Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/y2jA6lHGEtLtmL7VeqVPMGPR-3U.roa
File: y2jA6lHGEtLtmL7VeqVPMGPR-3U.roa (raw, json)
Hash identifier: zqZTWC0Eq8MlHW0RYw62ob29TjhGxKCNoR14YMcFWhU=
Subject key identifier: CB:68:C0:EA:51:C6:12:D2:ED:98:BE:D5:7A:A5:4F:30:63:D1:FB:75
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018F1B939230CDCB9EDAFCE3391433C30DDC
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/y2jA6lHGEtLtmL7VeqVPMGPR-3U.roa
Signing time: Fri 26 Apr 2024 18:03:27 +0000
ROA not before: Fri 26 Apr 2024 18:03:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.102.105.0/24 maxlen: 24
46.247.144.0/20 maxlen: 24
79.139.80.0/23 maxlen: 24
86.105.241.0/24 maxlen: 24
89.32.125.0/24 maxlen: 24
89.37.58.0/24 maxlen: 24
89.40.41.0/24 maxlen: 24
89.40.164.0/23 maxlen: 24
89.47.43.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.198.23.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.227.33.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.114.84.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.177.6.0/23 maxlen: 24
94.177.23.0/24 maxlen: 24
176.126.198.0/23 maxlen: 24
188.210.254.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
193.36.44.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.39.119.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.204.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.140.235.0/24 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:93:92:30:cd:cb:9e:da:fc:e3:39:14:33:c3:0d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Apr 26 18:03:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb68c0ea51c612d2ed98bed57aa54f3063d1fb75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6a:f3:c2:77:1d:af:3e:6e:bd:e5:a9:85:91:
f1:f2:c9:83:f9:94:54:30:97:a0:71:4b:60:be:08:
b3:68:97:6f:85:4a:d8:79:e2:41:56:48:30:99:75:
01:78:9d:cc:a4:ce:cf:dc:e0:34:35:e9:96:23:46:
ad:09:a7:38:8c:22:8e:c7:5e:32:a1:eb:bb:18:40:
3f:42:3a:ed:dc:02:8a:50:83:e3:4c:41:bf:bb:c1:
d9:20:0d:c2:64:45:20:4c:13:9f:ce:78:8d:3c:2c:
b1:51:b6:73:a6:5b:13:90:f9:7f:6f:45:63:5d:e0:
a0:99:f0:80:b1:76:56:1b:db:af:1d:c4:8f:b9:7a:
3b:d4:64:c3:03:61:f6:a3:6a:4d:a3:9b:2e:12:88:
87:0b:d1:9d:f0:ca:50:16:d9:53:6f:8d:b8:10:1a:
bf:c2:9d:a5:ec:64:06:84:22:b4:66:85:2a:dc:d5:
b9:be:46:88:77:3c:4b:1f:8e:6c:9c:3e:69:4e:f7:
c5:4d:7d:ee:0d:5b:8f:ca:6c:60:80:36:c7:64:9e:
c8:56:4c:d7:43:2f:e8:d8:5c:61:ee:19:17:fe:68:
84:c2:02:f5:76:9f:1f:3d:fd:07:fc:8e:6b:0f:2e:
35:c5:37:28:fd:af:71:e5:dd:51:8e:ad:a2:3b:5a:
15:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:68:C0:EA:51:C6:12:D2:ED:98:BE:D5:7A:A5:4F:30:63:D1:FB:75
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/y2jA6lHGEtLtmL7VeqVPMGPR-3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.105.0/24
46.247.144.0/20
79.139.80.0/23
86.105.241.0/24
89.32.125.0/24
89.37.58.0/24
89.40.41.0/24
89.40.164.0/23
89.47.43.0/24
89.200.240.0/23
91.198.23.0/24
91.216.138.0/24
91.227.33.0/24
