Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/fchN-cn_VyBms2LB-O_ya68d8zY.roa
File: fchN-cn_VyBms2LB-O_ya68d8zY.roa (raw, json)
Hash identifier: tsvYVH7URReSkf1y+LhEqTQ2k6Wq+KIbrjv+pmK5gaQ=
Subject key identifier: 7D:C8:4D:F9:C9:FF:57:20:66:B3:62:C1:F8:EF:F2:6B:AF:1D:F3:36
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018CC6B792BFA20DF007E471BC13F3A0BCDF
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/fchN-cn_VyBms2LB-O_ya68d8zY.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 195.2.196.0/23 maxlen: 24
86.107.53.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
85.204.243.0/24 maxlen: 24
85.204.253.0/24 maxlen: 24
85.204.247.0/24 maxlen: 24
85.204.250.0/24 maxlen: 24
91.214.188.0/22 maxlen: 24
188.241.192.0/24 maxlen: 24
195.93.140.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
93.114.84.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
92.114.109.0/24 maxlen: 24
92.114.110.0/24 maxlen: 24
188.208.108.0/24 maxlen: 24
188.208.116.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
188.211.234.0/24 maxlen: 24
195.13.48.0/23 maxlen: 24
188.215.76.0/23 maxlen: 24
89.36.199.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
94.177.23.0/24 maxlen: 24
195.254.140.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
85.204.26.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
89.42.52.0/23 maxlen: 24
93.119.193.0/24 maxlen: 24
94.177.6.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
193.39.119.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
193.36.44.0/24 maxlen: 24
188.214.81.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
176.126.204.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
89.32.130.0/23 maxlen: 24
193.93.40.0/22 maxlen: 24
93.180.208.0/22 maxlen: 24
89.39.91.0/24 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
91.229.228.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
194.88.134.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
89.38.134.0/24 maxlen: 24
77.223.214.0/23 maxlen: 24
86.105.241.0/24 maxlen: 24
194.8.81.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
193.105.176.0/24 maxlen: 24
188.213.128.0/22 maxlen: 24
195.210.44.0/23 maxlen: 24
46.102.105.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
91.223.183.0/24 maxlen: 24
46.102.118.0/23 maxlen: 24
94.176.150.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
193.192.52.0/23 maxlen: 24
89.47.94.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
193.138.97.0/24 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.47.48.0/22 maxlen: 24
193.192.44.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
93.114.182.0/24 maxlen: 24
