Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QWSTpdGTLJTINOwNS2u1ohVNgTo.roa
File: QWSTpdGTLJTINOwNS2u1ohVNgTo.roa (raw, json)
Hash identifier: n6s4XLSQS8vxf8Dqsg8dGJD/VkjJoXFa7/BuowfNNpg=
Subject key identifier: 41:64:93:A5:D1:93:2C:94:C8:34:EC:0D:4B:6B:B5:A2:15:4D:81:3A
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 018853399EA426E0488EBE08B0272CDDDE20
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QWSTpdGTLJTINOwNS2u1ohVNgTo.roa
Signing time: Thu 25 May 2023 14:04:25 +0000
ROA not before: Thu 25 May 2023 14:04:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.198.48.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
94.103.244.0/24 maxlen: 24
45.138.246.0/24 maxlen: 24
45.138.245.0/24 maxlen: 24
45.138.244.0/24 maxlen: 24
45.138.253.0/24 maxlen: 24
45.138.252.0/24 maxlen: 24
62.122.35.0/24 maxlen: 24
62.122.34.0/24 maxlen: 24
62.122.33.0/24 maxlen: 24
45.138.247.0/24 maxlen: 24
62.122.32.0/24 maxlen: 24
45.138.255.0/24 maxlen: 24
45.138.254.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
185.193.105.0/24 maxlen: 24
185.193.104.0/24 maxlen: 24
185.193.107.0/24 maxlen: 24
185.193.106.0/24 maxlen: 24
185.195.37.0/24 maxlen: 24
185.195.36.0/24 maxlen: 24
185.192.73.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
45.10.114.0/24 maxlen: 24
45.10.113.0/24 maxlen: 24
45.10.115.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
185.195.110.0/24 maxlen: 24
185.195.109.0/24 maxlen: 24
185.195.108.0/24 maxlen: 24
194.5.29.0/24 maxlen: 24
194.5.28.0/24 maxlen: 24
194.5.33.0/24 maxlen: 24
194.5.32.0/24 maxlen: 24
194.59.196.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
193.8.244.0/24 maxlen: 24
185.194.62.0/24 maxlen: 24
185.194.61.0/24 maxlen: 24
185.194.60.0/24 maxlen: 24
193.8.249.0/24 maxlen: 24
193.8.247.0/24 maxlen: 24
185.194.63.0/24 maxlen: 24
193.8.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:39:9e:a4:26:e0:48:8e:be:08:b0:27:2c:dd:de:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: May 25 14:04:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=416493a5d1932c94c834ec0d4b6bb5a2154d813a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cf:ba:4d:f6:57:5e:23:db:d9:35:44:7d:60:
66:7c:4e:90:9a:e9:f0:69:28:d5:0f:f3:40:dc:70:
53:68:cc:6f:f8:db:96:f7:e1:2a:a2:b4:28:8e:1f:
fb:c7:f7:a5:fe:bd:84:1f:85:3d:e0:db:4d:55:7c:
96:74:17:a6:62:7d:88:07:b1:29:75:a5:12:f3:ac:
ea:a6:0a:39:c7:83:cf:91:8f:36:9d:13:2d:8d:f7:
6a:b4:b2:c9:09:64:57:e3:12:28:b9:b5:d8:9a:78:
4c:60:bb:0c:c5:66:58:a1:21:2c:ed:c3:bc:3b:9a:
71:d9:7c:ad:b2:ab:cf:51:11:a6:ed:1f:b8:96:03:
a2:c1:84:15:16:b3:54:c7:5f:5f:85:a5:6d:ce:42:
2a:43:f6:8a:f5:ea:5e:3d:a0:27:8b:c8:c9:53:81:
23:c1:b7:c8:a1:10:51:82:54:03:b0:44:6d:ce:24:
3d:39:1c:ee:07:5c:dc:4e:8c:99:e4:ee:4b:df:96:
2a:ef:5f:8b:17:19:21:bc:c3:eb:1d:b7:24:ca:39:
7e:f1:34:2d:6b:0e:ac:e1:e1:fa:9c:cd:7f:7b:74:
91:c2:2c:17:a1:dd:75:30:d4:dd:77:57:bd:e3:b5:
