Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/tyybBuBv4lKZXvCV1aoBTlpwsbg.roa
File: tyybBuBv4lKZXvCV1aoBTlpwsbg.roa (raw, json)
Hash identifier: TbPu3hubw+TlwEjYjCSUZJweRAczNuk6cdmv7iEBCAA=
Subject key identifier: B7:2C:9B:06:E0:6F:E2:52:99:5E:F0:95:D5:AA:01:4E:5A:70:B1:B8
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018C677B1BCD1D08D9991AB51213FDD1B4F2
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/tyybBuBv4lKZXvCV1aoBTlpwsbg.roa
Signing time: Thu 14 Dec 2023 08:39:30 +0000
ROA not before: Thu 14 Dec 2023 08:39:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208913
IP address blocks: 195.2.196.0/23 maxlen: 24
86.107.53.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
85.204.243.0/24 maxlen: 24
85.204.253.0/24 maxlen: 24
85.204.247.0/24 maxlen: 24
85.204.250.0/24 maxlen: 24
91.214.188.0/22 maxlen: 24
188.241.192.0/24 maxlen: 24
195.93.140.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
93.114.84.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
92.114.109.0/24 maxlen: 24
92.114.110.0/24 maxlen: 24
188.208.108.0/24 maxlen: 24
188.208.116.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
188.211.234.0/24 maxlen: 24
195.13.48.0/23 maxlen: 24
188.215.76.0/23 maxlen: 24
89.36.199.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
94.177.23.0/24 maxlen: 24
195.254.140.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
85.204.26.0/24 maxlen: 24
86.106.108.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
89.42.52.0/23 maxlen: 24
93.119.193.0/24 maxlen: 24
94.177.6.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
193.39.119.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
193.36.44.0/24 maxlen: 24
188.214.81.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
176.126.204.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
89.32.130.0/23 maxlen: 24
193.93.40.0/22 maxlen: 24
93.180.208.0/22 maxlen: 24
89.39.91.0/24 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
79.139.80.0/23 maxlen: 24
91.229.228.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
194.88.134.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
89.38.134.0/24 maxlen: 24
77.223.214.0/23 maxlen: 24
86.105.241.0/24 maxlen: 24
194.8.81.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
193.105.176.0/24 maxlen: 24
188.213.128.0/22 maxlen: 24
195.210.44.0/23 maxlen: 24
46.102.105.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
91.223.183.0/24 maxlen: 24
46.102.118.0/23 maxlen: 24
94.176.150.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
193.192.52.0/23 maxlen: 24
89.47.94.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
193.138.97.0/24 maxlen: 24
89.47.38.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.47.48.0/22 maxlen: 24
193.192.44.0/23 maxlen: 24
89.37.58.0/24 maxlen: 24
