Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7RjbVfGKpIrK2pZaYtPXZnuAIrg.roa
File: 7RjbVfGKpIrK2pZaYtPXZnuAIrg.roa (raw, json)
Hash identifier: MR3O1nlEsp+Aw2QDqtg6FSlPGDYEFYmfllzB6PpbGQI=
Subject key identifier: ED:18:DB:55:F1:8A:A4:8A:CA:DA:96:5A:62:D3:D7:66:7B:80:22:B8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DB0CF26BD55C8D2848F49FB457D5CCB8F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7RjbVfGKpIrK2pZaYtPXZnuAIrg.roa
Signing time: Fri 16 Feb 2024 07:26:22 +0000
ROA not before: Fri 16 Feb 2024 07:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:cf:26:bd:55:c8:d2:84:8f:49:fb:45:7d:5c:cb:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 16 07:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed18db55f18aa48acada965a62d3d7667b8022b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6e:10:b1:8e:cc:16:8e:04:88:1f:0e:5b:6d:
86:38:a0:95:fb:5d:a9:5b:5a:8c:dc:42:a2:01:05:
8a:47:b7:3c:78:cc:3e:b2:af:1f:64:ec:71:4e:b2:
45:f1:81:d2:4a:1b:6f:85:8a:be:1b:3b:43:21:c9:
25:49:79:ff:cc:98:a0:13:f0:fd:cd:f5:0e:77:ba:
31:16:38:be:62:11:c2:59:72:d2:27:cd:93:16:53:
d9:54:33:f7:e1:84:69:b9:f0:67:7d:c3:0e:76:3f:
08:ba:be:ab:6a:82:f0:ad:b0:1b:bb:c3:a3:69:20:
cd:d8:4c:70:ba:71:1c:71:54:15:c4:1d:af:9f:07:
09:64:f7:c2:70:47:3f:78:b7:e8:a3:d2:f9:a7:ba:
be:81:4d:c1:35:c2:21:dc:1a:cb:3d:2e:1e:6c:69:
d5:20:1c:0a:c8:38:dc:ee:63:9a:e0:e0:b3:1d:fb:
f8:a0:96:57:9b:c0:45:a7:6b:b8:51:17:76:10:b9:
f9:ad:29:5a:d1:13:7a:4d:c8:1b:a4:9e:07:01:cc:
99:5c:44:bf:a9:d7:aa:44:f9:9c:23:84:ce:3b:df:
4a:8d:9a:da:97:a8:b8:04:76:a5:44:04:37:3b:5e:
4f:da:5f:54:f3:c0:c2:77:3f:8f:fa:e8:c6:fa:7c:
77:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:18:DB:55:F1:8A:A4:8A:CA:DA:96:5A:62:D3:D7:66:7B:80:22:B8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7RjbVfGKpIrK2pZaYtPXZnuAIrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.9.156.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
193.25.217.0/24
193.35.19.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.59.31.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c6:f7:aa:3e:ad:d4:9c:85:9f:0e:69:02:ec:36:00:50:f2:
05:c3:b8:01:a2:ae:dc:53:90:d6:9a:0a:24:22:c9:9f:4e:9c:
89:f0:05:95:ca:b4:ef:9c:8c:a3:7f:1e:47:1f:26:2d:d4:43:
d8:9a:5c:12:39:1d:ff:b9:8d:74:7f:c9:33:5c:17:37:f5:c7:
3a:50:37:37:0c:30:b3:48:17:ca:16:ba:45:ab:b5:45:63:e1:
be:90:b0:a9:1f:ce:89:c9:4d:ef:73:25:63:94:f7:f1:f6:60:
a8:ed:e7:03:55:91:93:4f:bf:20:4e:0e:c3:73:70:0f:94:50:
56:16:85:59:ba:ee:c2:7f:38:19:58:67:2b:be:d4:b9:3e:7c:
b5:d0:76:36:c2:f9:50:5c:54:5a:dd:2f:2f:61:fa:98:3a:c3:
4c:85:d6:8e:c1:90:ce:c3:ae:eb:50:37:6b:76:dc:0e:2b:a7:
90:c1:18:1a:79:13:dd:52:42:03:5f:4a:4a:5e:03:a8:c1:4c:
58:e5:e4:7a:13:e5:e9:cf:21:16:7d:0b:57:21:68:76:48:27:
ab:f0:1f:68:3f:90:f3:ee:1d:83:66:53:98:ab:be:99:1c:86:
73:54:dd:8e:17:6f:f8:48:25:3e:7d:d8:6f:b3:5a:75:de:43:
70:eb:f0:8d
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAY2wzya9VcjShI9J+0V9XMuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjE2MDcyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE4ZGI1NWYxOGFhNDhhY2FkYTk2NWE2MmQzZDc2NjdiODAyMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm4QsY7MFo4EiB8OW22GOKCV+12p
W1qM3EKiAQWKR7c8eMw+sq8fZOxxTrJF8YHSShtvhYq+GztDIcklSXn/zJigE/D9
zfUOd7oxFji+YhHCWXLSJ82TFlPZVDP34YRpufBnfcMOdj8Iur6raoLwrbAbu8Oj
aSDN2ExwunEccVQVxB2vnwcJZPfCcEc/eLfoo9L5p7q+gU3BNcIh3BrLPS4ebGnV
IBwKyDjc7mOa4OCzHfv4oJZXm8BFp2u4URd2ELn5rSla0RN6TcgbpJ4HAcyZXES/
qdeqRPmcI4TOO99KjZral6i4BHalRAQ3O15P2l9U88DCdz+P+ujG+nx3wwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFO0Y21XxiqSKytqWWmLT12Z7gCK4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN1JqYlZmR0twSXJLMnBaYVl0UFhabnVBSXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAC
O/0DBAAtCZwDBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABcd8YDBABc
+TIDBABemqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAME
ALneogMEAMEZ2QMEAMEjEwMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwME
AMI3uwMEAMI34QMEAMI7HwMEAMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEA
Wsb3qj6t1JyFnw5pAuw2AFDyBcO4AaKu3FOQ1poKJCLJn06cifAFlcq075yMo38e
Rx8mLdRD2JpcEjkd/7mNdH/JM1wXN/XHOlA3Nwwws0gXyha6Rau1RWPhvpCwqR/O
iclN73MlY5T38fZgqO3nA1WRk0+/IE4Ow3NwD5RQVhaFWbruwn84GVhnK77UuT58
tdB2NsL5UFxUWt0vL2H6mDrDTIXWjsGQzsOu61A3a3bcDiunkMEYGnkT3VJCA19K
Sl4DqMFMWOXkehPl6c8hFn0LVyFodkgnq/AfaD+Q8+4dg2ZTmKu+mRyGc1Tdjhdv
+EglPn3Yb7Nadd5DcOvwjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:59 2024 by rpki-client on console-fra.rpki-client.org