91.229.228.0/24
91.238.148.0/23
93.114.84.0/24
93.180.208.0/22
94.177.6.0/23
94.177.23.0/24
176.126.198.0/23
188.210.254.0/24
188.214.89.0/24
188.241.59.0/24
193.36.44.0/24
193.37.136.0/24
193.39.119.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.204.0/23
194.106.212.0/23
194.140.235.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
35:a8:36:57:b8:f0:de:c5:f3:5f:a7:15:48:5d:ec:96:3f:9a:
25:77:43:c6:55:f8:3c:d1:80:75:70:bc:5e:d9:75:07:ac:1e:
79:6d:aa:0f:1a:66:58:85:9e:d2:32:ec:8f:48:83:57:5b:9c:
98:5d:0f:af:63:d9:fb:d7:ef:03:8b:48:44:9a:72:86:63:1a:
9d:b8:b5:60:33:bc:8a:44:da:f7:96:31:50:6d:1d:78:78:a0:
19:84:cc:c0:23:8a:e8:13:3f:6a:85:12:d7:a7:b7:fc:77:86:
23:62:85:a0:3c:fa:49:04:c5:c2:45:d1:f3:32:da:d8:22:22:
a2:31:08:dc:89:96:ac:ee:07:47:71:9d:e3:21:23:57:16:b8:
dd:49:4d:2d:37:90:d0:bb:33:b5:28:7e:5b:92:2c:37:c3:23:
66:0e:b3:fa:24:08:e8:27:9a:18:d8:af:a6:20:e0:c0:b9:63:
0d:f2:e4:74:48:74:11:74:07:a9:70:e3:1e:0d:61:71:4a:1f:
3c:a1:40:3d:0e:16:a4:80:ac:da:a4:bd:27:0f:22:9d:c7:b6:
a2:e7:01:bb:b2:9b:50:ad:ef:e9:05:54:3c:aa:38:e1:36:60:
74:57:38:52:e4:11:d0:be:ee:aa:96:ed:ca:a4:97:b0:60:96:
0e:e1:ef:78
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAY8bk5Iwzcue2vzjORQzww3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNDI2MTgwMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY4YzBlYTUxYzYxMmQyZWQ5OGJlZDU3YWE1NGYzMDYzZDFmYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Grzwncdrz5uveWphZHx8smD+ZRU
MJegcUtgvgizaJdvhUrYeeJBVkgwmXUBeJ3MpM7P3OA0NemWI0atCac4jCKOx14y
oeu7GEA/Qjrt3AKKUIPjTEG/u8HZIA3CZEUgTBOfzniNPCyxUbZzplsTkPl/b0Vj
XeCgmfCAsXZWG9uvHcSPuXo71GTDA2H2o2pNo5suEoiHC9Gd8MpQFtlTb424EBq/
wp2l7GQGhCK0ZoUq3NW5vkaIdzxLH45snD5pTvfFTX3uDVuPymxggDbHZJ7IVkzX
Qy/o2Fxh7hkX/miEwgL1dp8fPf0H/I5rDy41xTco/a9x5d1Rjq2iO1oVVwIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFMtowOpRxhLS7Zi+1XqlTzBj0ft1MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEveTJqQTZsSEdFdEx0bUw3VmVxVlBNR1BSLTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCCAToEAgABMIIB
MgMEAC5maQMEBC73kAMEAU+LUAMEAFZp8QMEAFkgfQMEAFklOgMEAFkoKQMEAVko
pAMEAFkvKwMEAVnI8AMEAFvGFwMEAFvYigMEAFvjIQMEAFvl5AMEAVvulAMEAF1y
VAMEAl200AMEAV6xBgMEAF6xFwMEAbB+xgMEALzS/gMEALzWWQMEALzxOwMEAMEk
LAMEAMEliAMEAMEndwMEAsFdKAMEAMFpsAMEAcGpCAMEAcHANAMEAcHvrAMEAcHv
9gMEAMIIUQMEAcIY6gMEAcIqZAMEAcJYhgMEAcJqzAMEAcJq1AMEAMKM6wMEAcL2
agMEAcMCxAMEAcMNMAMEAcMiUAMEAcNdjAMEAcOAvAMEAcOHwAMEAMO9sAMEAcO9
ugMEAcO9+gMEAcPSLAMEAcP+jDANBgkqhkiG9w0BAQsFAAOCAQEANag2V7jw3sXz
X6cVSF3slj+aJXdDxlX4PNGAdXC8Xtl1B6weeW2qDxpmWIWe0jLsj0iDV1ucmF0P
r2PZ+9fvA4tIRJpyhmManbi1YDO8ikTa95YxUG0deHigGYTMwCOK6BM/aoUS16e3
/HeGI2KFoDz6SQTFwkXR8zLa2CIiojEI3ImWrO4HR3Gd4yEjVxa43UlNLTeQ0Lsz
tSh+W5IsN8MjZg6z+iQI6CeaGNivpiDgwLljDfLkdEh0EXQHqXDjHg1hcUofPKFA
PQ4WpICs2qS9Jw8ince2oucBu7KbUK3v6QVUPKo44TZgdFc4UuQR0L7uqpbtyqSX
sGCWDuHveA==
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:46 2024 by rpki-client on console-fra.rpki-client.org