Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ivfubrewO7Ss8Rni47SKULvKy0E.roa
File: ivfubrewO7Ss8Rni47SKULvKy0E.roa (raw, json)
Hash identifier: lTUzCDfYpvQzSZ86z4Vu3lgXFlbHdloONyiK1O0RDNA=
Subject key identifier: 8A:F7:EE:6E:B7:B0:3B:B4:AC:F1:19:E2:E3:B4:8A:50:BB:CA:CB:41
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018E0EF9FE01E042A082CEA5334AA173A1F6
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ivfubrewO7Ss8Rni47SKULvKy0E.roa
Signing time: Tue 05 Mar 2024 14:17:28 +0000
ROA not before: Tue 05 Mar 2024 14:17:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 45.14.76.0/22 maxlen: 24
46.102.105.0/24 maxlen: 24
46.102.118.0/23 maxlen: 24
46.247.144.0/20 maxlen: 24
77.223.214.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
86.104.72.0/22 maxlen: 24
86.105.241.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.32.130.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.42.52.0/23 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.223.183.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.6.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.215.76.0/23 maxlen: 24
188.241.59.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.138.97.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.44.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.42.232.0/22 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:f9:fe:01:e0:42:a0:82:ce:a5:33:4a:a1:73:a1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 5 14:17:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8af7ee6eb7b03bb4acf119e2e3b48a50bbcacb41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1d:eb:3d:d6:7b:3c:10:93:39:da:86:f4:56:
41:02:f3:f3:0d:c1:78:3b:8c:09:e1:1b:75:6f:15:
6a:81:31:7c:cb:62:4c:10:72:0c:71:e6:35:b5:32:
64:12:f5:a2:ec:0f:10:a6:cd:16:59:aa:ee:ec:f6:
df:68:d3:9a:f1:c0:fb:63:65:85:d1:8e:ee:61:05:
05:d1:97:06:9f:9d:db:47:f1:2d:94:94:1a:3d:18:
e9:11:a9:e4:08:b6:05:aa:29:25:72:89:33:13:91:
da:0a:b5:8c:ac:e4:fb:28:cb:6e:fc:13:0c:99:af:
26:14:6b:c9:97:26:5e:46:9a:1b:5e:d1:a7:5a:32:
81:19:0a:c9:48:cf:80:39:cb:5f:68:41:16:de:39:
c5:6a:eb:52:d4:9b:c2:a2:30:34:d5:f9:75:27:76:
11:9d:2e:38:77:dc:dc:72:c7:7c:0b:81:b5:12:f6:
da:ab:2f:79:a4:1a:c3:31:03:c1:a9:02:c7:2c:45:
82:33:48:89:74:b6:f4:aa:90:c8:df:61:2d:d4:c4:
6a:1b:ce:78:a5:8d:04:b3:e0:d3:4d:2c:c1:1f:46:
58:31:dd:7d:dd:3d:13:95:48:df:ab:8e:1f:f4:65:
13:30:34:63:fa:84:a4:09:63:b6:de:22:99:ab:fb:
1c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F7:EE:6E:B7:B0:3B:B4:AC:F1:19:E2:E3:B4:8A:50:BB:CA:CB:41
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ivfubrewO7Ss8Rni47SKULvKy0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.76.0/22
46.102.105.0/24
46.102.118.0/23
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
86.104.72.0/22
86.105.241.0/24
86.106.108.0/24
89.32.125.0/24
89.32.130.0/23
89.37.58.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.223.183.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
