Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/YDpEtFi_mKnszgsxaQHzke7dUDc.roa
File: YDpEtFi_mKnszgsxaQHzke7dUDc.roa (raw, json)
Hash identifier: 6Dx97UHNfhm08zpAQHIopSk60crPvrLE8/4UZANaG9w=
Subject key identifier: 60:3A:44:B4:58:BF:98:A9:EC:CE:0B:31:69:01:F3:91:EE:DD:50:37
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 018853399E1DA9DC6057C81A20D097E9A1A2
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/YDpEtFi_mKnszgsxaQHzke7dUDc.roa
Signing time: Thu 25 May 2023 14:04:24 +0000
ROA not before: Thu 25 May 2023 14:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48146
IP address blocks: 185.198.48.0/24 maxlen: 24
94.103.244.0/24 maxlen: 24
94.103.245.0/24 maxlen: 24
45.138.244.0/24 maxlen: 24
45.138.245.0/24 maxlen: 24
45.138.246.0/24 maxlen: 24
45.138.247.0/24 maxlen: 24
62.122.32.0/24 maxlen: 24
62.122.33.0/24 maxlen: 24
62.122.34.0/24 maxlen: 24
62.122.35.0/24 maxlen: 24
45.138.252.0/24 maxlen: 24
45.138.253.0/24 maxlen: 24
45.138.254.0/24 maxlen: 24
45.138.255.0/24 maxlen: 24
185.25.52.0/24 maxlen: 24
185.193.104.0/24 maxlen: 24
185.193.105.0/24 maxlen: 24
185.193.106.0/24 maxlen: 24
185.193.107.0/24 maxlen: 24
185.195.36.0/24 maxlen: 24
185.195.37.0/24 maxlen: 24
185.192.73.0/24 maxlen: 24
45.10.112.0/24 maxlen: 24
45.10.115.0/24 maxlen: 24
45.10.113.0/24 maxlen: 24
45.10.114.0/24 maxlen: 24
185.195.108.0/24 maxlen: 24
185.195.109.0/24 maxlen: 24
185.195.110.0/24 maxlen: 24
185.195.111.0/24 maxlen: 24
194.5.28.0/24 maxlen: 24
194.5.29.0/24 maxlen: 24
194.5.32.0/24 maxlen: 24
194.5.33.0/24 maxlen: 24
194.59.196.0/24 maxlen: 24
185.192.117.0/24 maxlen: 24
185.192.119.0/24 maxlen: 24
193.8.244.0/24 maxlen: 24
185.194.63.0/24 maxlen: 24
193.8.247.0/24 maxlen: 24
185.194.60.0/24 maxlen: 24
193.8.249.0/24 maxlen: 24
185.194.61.0/24 maxlen: 24
185.194.62.0/24 maxlen: 24
193.8.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:39:9e:1d:a9:dc:60:57:c8:1a:20:d0:97:e9:a1:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: May 25 14:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=603a44b458bf98a9ecce0b316901f391eedd5037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:79:fc:59:19:c0:1f:31:c1:23:ff:7f:69:21:
fb:a9:3d:22:9c:c5:97:4f:f4:56:4f:a0:d5:b8:1f:
5f:92:fc:20:25:23:17:60:a4:2e:8b:b9:95:84:0c:
e2:ee:8b:f9:c9:73:4f:4e:b3:c4:07:f7:8a:3c:69:
3d:37:31:cc:01:70:e3:b2:e0:55:93:1e:b6:70:18:
42:63:09:b7:13:de:27:26:74:b9:93:e7:7a:0e:0a:
19:31:b8:f1:6e:7a:64:39:f7:d3:31:7c:92:59:de:
0a:48:9e:fa:b9:1f:74:80:02:0c:bb:ef:8f:cb:e5:
95:9e:64:26:14:b3:bc:71:5e:88:0b:8b:2f:21:56:
6e:97:64:18:ed:38:b1:3f:2f:4b:eb:33:7d:c4:b5:
a3:b6:91:3b:63:ef:c9:3b:81:af:34:c8:b8:ad:24:
8a:ba:21:f4:19:ab:cf:b3:3f:cb:1f:3b:0a:92:ff:
76:01:43:87:49:01:92:8c:ee:59:0a:ea:38:f5:1d:
a4:df:3a:20:cb:b1:f6:88:ec:65:1e:17:3d:e7:c0:
55:6d:e0:f2:ae:e8:26:3f:3a:bd:b1:b0:94:3f:f5:
ff:b4:f0:7e:3e:d2:0c:d6:42:d6:02:81:53:04:4d:
