Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/iCaCaxt2Ocq9yFpu9yecyWAXTTQ.roa
File: iCaCaxt2Ocq9yFpu9yecyWAXTTQ.roa (raw, json)
Hash identifier: 2/FqurRgUmxarv5sEZYxpMUAp3H1ZfOm8SKDkv1e/kE=
Subject key identifier: 88:26:82:6B:1B:76:39:CA:BD:C8:5A:6E:F7:27:9C:C9:60:17:4D:34
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018E56821E35EBA8A101FCF7EF730110AC27
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/iCaCaxt2Ocq9yFpu9yecyWAXTTQ.roa
Signing time: Tue 19 Mar 2024 11:39:11 +0000
ROA not before: Tue 19 Mar 2024 11:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.102.105.0/24 maxlen: 24
46.102.118.0/23 maxlen: 24
46.247.144.0/20 maxlen: 24
77.223.214.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
86.104.72.0/22 maxlen: 24
86.105.241.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.32.130.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.42.52.0/23 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.6.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.215.76.0/23 maxlen: 24
188.241.59.0/24 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.44.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.42.232.0/22 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:82:1e:35:eb:a8:a1:01:fc:f7:ef:73:01:10:ac:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 19 11:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8826826b1b7639cabdc85a6ef7279cc960174d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:07:3f:27:6b:57:ac:18:ad:a7:a0:c2:50:60:
51:76:9e:04:d5:dd:a7:7f:81:b4:88:d8:d1:e5:c8:
d3:70:2b:65:c9:36:00:7a:8b:0b:13:04:af:5b:1f:
cf:da:7b:aa:d9:1c:54:d9:5c:33:a6:49:90:b9:08:
4e:4e:9f:fa:63:3d:a5:14:93:b9:ae:b2:4c:88:8a:
69:67:47:4a:6d:69:63:22:8e:ab:0a:06:a0:ce:b0:
77:73:17:94:c4:05:32:ca:67:2a:7e:8c:58:69:65:
c2:72:76:3a:45:ec:ec:46:43:19:f3:6e:6a:a0:6b:
b9:39:dd:4e:5d:30:76:d1:a1:f2:e0:80:9f:cb:e3:
f1:e5:bf:50:fb:f9:12:3e:60:6b:ba:89:74:0e:d7:
02:26:f8:39:a1:24:2c:7d:bf:b2:2d:2f:a7:9f:f4:
14:91:0b:ac:5a:cd:a8:3c:df:cc:86:fe:4f:61:33:
83:fc:3d:c7:43:45:36:69:d5:a1:ed:c7:29:66:79:
a7:79:d7:d6:66:80:08:d7:4d:c3:13:5d:55:11:2e:
09:6f:f0:ee:62:67:ae:f5:bd:63:18:39:d8:ae:45:
a2:28:65:f2:97:6d:fd:1d:d3:67:84:43:4c:a8:23:
2d:0a:94:27:0a:b1:24:91:94:97:69:6d:21:65:69:
84:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:26:82:6B:1B:76:39:CA:BD:C8:5A:6E:F7:27:9C:C9:60:17:4D:34
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/iCaCaxt2Ocq9yFpu9yecyWAXTTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.105.0/24
46.102.118.0/23
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
86.104.72.0/22
86.105.241.0/24
86.106.108.0/24
89.32.125.0/24
89.32.130.0/23
