Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/c3KHgAZ39Yt6akm6UTA4qW7owrQ.roa
File: c3KHgAZ39Yt6akm6UTA4qW7owrQ.roa (raw, json)
Hash identifier: qQ9+QRZfHXtdBRd5FfW7QULmpPTyXsp6Mvm7qJBukoA=
Subject key identifier: 73:72:87:80:06:77:F5:8B:7A:6A:49:BA:51:30:38:A9:6E:E8:C2:B4
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018A68A2B3F4CEEDF96C4B95ECBEB8EA6083
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/c3KHgAZ39Yt6akm6UTA4qW7owrQ.roa
Signing time: Wed 06 Sep 2023 03:56:47 +0000
ROA not before: Wed 06 Sep 2023 03:56:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208913
IP address blocks: 195.2.196.0/23 maxlen: 24
91.238.148.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
85.204.247.0/24 maxlen: 24
91.214.188.0/22 maxlen: 24
195.93.140.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
188.215.76.0/23 maxlen: 24
89.36.199.0/24 maxlen: 24
94.177.23.0/24 maxlen: 24
195.254.140.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
85.204.26.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
89.42.52.0/23 maxlen: 24
94.177.6.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
193.39.119.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
188.214.89.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
89.32.130.0/23 maxlen: 24
193.93.40.0/22 maxlen: 24
93.180.208.0/22 maxlen: 24
89.39.91.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
188.240.4.0/22 maxlen: 24
91.216.138.0/24 maxlen: 24
195.135.192.0/23 maxlen: 24
89.38.134.0/24 maxlen: 24
86.105.241.0/24 maxlen: 24
77.223.214.0/23 maxlen: 24
188.213.128.0/22 maxlen: 24
195.210.44.0/23 maxlen: 24
46.102.105.0/24 maxlen: 24
195.189.250.0/23 maxlen: 24
46.102.118.0/23 maxlen: 24
89.47.94.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.47.48.0/22 maxlen: 24
193.192.44.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
195.34.80.0/23 maxlen: 24
45.14.76.0/22 maxlen: 24
193.108.52.0/22 maxlen: 24
193.239.172.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
193.169.8.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:68:a2:b3:f4:ce:ed:f9:6c:4b:95:ec:be:b8:ea:60:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Sep 6 03:56:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=737287800677f58b7a6a49ba513038a96ee8c2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:54:3d:0f:36:b3:58:12:86:64:ef:8c:88:f3:
48:99:c9:41:d6:73:00:ed:09:2c:c3:ed:4e:d9:92:
50:cc:2f:db:28:7e:4a:7b:9c:09:2e:35:fc:07:ce:
e7:4d:09:e4:51:01:80:ea:ec:14:97:fd:d7:79:92:
81:09:d2:b9:3c:7e:1c:f7:ee:46:c9:f1:38:88:27:
74:75:6d:ff:81:07:19:be:27:dc:5c:96:03:de:10:
e0:83:6e:b0:20:bd:da:4a:1a:f8:af:53:57:dc:6e:
0e:be:99:15:f7:5a:fb:eb:ac:3b:cd:9e:10:f3:c9:
bc:d3:e2:ff:d7:48:1d:5c:c1:11:eb:57:12:a7:81:
38:f7:5e:57:35:b2:ec:3f:d3:73:bd:b2:10:3c:2b:
70:03:44:00:da:cc:02:d9:a0:6f:04:99:72:1c:70:
b3:5c:9e:b8:c9:36:2a:e2:e7:ec:cc:d3:1c:98:0f:
0b:8a:14:35:24:c5:74:82:58:43:36:de:95:ce:a8:
4f:40:a9:a9:8e:00:aa:c3:fa:f0:70:79:32:dc:1d:
28:e7:36:42:f2:d2:1a:da:97:14:2e:ad:7c:fb:29:
20:70:48:82:81:e5:f2:60:8f:ca:88:2c:97:a4:34:
b1:45:fc:b3:a1:c8:21:96:87:d2:5c:57:bd:c3:1f:
47:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:72:87:80:06:77:F5:8B:7A:6A:49:BA:51:30:38:A9:6E:E8:C2:B4
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/c3KHgAZ39Yt6akm6UTA4qW7owrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.76.0/22