195.34.80.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
45.14.76.0/22 maxlen: 24
193.108.52.0/22 maxlen: 24
193.37.136.0/24 maxlen: 24
193.239.172.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
193.169.8.0/23 maxlen: 24
93.115.36.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:92:bf:a2:0d:f0:07:e4:71:bc:13:f3:a0:bc:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dc84df9c9ff572066b362c1f8eff26baf1df336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:13:95:33:53:cf:c3:0d:72:5c:d5:2c:a2:8f:
d2:7e:20:e9:f5:5c:ba:e0:0d:e0:3c:70:e6:a0:e5:
c6:0e:da:b2:6b:de:dc:4a:f7:83:cb:f8:1a:b6:8e:
9b:0d:b0:f7:c4:fd:bb:28:7b:4c:11:67:01:6f:df:
c6:d3:01:6c:a5:ad:c9:b7:d6:1d:5b:32:6e:d4:cd:
a3:e8:1c:b7:fa:0b:6e:0e:14:af:da:8d:3a:6b:27:
3e:4e:26:8f:17:7d:37:00:d3:ed:fd:f8:bf:83:5a:
81:09:86:21:05:67:2a:20:ed:54:3e:c2:38:ac:fe:
fd:f8:e6:c6:4a:c4:ad:cc:0a:02:ca:99:64:0e:d3:
ce:8a:c6:f8:0f:48:bc:4a:fc:f9:40:22:fb:9c:47:
02:8a:13:b7:d5:7c:ca:b7:72:43:52:6d:2b:c2:f1:
08:fe:ae:7b:25:2a:cc:2e:32:d8:df:e1:80:e3:0d:
3c:b2:24:e6:2f:f1:8c:4a:c1:82:9b:08:b5:63:c8:
67:02:b7:b3:23:cb:38:37:6e:17:08:69:35:bf:b8:
1f:c0:2a:a3:b1:82:cf:88:92:75:86:d4:cf:a6:d0:
0d:da:04:8e:9a:e2:9b:b5:8e:af:97:46:9a:82:39:
38:60:a7:f5:6e:77:08:f2:46:4a:2f:a9:b4:62:c2:
35:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C8:4D:F9:C9:FF:57:20:66:B3:62:C1:F8:EF:F2:6B:AF:1D:F3:36
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/fchN-cn_VyBms2LB-O_ya68d8zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.76.0/22
46.102.105.0/24
46.102.118.0/23
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
85.204.26.0/24
85.204.243.0/24
85.204.247.0/24
85.204.250.0/24
85.204.253.0/24
86.104.72.0/22
86.105.241.0/24
86.106.108.0/24
86.107.53.0/24
89.32.125.0/24
89.32.130.0/23
89.36.199.0/24
89.37.58.0/24
89.38.134.0/24
89.39.91.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.47.48.0/22
89.47.94.0/24
89.200.240.0/23
91.198.23.0/24
91.214.188.0/22
91.216.138.0/24
91.223.183.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
92.114.109.0-92.114.110.255
93.114.84.0/24
93.114.182.0/24
93.115.36.0/24
93.119.193.0/24
93.180.208.0/22
94.176.150.0/24
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
176.126.204.0/24
188.208.108.0/24
188.208.116.0/24
188.210.254.0/24
188.211.234.0/24
188.213.128.0/22
188.214.81.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
188.241.192.0/24
193.33.94.0/23
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.108.52.0/22
193.138.97.0/24
193.169.8.0/23
193.192.44.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
12:a5:b3:5e:86:d7:a7:8f:dd:e9:8e:b7:ad:97:7f:54:59:27:
e0:f5:be:9f:89:2c:24:d2:af:4a:48:9e:fb:57:cd:61:62:23:
