Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6WDthYj3U_x4_hCUN1B2Lclyu6g.roa
File: 6WDthYj3U_x4_hCUN1B2Lclyu6g.roa (raw, json)
Hash identifier: Gv/iMQKLhaF0ZuOAG2Vl0ePHFe/JLhIElVfCsEGcs9c=
Subject key identifier: E9:60:ED:85:88:F7:53:FC:78:FE:10:94:37:50:76:2D:C9:72:BB:A8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018562FDDD1BB1EDBB166A5614D364F25D94
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6WDthYj3U_x4_hCUN1B2Lclyu6g.roa
Signing time: Fri 30 Dec 2022 12:24:42 +0000
ROA not before: Fri 30 Dec 2022 12:24:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.65.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:fd:dd:1b:b1:ed:bb:16:6a:56:14:d3:64:f2:5d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 30 12:24:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e960ed8588f753fc78fe10943750762dc972bba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:66:15:7e:1f:a4:68:91:4e:9b:f0:a9:49:98:
63:1a:d2:2c:07:a5:08:37:62:0e:5c:ba:a3:80:bc:
b6:c4:ef:21:d9:1c:e2:5a:e3:54:96:f6:51:48:ef:
53:a9:0a:6b:9e:24:70:e1:6f:5c:12:6f:8f:0f:ba:
16:e2:35:ed:97:04:b1:b5:a4:49:0b:13:d1:8c:84:
ed:9e:1d:21:0d:51:02:8e:29:69:f4:94:7e:a8:c8:
42:92:67:e9:bb:b9:13:f8:b3:ae:b8:ef:d9:a2:ca:
b3:cd:af:5e:1e:80:9d:07:27:2c:89:6c:00:cc:5e:
02:c6:37:b0:02:e6:28:d5:78:43:20:e5:b8:82:96:
5f:88:22:c3:dd:b7:02:30:51:51:ed:27:f8:ae:8e:
8d:44:81:c3:05:50:d1:b5:80:9c:06:df:81:a9:f3:
df:3f:cb:bc:92:4b:74:72:0a:19:c4:cc:a8:1a:09:
bb:40:2c:58:c3:65:f8:fd:be:18:94:9e:6c:06:ad:
5e:eb:1c:ac:4d:91:aa:18:67:90:de:ec:68:6e:0b:
9f:a8:49:37:c5:f9:63:cc:68:20:6c:78:22:5b:fe:
13:1b:55:1b:27:39:43:65:d7:d4:84:ed:be:ef:87:
e4:b0:5a:e2:20:64:e8:54:0f:cd:d4:4e:61:b6:75:
b6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:60:ED:85:88:F7:53:FC:78:FE:10:94:37:50:76:2D:C9:72:BB:A8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6WDthYj3U_x4_hCUN1B2Lclyu6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.84.91.0/24
45.88.64.0/23
45.129.84.0/24
84.54.50.0/24
94.154.162.0/24
94.156.160.0/24
178.215.226.0/24
185.222.160.0/23
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.55.224.0/23
194.180.38.0/23
Signature Algorithm: sha256WithRSAEncryption
44:72:85:d2:0c:09:8e:b9:e9:b5:61:e6:53:7d:fe:c5:01:c5:
61:d7:de:b5:a7:d9:02:90:63:5b:6e:8b:57:64:b9:aa:ec:08:
f8:a1:5d:68:b6:28:8b:06:d2:51:c3:2e:16:96:fc:4c:55:4b:
b2:b9:48:24:76:2b:fa:46:5c:7a:6b:12:8f:bd:e3:78:b0:29:
d1:af:e2:f8:fd:2d:f9:1d:08:b1:98:9b:be:b7:94:0a:ba:7d:
48:0f:cb:01:12:9b:d8:fa:ec:25:88:2a:02:99:52:2d:14:eb:
d4:6d:4a:4b:35:9e:6e:60:10:dd:ba:7d:66:95:fd:1a:e7:70:
09:d4:56:8d:39:73:1f:34:dc:3f:09:9c:ad:fb:48:b8:33:79:
40:49:4e:f1:53:3f:32:86:1f:66:a6:8c:56:35:ea:f1:e2:f4:
93:b6:52:a0:55:e8:0a:ed:12:c5:44:e5:f0:47:3f:86:de:b6:
ef:09:d9:6b:2f:22:91:bd:e9:77:c5:eb:1d:e5:de:b0:42:b2:
f4:53:74:7d:ad:57:38:e8:5b:f8:c9:91:ee:fa:a9:75:41:15:
5a:84:ed:4b:89:b1:fa:04:53:8d:5e:e1:00:bd:f5:d2:4b:a7:
cb:cd:12:cd:7c:b6:44:fc:b6:d4:78:1e:24:0f:67:33:6f:45:
b9:71:12:c4
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVi/d0bse27FmpWFNNk8l2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjMwMTIyNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTYwZWQ4NTg4Zjc1M2ZjNzhmZTEwOTQzNzUwNzYyZGM5NzJiYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GYVfh+kaJFOm/CpSZhjGtIsB6UI
N2IOXLqjgLy2xO8h2RziWuNUlvZRSO9TqQprniRw4W9cEm+PD7oW4jXtlwSxtaRJ
CxPRjITtnh0hDVECjilp9JR+qMhCkmfpu7kT+LOuuO/Zosqzza9eHoCdBycsiWwA
zF4CxjewAuYo1XhDIOW4gpZfiCLD3bcCMFFR7Sf4ro6NRIHDBVDRtYCcBt+BqfPf
P8u8kkt0cgoZxMyoGgm7QCxYw2X4/b4YlJ5sBq1e6xysTZGqGGeQ3uxobgufqEk3
xfljzGggbHgiW/4TG1UbJzlDZdfUhO2+74fksFriIGToVA/N1E5htnW2uQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOlg7YWI91P8eP4QlDdQdi3JcruoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNldEdGhZajNVX3g0X2hDVU4xQjJMY2x5dTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALQmcAwQA
LQz/AwQALVRbAwQBLVhAAwQALYFUAwQAVDYyAwQAXpqiAwQAXpygAwQAstfiAwQB
ud6gAwQAwSoiAwQAwS88AwQAwS8/AwQBwjfgAwQBwrQmMA0GCSqGSIb3DQEBCwUA
A4IBAQBEcoXSDAmOuem1YeZTff7FAcVh1961p9kCkGNbbotXZLmq7Aj4oV1otiiL
BtJRwy4WlvxMVUuyuUgkdiv6Rlx6axKPveN4sCnRr+L4/S35HQixmJu+t5QKun1I
D8sBEpvY+uwliCoCmVItFOvUbUpLNZ5uYBDdun1mlf0a53AJ1FaNOXMfNNw/CZyt
+0i4M3lASU7xUz8yhh9mpoxWNerx4vSTtlKgVegK7RLFROXwRz+G3rbvCdlrLyKR
vel3xesd5d6wQrL0U3R9rVc46Fv4yZHu+ql1QRVahO1LibH6BFONXuEAvfXSS6fL
zRLNfLZE/LbUeB4kD2czb0W5cRLE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org