Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/42si3gFJkgMx_VafPy-NIpojKak.roa
File: 42si3gFJkgMx_VafPy-NIpojKak.roa (raw, json)
Hash identifier: WeeFIQfLyH2uf1TXMjMe1mhJlKBN2O/9iWpNg2oJXhM=
Subject key identifier: E3:6B:22:DE:01:49:92:03:31:FD:56:9F:3F:2F:8D:22:9A:23:29:A9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187B1E92EA37106B4B6E76114FA71ED2C38
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/42si3gFJkgMx_VafPy-NIpojKak.roa
Signing time: Mon 24 Apr 2023 06:17:41 +0000
ROA not before: Mon 24 Apr 2023 06:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
193.148.56.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.88.0/23 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:e9:2e:a3:71:06:b4:b6:e7:61:14:fa:71:ed:2c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 06:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e36b22de0149920331fd569f3f2f8d229a2329a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:de:c5:61:a7:b0:55:64:df:f1:7e:4e:ca:8b:
91:4e:05:c7:fb:a3:90:0c:00:9c:a0:b4:92:6e:b6:
34:bd:da:32:63:ad:69:ae:0e:b0:1c:f8:32:03:25:
d9:48:b1:03:07:04:6a:be:4b:92:82:b7:c5:c2:b6:
94:e6:11:a9:99:2a:1d:ed:dd:2a:5d:e1:4a:9c:9f:
1e:d7:d8:b8:50:62:65:29:e9:fc:9d:0c:a0:01:26:
6d:02:13:3e:e6:ee:db:f1:36:3a:94:33:74:c6:aa:
9a:83:75:5a:fa:2a:d5:4f:12:38:46:e3:f9:7f:86:
6d:22:8d:4a:9c:39:4f:dc:b2:71:6d:f7:31:fa:de:
a5:cd:6f:81:de:5a:fb:a5:06:7e:92:b0:11:40:58:
92:de:e2:44:ed:df:81:37:9c:f6:59:c5:83:d7:62:
9f:42:c9:27:e5:bc:6f:90:38:5b:f2:c3:dc:6e:94:
ff:0f:24:d8:77:f5:92:7f:b5:9d:0b:bd:9c:d7:70:
f6:16:24:af:aa:df:0d:85:5c:fe:2b:f2:27:e1:71:
a1:a2:62:66:38:e6:fc:12:83:80:7f:49:b4:83:f8:
76:1e:30:cb:3d:73:c0:fd:8b:f0:72:25:ae:9c:c5:
cd:41:01:ed:4d:a2:10:8b:ad:b1:0b:8a:ba:d2:b6:
c9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6B:22:DE:01:49:92:03:31:FD:56:9F:3F:2F:8D:22:9A:23:29:A9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/42si3gFJkgMx_VafPy-NIpojKak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/23
45.151.89.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.246.223.0/24
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:72:af:21:d4:67:ad:c5:a2:00:9e:70:9b:bb:60:06:eb:1c:
6e:1a:88:a4:dc:61:a0:a1:d2:2d:0d:45:08:ec:ea:cb:fd:95:
a1:87:97:67:30:9b:7d:26:ce:24:0c:32:33:6a:33:8d:9d:33:
0c:4a:92:c5:69:7c:1a:57:a8:38:b8:ac:af:fe:1a:df:12:15:
50:72:39:5e:45:a8:b5:90:23:c9:b8:6a:e0:4a:46:64:71:de:
ce:19:e2:64:35:b8:a4:2f:72:ec:64:2d:4c:e7:c1:34:26:21:
a0:7d:71:db:3b:e9:3e:c2:59:81:1b:b4:65:52:2e:54:cc:4b:
2d:cf:a0:e6:7d:74:2c:1f:75:da:bd:35:b3:4b:e5:ee:a7:2c:
5a:ee:cb:e8:65:dd:e0:bd:4e:ce:ec:8d:57:a6:20:64:6f:b6:
da:8f:62:3c:be:6b:2d:b3:c6:7a:d6:bd:45:fb:49:08:e1:74:
26:2e:b4:ec:92:1e:9f:0c:fa:04:bf:81:72:b0:7a:ad:d1:ba:
da:04:8e:4f:9b:6d:5a:7d:f5:ee:9a:2a:e6:61:b5:cb:03:cb:
3a:6c:52:bc:09:ba:91:14:98:d9:e4:d8:76:1e:ce:cb:12:ce:
81:86:fb:43:46:f5:9c:01:ab:7c:6c:20:7d:c0:4a:02:47:cd:
06:96:63:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYex6S6jcQa0tudhFPpx7Sw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDI0MDYxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZiMjJkZTAxNDk5MjAzMzFmZDU2OWYzZjJmOGQyMjlhMjMyOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN7FYaewVWTf8X5OyouRTgXH+6OQ
DACcoLSSbrY0vdoyY61prg6wHPgyAyXZSLEDBwRqvkuSgrfFwraU5hGpmSod7d0q
XeFKnJ8e19i4UGJlKen8nQygASZtAhM+5u7b8TY6lDN0xqqag3Va+irVTxI4RuP5
f4ZtIo1KnDlP3LJxbfcx+t6lzW+B3lr7pQZ+krARQFiS3uJE7d+BN5z2WcWD12Kf
Qskn5bxvkDhb8sPcbpT/DyTYd/WSf7WdC72c13D2FiSvqt8NhVz+K/In4XGhomJm
OOb8EoOAf0m0g/h2HjDLPXPA/YvwciWunMXNQQHtTaIQi62xC4q60rbJTwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFONrIt4BSZIDMf1Wnz8vjSKaIympMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNDJzaTNnRkprZ014X1ZhZlB5LU5JcG9qS2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAS1YWAME
AC2XWQMEAVd4QAMEAFd53AMEAVx3xDAMAwQAXpqhAwQCXpqgAwQAXpqsAwQBk05k
AwQCqxZIAwQAstfsAwQCudhUAwQCudpUAwQAudqJAwQAudt+AwQAufbfAwQCwZQ4
MA0GCSqGSIb3DQEBCwUAA4IBAQBLcq8h1GetxaIAnnCbu2AG6xxuGoik3GGgodIt
DUUI7OrL/ZWhh5dnMJt9Js4kDDIzajONnTMMSpLFaXwaV6g4uKyv/hrfEhVQcjle
Rai1kCPJuGrgSkZkcd7OGeJkNbikL3LsZC1M58E0JiGgfXHbO+k+wlmBG7RlUi5U
zEstz6DmfXQsH3XavTWzS+Xupyxa7svoZd3gvU7O7I1XpiBkb7baj2I8vmsts8Z6
1r1F+0kI4XQmLrTskh6fDPoEv4FysHqt0braBI5Pm21affXumirmYbXLA8s6bFK8
CbqRFJjZ5Nh2Hs7LEs6BhvtDRvWcAat8bCB9wEoCR80GlmO6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:57 2024 by rpki-client on console-fra.rpki-client.org