMEAFXM9wMEAFXM+gMEAFXM/QMEAlZoSAMEAFZp8QMEAFZqbAMEAFZrNQMEAFkg
fQMEAVkgggMEAFkkxwMEAFklOgMEAFkmhgMEAFknWwMEAFkoKQMEAVkopAMEAVkq
NAMEAVkvJgMEAFkvKwMEAlkvMAMEAFkvXgMEAVnI8AMEAFvGFwMEAlvWvAMEAFvY
igMEAFvftwMEAFvjIQMEAFvl5AMEAVvulDAMAwQAXHJtAwQAXHJuAwQAXXJUAwQA
XXK2AwQAXXMkAwQAXXfBAwQCXbTQAwQAXrCWAwQBXrEGAwQAXrEXAwQBsH7GAwQA
sH7MAwQAvNBsAwQAvNB0AwQAvNL+AwQAvNPqAwQCvNWAAwQAvNZRAwQAvNZZAwQB
vNdMAwQCvPAEAwQAvPE7AwQAvPHAAwQBwSFeAwQAwSQsAwQAwSWIAwQAwSd3AwQC
wV0oAwQAwWmwAwQCwWw0AwQAwYphAwQBwakIAwQBwcAsAwQBwcA0AwQBwe+sAwQB
we/2AwQAwghRAwQBwhjqAwQBwipkAwQBwliGAwQBwmrMAwQBwmrUAwQAwozrAwQB
wvZqAwQBwwLEAwQBww0wAwQBwyJQAwQCwyroAwQBw12MAwQBw4C8AwQBw4fAAwQA
w72wAwQBw726AwQBw736AwQBw9IsAwQBw/6MMA0GCSqGSIb3DQEBCwUAA4IBAQBB
ngKIrUPQ71TGZCkuc7xzmSOQztNHuBQvIWaxAIlG24sLjpeuKge4MHgapdQ50dpl
107nOy+RkL6h/08LEZ2/uQ7bcuL0BjR8dALhYgRXgC2Nn8N/SpKIdNLNC2UUVnYG
T7w358ejYnbd1XpuJo7kr6YYsYuKmk07z4HBH5do9Ih/BUkcvoNG4ea+XzTfEJpj
z/JS8sk9rmEIDoTQZUHxHWplHvY4qJf/rha2QWJxKkB4lQ8+f3TnKy9AxHO5Z5eN
e3ryBP1dP6dHea+6DP8cSrAG6j9El6dL4h+MuYcFOX4fFlGKkC+DquvN83tZIidr
GQz/bMhDAZKmaglPTSA7
-----END CERTIFICATE-----
Generated at Thu Dec 14 09:03:57 2023 by rpki-client on console-fra.rpki-client.org