46.102.105.0/24
46.102.118.0/23
77.223.214.0/23
79.139.80.0/23
85.204.26.0/24
85.204.247.0/24
86.104.72.0/22
86.105.241.0/24
86.106.108.0/24
89.32.125.0/24
89.32.130.0/23
89.36.199.0/24
89.37.58.0/24
89.38.134.0/24
89.39.91.0/24
89.40.164.0/23
89.42.52.0/23
89.47.43.0/24
89.47.48.0/22
89.47.94.0/24
89.200.240.0/23
91.214.188.0/22
91.216.138.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.213.128.0/22
188.214.89.0/24
188.215.76.0/23
188.240.4.0/22
188.241.59.0/24
193.39.119.0/24
193.93.40.0/22
193.108.52.0/22
193.169.8.0/23
193.192.44.0/23
193.239.172.0/23
194.42.100.0/23
194.106.204.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.135.192.0/23
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:39:21:59:fa:f9:a8:18:00:9f:9b:54:3d:6c:42:75:30:57:
cb:4e:8c:97:42:ce:62:0e:e8:6e:9c:4d:b1:59:1e:43:ee:7e:
cc:d6:d3:81:d5:16:73:dd:f2:d0:c4:3e:f2:61:1d:19:6b:89:
96:f4:a1:02:47:2b:fb:7e:e4:9c:a5:a2:23:cf:33:af:e0:4e:
18:ac:a2:fd:5f:b3:87:30:76:4f:ab:1f:47:3a:8d:c5:f7:8e:
55:4f:27:3d:b7:d6:d5:f1:76:a7:e9:34:2f:84:7c:66:07:f9:
1d:a7:fa:7e:05:ce:68:23:68:ee:4f:1b:57:01:88:cb:c6:75:
96:86:5a:0e:1f:68:01:52:66:9d:c0:97:0b:64:ae:fe:cb:17:
17:a4:61:5e:ba:a1:a9:10:90:2b:42:1e:80:26:87:23:f7:fc:
08:57:63:ad:09:9d:bb:b9:fa:d7:0d:7d:3f:3e:45:d6:ee:d2:
db:da:4a:5c:3b:7e:0c:fa:8f:7e:cc:15:c7:6f:8a:49:de:af:
78:53:e8:8c:91:8a:53:f4:8c:aa:41:28:2c:a8:16:81:41:38:
32:dd:6e:00:82:fa:4a:8e:1f:83:c3:1a:9c:f0:0d:00:60:5b:
ae:70:59:a4:fb:90:a4:d2:c2:45:64:3e:54:31:12:1f:b1:26:
5d:16:6a:8b
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgISAYpoorP0zu35bEuV7L646mCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwOTA2MDM1NjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzcyODc4MDA2NzdmNThiN2E2YTQ5YmE1MTMwMzhhOTZlZThjMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVQ9DzazWBKGZO+MiPNImclB1nMA
7Qksw+1O2ZJQzC/bKH5Ke5wJLjX8B87nTQnkUQGA6uwUl/3XeZKBCdK5PH4c9+5G
yfE4iCd0dW3/gQcZvifcXJYD3hDgg26wIL3aShr4r1NX3G4OvpkV91r766w7zZ4Q
88m80+L/10gdXMER61cSp4E4915XNbLsP9NzvbIQPCtwA0QA2swC2aBvBJlyHHCz
XJ64yTYq4ufszNMcmA8LihQ1JMV0glhDNt6VzqhPQKmpjgCqw/rwcHky3B0o5zZC
8tIa2pcULq18+ykgcEiCgeXyYI/KiCyXpDSxRfyzocghlofSXFe9wx9HBQIDAQAB
o4IDVzCCA1MwHQYDVR0OBBYEFHNyh4AGd/WLempJulEwOKlu6MK0MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvYzNLSGdBWjM5WXQ2YWttNlVUQTRxVzdvd3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBawYIKwYBBQUHAQcBAf8EggFaMIIBVjCCAVIEAgABMIIB
SgMEAi0OTAMEAC5maQMEAS5mdgMEAU3f1gMEAU+LUAMEAFXMGgMEAFXM9wMEAlZo
SAMEAFZp8QMEAFZqbAMEAFkgfQMEAVkgggMEAFkkxwMEAFklOgMEAFkmhgMEAFkn
WwMEAVkopAMEAVkqNAMEAFkvKwMEAlkvMAMEAFkvXgMEAVnI8AMEAlvWvAMEAFvY
igMEAVvulAMEAF1yVAMEAl200AMEAV6xBgMEAF6xFwMEAbB+xgMEALzS/gMEArzV
gAMEALzWWQMEAbzXTAMEArzwBAMEALzxOwMEAMEndwMEAsFdKAMEAsFsNAMEAcGp
CAMEAcHALAMEAcHvrAMEAcIqZAMEAcJqzAMEAMKM6wMEAcL2agMEAcMCxAMEAcMi
UAMEAsMq6AMEAcNdjAMEAcOHwAMEAcO9ugMEAcO9+gMEAcPSLAMEAcP+jDANBgkq
hkiG9w0BAQsFAAOCAQEADDkhWfr5qBgAn5tUPWxCdTBXy06Ml0LOYg7obpxNsVke
Q+5+zNbTgdUWc93y0MQ+8mEdGWuJlvShAkcr+37knKWiI88zr+BOGKyi/V+zhzB2
T6sfRzqNxfeOVU8nPbfW1fF2p+k0L4R8Zgf5Haf6fgXOaCNo7k8bVwGIy8Z1loZa
Dh9oAVJmncCXC2Su/ssXF6RhXrqhqRCQK0IegCaHI/f8CFdjrQmdu7n61w19Pz5F
1u7S29pKXDt+DPqPfswVx2+KSd6veFPojJGKU/SMqkEoLKgWgUE4Mt1uAIL6So4f
g8ManPANAGBbrnBZpPuQpNLCRWQ+VDESH7EmXRZqiw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org