Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/80aITgum41b6U9jnH8cEN_NKKxI.roa
File: 80aITgum41b6U9jnH8cEN_NKKxI.roa (raw, json)
Hash identifier: R+0aQIkWDoEKTzkPfQha5H0vDk+hJggObS1PkBBbsEs=
Subject key identifier: F3:46:88:4E:0B:A6:E3:56:FA:53:D8:E7:1F:C7:04:37:F3:4A:2B:12
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E65F2F6F9A12F3E58D7227A1A14BDF0E3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/80aITgum41b6U9jnH8cEN_NKKxI.roa
Signing time: Fri 22 Mar 2024 11:36:45 +0000
ROA not before: Fri 22 Mar 2024 11:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.75.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:f2:f6:f9:a1:2f:3e:58:d7:22:7a:1a:14:bd:f0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 22 11:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f346884e0ba6e356fa53d8e71fc70437f34a2b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:82:a6:50:2d:86:76:7f:51:76:a1:2b:f5:57:
19:b0:ff:53:b6:a2:ac:a6:6e:2b:96:db:73:dc:0a:
54:d4:9a:b2:ce:9a:7b:6b:c3:dc:f9:c9:53:f4:1f:
57:af:e9:c4:fa:50:c8:b6:91:b4:87:01:74:54:ae:
d4:73:01:b8:f3:cc:1f:bb:71:2e:bf:4a:50:a5:cb:
e4:38:5b:cc:a3:72:13:da:42:f1:e9:64:9b:78:1e:
e7:10:48:d7:94:88:1c:58:b4:f2:1f:64:cc:1a:74:
fc:89:57:1a:e7:21:9a:d7:20:d3:36:c4:b2:27:ed:
e2:fa:dd:f0:5f:0a:79:c1:ae:93:02:5a:24:a1:6c:
dc:12:df:32:36:43:83:53:2e:e2:b6:3c:f4:e0:cc:
2e:57:9a:83:ed:e3:11:d4:f7:da:58:c3:0a:fe:b1:
bc:bc:79:d7:5d:b3:9b:ba:fb:49:00:9c:c5:00:eb:
83:18:a0:8f:7c:3f:f4:26:9e:28:56:4f:a2:35:cf:
36:35:48:bf:4c:27:4f:62:44:0e:43:f2:3d:14:0b:
d7:83:8b:62:c1:7c:5d:86:e0:5b:91:c5:9a:59:2d:
80:5d:16:76:25:c0:2f:18:5e:37:ce:8e:75:e1:de:
4e:bf:63:2e:d6:f8:a0:d3:59:08:73:99:87:16:6c:
7f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:46:88:4E:0B:A6:E3:56:FA:53:D8:E7:1F:C7:04:37:F3:4A:2B:12
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/80aITgum41b6U9jnH8cEN_NKKxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.75.0/24
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
185.252.176.0/24
185.254.37.0/24
193.37.41.0/24
194.48.250.0/24
194.55.186.0/24
194.55.224.0/24
194.59.31.0/24
194.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e8:4a:fd:50:2b:fd:fa:42:23:6b:01:59:43:9e:79:f4:07:
c6:20:9c:56:3b:72:89:f0:23:99:3a:9c:a5:b6:ba:e3:93:15:
7d:5f:f6:63:06:f6:60:c3:a8:b5:ca:57:7f:73:fe:32:28:83:
a3:5d:51:82:76:0e:5b:7c:d2:c3:a9:31:ad:f8:ad:b7:15:e7:
a5:f7:ca:4a:98:e4:61:dc:df:3c:86:75:aa:8c:bf:de:a7:bd:
d6:cc:55:06:fc:3f:b8:d5:f3:3c:5e:53:10:69:73:66:50:25:
b8:18:7d:cf:57:09:d9:0b:55:4c:d1:ba:a4:f4:ae:75:c1:0b:
59:b2:59:1a:01:5a:0e:00:a2:c2:61:c2:c7:48:a1:7b:e0:28:
24:0e:ea:ad:8c:aa:75:d1:3b:e5:53:ee:3a:07:d2:0e:6b:2f:
af:c2:5d:69:47:d1:37:be:31:cd:bd:4e:ee:3a:9c:55:f1:ac:
bd:d0:8c:8d:d1:24:8b:20:6a:be:fb:1b:46:e0:fa:b2:2d:51:
a2:ea:2a:3e:f7:17:fd:b9:d9:64:54:ef:eb:79:34:9f:ff:a3:
99:df:bb:42:f0:65:fe:e4:8c:ee:5a:42:f8:22:20:78:ca:53:
ad:58:1a:8b:6a:1d:df:5f:69:bd:cd:ef:0f:a5:3c:8e:dd:9a:
f7:d2:d3:b9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAY5l8vb5oS8+WNciehoUvfDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzIyMTEzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQ2ODg0ZTBiYTZlMzU2ZmE1M2Q4ZTcxZmM3MDQzN2YzNGEyYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYKmUC2Gdn9RdqEr9VcZsP9TtqKs
pm4rlttz3ApU1Jqyzpp7a8Pc+clT9B9Xr+nE+lDItpG0hwF0VK7UcwG488wfu3Eu
v0pQpcvkOFvMo3IT2kLx6WSbeB7nEEjXlIgcWLTyH2TMGnT8iVca5yGa1yDTNsSy
J+3i+t3wXwp5wa6TAlokoWzcEt8yNkODUy7itjz04MwuV5qD7eMR1PfaWMMK/rG8
vHnXXbObuvtJAJzFAOuDGKCPfD/0Jp4oVk+iNc82NUi/TCdPYkQOQ/I9FAvXg4ti
wXxdhuBbkcWaWS2AXRZ2JcAvGF43zo514d5Ov2Mu1vig01kIc5mHFmx/jwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFPNGiE4LpuNW+lPY5x/HBDfzSisSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvODBhSVRndW00MWI2VTlqbkg4Y0VOX05LS3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAt
CZwDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBAJemqADBAFenEgDBABe
nEsDBABenO8DBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQDBAK52lQDBAC5
9t8DBAC5/LADBAC5/iUDBADBJSkDBADCMPoDBADCN7oDBADCN+ADBADCOx8DBADC
qawwDQYJKoZIhvcNAQELBQADggEBAH3oSv1QK/36QiNrAVlDnnn0B8YgnFY7conw
I5k6nKW2uuOTFX1f9mMG9mDDqLXKV39z/jIog6NdUYJ2Dlt80sOpMa34rbcV56X3
ykqY5GHc3zyGdaqMv96nvdbMVQb8P7jV8zxeUxBpc2ZQJbgYfc9XCdkLVUzRuqT0
rnXBC1myWRoBWg4AosJhwsdIoXvgKCQO6q2MqnXRO+VT7joH0g5rL6/CXWlH0Te+
Mc29Tu46nFXxrL3QjI3RJIsgar77G0bg+rItUaLqKj73F/252WRU7+t5NJ//o5nf
u0LwZf7kjO5aQvgiIHjKU61YGotqHd9fab3N7w+lPI7dmvfS07k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:25 2024 by rpki-client on console-ams.rpki-client.org