Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4l37vy0EKoGN9rBgm4AiT8jVXKM.roa
File: 4l37vy0EKoGN9rBgm4AiT8jVXKM.roa (raw, json)
Hash identifier: QjFa6AwEmoQ79/PWcPnoClq8ra8A0uthZPGTy0gLiRY=
Subject key identifier: E2:5D:FB:BF:2D:04:2A:81:8D:F6:B0:60:9B:80:22:4F:C8:D5:5C:A3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BC74D0C29650C8041698F6C7AE4FE2348
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4l37vy0EKoGN9rBgm4AiT8jVXKM.roa
Signing time: Mon 13 Nov 2023 06:09:57 +0000
ROA not before: Mon 13 Nov 2023 06:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:4d:0c:29:65:0c:80:41:69:8f:6c:7a:e4:fe:23:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 13 06:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e25dfbbf2d042a818df6b0609b80224fc8d55ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e6:e6:a3:55:a5:53:e8:e3:4d:e6:2e:52:6c:
44:6f:5c:51:67:11:a9:d0:eb:47:9e:65:1f:fa:ca:
10:0d:c3:c5:03:99:d4:45:a0:6a:89:cc:c9:75:89:
3f:e4:55:a9:42:da:7d:12:06:bb:a9:ac:1f:1a:9a:
18:2d:b6:8b:b9:61:1e:9e:5b:30:87:23:90:29:fd:
d6:75:5c:ee:78:f4:51:fd:1c:9e:cb:3f:f1:07:ca:
98:04:9d:53:71:ad:85:20:43:b9:10:40:22:9c:55:
69:a7:5e:fb:34:12:1f:51:ae:b7:ab:1e:b4:6a:5d:
e2:ca:a9:cc:84:9e:87:0d:78:1a:56:53:7c:d2:7a:
eb:4e:40:30:a6:d3:94:78:c2:5b:25:37:73:ed:d8:
5f:be:ce:d7:bd:8e:80:46:e7:2b:bc:45:4e:d1:d7:
1d:57:54:8b:ed:bc:6b:85:c7:0b:74:59:75:b8:bf:
ae:b3:5f:9e:9b:ae:38:4b:c1:33:7c:b3:84:26:d0:
f9:78:70:04:9b:0e:95:ea:3c:6d:f5:e5:df:b7:bf:
0f:65:5d:1c:6c:83:d6:96:cb:a5:9a:65:4a:20:92:
57:82:71:0c:48:95:99:15:a2:9b:15:de:64:96:6a:
a3:a5:dd:3d:8b:e7:46:be:2f:cc:6b:a7:cd:f2:cb:
77:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5D:FB:BF:2D:04:2A:81:8D:F6:B0:60:9B:80:22:4F:C8:D5:5C:A3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4l37vy0EKoGN9rBgm4AiT8jVXKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.66.228.0/24
45.151.90.0/24
79.110.50.0/23
82.115.211.0/24
84.54.49.0/24
87.121.105.0/24
94.156.176.0/24
185.226.175.0/24
193.149.28.0/22
194.49.86.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:b2:41:e7:93:c4:e6:a8:d3:be:53:6b:2d:83:b8:6b:fb:32:
cc:39:9c:69:f4:fa:f3:0c:20:d5:73:75:a4:a3:5f:97:ee:4f:
f7:09:dc:52:f5:3c:90:58:76:ea:74:eb:00:3e:c9:87:1c:35:
f3:21:1d:49:4a:73:08:7c:3b:b4:15:ff:c1:90:aa:5e:e7:da:
d4:d2:a1:0f:55:77:b1:08:bf:37:d9:70:51:fd:c0:c0:9e:e9:
5d:d8:69:ea:aa:d4:d6:d4:3a:da:5e:0f:b0:7d:28:6a:7c:f2:
09:bd:83:f2:59:4e:84:bf:b6:a4:53:fb:1c:fb:0c:a9:e2:65:
2d:81:2f:98:87:52:3f:ad:c2:86:1e:d3:23:36:9f:a4:18:fa:
ad:a9:97:a1:55:68:a2:09:ac:f9:83:ee:28:e0:80:ed:31:3a:
e0:d2:d6:5d:55:7c:61:52:b5:64:b3:40:6b:92:15:5b:50:24:
bb:d3:06:5a:37:64:1a:6c:7d:b7:a9:f9:3e:e6:f4:ab:48:42:
08:ca:c6:0b:e0:fb:6f:d0:0e:e1:b4:ae:09:21:86:6f:e1:e3:
47:47:e4:5c:72:93:23:eb:57:fe:e6:6c:65:d2:24:a0:7b:16:
26:2c:bd:b1:d5:30:1e:c1:ad:e4:71:df:a4:e8:c5:95:d4:47:
52:0c:36:2d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYvHTQwpZQyAQWmPbHrk/iNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTEzMDYwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjVkZmJiZjJkMDQyYTgxOGRmNmIwNjA5YjgwMjI0ZmM4ZDU1Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoubmo1WlU+jjTeYuUmxEb1xRZxGp
0OtHnmUf+soQDcPFA5nURaBqiczJdYk/5FWpQtp9Ega7qawfGpoYLbaLuWEenlsw
hyOQKf3WdVzuePRR/Ryeyz/xB8qYBJ1Tca2FIEO5EEAinFVpp177NBIfUa63qx60
al3iyqnMhJ6HDXgaVlN80nrrTkAwptOUeMJbJTdz7dhfvs7XvY6ARucrvEVO0dcd
V1SL7bxrhccLdFl1uL+us1+em644S8EzfLOEJtD5eHAEmw6V6jxt9eXft78PZV0c
bIPWlsulmmVKIJJXgnEMSJWZFaKbFd5klmqjpd09i+dGvi/Ma6fN8st31wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOJd+78tBCqBjfawYJuAIk/I1VyjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNGwzN3Z5MEVLb0dOOXJCZ200QWlUOGpWWEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQhdAwQA
LULkAwQALZdaAwQBT24yAwQAUnPTAwQAVDYxAwQAV3lpAwQAXpywAwQAueKvAwQC
wZUcAwQAwjFWAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQA8skHnk8TmqNO+U2st
g7hr+zLMOZxp9PrzDCDVc3Wko1+X7k/3CdxS9TyQWHbqdOsAPsmHHDXzIR1JSnMI
fDu0Ff/BkKpe59rU0qEPVXexCL832XBR/cDAnuld2GnqqtTW1DraXg+wfShqfPIJ
vYPyWU6Ev7akU/sc+wyp4mUtgS+Yh1I/rcKGHtMjNp+kGPqtqZehVWiiCaz5g+4o
4IDtMTrg0tZdVXxhUrVks0BrkhVbUCS70wZaN2QabH23qfk+5vSrSEIIysYL4Ptv
0A7htK4JIYZv4eNHR+RccpMj61f+5mxl0iSgexYmLL2x1TAewa3kcd+k6MWV1EdS
DDYt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:24 2024 by rpki-client on console-ams.rpki-client.org