Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1sjgS9vHHvMi2XcABlbNVVe99Jw.roa
File: 1sjgS9vHHvMi2XcABlbNVVe99Jw.roa (raw, json)
Hash identifier: AR04WdhFDEBO7XfXeFwUzyuRG84i5RsCYEoHf9cjfDA=
Subject key identifier: D6:C8:E0:4B:DB:C7:1E:F3:22:D9:77:00:06:56:CD:55:57:BD:F4:9C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018800E8B0DC18544DD402EF1295F722306A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1sjgS9vHHvMi2XcABlbNVVe99Jw.roa
Signing time: Tue 09 May 2023 14:27:09 +0000
ROA not before: Tue 09 May 2023 14:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 87.121.124.0/23 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
185.246.223.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
82.115.210.0/23 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:e8:b0:dc:18:54:4d:d4:02:ef:12:95:f7:22:30:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 9 14:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6c8e04bdbc71ef322d977000656cd5557bdf49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0b:b2:0c:36:67:68:ea:8a:b1:f8:00:12:60:
34:91:71:2f:5a:86:fb:3a:be:76:62:7e:82:ec:dc:
59:11:e6:da:c5:25:cc:d4:f9:32:aa:55:94:4c:d3:
5c:b1:11:e5:4f:8f:d1:20:b3:31:b1:0c:55:2f:f5:
e9:42:ec:82:ae:81:72:a3:ec:f8:a8:34:70:7b:59:
93:62:cd:db:91:fe:ad:31:ba:19:a9:84:6e:af:b3:
6d:55:41:93:ae:7e:4f:19:df:3d:10:af:5a:c0:93:
a3:dd:f0:3e:54:0e:76:a8:2a:84:68:7b:25:af:9a:
cc:42:ae:70:d4:14:c6:2f:2e:e3:ec:d7:73:1c:72:
4f:61:61:b7:6d:54:41:34:81:73:e1:48:93:cf:3b:
7a:40:9b:a8:1a:69:94:f2:12:88:e5:d9:76:73:6b:
0b:cd:7b:70:21:e2:86:21:09:ba:2d:6e:0d:bb:95:
2a:cb:25:4d:4f:5f:6d:0f:01:e9:d5:3a:3e:05:81:
06:69:62:56:5a:d1:7f:34:0a:51:9c:11:1e:60:d0:
57:6c:bd:28:27:bf:a5:a2:e1:ad:25:3f:4e:5b:7f:
91:8f:f4:a0:c7:63:3a:1a:54:7c:64:b6:d8:27:41:
19:aa:06:1f:04:87:bd:44:9f:ac:09:85:24:9c:e6:
63:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C8:E0:4B:DB:C7:1E:F3:22:D9:77:00:06:56:CD:55:57:BD:F4:9C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1sjgS9vHHvMi2XcABlbNVVe99Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/23
83.219.97.0/24
87.121.124.0/23
87.121.220.0/24
91.200.192.0/22
94.154.172.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
178.215.226.0/24
185.246.223.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
44:c5:a1:cc:4a:e0:12:5b:4c:5b:7f:34:7d:56:a9:69:3a:89:
3e:4f:39:ad:e8:79:c1:ed:76:af:47:a5:be:7b:9e:4f:04:33:
90:51:81:00:f8:23:cb:60:6c:6b:19:49:9c:f0:7d:a0:09:c1:
1b:00:c1:d2:de:45:a6:bb:6f:f4:1e:ac:9b:af:2c:b1:26:aa:
52:ca:71:97:07:ae:9a:3a:2b:18:a1:94:1e:ee:f8:5e:ad:eb:
bb:a4:28:cf:6f:b1:63:85:ca:0c:72:98:7b:4d:a4:40:2d:9f:
4b:b6:cf:6b:99:6e:18:86:09:8b:ba:69:24:f5:8f:ec:d5:9f:
62:c9:2c:9f:fd:4e:d7:8f:e0:77:79:6f:ed:ca:ee:bf:1d:a1:
3c:8d:15:4c:4d:61:59:8a:36:3f:77:4b:c7:8d:91:e9:2b:c3:
9d:68:33:af:92:1e:ad:a3:69:2e:b8:d9:4e:55:24:a0:b7:70:
de:83:14:5e:21:c6:c0:29:08:7e:af:1a:6d:a3:f5:db:00:1c:
c0:21:a7:a1:a2:78:93:1a:0d:cc:ab:ea:e5:6f:00:90:1a:b9:
da:39:b5:7e:5d:1f:6f:66:cb:58:73:3a:3c:a9:a4:85:fe:62:
80:ee:02:00:2c:b4:30:a6:e1:a4:c8:14:69:96:6a:4c:46:b9:
e5:de:ac:70
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYgA6LDcGFRN1ALvEpX3IjBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTA5MTQyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmM4ZTA0YmRiYzcxZWYzMjJkOTc3MDAwNjU2Y2Q1NTU3YmRmNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwuyDDZnaOqKsfgAEmA0kXEvWob7
Or52Yn6C7NxZEebaxSXM1PkyqlWUTNNcsRHlT4/RILMxsQxVL/XpQuyCroFyo+z4
qDRwe1mTYs3bkf6tMboZqYRur7NtVUGTrn5PGd89EK9awJOj3fA+VA52qCqEaHsl
r5rMQq5w1BTGLy7j7NdzHHJPYWG3bVRBNIFz4UiTzzt6QJuoGmmU8hKI5dl2c2sL
zXtwIeKGIQm6LW4Nu5UqyyVNT19tDwHp1To+BYEGaWJWWtF/NApRnBEeYNBXbL0o
J7+louGtJT9OW3+Rj/Sgx2M6GlR8ZLbYJ0EZqgYfBIe9RJ+sCYUknOZjPQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFNbI4Evbxx7zItl3AAZWzVVXvfScMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMXNqZ1M5dkhIdk1pMlhjQUJsYk5WVmU5OUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC0J
nAMEAC1C5AMEAC2BVAMEAC2BVgMEAC2LaAMEAC2NngMEAFGh5gMEAFGh7wMEAVJz
0gMEAFPbYQMEAVd5fAMEAFd53AMEAlvIwAMEAF6arAMEAZNOZDAMAwQAqxYRAwQA
qxYSAwQAstfiAwQAufbfAwQAwrQnMA0GCSqGSIb3DQEBCwUAA4IBAQBExaHMSuAS
W0xbfzR9VqlpOok+Tzmt6HnB7XavR6W+e55PBDOQUYEA+CPLYGxrGUmc8H2gCcEb
AMHS3kWmu2/0HqybryyxJqpSynGXB66aOisYoZQe7vhereu7pCjPb7FjhcoMcph7
TaRALZ9Lts9rmW4YhgmLumkk9Y/s1Z9iySyf/U7Xj+B3eW/tyu6/HaE8jRVMTWFZ
ijY/d0vHjZHpK8OdaDOvkh6to2kuuNlOVSSgt3DegxReIcbAKQh+rxpto/XbABzA
IaehoniTGg3Mq+rlbwCQGrnaObV+XR9vZstYczo8qaSF/mKA7gIALLQwpuGkyBRp
lmpMRrnl3qxw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org