Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/58aRg2CCBRd5FLTZww5F4SOovlM.roa
File: 58aRg2CCBRd5FLTZww5F4SOovlM.roa (raw, json)
Hash identifier: S8PTF+SVl8ZcoJ5EWAJIXM0iZHlVXJ+Kxxs5XV5XuHM=
Subject key identifier: E7:C6:91:83:60:82:05:17:79:14:B4:D9:C3:0E:45:E1:23:A8:BE:53
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B93E84BFEB1D70FB412EAD63FAF93FCD0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/58aRg2CCBRd5FLTZww5F4SOovlM.roa
Signing time: Fri 03 Nov 2023 06:39:16 +0000
ROA not before: Fri 03 Nov 2023 06:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
87.120.130.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
185.246.223.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:e8:4b:fe:b1:d7:0f:b4:12:ea:d6:3f:af:93:fc:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 06:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7c69183608205177914b4d9c30e45e123a8be53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d0:7e:8f:c8:17:55:ae:7a:b3:86:47:4c:07:
22:21:cc:be:e7:48:51:6d:24:10:4b:59:40:6c:61:
53:29:2a:09:43:9f:da:cb:e2:89:09:f0:fc:a3:fc:
a9:3e:20:08:59:a5:49:65:f0:be:93:f5:bc:20:7b:
1a:14:43:cc:c8:44:f4:5c:4c:bb:7a:43:ba:f4:83:
97:0e:a5:6e:ac:fe:14:31:79:a6:5a:1c:1e:45:fe:
75:05:9b:a5:13:67:77:f4:79:ae:68:56:cc:f7:3c:
b1:8d:ef:0a:31:de:f8:6a:3d:e3:df:27:f0:87:47:
71:77:fe:d1:e9:b3:f3:d2:6a:e5:6e:ac:97:dd:d0:
0d:19:e3:af:30:33:d3:0a:f8:29:5d:21:8e:28:5e:
97:c6:7c:55:dd:df:d1:cb:77:e0:ed:79:ce:51:9c:
39:d4:08:d0:f9:92:37:03:18:cc:41:9a:59:49:42:
5a:72:a4:87:cd:3f:0b:16:24:3d:a0:df:ef:5d:07:
e9:1d:87:56:c2:cf:5a:d2:a1:b8:97:81:6a:1e:8d:
0d:96:76:98:94:9c:cc:5e:c2:9c:31:9d:ea:95:14:
b3:2f:09:db:ba:7e:6c:18:b6:17:79:db:be:05:4b:
d7:18:68:8c:1f:be:75:c1:fa:2e:6c:69:ba:dc:d8:
91:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C6:91:83:60:82:05:17:79:14:B4:D9:C3:0E:45:E1:23:A8:BE:53
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/58aRg2CCBRd5FLTZww5F4SOovlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
83.219.97.0/24
87.120.130.0/24
87.121.124.0/23
87.121.162.0/24
87.121.220.0/24
91.200.192.0/22
92.249.48.0/24
93.123.39.0/24
94.154.172.0/24
94.156.160.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
185.246.223.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
32:06:b4:66:5c:4c:4f:85:bb:bd:cb:65:c4:8a:3a:f7:ff:fb:
6c:2a:3b:90:20:36:b7:cb:15:f0:17:ec:52:3e:b4:2a:87:7d:
ef:c6:82:0d:88:30:07:57:df:dc:26:c0:0a:b2:96:10:82:00:
ac:33:75:cc:2b:bf:96:3d:8c:22:f7:36:ff:74:13:1c:1d:39:
28:31:41:fe:92:98:4b:ba:7f:39:d1:88:30:82:34:90:99:1f:
33:c9:19:2b:b5:a3:61:7a:66:79:dc:9f:4d:b4:3b:7e:36:01:
84:0d:87:d3:3f:26:48:30:89:be:cd:6a:12:b9:ab:84:04:e8:
8a:48:c2:27:85:6f:1e:89:cc:63:e9:36:9b:b6:1b:70:b6:36:
fe:3a:5c:63:bc:f0:8e:34:cb:0a:4b:e1:d9:86:16:bc:b8:31:
32:9f:74:06:44:3a:1c:02:c2:4f:c9:3c:fd:97:0d:9a:c3:db:
48:5b:8a:11:72:99:9d:5a:a7:8b:b4:4b:67:e4:99:42:f9:4f:
26:36:85:ee:c7:d8:12:55:07:d5:a7:db:5e:2d:e9:dd:20:c3:
0b:b8:24:fe:b5:d1:64:b5:5c:57:64:a2:9e:0e:11:a1:ca:2e:
59:af:8a:68:e6:08:81:39:fd:33:9f:2b:22:fe:c3:dd:cf:4b:
5e:fa:a9:18
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYuT6Ev+sdcPtBLq1j+vk/zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMDYzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2M2OTE4MzYwODIwNTE3NzkxNGI0ZDljMzBlNDVlMTIzYThiZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttB+j8gXVa56s4ZHTAciIcy+50hR
bSQQS1lAbGFTKSoJQ5/ay+KJCfD8o/ypPiAIWaVJZfC+k/W8IHsaFEPMyET0XEy7
ekO69IOXDqVurP4UMXmmWhweRf51BZulE2d39HmuaFbM9zyxje8KMd74aj3j3yfw
h0dxd/7R6bPz0mrlbqyX3dANGeOvMDPTCvgpXSGOKF6XxnxV3d/Ry3fg7XnOUZw5
1AjQ+ZI3AxjMQZpZSUJacqSHzT8LFiQ9oN/vXQfpHYdWws9a0qG4l4FqHo0NlnaY
lJzMXsKcMZ3qlRSzLwnbun5sGLYXedu+BUvXGGiMH751wfoubGm63NiRpQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFOfGkYNgggUXeRS02cMOReEjqL5TMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNThhUmcyQ0NCUmQ1RkxUWnd3NUY0U09vdmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAAl
i4IDBAAtCZwDBAAtDP8DBAAtQuQDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABP
bj0DBABRoeYDBABRoe8DBABT22EDBABXeIIDBAFXeXwDBABXeaIDBABXedwDBAJb
yMADBABc+TADBABdeycDBABemqwDBABenKADBABenPgDBABenPoDBAGTTmQwDAME
AKsWEQMEAKsWEgMEAKsWHwMEALLX4gMEALLX7gMEALn23wMEAMEZ2AMEAMEjEwME
AMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAMga0ZlxMT4W7vctlxIo69//7bCo7kCA2
t8sV8BfsUj60Kod978aCDYgwB1ff3CbACrKWEIIArDN1zCu/lj2MIvc2/3QTHB05
KDFB/pKYS7p/OdGIMII0kJkfM8kZK7WjYXpmedyfTbQ7fjYBhA2H0z8mSDCJvs1q
ErmrhAToikjCJ4VvHonMY+k2m7YbcLY2/jpcY7zwjjTLCkvh2YYWvLgxMp90BkQ6
HALCT8k8/ZcNmsPbSFuKEXKZnVqni7RLZ+SZQvlPJjaF7sfYElUH1afbXi3p3SDD
C7gk/rXRZLVcV2Sing4RocouWa+KaOYIgTn9M58rIv7D3c9LXvqpGA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:39:52 2025 by rpki-client