193.33.94.0/23
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.138.97.0/24
193.169.8.0/23
193.192.44.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
65:82:5b:20:2b:54:18:40:72:d0:32:7e:52:89:b0:8a:74:1f:
6e:3b:d5:34:64:ca:96:7d:05:6a:73:c2:b0:fa:e2:51:59:f6:
31:66:da:f1:99:12:b3:86:75:e7:d6:4d:27:52:c3:e1:19:7c:
ed:32:a2:7a:bf:ab:fd:15:6f:cb:db:03:f2:a4:98:22:71:c6:
4b:0d:72:8a:5c:68:64:d9:1b:7c:ca:ae:3d:dd:e9:23:cc:17:
9d:74:cc:bf:f4:7a:da:39:6d:1d:02:c3:df:97:94:1a:05:c5:
0b:e2:bc:5b:67:b5:d3:2a:1a:8b:dc:2d:49:0a:70:8b:dd:6d:
de:a8:50:d1:6a:90:da:4a:d2:85:6e:a7:13:e8:fc:f2:9a:16:
ed:b6:78:30:5b:42:d4:de:61:c8:a8:29:a9:14:a6:fb:4e:20:
c7:61:1e:7d:bb:1c:73:3b:e7:31:e2:03:27:69:fc:0f:ec:16:
ae:53:9e:4d:9e:92:2a:a9:af:fd:7a:ff:b5:a1:e9:46:47:91:
f4:64:0c:1f:40:d7:fd:a7:b8:53:93:fd:b3:09:13:cb:a9:96:
84:b0:92:ea:b2:ca:74:9c:05:64:5a:ca:b5:06:85:de:3c:21:
b9:d5:89:68:09:b7:77:cb:37:40:60:4b:55:25:05:ad:dd:7e:
fe:00:71:a0
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgISAY4O+f4B4EKggs6lM0qhc6H2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMzA1MTQxNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY3ZWU2ZWI3YjAzYmI0YWNmMTE5ZTJlM2I0OGE1MGJiY2FjYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgx3rPdZ7PBCTOdqG9FZBAvPzDcF4
O4wJ4Rt1bxVqgTF8y2JMEHIMceY1tTJkEvWi7A8Qps0WWaru7PbfaNOa8cD7Y2WF
0Y7uYQUF0ZcGn53bR/EtlJQaPRjpEankCLYFqiklcokzE5HaCrWMrOT7KMtu/BMM
ma8mFGvJlyZeRpobXtGnWjKBGQrJSM+AOctfaEEW3jnFautS1JvCojA01fl1J3YR
nS44d9zccsd8C4G1Evbaqy95pBrDMQPBqQLHLEWCM0iJdLb0qpDI32Et1MRqG854
pY0Es+DTTSzBH0ZYMd193T0TlUjfq44f9GUTMDRj+oSkCWO23iKZq/scCwIDAQAB
o4IDkzCCA48wHQYDVR0OBBYEFIr37m63sDu0rPEZ4uO0ilC7ystBMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvaXZmdWJyZXdPN1NzOFJuaTQ3U0tVTHZLeTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpwYIKwYBBQUHAQcBAf8EggGWMIIBkjCCAY4EAgABMIIB
hgMEAi0OTAMEAC5maQMEAS5mdgMEBC73kAMEAU3f1gMEAU+LUAMEAlZoSAMEAFZp
8QMEAFZqbAMEAFkgfQMEAVkgggMEAFklOgMEAFkoKQMEAVkopAMEAVkqNAMEAVkv
JgMEAFkvKwMEAVnI8AMEAFvGFwMEAFvYigMEAFvftwMEAFvjIQMEAFvl5AMEAVvu
lAMEAF1yVAMEAl200AMEAV6xBgMEAF6xFwMEAbB+xgMEALzS/gMEALzWWQMEAbzX
TAMEALzxOwMEAcEhXgMEAMEkLAMEAMEliAMEAMEndwMEAsFdKAMEAMFpsAMEAMGK
YQMEAcGpCAMEAcHALAMEAcHANAMEAcHvrAMEAcHv9gMEAMIIUQMEAcIY6gMEAcIq
ZAMEAcJYhgMEAcJqzAMEAcJq1AMEAMKM6wMEAcL2agMEAcMCxAMEAcMNMAMEAcMi
UAMEAsMq6AMEAcNdjAMEAcOAvAMEAcOHwAMEAMO9sAMEAcO9ugMEAcO9+gMEAcPS
LAMEAcP+jDANBgkqhkiG9w0BAQsFAAOCAQEAZYJbICtUGEBy0DJ+UomwinQfbjvV
NGTKln0FanPCsPriUVn2MWba8ZkSs4Z159ZNJ1LD4Rl87TKier+r/RVvy9sD8qSY
InHGSw1yilxoZNkbfMquPd3pI8wXnXTMv/R62jltHQLD35eUGgXFC+K8W2e10yoa
i9wtSQpwi91t3qhQ0WqQ2krShW6nE+j88poW7bZ4MFtC1N5hyKgpqRSm+04gx2Ee
fbscczvnMeIDJ2n8D+wWrlOeTZ6SKqmv/Xr/taHpRkeR9GQMH0DX/ae4U5P9swkT
y6mWhLCS6rLKdJwFZFrKtQaF3jwhudWJaAm3d8s3QGBLVSUFrd1+/gBxoA==
-----END CERTIFICATE-----
Generated at Wed Mar 6 19:35:18 2024 by rpki-client on console-fra.rpki-client.org