Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1hLp8uPfYTOAzoLThn9fSozO15o.roa
File: 1hLp8uPfYTOAzoLThn9fSozO15o.roa (raw, json)
Hash identifier: zPW353mhYZU3s6Ao1Oxc/IiP3rLDERjVf8neCi91fH8=
Subject key identifier: D6:12:E9:F2:E3:DF:61:33:80:CE:82:D3:86:7F:5F:4A:8C:CE:D7:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BF700B91539970029285FFBA1AA8F7293
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1hLp8uPfYTOAzoLThn9fSozO15o.roa
Signing time: Wed 22 Nov 2023 12:28:21 +0000
ROA not before: Wed 22 Nov 2023 12:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:00:b9:15:39:97:00:29:28:5f:fb:a1:aa:8f:72:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 22 12:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d612e9f2e3df613380ce82d3867f5f4a8cced79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:db:26:dd:9c:fa:74:25:fe:b0:7f:3e:61:39:
bd:d6:4d:50:97:62:c2:8d:f0:22:c5:3d:b3:13:87:
a7:7d:21:34:41:bb:36:b3:34:45:5f:b6:f1:cd:73:
06:8d:21:41:09:42:42:4f:02:11:61:fa:52:51:47:
33:23:db:e9:9a:db:26:d0:f9:8c:4e:ad:f4:67:82:
d9:a0:32:49:2d:1a:17:b9:08:57:04:84:dd:40:99:
73:f0:ba:9f:c8:66:ae:55:63:89:50:86:5f:50:5d:
f3:80:f9:99:16:a9:22:9d:68:d4:f4:bf:95:92:e8:
e4:13:2c:c4:39:22:50:77:71:50:2c:51:09:a6:c6:
35:c3:6b:f5:37:93:ba:b5:ad:ac:c1:a5:0a:81:c4:
22:5a:75:af:5a:10:66:6b:11:47:bf:d0:16:da:7a:
10:90:de:d6:2f:2e:d7:72:c9:1a:12:b2:1c:0e:8a:
67:70:29:78:83:5a:03:f5:43:cf:c4:0a:16:97:33:
a4:8e:07:be:aa:a5:42:38:0f:b5:90:45:6c:22:f3:
1e:68:6c:49:2a:19:23:cb:b8:87:fe:fa:61:8d:2f:
c6:a1:6f:2d:5c:0e:e0:b6:0a:6c:20:a4:b8:b1:7a:
f0:61:ae:5c:16:5e:41:c3:6d:7d:1f:9b:b7:33:f9:
19:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:12:E9:F2:E3:DF:61:33:80:CE:82:D3:86:7F:5F:4A:8C:CE:D7:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1hLp8uPfYTOAzoLThn9fSozO15o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.220.0/23
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
28:31:87:c4:cf:da:98:0b:fa:fd:8d:f6:df:34:43:f0:3a:3a:
e6:75:49:ea:14:90:73:2b:48:8d:b1:62:b0:af:9e:b2:14:f5:
08:24:69:6e:29:72:e3:79:e6:68:bb:a7:19:99:39:8b:75:2d:
88:11:e0:fc:ec:a3:b5:c1:25:1c:e7:2e:77:30:a2:29:e9:b3:
f2:02:a5:72:31:c6:79:2c:51:b1:38:23:db:d3:2a:c7:8a:d0:
b9:e1:53:af:19:78:ba:12:1f:db:a3:b5:31:3c:92:a4:c6:81:
50:14:9a:6c:6b:bc:8e:bf:0e:1c:14:15:de:fd:25:73:73:c2:
33:56:2f:ff:06:81:d4:3c:a3:b2:57:cb:66:30:77:48:d6:d0:
db:e6:42:0a:fa:46:1f:ac:4b:42:00:e9:c9:0b:a4:b5:3f:e1:
f1:f8:ed:ad:fe:da:22:9e:ed:e1:af:87:1b:6c:fc:f1:30:16:
cc:60:6a:97:a8:b8:bb:0a:cd:9d:a2:b9:5d:2a:14:b5:f5:da:
8f:46:04:29:d8:d2:3c:ec:b1:95:c2:58:f4:2d:f7:47:0b:e8:
61:1b:d6:06:ce:f7:95:cc:76:f2:a9:31:0f:10:28:42:b9:75:
cc:69:cb:dd:25:23:12:58:f3:20:9b:a7:51:1f:4d:56:64:85:
25:fe:1d:fa
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYv3ALkVOZcAKShf+6Gqj3KTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIyMTIyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjEyZTlmMmUzZGY2MTMzODBjZTgyZDM4NjdmNWY0YThjY2VkNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotsm3Zz6dCX+sH8+YTm91k1Ql2LC
jfAixT2zE4enfSE0Qbs2szRFX7bxzXMGjSFBCUJCTwIRYfpSUUczI9vpmtsm0PmM
Tq30Z4LZoDJJLRoXuQhXBITdQJlz8LqfyGauVWOJUIZfUF3zgPmZFqkinWjU9L+V
kujkEyzEOSJQd3FQLFEJpsY1w2v1N5O6ta2swaUKgcQiWnWvWhBmaxFHv9AW2noQ
kN7WLy7XcskaErIcDopncCl4g1oD9UPPxAoWlzOkjge+qqVCOA+1kEVsIvMeaGxJ
Khkjy7iH/vphjS/GoW8tXA7gtgpsIKS4sXrwYa5cFl5Bw219H5u3M/kZMQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFNYS6fLj32EzgM6C04Z/X0qMzteaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMWhMcDh1UGZZVE9Bem9MVGhuOWZTb3pPMTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAt
WFoDBAAtl1kDBABXeFcDBABXeS0DBABXeTsDBAFXedwDBAFbXBgDBAFcd8QDBABd
e3QwDAMEAF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZI
AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufbfAwQAufyw
AwQAwqmuAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQAoMYfEz9qYC/r9jfbfNEPw
OjrmdUnqFJBzK0iNsWKwr56yFPUIJGluKXLjeeZou6cZmTmLdS2IEeD87KO1wSUc
5y53MKIp6bPyAqVyMcZ5LFGxOCPb0yrHitC54VOvGXi6Eh/bo7UxPJKkxoFQFJps
a7yOvw4cFBXe/SVzc8IzVi//BoHUPKOyV8tmMHdI1tDb5kIK+kYfrEtCAOnJC6S1
P+Hx+O2t/toinu3hr4cbbPzxMBbMYGqXqLi7Cs2dorldKhS19dqPRgQp2NI87LGV
wlj0LfdHC+hhG9YGzveVzHbyqTEPEChCuXXMacvdJSMSWPMgm6dRH01WZIUl/h36
-----END CERTIFICATE-----
Generated at Thu Nov 23 14:39:32 2023 by rpki-client on console-fra.rpki-client.org