3f:f7:ca:ce:d5:f5:6c:c0:75:9e:b8:fb:69:29:d9:
77:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:64:93:A5:D1:93:2C:94:C8:34:EC:0D:4B:6B:B5:A2:15:4D:81:3A
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QWSTpdGTLJTINOwNS2u1ohVNgTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/22
45.138.244.0/22
45.138.252.0/22
62.122.32.0/22
94.103.244.0/23
185.25.52.0/24
185.192.73.0/24
185.192.117.0/24
185.192.119.0/24
185.193.104.0/22
185.194.60.0/22
185.195.36.0/23
185.195.108.0/22
185.198.48.0/24
193.8.244.0/24
193.8.247.0/24
193.8.249.0/24
193.8.255.0/24
194.5.28.0/23
194.5.32.0/23
194.59.196.0/24
Signature Algorithm: sha256WithRSAEncryption
56:93:d3:b3:08:65:d2:2c:af:89:b6:c0:2a:6b:0c:e3:01:ea:
64:78:ae:93:6d:32:91:b7:5f:e5:7a:4f:4e:2f:7f:db:8f:d0:
e8:f8:4a:e9:a4:b9:20:63:56:11:df:02:1d:f4:40:46:ba:76:
3e:9d:85:ce:21:b9:c9:ad:34:6f:3f:ab:74:0b:75:97:71:df:
44:56:d2:02:42:32:41:0c:99:59:a0:dc:2c:5f:99:0c:4a:d8:
21:9b:85:08:f6:1e:2b:bd:c9:b2:74:ba:d9:27:86:72:8a:e4:
fb:71:28:80:5c:ae:b2:7c:1e:01:08:39:26:7d:33:41:0a:51:
3d:cf:5d:ff:11:ed:54:b8:c9:78:02:47:51:71:c1:01:6a:b7:
f2:b9:07:fc:fb:8e:59:25:0c:22:38:5d:20:b7:a3:e0:9b:2e:
92:36:59:0a:2d:44:8c:da:3b:9c:76:19:df:2b:e4:1f:02:f3:
6f:d8:bc:7c:20:51:e5:fd:d5:e1:1c:ad:52:1d:5b:23:00:c0:
f6:00:46:dd:f2:eb:4c:57:2f:de:b8:05:8f:59:cd:d4:ff:4f:
a5:80:cc:a5:dd:4c:03:df:87:e2:0e:11:56:fc:b0:83:df:09:
34:34:61:3c:11:19:12:9a:66:ca:6c:50:8e:6c:a6:3a:14:e8:
fb:15:b1:27
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYhTOZ6kJuBIjr4IsCcs3d4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwNTI1MTQwNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY0OTNhNWQxOTMyYzk0YzgzNGVjMGQ0YjZiYjVhMjE1NGQ4MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM+6TfZXXiPb2TVEfWBmfE6Qmunw
aSjVD/NA3HBTaMxv+NuW9+EqorQojh/7x/el/r2EH4U94NtNVXyWdBemYn2IB7Ep
daUS86zqpgo5x4PPkY82nRMtjfdqtLLJCWRX4xIoubXYmnhMYLsMxWZYoSEs7cO8
O5px2XytsqvPURGm7R+4lgOiwYQVFrNUx19fhaVtzkIqQ/aK9epePaAni8jJU4Ej
wbfIoRBRglQDsERtziQ9ORzuB1zcToyZ5O5L35Yq71+LFxkhvMPrHbckyjl+8TQt
aw6s4eH6nM1/e3SRwiwXod11MNTdd1e947U/98rO1fVswHWeuPtpKdl3fwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFEFkk6XRkyyUyDTsDUtrtaIVTYE6MB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvUVdTVHBkR1RMSlRJTk93TlMydTFvaFZOZ1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAi0K
cAMEAi2K9AMEAi2K/AMEAj56IAMEAV5n9AMEALkZNAMEALnASQMEALnAdQMEALnA
dwMEArnBaAMEArnCPAMEAbnDJAMEArnDbAMEALnGMAMEAMEI9AMEAMEI9wMEAMEI
+QMEAMEI/wMEAcIFHAMEAcIFIAMEAMI7xDANBgkqhkiG9w0BAQsFAAOCAQEAVpPT
swhl0iyvibbAKmsM4wHqZHiuk20ykbdf5XpPTi9/24/Q6PhK6aS5IGNWEd8CHfRA
Rrp2Pp2FziG5ya00bz+rdAt1l3HfRFbSAkIyQQyZWaDcLF+ZDErYIZuFCPYeK73J
snS62SeGcork+3EogFyusnweAQg5Jn0zQQpRPc9d/xHtVLjJeAJHUXHBAWq38rkH
/PuOWSUMIjhdILej4JsukjZZCi1EjNo7nHYZ3yvkHwLzb9i8fCBR5f3V4RytUh1b
IwDA9gBG3fLrTFcv3rgFj1nN1P9PpYDMpd1MA9+H4g4RVvywg98JNDRhPBEZEppm
ymxQjmymOhTo+xWxJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org