Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5oJm7RexWT3YAZ7hdRdovDWYuAA.roa
File: 5oJm7RexWT3YAZ7hdRdovDWYuAA.roa (raw, json)
Hash identifier: moBr0ZmZHog7J3/bVa8hcuTfRWcfH0g8D5dhb8eAxyk=
Subject key identifier: E6:82:66:ED:17:B1:59:3D:D8:01:9E:E1:75:17:68:BC:35:98:B8:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BDC9125166FB6801495C2C52216CFD949
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5oJm7RexWT3YAZ7hdRdovDWYuAA.roa
Signing time: Fri 17 Nov 2023 09:16:21 +0000
ROA not before: Fri 17 Nov 2023 09:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:91:25:16:6f:b6:80:14:95:c2:c5:22:16:cf:d9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 17 09:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e68266ed17b1593dd8019ee1751768bc3598b800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c0:41:b3:51:37:6c:eb:d4:66:10:f9:1e:f0:
86:f7:f9:7c:25:28:18:f7:8f:ad:a2:89:e3:d0:70:
92:38:64:83:18:db:8d:82:97:84:d0:c6:db:d0:e4:
33:ea:4a:7f:53:91:2b:1e:70:c2:3b:19:a9:71:1f:
c5:bf:df:5f:b9:c3:b0:10:62:ee:29:87:4d:aa:b8:
24:09:79:41:50:28:2d:40:bb:44:ac:e0:3d:25:22:
37:8c:07:60:a6:a3:8a:7f:1a:b1:8b:da:6e:d4:b1:
d4:25:c7:34:ab:cd:79:52:a6:fb:da:3c:be:b1:1b:
18:2b:62:57:0b:05:c4:62:19:31:20:7e:b4:c5:bf:
44:33:cf:df:6c:7c:de:09:ac:07:b8:4e:54:b2:a6:
47:48:93:a7:af:bd:47:4b:7b:ee:78:89:42:30:89:
69:b3:e9:77:05:81:56:e7:09:cf:9f:31:a7:04:4a:
f0:16:71:ab:39:0a:fd:95:fc:4e:a8:86:63:48:a8:
00:10:22:f6:a2:f2:19:8c:fc:70:65:71:18:4f:57:
53:08:8e:0f:0e:4d:f4:14:8b:a4:44:e2:6c:7a:9d:
a0:ce:52:4b:85:d6:70:20:53:06:4a:80:ab:c1:42:
a2:fd:ae:10:d5:45:2d:4b:dc:0c:f6:85:c3:dd:13:
1c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:82:66:ED:17:B1:59:3D:D8:01:9E:E1:75:17:68:BC:35:98:B8:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5oJm7RexWT3YAZ7hdRdovDWYuAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.220.0/23
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
76:9f:8d:21:d2:2c:4c:5a:77:e1:c1:2e:96:4c:ed:ae:e0:e0:
4c:08:d2:9d:eb:ff:61:3c:d8:fa:19:1b:98:89:72:49:ce:dd:
6c:64:ad:cc:6f:16:7e:58:35:ab:71:f5:40:bb:8b:51:63:e5:
63:a5:31:a9:bc:fb:8c:4e:74:20:29:59:ef:7a:d2:d1:cd:6d:
c0:35:42:e3:52:9b:5c:94:ed:c8:93:80:dd:70:c6:3f:4c:3b:
6f:4e:14:f9:53:d8:58:77:59:42:72:6b:e3:36:4e:44:6e:04:
a5:af:8c:b2:fb:15:01:1e:94:4d:79:40:68:ad:88:d9:d7:ab:
d3:61:7a:ce:ae:d1:ba:41:16:5f:b1:4f:8d:df:fa:6a:00:ea:
b6:a5:87:85:72:ee:15:44:d7:95:85:df:a2:82:cd:89:a1:87:
2e:31:3c:bc:ff:9c:ca:5c:04:bb:e4:d5:d4:5c:18:75:73:e2:
b1:ea:41:3f:37:c3:b4:c4:07:af:67:48:79:01:69:85:12:c5:
03:bd:26:d6:f4:6d:5b:02:43:56:22:04:80:ae:57:a9:38:61:
b6:11:f0:5a:21:a3:cf:90:52:14:d6:cd:88:6f:a4:c6:0e:ca:
c4:93:ed:7d:1d:ea:1c:b1:f1:57:68:1e:c8:96:42:b5:cf:71:
50:29:ee:cb
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYvckSUWb7aAFJXCxSIWz9lJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTE3MDkxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjgyNjZlZDE3YjE1OTNkZDgwMTllZTE3NTE3NjhiYzM1OThiODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMBBs1E3bOvUZhD5HvCG9/l8JSgY
94+toonj0HCSOGSDGNuNgpeE0Mbb0OQz6kp/U5ErHnDCOxmpcR/Fv99fucOwEGLu
KYdNqrgkCXlBUCgtQLtErOA9JSI3jAdgpqOKfxqxi9pu1LHUJcc0q815Uqb72jy+
sRsYK2JXCwXEYhkxIH60xb9EM8/fbHzeCawHuE5UsqZHSJOnr71HS3vueIlCMIlp
s+l3BYFW5wnPnzGnBErwFnGrOQr9lfxOqIZjSKgAECL2ovIZjPxwZXEYT1dTCI4P
Dk30FIukROJsep2gzlJLhdZwIFMGSoCrwUKi/a4Q1UUtS9wM9oXD3RMcJQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFOaCZu0XsVk92AGe4XUXaLw1mLgAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNW9KbTdSZXhXVDNZQVo3aGRSZG92RFdZdUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAAt
l1kDBABXeFcDBABXeS0DBABXeTsDBAFXedwDBAFbXBgDBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAsH3/
AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufbfAwQAufywAwQAwqmu
AwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQB2n40h0ixMWnfhwS6WTO2u4OBMCNKd
6/9hPNj6GRuYiXJJzt1sZK3MbxZ+WDWrcfVAu4tRY+VjpTGpvPuMTnQgKVnvetLR
zW3ANULjUptclO3Ik4DdcMY/TDtvThT5U9hYd1lCcmvjNk5EbgSlr4yy+xUBHpRN
eUBorYjZ16vTYXrOrtG6QRZfsU+N3/pqAOq2pYeFcu4VRNeVhd+igs2JoYcuMTy8
/5zKXAS75NXUXBh1c+Kx6kE/N8O0xAevZ0h5AWmFEsUDvSbW9G1bAkNWIgSArlep
OGG2EfBaIaPPkFIU1s2Ib6TGDsrEk+19HeocsfFXaB7IlkK1z3FQKe7L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:58 2024 by rpki-client on console-fra.rpki-client.org