Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3-a5OyTxCi6Gg3WT8gGZk48zTyo.roa
File: 3-a5OyTxCi6Gg3WT8gGZk48zTyo.roa (raw, json)
Hash identifier: RTbAYkpXzrz9yujoHcrWT9mzKl4BQFScEXPaAR4xHMc=
Subject key identifier: DF:E6:B9:3B:24:F1:0A:2E:86:83:75:93:F2:01:99:93:8F:33:4F:2A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C57B440AFFB1E724B5BB82C9333BF609B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3-a5OyTxCi6Gg3WT8gGZk48zTyo.roa
Signing time: Mon 11 Dec 2023 07:07:59 +0000
ROA not before: Mon 11 Dec 2023 07:07:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:b4:40:af:fb:1e:72:4b:5b:b8:2c:93:33:bf:60:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 11 07:07:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe6b93b24f10a2e86837593f20199938f334f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:77:5e:96:3a:5d:dd:f1:a9:7a:06:50:8a:a3:
a4:0c:39:89:d7:d2:50:76:9d:6e:5d:bd:db:0c:6e:
e9:ea:af:a6:7c:a3:54:49:2e:97:40:f9:f8:24:8a:
99:d1:14:36:2a:32:ee:c1:90:d5:0e:23:3a:2e:d0:
8f:45:50:ad:c5:77:10:3f:df:86:74:40:e1:fd:f0:
79:ee:8a:32:68:be:39:12:1f:83:ba:c3:b8:c1:91:
9a:4e:7a:11:d1:de:c4:9f:4d:18:58:a7:4a:95:79:
2e:de:c7:1c:d1:01:77:1a:f3:08:42:17:c3:c5:02:
12:d9:06:d7:2d:27:3d:9c:5e:b0:f5:d4:4a:ee:74:
d3:fc:20:e2:2d:e7:84:f6:ac:c3:2e:34:1a:4c:da:
0b:6d:31:0b:5f:6e:67:40:0f:5e:fd:ff:06:06:54:
19:db:53:a1:d0:a9:b8:70:47:30:83:b1:7c:fc:da:
09:3b:63:ea:cc:ff:99:3a:a7:e5:ef:bc:9f:e4:de:
2d:f0:c4:6f:ab:ea:ec:fc:f5:c6:bc:8e:6d:bf:32:
15:5b:af:48:ef:e9:8e:7a:18:46:6e:6c:f5:49:6f:
36:3b:37:40:cd:14:8e:f8:75:1e:22:ed:6d:05:ea:
70:8e:c9:20:ce:56:65:18:5f:e2:d9:61:7a:68:99:
94:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E6:B9:3B:24:F1:0A:2E:86:83:75:93:F2:01:99:93:8F:33:4F:2A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3-a5OyTxCi6Gg3WT8gGZk48zTyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.129.86.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
82.115.210.0/24
83.219.97.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:92:7d:23:29:0a:98:71:70:9b:cf:10:de:c8:ff:4b:ba:87:
02:55:47:bf:24:ae:23:82:ce:ce:2f:66:11:d8:90:d1:fe:a0:
f0:50:90:52:fa:bd:2b:4d:34:f1:2e:1f:27:8a:3b:32:3a:1c:
41:e4:e9:03:63:3c:1a:02:cf:1c:0f:c6:1f:81:e1:96:9f:b9:
0c:da:91:b3:2c:e5:df:3d:76:e4:a3:d2:9f:ec:f2:7b:85:12:
54:a6:69:89:6f:ec:01:eb:c8:c4:12:b5:2a:af:d7:f5:8e:f3:
fe:fc:48:b4:c9:9d:d8:5e:18:e7:a9:33:33:0d:f8:d9:fa:7e:
df:c4:23:d0:e7:50:bb:79:e3:7b:6f:24:ba:09:27:55:02:64:
ed:1d:6e:5b:9e:a7:0f:9b:26:54:5c:83:6d:12:ad:bb:2e:67:
f0:2d:de:d9:24:b5:29:73:d0:af:4e:27:22:e1:f0:46:98:e2:
2c:69:52:44:b1:1e:26:cc:8e:ef:e9:46:60:a8:de:77:9e:bc:
67:44:97:63:73:97:62:5e:37:11:1f:20:62:28:ec:3b:55:cc:
e0:6d:40:f4:ab:d4:30:b4:6c:d5:62:06:00:93:f5:e8:ff:79:
fd:15:db:70:d7:95:e9:1c:e4:c1:0e:0c:e9:ee:31:31:b0:e7:
70:96:f3:c8
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYxXtECv+x5yS1u4LJMzv2CbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjExMDcwNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU2YjkzYjI0ZjEwYTJlODY4Mzc1OTNmMjAxOTk5MzhmMzM0ZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXdeljpd3fGpegZQiqOkDDmJ19JQ
dp1uXb3bDG7p6q+mfKNUSS6XQPn4JIqZ0RQ2KjLuwZDVDiM6LtCPRVCtxXcQP9+G
dEDh/fB57ooyaL45Eh+DusO4wZGaTnoR0d7En00YWKdKlXku3scc0QF3GvMIQhfD
xQIS2QbXLSc9nF6w9dRK7nTT/CDiLeeE9qzDLjQaTNoLbTELX25nQA9e/f8GBlQZ
21Oh0Km4cEcwg7F8/NoJO2PqzP+ZOqfl77yf5N4t8MRvq+rs/PXGvI5tvzIVW69I
7+mOehhGbmz1SW82OzdAzRSO+HUeIu1tBepwjskgzlZlGF/i2WF6aJmU6wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFN/muTsk8QouhoN1k/IBmZOPM08qMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMy1hNU95VHhDaTZHZzNXVDhnR1prNDh6VHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAl
i4IDBAAtgVQDBAAtgVYDBAAtjZ4DBABPbj0DBABRoe8DBABSc9IDBABT22EDBAFX
eXwDBABXeaIDBAJbyMADBABc+TADBABemqwDBABenPgDBABenPoDBAGTTmQwDAME
AKsWEQMEAKsWEgMEAKsWHwMEAMEZ2AMEAMEjEzANBgkqhkiG9w0BAQsFAAOCAQEA
oJJ9IykKmHFwm88Q3sj/S7qHAlVHvySuI4LOzi9mEdiQ0f6g8FCQUvq9K0008S4f
J4o7MjocQeTpA2M8GgLPHA/GH4Hhlp+5DNqRsyzl3z125KPSn+zye4USVKZpiW/s
AevIxBK1Kq/X9Y7z/vxItMmd2F4Y56kzMw342fp+38Qj0OdQu3nje28kugknVQJk
7R1uW56nD5smVFyDbRKtuy5n8C3e2SS1KXPQr04nIuHwRpjiLGlSRLEeJsyO7+lG
YKjed568Z0SXY3OXYl43ER8gYijsO1XM4G1A9KvUMLRs1WIGAJP16P95/RXbcNeV
6RzkwQ4M6e4xMbDncJbzyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:23 2024 by rpki-client on console-ams.rpki-client.org