Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/629O1KO8iQMXouvV40so5_x_J0s.roa
File: 629O1KO8iQMXouvV40so5_x_J0s.roa (raw, json)
Hash identifier: QdPsTtge7n5fpFtXgrkkTNCzLSZAa9I2Uy9afTSeV4Y=
Subject key identifier: EB:6F:4E:D4:A3:BC:89:03:17:A2:EB:D5:E3:4B:28:E7:FC:7F:27:4B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B277CDAF69652E7263823CB5B3BBBC5F4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/629O1KO8iQMXouvV40so5_x_J0s.roa
Signing time: Fri 13 Oct 2023 05:22:55 +0000
ROA not before: Fri 13 Oct 2023 05:22:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 194.169.172.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:7c:da:f6:96:52:e7:26:38:23:cb:5b:3b:bb:c5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 13 05:22:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb6f4ed4a3bc890317a2ebd5e34b28e7fc7f274b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:52:5e:5f:18:e4:29:d7:15:16:83:6d:ab:e9:
60:de:bc:37:76:a0:ee:9a:87:d0:b9:24:6b:61:0e:
dd:c1:4a:82:8a:75:44:e5:9e:c0:fc:fb:c2:34:93:
00:70:87:df:fe:75:ec:12:74:c3:c1:ac:82:b2:04:
d2:b3:e0:24:63:59:13:87:86:76:01:03:15:d6:2e:
73:21:29:1f:42:cf:ef:ad:30:57:6c:02:c4:34:3d:
fb:9b:43:e1:c9:50:97:42:e5:01:71:4b:ca:43:35:
e6:5e:a4:52:6b:4f:71:70:51:7f:4b:32:0c:cd:5a:
6e:e5:dc:c4:f2:af:3b:8c:57:91:1a:3c:07:4f:46:
5a:12:63:64:03:f0:81:b2:b7:93:45:bb:9c:23:05:
a7:7e:68:5c:7d:02:31:4a:a7:b5:e3:60:31:a7:cb:
60:f9:51:ac:fc:8c:ca:5c:82:57:55:f2:b0:6e:cf:
20:c2:74:44:a3:28:cb:02:31:10:3b:99:e2:85:c1:
61:54:ba:27:b1:e8:7f:b0:3b:25:35:37:11:18:f3:
e1:7a:62:4e:4c:f7:e6:62:67:c1:99:a2:22:ab:3e:
73:31:fc:12:1b:eb:2d:1a:5f:91:55:e3:17:aa:de:
5e:14:bb:49:7a:ea:6f:57:ba:99:f4:6f:2a:71:3f:
76:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6F:4E:D4:A3:BC:89:03:17:A2:EB:D5:E3:4B:28:E7:FC:7F:27:4B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/629O1KO8iQMXouvV40so5_x_J0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.226.172.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.225.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c8:e8:a0:58:7f:48:59:c1:5a:2a:c7:14:2d:aa:0c:98:f4:
56:9d:87:bf:ec:39:1e:52:7f:b0:b2:b6:c1:d4:18:da:a1:b1:
11:89:53:8b:1e:94:67:6d:fe:a7:26:5f:59:72:0b:6b:fb:a5:
df:bc:c7:53:f1:89:f0:18:2f:78:f2:95:42:3c:bf:8b:64:72:
f0:01:42:19:67:cb:0e:c0:b2:69:0a:53:32:e1:67:7f:12:dd:
3d:f0:3b:f7:93:41:e2:b4:cc:e8:a6:55:e3:18:56:8f:4f:45:
d8:96:e7:98:ea:ee:6e:a6:a6:38:17:b3:78:8a:9e:1d:64:5d:
93:35:7f:05:1e:b2:45:4a:0b:9e:f4:68:4a:13:2e:0d:95:45:
fa:41:0b:bf:ca:08:89:88:22:a7:8a:85:90:5d:9e:23:11:a2:
8f:38:2f:b2:a0:7f:b9:e5:c6:ef:3c:37:59:eb:28:98:cd:12:
7f:82:f6:69:b2:24:c5:c0:61:79:c0:cf:63:21:ba:20:f0:2c:
39:f3:e0:4e:2b:f6:fb:8e:c6:87:1d:72:99:07:66:d0:01:85:
45:6c:f8:07:e0:08:58:3e:7a:53:ac:a8:7b:bb:1a:42:cd:e9:
96:52:21:05:ce:62:c5:9d:57:f7:33:c0:14:b8:13:16:fb:5b:
a8:bd:6c:63
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYsnfNr2llLnJjgjy1s7u8X0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDEzMDUyMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZmNGVkNGEzYmM4OTAzMTdhMmViZDVlMzRiMjhlN2ZjN2YyNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1JeXxjkKdcVFoNtq+lg3rw3dqDu
mofQuSRrYQ7dwUqCinVE5Z7A/PvCNJMAcIff/nXsEnTDwayCsgTSs+AkY1kTh4Z2
AQMV1i5zISkfQs/vrTBXbALEND37m0PhyVCXQuUBcUvKQzXmXqRSa09xcFF/SzIM
zVpu5dzE8q87jFeRGjwHT0ZaEmNkA/CBsreTRbucIwWnfmhcfQIxSqe142Axp8tg
+VGs/IzKXIJXVfKwbs8gwnREoyjLAjEQO5nihcFhVLonseh/sDslNTcRGPPhemJO
TPfmYmfBmaIiqz5zMfwSG+stGl+RVeMXqt5eFLtJeupvV7qZ9G8qcT923wIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFOtvTtSjvIkDF6Lr1eNLKOf8fydLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNjI5TzFLTzhpUU1Yb3V2VjQwc281X3hfSjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABcd8YDBABc+TIDBABemqIDBABtzu8DBACy
1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogMEALnirAMEAMEZ2QMEAMElKAME
AMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMI3uwMEAMI34QME
AMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEAX8jooFh/SFnBWirHFC2qDJj0
Vp2Hv+w5HlJ/sLK2wdQY2qGxEYlTix6UZ23+pyZfWXILa/ul37zHU/GJ8BgvePKV
Qjy/i2Ry8AFCGWfLDsCyaQpTMuFnfxLdPfA795NB4rTM6KZV4xhWj09F2JbnmOru
bqamOBezeIqeHWRdkzV/BR6yRUoLnvRoShMuDZVF+kELv8oIiYgip4qFkF2eIxGi
jzgvsqB/ueXG7zw3WesomM0Sf4L2abIkxcBhecDPYyG6IPAsOfPgTiv2+47Ghx1y
mQdm0AGFRWz4B+AIWD56U6yoe7saQs3pllIhBc5ixZ1X9zPAFLgTFvtbqL1sYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:58 2024 by rpki-client on console-fra.rpki-client.org