Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4Ujpa0syDbeNp7dSJ_CQltiqF8w.roa
File: 4Ujpa0syDbeNp7dSJ_CQltiqF8w.roa (raw, json)
Hash identifier: sShs8RZrpsUUTCHldhNRIeF0752yVAIOOjxdgmEktE0=
Subject key identifier: E1:48:E9:6B:4B:32:0D:B7:8D:A7:B7:52:27:F0:90:96:D8:AA:17:CC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B8F1E669B63E63C15DBF761714712B866
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4Ujpa0syDbeNp7dSJ_CQltiqF8w.roa
Signing time: Thu 02 Nov 2023 08:20:16 +0000
ROA not before: Thu 02 Nov 2023 08:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1e:66:9b:63:e6:3c:15:db:f7:61:71:47:12:b8:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 2 08:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e148e96b4b320db78da7b75227f09096d8aa17cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:3e:d8:05:58:d3:5f:bf:b9:f8:64:ac:b5:
18:80:cd:7c:08:a5:20:d5:24:d3:61:65:35:99:13:
ca:29:0b:95:be:4b:75:db:73:8d:08:9f:4f:04:e3:
2b:22:4e:c5:d3:84:5b:03:94:48:0b:38:4b:ee:b4:
b5:ac:9c:47:bd:ee:cc:d4:a6:2a:3f:13:c4:0c:60:
1a:cc:2e:6a:de:2b:5c:0d:2d:ba:54:22:f7:8e:32:
85:62:13:51:1d:1d:f4:6e:1c:fe:12:23:c8:da:af:
b4:ff:f9:8c:53:55:d1:a3:26:24:18:13:ae:51:a5:
20:c7:20:60:4e:9a:50:c4:49:31:96:0c:0d:1b:70:
bd:3b:3c:25:b3:4a:70:f7:a7:0b:16:f0:9b:80:8f:
8b:ab:17:8a:00:74:3f:68:23:1e:04:de:56:37:2a:
a0:d3:27:4b:ca:9c:28:2f:f3:a1:69:9f:e0:33:a0:
b8:32:8f:e9:99:7e:0b:22:2f:6c:0d:30:23:42:74:
a9:cd:68:3f:7b:1c:05:69:6d:0d:31:f2:20:7a:50:
c9:51:a6:6d:2c:a3:b8:5f:8f:d6:c4:7e:df:6e:a0:
12:86:bc:af:95:bc:91:ce:e4:2c:9e:c0:1d:04:0a:
a5:55:d3:40:9d:2c:7a:6d:83:4f:30:b5:c4:25:6b:
7e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:48:E9:6B:4B:32:0D:B7:8D:A7:B7:52:27:F0:90:96:D8:AA:17:CC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4Ujpa0syDbeNp7dSJ_CQltiqF8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
10:13:a8:37:aa:b6:69:ab:71:3b:ee:50:0b:cf:12:38:54:b0:
09:de:5f:ca:7a:92:f4:41:dd:2f:d5:b8:26:f3:90:b5:c8:ce:
90:04:b5:70:44:43:1a:bf:c5:c5:14:56:0b:15:9a:3f:c7:ce:
2c:7a:21:c2:23:a2:15:7a:e1:ca:53:f9:f8:49:a7:bb:a8:30:
76:9c:6d:6b:46:20:f2:82:a2:33:38:ea:7f:4f:c2:d8:73:ce:
1c:06:dd:f5:f7:0e:24:e7:d1:81:cf:74:11:c1:5d:e6:57:d8:
3a:70:34:b2:8d:6e:03:96:a8:5d:45:d3:86:69:92:ae:51:9d:
60:c4:73:ba:2d:07:a8:88:05:42:57:23:8a:7a:e1:ec:00:a2:
d4:48:11:e9:36:65:09:30:f3:1f:35:98:bf:2f:b9:4c:85:da:
75:f0:03:25:ae:62:f5:66:55:ea:c2:ae:13:d9:81:ea:1f:cb:
d8:e0:fb:84:b2:92:2c:9b:12:be:cc:6d:54:84:8b:98:1f:0e:
b7:01:64:10:24:09:c7:cd:58:05:44:d5:94:70:05:05:8d:77:
b0:fc:e8:82:ce:d4:da:10:4f:02:a7:36:25:85:71:de:e5:53:
62:7b:4e:9d:e2:af:11:25:e7:12:01:21:0e:e8:1d:a9:1e:7e:
ff:82:e3:f9
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYuPHmabY+Y8Fdv3YXFHErhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAyMDgyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ4ZTk2YjRiMzIwZGI3OGRhN2I3NTIyN2YwOTA5NmQ4YWExN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQI+2AVY01+/ufhkrLUYgM18CKUg
1STTYWU1mRPKKQuVvkt123ONCJ9PBOMrIk7F04RbA5RICzhL7rS1rJxHve7M1KYq
PxPEDGAazC5q3itcDS26VCL3jjKFYhNRHR30bhz+EiPI2q+0//mMU1XRoyYkGBOu
UaUgxyBgTppQxEkxlgwNG3C9Ozwls0pw96cLFvCbgI+LqxeKAHQ/aCMeBN5WNyqg
0ydLypwoL/OhaZ/gM6C4Mo/pmX4LIi9sDTAjQnSpzWg/exwFaW0NMfIgelDJUaZt
LKO4X4/WxH7fbqAShryvlbyRzuQsnsAdBAqlVdNAnSx6bYNPMLXEJWt+TwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFOFI6WtLMg23jae3UifwkJbYqhfMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNFVqcGEwc3lEYmVOcDdkU0pfQ1FsdGlxRjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAt
CF0DBAAtl1kDBABXeFcDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAsH3/
AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufywAwQAwqmuAwQAwrQy
MA0GCSqGSIb3DQEBCwUAA4IBAQAQE6g3qrZpq3E77lALzxI4VLAJ3l/KepL0Qd0v
1bgm85C1yM6QBLVwREMav8XFFFYLFZo/x84seiHCI6IVeuHKU/n4Sae7qDB2nG1r
RiDygqIzOOp/T8LYc84cBt319w4k59GBz3QRwV3mV9g6cDSyjW4DlqhdRdOGaZKu
UZ1gxHO6LQeoiAVCVyOKeuHsAKLUSBHpNmUJMPMfNZi/L7lMhdp18AMlrmL1ZlXq
wq4T2YHqH8vY4PuEspIsmxK+zG1UhIuYHw63AWQQJAnHzVgFRNWUcAUFjXew/OiC
ztTaEE8CpzYlhXHe5VNie06d4q8RJecSASEO6B2pHn7/guP5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:58 2024 by rpki-client on console-fra.rpki-client.org