Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5pS6ifItVzwERi1LmzXsaRAtWVo.roa
File: 5pS6ifItVzwERi1LmzXsaRAtWVo.roa (raw, json)
Hash identifier: fwsP1vTt7oi6+au4ZOS1xBMS2Fhe79idq6mdXCFTlkw=
Subject key identifier: E6:94:BA:89:F2:2D:57:3C:04:46:2D:4B:9B:35:EC:69:10:2D:59:5A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018800E8B2023F869187BA7AB7B5A4ED506D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5pS6ifItVzwERi1LmzXsaRAtWVo.roa
Signing time: Tue 09 May 2023 14:27:09 +0000
ROA not before: Tue 09 May 2023 14:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 87.121.124.0/23 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
185.246.223.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
82.115.210.0/23 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:e8:b2:02:3f:86:91:87:ba:7a:b7:b5:a4:ed:50:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 9 14:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e694ba89f22d573c04462d4b9b35ec69102d595a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:11:94:81:2f:60:52:a7:74:47:91:4f:71:ac:
91:aa:0f:cd:70:b2:ce:40:fa:31:8f:6e:ac:8c:79:
c8:0e:e7:1e:ea:bb:51:e7:13:13:45:9e:40:80:dd:
2d:dd:94:27:69:df:b5:80:7a:8a:4e:f1:94:77:6d:
76:39:72:e0:56:3c:5f:c1:d4:78:51:b7:66:08:7e:
5f:5c:7d:bd:24:0b:e2:66:40:e4:df:e9:1a:bc:8a:
c7:d6:9e:5f:65:68:76:1b:10:6b:13:f2:5a:db:6e:
8c:f4:dc:82:aa:87:3d:59:77:3d:ea:6c:fd:1e:49:
f0:20:2e:da:8b:a2:65:ee:23:71:59:90:0f:c2:31:
55:9c:2a:00:ee:09:a9:cc:6e:4e:9d:dd:6b:8a:04:
c2:33:8c:2c:c2:bb:00:37:50:9d:c5:e5:c5:02:78:
a6:6b:bb:09:d0:73:4f:e3:af:84:42:2a:6e:62:9a:
3f:dc:cb:7c:2e:3e:85:ca:59:3b:1a:5d:81:84:00:
b5:3a:8d:94:66:c0:79:d9:29:79:6f:d8:0a:21:d9:
6d:4e:e5:7d:42:68:d8:cc:47:d2:73:34:66:24:33:
7d:f1:27:ad:de:36:b6:85:cb:a7:e5:35:0f:61:95:
2a:86:d2:72:24:90:af:cf:08:5d:58:e0:47:09:04:
f7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:94:BA:89:F2:2D:57:3C:04:46:2D:4B:9B:35:EC:69:10:2D:59:5A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5pS6ifItVzwERi1LmzXsaRAtWVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/23
83.219.97.0/24
87.121.124.0/23
87.121.220.0/24
91.200.192.0/22
94.154.172.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
178.215.226.0/24
185.246.223.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
00:fc:95:c1:20:f9:d2:fa:40:9c:3f:1e:b5:31:c1:76:24:76:
1e:64:35:45:12:f3:10:aa:30:95:34:fb:93:32:56:1a:fd:a2:
80:da:7c:aa:89:29:ef:90:02:04:0f:28:d8:b0:ca:5c:62:f8:
f9:50:7b:ce:51:a5:72:e8:0f:cd:54:25:d8:68:81:2c:b0:b9:
be:f5:df:a4:b7:c8:02:ae:45:ea:87:56:5a:86:f7:36:8a:4e:
0b:7c:a1:da:ce:cd:19:53:7d:43:ea:ac:b2:3f:d3:e7:97:46:
05:4e:2b:9e:e0:b6:d6:e6:48:94:fa:90:fe:81:72:5b:10:6f:
9b:b8:54:62:a3:5d:84:ae:02:c1:98:8f:44:c6:95:e5:09:ef:
64:34:42:54:8a:52:21:a1:03:ac:39:bf:a3:84:12:48:e5:90:
19:46:3a:f9:75:70:c5:97:e0:ec:29:b4:31:61:dc:bc:62:34:
9f:03:e7:df:9c:7d:6a:8f:b8:4a:77:ec:c1:1d:88:e8:80:fc:
b1:32:5b:9d:61:27:6e:a8:c5:ce:3c:43:b4:9d:18:d3:46:da:
40:24:72:ad:e5:9e:9c:8d:ad:6d:1e:20:4c:e9:12:85:3f:89:
92:03:bc:e2:bd:0c:2e:88:71:88:4d:08:17:51:05:87:ce:22:
b7:d6:7f:75
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYgA6LICP4aRh7p6t7Wk7VBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTA5MTQyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk0YmE4OWYyMmQ1NzNjMDQ0NjJkNGI5YjM1ZWM2OTEwMmQ1OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRGUgS9gUqd0R5FPcayRqg/NcLLO
QPoxj26sjHnIDuce6rtR5xMTRZ5AgN0t3ZQnad+1gHqKTvGUd212OXLgVjxfwdR4
UbdmCH5fXH29JAviZkDk3+kavIrH1p5fZWh2GxBrE/Ja226M9NyCqoc9WXc96mz9
HknwIC7ai6Jl7iNxWZAPwjFVnCoA7gmpzG5Ond1rigTCM4wswrsAN1CdxeXFAnim
a7sJ0HNP46+EQipuYpo/3Mt8Lj6Fylk7Gl2BhAC1Oo2UZsB52Sl5b9gKIdltTuV9
QmjYzEfSczRmJDN98Set3ja2hcun5TUPYZUqhtJyJJCvzwhdWOBHCQT3OwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFOaUuonyLVc8BEYtS5s17GkQLVlaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNXBTNmlmSXRWendFUmkxTG16WHNhUkF0V1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC0J
nAMEAC1C5AMEAC2BVAMEAC2BVgMEAC2LaAMEAC2NngMEAFGh5gMEAFGh7wMEAVJz
0gMEAFPbYQMEAVd5fAMEAFd53AMEAlvIwAMEAF6arAMEAZNOZDAMAwQAqxYRAwQA
qxYSAwQAstfiAwQAufbfAwQAwrQnMA0GCSqGSIb3DQEBCwUAA4IBAQAA/JXBIPnS
+kCcPx61McF2JHYeZDVFEvMQqjCVNPuTMlYa/aKA2nyqiSnvkAIEDyjYsMpcYvj5
UHvOUaVy6A/NVCXYaIEssLm+9d+kt8gCrkXqh1Zahvc2ik4LfKHazs0ZU31D6qyy
P9Pnl0YFTiue4LbW5kiU+pD+gXJbEG+buFRio12ErgLBmI9ExpXlCe9kNEJUilIh
oQOsOb+jhBJI5ZAZRjr5dXDFl+DsKbQxYdy8YjSfA+ffnH1qj7hKd+zBHYjogPyx
MludYSduqMXOPEO0nRjTRtpAJHKt5Z6cja1tHiBM6RKFP4mSA7zivQwuiHGITQgX
UQWHziK31n91
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:58 2024 by rpki-client on console-fra.rpki-client.org