Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2Fe40jitgpx7q_TPDZreRGHrMio.roa
File: 2Fe40jitgpx7q_TPDZreRGHrMio.roa (raw, json)
Hash identifier: NoxOdjnVhT+O8z5XkUKhgJPMXvbwgMEPoSMnbVGOHFI=
Subject key identifier: D8:57:B8:D2:38:AD:82:9C:7B:AB:F4:CF:0D:9A:DE:44:61:EB:32:2A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C0F960FC28413D38F01252B9464987F04
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2Fe40jitgpx7q_TPDZreRGHrMio.roa
Signing time: Mon 27 Nov 2023 07:02:21 +0000
ROA not before: Mon 27 Nov 2023 07:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 45.9.156.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:96:0f:c2:84:13:d3:8f:01:25:2b:94:64:98:7f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 27 07:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d857b8d238ad829c7babf4cf0d9ade4461eb322a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c3:bb:ce:58:79:68:37:32:c5:6f:52:9d:bd:
2b:19:2a:f2:65:9f:78:ad:f0:4b:3b:ce:0e:3f:77:
c0:0d:8f:fe:41:8e:bd:4d:fe:be:78:01:0b:67:4f:
d6:73:46:eb:ea:b2:2d:63:bd:59:84:61:07:64:ed:
ac:c4:82:1f:64:33:29:99:b7:f0:15:8b:cf:a5:e3:
09:23:24:59:a5:2c:aa:b1:9f:b6:d5:bd:12:ed:18:
e2:fc:d5:c6:62:56:dc:b7:e8:66:70:cf:9d:81:50:
f6:00:00:fa:e8:55:bc:d0:a6:e1:bd:6d:56:53:2e:
a1:81:4a:9b:93:df:0f:66:b9:ec:00:22:d3:c7:e2:
bf:ef:33:f7:d9:59:86:28:34:e1:53:93:cd:e6:0e:
ed:b8:69:9b:5f:f1:99:fb:14:b8:f3:ef:47:64:2d:
64:d9:99:4c:b5:b2:6b:62:d0:c3:c5:45:72:6c:b4:
aa:96:6c:f5:ad:e8:e3:90:3e:a0:cf:75:cd:bd:01:
83:2c:0e:ea:36:5a:5e:8d:cd:d3:24:22:44:89:67:
8c:52:4e:2c:6c:60:1e:d0:14:42:90:42:00:16:32:
72:9a:7d:9b:d2:d6:6d:19:20:d5:6f:7f:19:bf:5f:
93:f0:59:56:a9:3f:bf:16:b6:24:fd:01:ed:ec:9a:
ca:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:57:B8:D2:38:AD:82:9C:7B:AB:F4:CF:0D:9A:DE:44:61:EB:32:2A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2Fe40jitgpx7q_TPDZreRGHrMio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/24
83.219.97.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
af:a6:26:6b:3f:1a:87:35:0a:78:96:3e:a0:1a:6a:a9:2d:1f:
81:ac:fc:87:30:76:52:82:1a:f9:50:74:44:36:7e:86:ec:b9:
94:22:ae:6b:9e:2e:5a:e4:ef:10:d7:42:0b:d2:92:a6:f6:8d:
7d:c2:7b:e2:e9:94:33:6d:a8:ca:99:46:61:cc:bb:24:ed:72:
72:99:20:da:c0:8f:8a:d6:31:61:da:01:21:cd:18:3b:41:2f:
1a:b6:3d:42:54:0d:96:99:3d:cd:ec:ca:4c:d1:72:72:6d:6b:
b3:de:9d:8d:e4:41:90:ff:23:aa:b1:82:67:88:2f:b6:e3:57:
4e:49:ba:be:5f:ab:b8:18:12:92:99:f0:dd:7a:1a:62:a1:7a:
33:f1:55:6d:74:61:50:68:b5:7c:51:33:4d:ac:b6:40:a7:31:
7e:37:5b:70:ed:3a:dc:d3:b1:9c:51:1f:25:58:ac:41:2b:28:
4b:a6:46:4c:dd:ae:e1:f3:bd:07:d8:97:eb:c1:5a:94:2a:bd:
17:18:02:4d:d5:5a:57:4d:8d:41:6e:8a:8d:14:72:e1:93:87:
4e:64:8b:c2:22:b8:8b:4f:56:ae:cd:7c:96:84:92:45:b8:5f:
c8:91:d9:68:b9:67:ee:11:06:ed:7d:c1:10:3f:a1:f9:09:d1:
3a:ff:77:6e
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYwPlg/ChBPTjwElK5RkmH8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTI3MDcwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU3YjhkMjM4YWQ4MjljN2JhYmY0Y2YwZDlhZGU0NDYxZWIzMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMO7zlh5aDcyxW9Snb0rGSryZZ94
rfBLO84OP3fADY/+QY69Tf6+eAELZ0/Wc0br6rItY71ZhGEHZO2sxIIfZDMpmbfw
FYvPpeMJIyRZpSyqsZ+21b0S7Rji/NXGYlbct+hmcM+dgVD2AAD66FW80KbhvW1W
Uy6hgUqbk98PZrnsACLTx+K/7zP32VmGKDThU5PN5g7tuGmbX/GZ+xS48+9HZC1k
2ZlMtbJrYtDDxUVybLSqlmz1rejjkD6gz3XNvQGDLA7qNlpejc3TJCJEiWeMUk4s
bGAe0BRCkEIAFjJymn2b0tZtGSDVb38Zv1+T8FlWqT+/FrYk/QHt7JrKIwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFNhXuNI4rYKce6v0zw2a3kRh6zIqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMkZlNDBqaXRncHg3cV9UUERacmVSR0hyTWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAl
i4IDBAAtCZwDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABPbj0DBABRoeYDBABR
oe8DBABSc9IDBABT22EDBAFXeXwDBABXeaIDBAJbyMADBABc+TADBABemqwDBABe
nPgDBABenPoDBAGTTmQwDAMEAKsWEQMEAKsWEgMEAKsWHwMEALLX4gMEAMEZ2AME
AMEjEwMEAMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAr6Ymaz8ahzUKeJY+oBpqqS0f
gaz8hzB2UoIa+VB0RDZ+huy5lCKua54uWuTvENdCC9KSpvaNfcJ74umUM22oyplG
Ycy7JO1ycpkg2sCPitYxYdoBIc0YO0EvGrY9QlQNlpk9zezKTNFycm1rs96djeRB
kP8jqrGCZ4gvtuNXTkm6vl+ruBgSkpnw3XoaYqF6M/FVbXRhUGi1fFEzTay2QKcx
fjdbcO063NOxnFEfJVisQSsoS6ZGTN2u4fO9B9iX68FalCq9FxgCTdVaV02NQW6K
jRRy4ZOHTmSLwiK4i09Wrs18loSSRbhfyJHZaLln7hEG7X3BED+h+QnROv93bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:57 2024 by rpki-client on console-fra.rpki-client.org