6b:c4:cd:3d:0e:8d:0a:e8:52:cd:23:7d:38:ad:fb:
25:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3A:44:B4:58:BF:98:A9:EC:CE:0B:31:69:01:F3:91:EE:DD:50:37
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/YDpEtFi_mKnszgsxaQHzke7dUDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.112.0/22
45.138.244.0/22
45.138.252.0/22
62.122.32.0/22
94.103.244.0/23
185.25.52.0/24
185.192.73.0/24
185.192.117.0/24
185.192.119.0/24
185.193.104.0/22
185.194.60.0/22
185.195.36.0/23
185.195.108.0/22
185.198.48.0/24
193.8.244.0/24
193.8.247.0/24
193.8.249.0/24
193.8.255.0/24
194.5.28.0/23
194.5.32.0/23
194.59.196.0/24
Signature Algorithm: sha256WithRSAEncryption
47:fd:8d:08:fd:5d:8a:07:af:f9:32:fd:40:a9:13:1e:d8:b9:
76:c2:0e:50:5f:40:09:e1:c1:88:be:55:05:a4:f6:ae:99:ca:
14:2a:f7:e8:8f:59:f5:47:e4:8b:9e:86:58:60:76:df:3e:a4:
63:f2:74:e0:45:d8:63:ff:c4:4d:95:b8:be:95:ce:d3:07:c4:
7e:e5:47:69:11:fc:35:86:d1:12:1a:c5:1a:69:0b:8c:14:73:
79:4d:45:26:8b:1c:3f:ef:8c:aa:f6:97:c1:18:19:d2:52:74:
18:86:06:cf:11:28:fa:03:a5:bc:7e:d5:d3:18:46:9e:8d:44:
2d:62:23:b6:7c:8e:b5:4a:ca:96:cb:37:5b:b4:41:08:00:27:
e8:f2:cd:10:05:73:a7:5d:11:71:51:39:b9:20:5f:a4:68:7e:
1b:b4:b7:1f:4f:ba:37:7c:d1:2d:ec:11:1b:32:7a:0c:80:d5:
ec:4b:d3:81:3e:6a:fb:8c:f6:ad:3b:ca:34:31:5c:d0:c8:16:
f8:fc:63:a2:5e:d0:ac:18:f1:4e:59:42:6e:d5:db:81:7c:97:
f0:be:94:89:00:d4:08:2b:ef:d4:61:f3:cf:3b:f8:cf:b3:3c:
b6:71:86:fc:d1:6b:b3:db:2c:6a:43:02:59:14:ae:a8:bc:7f:
54:8b:55:56
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYhTOZ4dqdxgV8gaINCX6aGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjMwNTI1MTQwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNhNDRiNDU4YmY5OGE5ZWNjZTBiMzE2OTAxZjM5MWVlZGQ1MDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknn8WRnAHzHBI/9/aSH7qT0inMWX
T/RWT6DVuB9fkvwgJSMXYKQui7mVhAzi7ov5yXNPTrPEB/eKPGk9NzHMAXDjsuBV
kx62cBhCYwm3E94nJnS5k+d6DgoZMbjxbnpkOffTMXySWd4KSJ76uR90gAIMu++P
y+WVnmQmFLO8cV6IC4svIVZul2QY7TixPy9L6zN9xLWjtpE7Y+/JO4GvNMi4rSSK
uiH0GavPsz/LHzsKkv92AUOHSQGSjO5ZCuo49R2k3zogy7H2iOxlHhc958BVbeDy
rugmPzq9sbCUP/X/tPB+PtIM1kLWAoFTBE1rxM09Do0K6FLNI304rfsl7wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGA6RLRYv5ip7M4LMWkB85Hu3VA3MB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvWURwRXRGaV9tS25zemdzeGFRSHprZTdkVURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAi0K
cAMEAi2K9AMEAi2K/AMEAj56IAMEAV5n9AMEALkZNAMEALnASQMEALnAdQMEALnA
dwMEArnBaAMEArnCPAMEAbnDJAMEArnDbAMEALnGMAMEAMEI9AMEAMEI9wMEAMEI
+QMEAMEI/wMEAcIFHAMEAcIFIAMEAMI7xDANBgkqhkiG9w0BAQsFAAOCAQEAR/2N
CP1digev+TL9QKkTHti5dsIOUF9ACeHBiL5VBaT2rpnKFCr36I9Z9Ufki56GWGB2
3z6kY/J04EXYY//ETZW4vpXO0wfEfuVHaRH8NYbREhrFGmkLjBRzeU1FJoscP++M
qvaXwRgZ0lJ0GIYGzxEo+gOlvH7V0xhGno1ELWIjtnyOtUrKlss3W7RBCAAn6PLN
EAVzp10RcVE5uSBfpGh+G7S3H0+6N3zRLewRGzJ6DIDV7EvTgT5q+4z2rTvKNDFc
0MgW+Pxjol7QrBjxTllCbtXbgXyX8L6UiQDUCCvv1GHzzzv4z7M8tnGG/NFrs9ss
akMCWRSuqLx/VItVVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org