93.114.182.0/24 maxlen: 24
195.34.80.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
45.14.76.0/22 maxlen: 24
193.108.52.0/22 maxlen: 24
193.37.136.0/24 maxlen: 24
193.239.172.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
193.169.8.0/23 maxlen: 24
93.115.36.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:7b:1b:cd:1d:08:d9:99:1a:b5:12:13:fd:d1:b4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Dec 14 08:39:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b72c9b06e06fe252995ef095d5aa014e5a70b1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:49:d4:91:07:18:1a:7b:eb:33:0d:db:5b:7e:
f6:10:ca:95:6c:13:22:71:81:67:ba:5c:4c:79:ab:
42:85:59:be:80:df:a2:d8:2f:1b:36:cf:d6:51:7d:
4b:4e:89:80:c2:9c:e6:ff:f5:4a:62:40:c9:d5:9b:
6b:15:fe:c7:3f:89:af:09:9b:49:2f:58:51:d6:83:
f9:70:20:f8:3c:74:50:be:e8:b2:25:81:00:40:e9:
47:9b:6a:cf:bb:32:58:af:ed:a7:11:8b:41:54:43:
ea:7a:59:6a:d4:13:0c:9e:a0:0f:e6:c5:03:7c:79:
b9:52:cc:ff:39:f1:d5:c4:40:bc:8c:63:f1:4f:e8:
8b:c0:5b:66:5b:b4:ee:c0:2e:7f:9a:84:00:4a:b6:
fe:f2:b8:29:25:71:1b:ae:ba:54:63:2b:91:90:9a:
e5:7f:88:8f:72:f3:d0:8a:28:40:50:a4:eb:05:4b:
dc:b9:4e:78:8a:8f:81:a9:21:67:36:57:8d:24:1b:
98:7c:10:12:b4:6a:54:f6:19:86:0b:41:8a:2c:33:
e5:e1:6f:a9:8f:92:fd:a7:6f:8a:0a:db:67:89:43:
10:ec:a5:c0:9d:8a:eb:1d:50:0e:c8:01:c3:4b:10:
00:d5:26:9c:27:0c:08:63:66:aa:9a:b4:6f:36:aa:
79:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2C:9B:06:E0:6F:E2:52:99:5E:F0:95:D5:AA:01:4E:5A:70:B1:B8
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/tyybBuBv4lKZXvCV1aoBTlpwsbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.76.0/22
46.102.105.0/24
46.102.118.0/23
46.247.144.0/20
77.223.214.0/23
79.139.80.0/23
85.204.26.0/24
85.204.243.0/24
85.204.247.0/24
85.204.250.0/24
85.204.253.0/24
86.104.72.0/22
86.105.241.0/24
86.106.108.0/24
86.107.53.0/24
89.32.125.0/24
89.32.130.0/23
89.36.199.0/24
89.37.58.0/24
89.38.134.0/24
89.39.91.0/24
89.40.41.0/24
89.40.164.0/23
89.42.52.0/23
89.47.38.0/23
89.47.43.0/24
89.47.48.0/22
89.47.94.0/24
89.200.240.0/23
91.198.23.0/24
91.214.188.0/22
91.216.138.0/24
91.223.183.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
92.114.109.0-92.114.110.255
93.114.84.0/24
93.114.182.0/24
93.115.36.0/24
93.119.193.0/24
93.180.208.0/22
94.176.150.0/24
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
176.126.204.0/24
188.208.108.0/24
188.208.116.0/24
188.210.254.0/24
188.211.234.0/24
188.213.128.0/22
188.214.81.0/24
188.214.89.0/24
188.215.76.0/23
188.241.59.0/24
188.241.192.0/24
193.33.94.0/23
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.108.52.0/22
193.138.97.0/24
193.169.8.0/23
193.192.44.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.42.232.0/22
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:26:20:12:86:2c:03:b3:d1:4d:38:04:ba:10:e5:8d:42:4d:
