Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/tdN8tVA8ysjThPzEufc9HHq5k2Y.roa
File: tdN8tVA8ysjThPzEufc9HHq5k2Y.roa (raw, json)
Hash identifier: AMwg185R9J3vulEvmLHRwmwDHYamjQIrWQ6pJ7CcnHk=
Subject key identifier: B5:D3:7C:B5:50:3C:CA:C8:D3:84:FC:C4:B9:F7:3D:1C:7A:B9:93:66
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 0190738C4470FBF4C47C4F63D99ACDD2DAD4
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/tdN8tVA8ysjThPzEufc9HHq5k2Y.roa
Signing time: Tue 02 Jul 2024 13:04:50 +0000
ROA not before: Tue 02 Jul 2024 13:04:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.247.144.0/20 maxlen: 24
89.40.41.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.180.208.0/22 maxlen: 24
193.37.136.0/24 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:8c:44:70:fb:f4:c4:7c:4f:63:d9:9a:cd:d2:da:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jul 2 13:04:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5d37cb5503ccac8d384fcc4b9f73d1c7ab99366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b6:96:90:07:18:65:e8:e3:47:d7:6b:00:4a:
f5:2d:2a:ca:d1:57:b4:f2:43:79:21:ec:be:8d:d8:
cd:df:69:2e:77:67:6c:fc:60:b1:c6:bb:62:e6:2c:
36:e9:55:66:a8:95:67:6b:9a:cc:fe:e7:cb:79:1c:
31:57:eb:a5:5b:a7:de:7c:1a:8b:48:8a:3e:fc:f3:
c8:a1:a7:8e:60:9e:54:7c:cf:79:79:1c:2c:a3:92:
1a:e6:de:9c:a8:19:f7:2c:d5:a4:18:e0:05:4f:87:
31:33:87:6e:3c:7f:b3:aa:c8:e4:f8:e4:1c:21:50:
d5:63:c2:0f:28:d6:70:33:e6:9b:f8:85:2d:01:1f:
d9:7b:41:23:3c:ea:14:3d:b7:01:c1:d5:cd:8a:1d:
00:a2:49:39:69:0d:0c:e5:5e:f8:a0:cf:f4:01:3d:
f0:85:00:e1:86:8e:23:08:ee:72:52:42:4b:43:bb:
5a:aa:5c:86:e3:0e:46:17:98:73:82:76:67:8c:fa:
fb:39:37:0b:3c:5a:32:ba:9e:6d:e8:dd:f8:cc:a0:
20:5b:c0:49:55:11:e1:71:97:77:e3:33:d8:f6:46:
1b:01:ee:9c:8b:f6:bc:58:3d:95:c8:11:2a:cd:51:
bb:65:53:d5:7a:17:9a:5b:df:91:35:4d:cd:a7:1d:
aa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D3:7C:B5:50:3C:CA:C8:D3:84:FC:C4:B9:F7:3D:1C:7A:B9:93:66
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/tdN8tVA8ysjThPzEufc9HHq5k2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.144.0/20
89.40.41.0/24
89.200.240.0/23
91.229.228.0/24
91.238.148.0/23
93.180.208.0/22
193.37.136.0/24
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.212.0/23
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:0b:d8:db:e2:0a:e4:2e:dd:ce:50:5d:3c:5a:21:e2:6f:77:
ac:66:64:51:ea:48:c4:d2:c3:99:8b:b4:81:b5:f5:b3:bb:4b:
ed:b6:df:a7:de:3c:58:48:cb:2d:37:43:d7:f1:93:98:2c:26:
d6:1f:53:d2:b8:4e:36:22:03:47:a3:7e:44:d5:4b:d3:04:40:
44:c2:ad:5b:00:42:c3:ec:37:d8:70:ea:37:bb:5e:5c:d5:c3:
a3:be:3c:8e:02:85:81:9e:a9:01:87:34:70:bb:70:63:18:7d:
ae:f7:62:d1:dc:43:59:c4:e7:da:d2:7f:bd:19:b0:78:10:6f:
69:53:a5:47:d5:3a:97:4b:f4:9b:81:6a:5c:f9:0c:6b:5d:c1:
2c:ff:2c:fb:c0:6e:76:2e:2c:ed:4b:5c:3b:0c:9b:5e:fb:a6:
ce:49:66:d1:d9:41:f7:1f:16:ed:aa:ab:ea:8e:a7:97:9a:c0:
ce:3a:e3:fa:d5:32:d9:7a:7d:8e:dd:8a:6f:4c:31:98:e4:3c:
40:0c:ec:55:9c:75:91:ce:7e:25:6d:d0:63:a0:31:16:6b:cc:
23:55:f9:a4:59:93:5e:b8:df:1e:e3:ba:12:ff:c4:6c:1a:8f:
87:f9:b9:d0:59:9f:95:01:90:31:fe:84:06:7b:7b:f2:7c:0d:
69:38:35:97
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZBzjERw+/TEfE9j2ZrN0trUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNzAyMTMwNDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQzN2NiNTUwM2NjYWM4ZDM4NGZjYzRiOWY3M2QxYzdhYjk5MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuraWkAcYZejjR9drAEr1LSrK0Ve0
8kN5Iey+jdjN32kud2ds/GCxxrti5iw26VVmqJVna5rM/ufLeRwxV+ulW6fefBqL
SIo+/PPIoaeOYJ5UfM95eRwso5Ia5t6cqBn3LNWkGOAFT4cxM4duPH+zqsjk+OQc
IVDVY8IPKNZwM+ab+IUtAR/Ze0EjPOoUPbcBwdXNih0Aokk5aQ0M5V74oM/0AT3w
hQDhho4jCO5yUkJLQ7taqlyG4w5GF5hzgnZnjPr7OTcLPFoyup5t6N34zKAgW8BJ
VRHhcZd34zPY9kYbAe6ci/a8WD2VyBEqzVG7ZVPVeheaW9+RNU3Npx2qUwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFLXTfLVQPMrI04T8xLn3PRx6uZNmMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvdGROOHRWQTh5c2pUaFB6RXVmYzlISHE1azJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAQu
95ADBABZKCkDBAFZyPADBABb5eQDBAFb7pQDBAJdtNADBADBJYgDBADBabADBAHB
qQgDBAHBwDQDBAHB76wDBAHB7/YDBAHCGOoDBAHCKmQDBAHCWIYDBAHCatQDBAHC
9moDBAHDAsQDBAHDDTADBAHDIlADBAHDXYwDBAHDgLwDBAHDh8ADBAHDvboDBAHD
vfoDBAHD0iwDBAHD/owwDQYJKoZIhvcNAQELBQADggEBAB0L2NviCuQu3c5QXTxa
IeJvd6xmZFHqSMTSw5mLtIG19bO7S+2236fePFhIyy03Q9fxk5gsJtYfU9K4TjYi
A0ejfkTVS9MEQETCrVsAQsPsN9hw6je7XlzVw6O+PI4ChYGeqQGHNHC7cGMYfa73
YtHcQ1nE59rSf70ZsHgQb2lTpUfVOpdL9JuBalz5DGtdwSz/LPvAbnYuLO1LXDsM
m177ps5JZtHZQfcfFu2qq+qOp5eawM464/rVMtl6fY7dim9MMZjkPEAM7FWcdZHO
fiVt0GOgMRZrzCNV+aRZk1643x7juhL/xGwaj4f5udBZn5UBkDH+hAZ7e/J8DWk4
NZc=
-----END CERTIFICATE-----
Generated at Fri Jul 5 15:46:52 2024 by rpki-client on console-ams.rpki-client.org