Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-8MBxf7WujQcg8wsTRHzh3JMz4I.roa
File: 1-8MBxf7WujQcg8wsTRHzh3JMz4I.roa (raw, json)
Hash identifier: s3jO0m9FrbjF5Q6JcVGn26Jl3u05zwY91lVDRVUQHws=
Subject key identifier: FB:C3:01:C5:FE:D6:BA:34:1C:83:CC:2C:4D:11:F3:87:72:4C:CF:82
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C0F9F373323FA859186DE72255FC03AA0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-8MBxf7WujQcg8wsTRHzh3JMz4I.roa
Signing time: Mon 27 Nov 2023 07:12:21 +0000
ROA not before: Mon 27 Nov 2023 07:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
94.156.250.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:9f:37:33:23:fa:85:91:86:de:72:25:5f:c0:3a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 27 07:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbc301c5fed6ba341c83cc2c4d11f387724ccf82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a2:e3:0a:31:37:3d:ea:77:3a:9e:dc:ab:2f:
f3:52:c4:4d:ba:d6:72:c2:ff:4b:7c:bd:40:5d:cf:
42:ed:75:43:4c:b3:a1:c9:76:28:e4:b1:f7:d0:6a:
29:0a:71:3d:01:30:2b:27:86:44:09:2d:30:d0:e7:
42:9c:e4:73:4b:98:12:20:8f:4d:97:3d:d4:98:d9:
1d:e8:ed:da:86:2d:21:23:3b:10:bc:3e:f6:d2:44:
db:7e:bc:ec:da:ee:b3:a3:bc:48:6c:1d:7f:15:b4:
7f:bc:9f:06:b1:ba:0d:1a:bf:5b:26:54:16:6a:14:
ff:26:98:31:78:53:b1:5e:07:9a:2a:41:92:52:13:
41:08:21:51:9f:b6:be:dd:ca:e7:81:5f:72:d3:2c:
f9:01:55:44:ee:4e:b6:77:19:05:41:9f:61:7c:5c:
10:2f:b3:32:0b:b1:8d:11:4c:1e:3c:1a:18:66:bd:
f8:98:b5:92:65:1c:8e:fa:41:8a:a7:a5:be:77:75:
72:9b:5d:05:55:8a:2d:0e:fc:72:61:7e:5f:eb:21:
4c:7e:4e:0f:e4:5f:41:e8:86:9e:49:0f:4b:ee:b4:
e9:3a:85:93:e2:71:6e:1c:3f:b0:75:0c:98:5a:3c:
65:a5:b8:81:6e:29:86:6f:ad:50:43:dd:37:c3:65:
ce:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C3:01:C5:FE:D6:BA:34:1C:83:CC:2C:4D:11:F3:87:72:4C:CF:82
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-8MBxf7WujQcg8wsTRHzh3JMz4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.129.84.0/24
45.129.86.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
83.219.97.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
66:6c:66:1c:83:aa:eb:be:75:19:04:cc:f2:13:2e:60:84:3e:
f3:0b:4b:31:13:d5:b3:2b:af:5d:7b:05:3d:5e:3e:85:d6:9a:
da:71:06:e3:19:4d:71:e8:25:e6:db:f6:d2:24:83:1c:7d:d3:
81:05:16:77:ed:f9:51:fe:5c:1a:9c:b4:99:eb:bc:53:31:1c:
d3:66:1a:8a:37:3f:84:0f:75:e6:26:29:63:11:5d:ce:5f:63:
ac:ca:d9:71:b8:be:39:84:df:e8:27:f5:0e:93:ee:b9:22:90:
e7:4a:5f:36:8e:e3:ac:56:de:1a:a4:d5:b3:02:e1:27:ab:ee:
88:5e:17:67:32:ed:41:65:de:d4:d8:e4:59:2e:ab:5d:93:c5:
04:da:e8:40:0a:68:5d:f8:e5:1f:54:63:d2:04:34:ee:4e:3c:
ce:f3:d6:2c:d2:e0:e9:dd:5d:b7:f4:b9:77:de:52:88:1e:28:
aa:c0:1e:37:4e:03:3e:ba:84:4c:eb:75:eb:5c:da:6c:ea:bb:
20:ca:70:70:88:67:fd:58:fa:b6:99:00:87:23:d4:81:7a:ce:
94:af:bd:e8:e5:89:40:f5:78:44:39:05:8a:8c:61:7f:f5:2c:
42:49:e5:2e:b1:91:98:22:c3:21:09:a1:cc:2c:79:5f:29:62:
05:8c:3e:15
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYwPnzczI/qFkYbeciVfwDqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTI3MDcxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmMzMDFjNWZlZDZiYTM0MWM4M2NjMmM0ZDExZjM4NzcyNGNjZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKLjCjE3Pep3Op7cqy/zUsRNutZy
wv9LfL1AXc9C7XVDTLOhyXYo5LH30GopCnE9ATArJ4ZECS0w0OdCnORzS5gSII9N
lz3UmNkd6O3ahi0hIzsQvD720kTbfrzs2u6zo7xIbB1/FbR/vJ8GsboNGr9bJlQW
ahT/JpgxeFOxXgeaKkGSUhNBCCFRn7a+3crngV9y0yz5AVVE7k62dxkFQZ9hfFwQ
L7MyC7GNEUwePBoYZr34mLWSZRyO+kGKp6W+d3Vym10FVYotDvxyYX5f6yFMfk4P
5F9B6IaeSQ9L7rTpOoWT4nFuHD+wdQyYWjxlpbiBbimGb61QQ903w2XOvwIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFPvDAcX+1ro0HIPMLE0R84dyTM+CMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS04TUJ4ZjdXdWpRY2c4d3NUUkh6aDNKTXo0SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBqQYIKwYBBQUHAQcBAf8EgZkwgZYwgZMEAgABMIGMAwQA
JYuCAwQALQmcAwQALYFUAwQALYFWAwQALY2eAwQAT249AwQAUaHmAwQAUaHvAwQA
U9thAwQBV3l8AwQAV3miAwQCW8jAAwQAXPkwAwQAXpqsAwQAXpz4AwQAXpz6AwQB
k05kMAwDBACrFhEDBACrFhIDBACrFh8DBADBGdgDBADBIxMDBADCtCcwDQYJKoZI
hvcNAQELBQADggEBAGZsZhyDquu+dRkEzPITLmCEPvMLSzET1bMrr117BT1ePoXW
mtpxBuMZTXHoJebb9tIkgxx904EFFnft+VH+XBqctJnrvFMxHNNmGoo3P4QPdeYm
KWMRXc5fY6zK2XG4vjmE3+gn9Q6T7rkikOdKXzaO46xW3hqk1bMC4Ser7oheF2cy
7UFl3tTY5Fkuq12TxQTa6EAKaF345R9UY9IENO5OPM7z1izS4OndXbf0uXfeUoge
KKrAHjdOAz66hEzrdetc2mzquyDKcHCIZ/1Y+raZAIcj1IF6zpSvvejliUD1eEQ5
BYqMYX/1LEJJ5S6xkZgiwyEJocwseV8pYgWMPhU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:55 2024 by rpki-client on console-fra.rpki-client.org