89.37.58.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.44.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
33:e5:de:83:5e:eb:5a:92:7a:e9:aa:04:55:3d:b3:94:6f:d2:
0f:4d:84:c9:ae:04:10:97:16:94:4b:8e:5a:dc:07:0f:99:d5:
47:3f:37:63:55:7c:7c:66:fd:d1:dd:a9:bf:47:df:88:f5:88:
5e:61:0c:fb:b5:7d:8c:11:58:1e:a9:e0:ad:4e:24:04:7d:e0:
d5:96:93:fa:ff:36:75:17:d8:e3:21:5c:56:52:ab:73:23:3b:
a5:7c:ed:9f:5c:99:11:56:65:6f:7f:bb:01:f4:47:c9:a5:11:
2b:8a:f8:e7:e4:ae:c4:2f:92:5f:25:68:41:55:4a:6c:e6:99:
8b:76:33:bc:e6:99:bc:3f:40:ea:ca:4f:31:0d:44:c3:5e:45:
4c:89:b9:55:49:78:58:89:87:7f:18:aa:be:96:90:25:9d:ea:
1f:97:3c:db:2f:de:8d:7d:e1:6f:ac:49:8d:7a:dc:40:78:a1:
94:ed:76:18:9a:5e:ef:d0:04:bd:fd:9b:58:71:4a:f5:3f:32:
a4:68:78:33:ad:7f:48:c0:e1:c3:5f:1d:08:4e:9d:27:07:87:
a7:26:60:37:29:6d:43:85:5e:c0:b7:dd:f4:6f:a1:2c:10:82:
8b:03:17:15:59:f1:3c:4f:b4:ce:fb:ee:92:1c:a2:d1:c8:84:
3c:eb:8a:b6
-----BEGIN CERTIFICATE-----
MIIGbzCCBVegAwIBAgISAY5Wgh4166ihAfz373MBEKwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMzE5MTEzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODI2ODI2YjFiNzYzOWNhYmRjODVhNmVmNzI3OWNjOTYwMTc0ZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAc/J2tXrBitp6DCUGBRdp4E1d2n
f4G0iNjR5cjTcCtlyTYAeosLEwSvWx/P2nuq2RxU2VwzpkmQuQhOTp/6Yz2lFJO5
rrJMiIppZ0dKbWljIo6rCgagzrB3cxeUxAUyymcqfoxYaWXCcnY6RezsRkMZ825q
oGu5Od1OXTB20aHy4ICfy+Px5b9Q+/kSPmBruol0DtcCJvg5oSQsfb+yLS+nn/QU
kQusWs2oPN/Mhv5PYTOD/D3HQ0U2adWh7ccpZnmnedfWZoAI103DE11VES4Jb/Du
Ymeu9b1jGDnYrkWiKGXyl239HdNnhENMqCMtCpQnCrEkkZSXaW0hZWmEGQIDAQAB
o4IDezCCA3cwHQYDVR0OBBYEFIgmgmsbdjnKvchabvcnnMlgF000MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvaUNhQ2F4dDJPY3E5eUZwdTl5ZWN5V0FYVFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjwYIKwYBBQUHAQcBAf8EggF+MIIBejCCAXYEAgABMIIB
bgMEAC5maQMEAS5mdgMEBC73kAMEAU3f1gMEAU+LUAMEAlZoSAMEAFZp8QMEAFZq
bAMEAFkgfQMEAVkgggMEAFklOgMEAFkoKQMEAVkopAMEAVkqNAMEAVkvJgMEAFkv
KwMEAVnI8AMEAFvGFwMEAFvYigMEAFvjIQMEAFvl5AMEAVvulAMEAF1yVAMEAl20
0AMEAV6xBgMEAF6xFwMEAbB+xgMEALzS/gMEALzWWQMEAbzXTAMEALzxOwMEAMEk
LAMEAMEliAMEAMEndwMEAsFdKAMEAMFpsAMEAcGpCAMEAcHALAMEAcHANAMEAcHv
rAMEAcHv9gMEAMIIUQMEAcIY6gMEAcIqZAMEAcJYhgMEAcJqzAMEAcJq1AMEAMKM
6wMEAcL2agMEAcMCxAMEAcMNMAMEAcMiUAMEAsMq6AMEAcNdjAMEAcOAvAMEAcOH
wAMEAMO9sAMEAcO9ugMEAcO9+gMEAcPSLAMEAcP+jDANBgkqhkiG9w0BAQsFAAOC
AQEAM+Xeg17rWpJ66aoEVT2zlG/SD02Eya4EEJcWlEuOWtwHD5nVRz83Y1V8fGb9
0d2pv0ffiPWIXmEM+7V9jBFYHqngrU4kBH3g1ZaT+v82dRfY4yFcVlKrcyM7pXzt
n1yZEVZlb3+7AfRHyaURK4r45+SuxC+SXyVoQVVKbOaZi3YzvOaZvD9A6spPMQ1E
w15FTIm5VUl4WImHfxiqvpaQJZ3qH5c82y/ejX3hb6xJjXrcQHihlO12GJpe79AE
vf2bWHFK9T8ypGh4M61/SMDhw18dCE6dJweHpyZgNyltQ4VewLfd9G+hLBCCiwMX
FVnxPE+0zvvukhyi0ciEPOuKtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org