c3:e2:2e:a4:df:62:d3:0c:a2:e9:5f:a4:aa:32:f4:f4:7d:eb:
b4:ee:bd:19:4a:59:a4:e0:c6:30:35:37:5e:06:5f:f0:f9:37:
66:68:a2:a5:89:cb:da:88:da:79:44:00:31:54:be:c2:f4:b2:
a4:c5:af:7a:3f:66:7c:dd:6a:47:4d:24:e6:ea:94:99:e1:f0:
ba:a5:2a:5a:cf:38:a6:34:55:a6:a2:77:1b:a4:65:84:41:c7:
11:7e:48:92:a8:f7:6e:c7:5b:9f:f0:00:97:5a:4d:3e:51:a9:
72:53:cf:48:11:9b:e0:06:31:e4:52:83:4f:b1:06:67:7b:60:
ef:75:a8:c0:b2:7d:6a:26:28:0b:e6:3a:6f:f6:65:34:a4:e1:
cc:9a:63:70:25:b5:b5:1f:4d:5c:dd:7c:96:da:7e:da:61:3c:
51:15:14:84:eb:8e:d8:90:eb:96:1a:73:e4:3f:e2:b9:df:68:
9e:6a:56:19:52:2a:71:0b:c0:94:5d:e2:c0:33:1b:bc:90:14:
ab:41:2f:80:a8:31:06:6c:95:a5:ee:f0:05:a0:2b:37:fb:ab:
22:7f:26:b2
-----BEGIN CERTIFICATE-----
MIIHJTCCBg2gAwIBAgISAYzGt5K/og3wB+RxvBPzoLzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM4NGRmOWM5ZmY1NzIwNjZiMzYyYzFmOGVmZjI2YmFmMWRmMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBOVM1PPww1yXNUsoo/SfiDp9Vy6
4A3gPHDmoOXGDtqya97cSveDy/gato6bDbD3xP27KHtMEWcBb9/G0wFspa3Jt9Yd
WzJu1M2j6By3+gtuDhSv2o06ayc+TiaPF303ANPt/fi/g1qBCYYhBWcqIO1UPsI4
rP79+ObGSsStzAoCyplkDtPOisb4D0i8Svz5QCL7nEcCihO31XzKt3JDUm0rwvEI
/q57JSrMLjLY3+GA4w08siTmL/GMSsGCmwi1Y8hnArezI8s4N24XCGk1v7gfwCqj
sYLPiJJ1htTPptAN2gSOmuKbtY6vl0aagjk4YKf1bncI8kZKL6m0YsI1MQIDAQAB
o4IEMTCCBC0wHQYDVR0OBBYEFH3ITfnJ/1cgZrNiwfjv8muvHfM2MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvZmNoTi1jbl9WeUJtczJMQi1PX3lhNjhkOHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICRQYIKwYBBQUHAQcBAf8EggI0MIICMDCCAiwEAgABMIIC
JAMEAi0OTAMEAC5maQMEAS5mdgMEBC73kAMEAU3f1gMEAU+LUAMEAFXMGgMEAFXM
8wMEAFXM9wMEAFXM+gMEAFXM/QMEAlZoSAMEAFZp8QMEAFZqbAMEAFZrNQMEAFkg
fQMEAVkgggMEAFkkxwMEAFklOgMEAFkmhgMEAFknWwMEAFkoKQMEAVkopAMEAVkq
NAMEAVkvJgMEAFkvKwMEAlkvMAMEAFkvXgMEAVnI8AMEAFvGFwMEAlvWvAMEAFvY
igMEAFvftwMEAFvjIQMEAFvl5AMEAVvulDAMAwQAXHJtAwQAXHJuAwQAXXJUAwQA
XXK2AwQAXXMkAwQAXXfBAwQCXbTQAwQAXrCWAwQBXrEGAwQAXrEXAwQBsH7GAwQA
sH7MAwQAvNBsAwQAvNB0AwQAvNL+AwQAvNPqAwQCvNWAAwQAvNZRAwQAvNZZAwQB
vNdMAwQAvPE7AwQAvPHAAwQBwSFeAwQAwSQsAwQAwSWIAwQAwSd3AwQCwV0oAwQA
wWmwAwQCwWw0AwQAwYphAwQBwakIAwQBwcAsAwQBwcA0AwQBwe+sAwQBwe/2AwQA
wghRAwQBwhjqAwQBwipkAwQBwliGAwQBwmrMAwQBwmrUAwQAwozrAwQBwvZqAwQB
wwLEAwQBww0wAwQBwyJQAwQCwyroAwQBw12MAwQBw4C8AwQBw4fAAwQAw72wAwQB
w726AwQBw736AwQBw9IsAwQBw/6MMA0GCSqGSIb3DQEBCwUAA4IBAQASpbNehten
j93pjretl39UWSfg9b6fiSwk0q9KSJ77V81hYiPD4i6k32LTDKLpX6SqMvT0feu0
7r0ZSlmk4MYwNTdeBl/w+TdmaKKlicvaiNp5RAAxVL7C9LKkxa96P2Z83WpHTSTm
6pSZ4fC6pSpazzimNFWmoncbpGWEQccRfkiSqPdux1uf8ACXWk0+UalyU89IEZvg
BjHkUoNPsQZne2DvdajAsn1qJigL5jpv9mU0pOHMmmNwJbW1H01c3XyW2n7aYTxR
FRSE647YkOuWGnPkP+K532iealYZUipxC8CUXeLAMxu8kBSrQS+AqDEGbJWl7vAF
oCs3+6sifyay
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org