Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1X5Q3txf-yX2YkUsu1rkasfnGG0.roa
File: 1X5Q3txf-yX2YkUsu1rkasfnGG0.roa (raw, json)
Hash identifier: mmuXhfN+OvDGMBwqu5LENlsp4QnOH2A6QiujQp5kXiY=
Subject key identifier: D5:7E:50:DE:DC:5F:FB:25:F6:62:45:2C:BB:5A:E4:6A:C7:E7:18:6D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AA71698241C2D53B45A9509BDBC483976
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1X5Q3txf-yX2YkUsu1rkasfnGG0.roa
Signing time: Mon 18 Sep 2023 06:59:50 +0000
ROA not before: Mon 18 Sep 2023 06:59:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:16:98:24:1c:2d:53:b4:5a:95:09:bd:bc:48:39:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 18 06:59:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d57e50dedc5ffb25f662452cbb5ae46ac7e7186d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1e:a2:aa:d1:d8:f4:eb:ea:81:b8:9b:e6:dd:
0c:28:e3:bb:dd:8e:90:24:aa:bd:a3:9e:a9:2b:30:
14:95:bc:e7:14:87:be:cb:1e:99:73:ec:b6:30:23:
e9:00:a1:98:82:1a:97:e9:f6:68:3a:33:b2:cd:74:
cd:ad:c6:6a:a5:b4:85:b3:05:98:bf:a0:5b:b5:3d:
b5:f8:93:e6:de:27:ff:22:87:ba:55:8a:3d:d3:a7:
f9:bd:f3:3b:a8:21:da:72:01:fe:da:9c:ac:3c:e4:
c7:07:55:26:cb:a6:e4:58:5a:c3:b6:de:00:e4:07:
69:a5:62:24:ed:95:f0:35:e5:17:1c:60:d0:eb:f6:
9c:3d:93:ef:95:c6:d8:89:2e:0d:79:6f:c2:c4:05:
7d:ed:4c:e3:38:08:77:f9:d5:bc:b5:b1:fc:4a:85:
a6:3c:4b:a2:d2:1e:0b:dd:98:11:e5:f2:e8:69:ec:
9e:ca:bf:43:83:f2:40:53:28:bb:89:84:de:0c:4a:
3d:d8:2c:b8:bf:39:c0:3f:70:9c:92:f2:16:e2:e2:
55:5e:c3:bd:64:1c:96:23:b3:10:4e:d4:3b:22:70:
37:73:08:c5:b0:e3:41:5c:bd:98:b0:72:01:82:0d:
f0:80:f2:ce:81:84:0a:84:0d:e6:bc:7e:66:b3:1a:
50:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7E:50:DE:DC:5F:FB:25:F6:62:45:2C:BB:5A:E4:6A:C7:E7:18:6D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1X5Q3txf-yX2YkUsu1rkasfnGG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.121.45.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.219.126.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
46:87:c0:14:38:8a:0e:ab:da:cd:6d:79:c9:fa:cf:67:fa:f8:
fa:9d:d6:10:88:21:fe:08:a4:b3:6a:7d:94:01:b1:1b:aa:79:
11:4c:82:74:be:38:85:71:58:8c:94:c2:01:23:93:4b:f4:af:
a2:3f:36:f4:2e:fb:b7:f3:32:95:2c:3d:f0:e1:44:23:0e:ec:
fd:5f:d8:e2:0b:55:62:a3:c2:1c:23:4b:c3:e0:64:3a:40:7a:
47:bb:45:c4:81:56:50:5b:21:ba:a4:48:cd:86:95:9d:86:6d:
22:a6:2f:3f:f3:1c:6d:cb:f0:b5:60:54:9c:6d:5b:72:4a:4b:
bf:3f:8c:61:39:b8:12:fb:3f:d9:e2:a9:c6:1d:ac:a2:b7:74:
cd:7b:07:28:4b:93:aa:5f:93:cd:10:74:da:2a:3a:2e:d1:04:
77:bb:c0:58:65:a6:93:ff:0e:fe:28:72:25:cd:53:1c:c1:72:
d1:f3:35:ab:8c:25:4c:39:b3:91:cf:51:51:ff:29:3f:43:84:
3b:e6:e5:3b:aa:d4:5d:d3:5a:d8:db:65:9f:24:f2:c9:80:64:
c0:9f:5e:e7:f4:2a:f0:18:08:f0:40:be:b1:b0:f3:48:99:af:
1d:df:a0:16:b6:94:a8:c6:62:78:e5:9b:3a:0b:43:29:dc:3e:
6a:88:1a:c5
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYqnFpgkHC1TtFqVCb28SDl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTE4MDY1OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdlNTBkZWRjNWZmYjI1ZjY2MjQ1MmNiYjVhZTQ2YWM3ZTcxODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR6iqtHY9Ovqgbib5t0MKOO73Y6Q
JKq9o56pKzAUlbznFIe+yx6Zc+y2MCPpAKGYghqX6fZoOjOyzXTNrcZqpbSFswWY
v6BbtT21+JPm3if/Ioe6VYo906f5vfM7qCHacgH+2pysPOTHB1Umy6bkWFrDtt4A
5AdppWIk7ZXwNeUXHGDQ6/acPZPvlcbYiS4NeW/CxAV97UzjOAh3+dW8tbH8SoWm
PEui0h4L3ZgR5fLoaeyeyr9Dg/JAUyi7iYTeDEo92Cy4vznAP3CckvIW4uJVXsO9
ZByWI7MQTtQ7InA3cwjFsONBXL2YsHIBgg3wgPLOgYQKhA3mvH5msxpQsQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFNV+UN7cX/sl9mJFLLta5GrH5xhtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMVg1UTN0eGYteVgyWWtVc3Uxcmthc2ZuR0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAC2XWQME
AFd5LQMEAVx3xDAMAwQAXpqhAwQCXpqgAwQAXpxOAwQAXpzvMAwDBAKTTmQDBACT
TmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQDBAK52lQDBAC5234DBAC5/LADBADC
qa4DBADCtDIwDQYJKoZIhvcNAQELBQADggEBAEaHwBQ4ig6r2s1tecn6z2f6+Pqd
1hCIIf4IpLNqfZQBsRuqeRFMgnS+OIVxWIyUwgEjk0v0r6I/NvQu+7fzMpUsPfDh
RCMO7P1f2OILVWKjwhwjS8PgZDpAeke7RcSBVlBbIbqkSM2GlZ2GbSKmLz/zHG3L
8LVgVJxtW3JKS78/jGE5uBL7P9niqcYdrKK3dM17ByhLk6pfk80QdNoqOi7RBHe7
wFhlppP/Dv4ociXNUxzBctHzNauMJUw5s5HPUVH/KT9DhDvm5Tuq1F3TWtjbZZ8k
8smAZMCfXuf0KvAYCPBAvrGw80iZrx3foBa2lKjGYnjlmzoLQyncPmqIGsU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:56 2024 by rpki-client on console-fra.rpki-client.org