99:74:bd:39:c4:e2:9d:e9:82:f8:d4:2b:16:c2:c5:15:3a:39:
af:a1:3e:8a:6a:64:50:a6:d9:33:e0:99:6e:49:8b:42:29:e0:
f8:c4:ea:79:13:72:e4:d3:54:a0:3d:ff:24:44:b1:66:39:18:
c9:b4:89:c3:f8:c5:9d:35:e2:05:9d:55:66:81:15:3c:a3:a9:
c3:47:20:7f:90:62:75:2a:e8:1d:75:e9:e1:7e:15:05:61:69:
24:bb:b8:a5:36:70:9e:a5:fa:11:30:ec:91:0b:25:16:23:92:
c1:bb:45:f3:f5:f3:03:17:8e:4c:cf:db:31:ca:5b:5b:9f:0c:
44:dc:5f:83:f4:cf:4d:6e:dc:d1:30:56:2d:74:fc:35:f6:6a:
41:e5:63:40:44:79:ec:f3:ba:fa:a4:b6:46:6e:ff:6e:48:f6:
0e:ec:18:93:08:3f:f0:2c:83:3c:50:3b:12:9c:c1:05:c4:9a:
de:22:68:63:02:6a:14:b5:75:db:d0:bb:f1:43:be:65:1d:38:
74:22:a4:b4:e9:37:53:82:f6:42:e4:25:2a:de:ca:99:47:bf:
0a:f9:9b:ec:2e:c8:43:09:ef:36:47:48:81:11:e3:2f:39:e4:
b1:9e:6d:f4
-----BEGIN CERTIFICATE-----
MIIHJTCCBg2gAwIBAgISAYxnexvNHQjZmRq1EhP90bTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMxMjE0MDgzOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJjOWIwNmUwNmZlMjUyOTk1ZWYwOTVkNWFhMDE0ZTVhNzBiMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArknUkQcYGnvrMw3bW372EMqVbBMi
cYFnulxMeatChVm+gN+i2C8bNs/WUX1LTomAwpzm//VKYkDJ1ZtrFf7HP4mvCZtJ
L1hR1oP5cCD4PHRQvuiyJYEAQOlHm2rPuzJYr+2nEYtBVEPqellq1BMMnqAP5sUD
fHm5Usz/OfHVxEC8jGPxT+iLwFtmW7TuwC5/moQASrb+8rgpJXEbrrpUYyuRkJrl
f4iPcvPQiihAUKTrBUvcuU54io+BqSFnNleNJBuYfBAStGpU9hmGC0GKLDPl4W+p
j5L9p2+KCttniUMQ7KXAnYrrHVAOyAHDSxAA1SacJwwIY2aqmrRvNqp5gQIDAQAB
o4IEMTCCBC0wHQYDVR0OBBYEFLcsmwbgb+JSmV7wldWqAU5acLG4MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvdHl5YkJ1QnY0bEtaWHZDVjFhb0JUbHB3c2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICRQYIKwYBBQUHAQcBAf8EggI0MIICMDCCAiwEAgABMIIC
JAMEAi0OTAMEAC5maQMEAS5mdgMEBC73kAMEAU3f1gMEAU+LUAMEAFXMGgMEAFXM
8wMEAFXM9wMEAFXM+gMEAFXM/QMEAlZoSAMEAFZp8QMEAFZqbAMEAFZrNQMEAFkg
fQMEAVkgggMEAFkkxwMEAFklOgMEAFkmhgMEAFknWwMEAFkoKQMEAVkopAMEAVkq
NAMEAVkvJgMEAFkvKwMEAlkvMAMEAFkvXgMEAVnI8AMEAFvGFwMEAlvWvAMEAFvY
igMEAFvftwMEAFvjIQMEAFvl5AMEAVvulDAMAwQAXHJtAwQAXHJuAwQAXXJUAwQA
XXK2AwQAXXMkAwQAXXfBAwQCXbTQAwQAXrCWAwQBXrEGAwQAXrEXAwQBsH7GAwQA
sH7MAwQAvNBsAwQAvNB0AwQAvNL+AwQAvNPqAwQCvNWAAwQAvNZRAwQAvNZZAwQB
vNdMAwQAvPE7AwQAvPHAAwQBwSFeAwQAwSQsAwQAwSWIAwQAwSd3AwQCwV0oAwQA
wWmwAwQCwWw0AwQAwYphAwQBwakIAwQBwcAsAwQBwcA0AwQBwe+sAwQBwe/2AwQA
wghRAwQBwhjqAwQBwipkAwQBwliGAwQBwmrMAwQBwmrUAwQAwozrAwQBwvZqAwQB
wwLEAwQBww0wAwQBwyJQAwQCwyroAwQBw12MAwQBw4C8AwQBw4fAAwQAw72wAwQB
w726AwQBw736AwQBw9IsAwQBw/6MMA0GCSqGSIb3DQEBCwUAA4IBAQAtJiAShiwD
s9FNOAS6EOWNQk2ZdL05xOKd6YL41CsWwsUVOjmvoT6KamRQptkz4JluSYtCKeD4
xOp5E3Lk01SgPf8kRLFmORjJtInD+MWdNeIFnVVmgRU8o6nDRyB/kGJ1Kugddenh
fhUFYWkku7ilNnCepfoRMOyRCyUWI5LBu0Xz9fMDF45Mz9sxyltbnwxE3F+D9M9N
btzRMFYtdPw19mpB5WNARHns87r6pLZGbv9uSPYO7BiTCD/wLIM8UDsSnMEFxJre
ImhjAmoUtXXb0LvxQ75lHTh0IqS06TdTgvZC5CUq3sqZR78K+ZvsLshDCe82R0iB
EeMvOeSxnm30
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org