Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ytTwAPX5BqvYgmvFuklbwYa0BI.roa
File: 8ytTwAPX5BqvYgmvFuklbwYa0BI.roa (raw, json)
Hash identifier: yIK3/WDozxtTWD/u2dMzneQQl0nnZ9FEyGfZq+ELKL8=
Subject key identifier: F3:2B:53:C0:03:D7:E4:1A:AF:62:09:AF:16:E9:25:6F:06:1A:D0:12
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186504DFA832A26E656E54F02248DABD50F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ytTwAPX5BqvYgmvFuklbwYa0BI.roa
Signing time: Tue 14 Feb 2023 14:22:13 +0000
ROA not before: Tue 14 Feb 2023 14:22:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 45.90.88.0/22 maxlen: 24
45.12.254.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
195.178.121.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
193.222.98.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
185.221.67.0/24 maxlen: 24
79.110.48.0/23 maxlen: 24
194.49.87.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
194.49.95.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:4d:fa:83:2a:26:e6:56:e5:4f:02:24:8d:ab:d5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 14 14:22:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f32b53c003d7e41aaf6209af16e9256f061ad012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:47:fe:9c:5c:77:3a:3d:af:dc:a2:13:1b:fd:
cc:06:dd:28:0b:5f:6d:4c:f6:1b:64:4a:d9:91:e7:
e2:da:29:2f:63:a3:4a:69:6e:c5:94:e6:39:6a:78:
b3:5c:b3:35:26:6b:3e:56:0e:d6:5e:b9:f1:30:62:
3e:bd:43:3a:c6:f1:ed:a4:94:c0:20:e2:ae:cd:f6:
03:0c:77:4d:c8:7c:74:04:45:b9:52:6e:e0:67:1a:
f3:eb:5b:12:39:53:fc:55:f4:17:69:22:70:62:1f:
79:aa:61:3b:ab:ea:94:12:67:19:c6:9b:fe:e9:67:
65:d9:34:87:0b:44:c7:69:80:b9:3c:bf:7b:af:44:
a8:bc:bd:c8:21:77:31:a7:16:a4:18:d3:f1:9c:e5:
d5:1a:0b:40:d1:93:e4:ee:fd:56:df:5d:e6:99:59:
e6:2f:a7:aa:65:9a:e9:5a:c7:b7:9b:08:f4:0e:5f:
02:df:bd:a5:ae:a9:f2:94:bd:66:e7:9a:ee:c7:02:
26:0b:fe:75:32:5a:e0:e9:5a:1a:ba:17:1e:40:ea:
a4:84:16:11:b3:23:76:0a:66:18:5d:d3:b5:78:b5:
84:bf:bf:a9:35:1f:f9:26:1f:a7:73:53:47:7c:2e:
76:2b:96:62:31:24:c9:da:71:43:b1:d7:a1:fa:18:
35:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2B:53:C0:03:D7:E4:1A:AF:62:09:AF:16:E9:25:6F:06:1A:D0:12
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ytTwAPX5BqvYgmvFuklbwYa0BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.90.88.0/22
45.149.241.0/24
79.110.48.0/23
84.21.173.0/24
109.206.239.0/24
141.98.4.0/24
141.98.7.0/24
171.22.18.0/24
171.22.31.0/24
178.215.237.0/24
185.221.67.0/24
193.25.217.0-193.25.218.255
193.58.120.0/24
193.222.98.0/23
194.31.204.0/24
194.48.248.0/24
194.49.86.0/23
194.49.95.0/24
194.55.227.0/24
194.169.173.0-194.169.174.255
195.178.121.0/24
Signature Algorithm: sha256WithRSAEncryption
04:87:00:61:a4:7a:f3:70:f1:bc:ef:46:b6:f4:41:44:ec:51:
b4:8c:93:c4:67:bf:cc:d5:4a:c8:95:38:04:78:d5:47:5c:0a:
70:97:7e:4a:56:7a:3d:b5:99:57:df:59:96:0d:75:ca:30:da:
1c:11:f3:11:d7:ed:6a:5d:a1:79:0c:2a:1b:52:96:3b:84:e6:
34:a7:3e:15:e2:c3:ca:d9:f2:76:6c:90:57:b7:24:66:a8:a8:
4a:20:50:09:5b:29:42:8b:02:2d:d9:29:53:40:0b:21:b5:2b:
2b:4a:41:87:cb:f0:d3:ba:2c:bb:3c:56:95:1e:39:4c:10:96:
ab:2d:bc:5b:06:4e:bf:32:3f:c9:a8:cb:7a:08:7f:43:ac:e9:
19:79:5b:07:6b:57:87:23:82:5b:23:ee:aa:03:d4:5c:76:27:
ac:50:9d:b8:02:5f:4c:ea:47:74:a9:2b:8e:36:5c:fc:95:bc:
fc:c4:e1:36:12:f0:00:fc:59:df:49:95:6b:72:8d:33:bc:87:
59:df:96:e6:a9:41:f1:7b:4a:7f:67:3f:ac:be:6c:2c:21:0b:
f3:f7:df:74:59:a0:79:25:62:0f:ba:da:e8:31:89:8d:c4:58:
9f:bb:2f:85:38:c0:6a:7d:5c:b1:2e:47:23:b4:0e:a8:b1:55:
f4:d9:df:e3
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYZQTfqDKibmVuVPAiSNq9UPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjE0MTQyMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzJiNTNjMDAzZDdlNDFhYWY2MjA5YWYxNmU5MjU2ZjA2MWFkMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0f+nFx3Oj2v3KITG/3MBt0oC19t
TPYbZErZkefi2ikvY6NKaW7FlOY5anizXLM1Jms+Vg7WXrnxMGI+vUM6xvHtpJTA
IOKuzfYDDHdNyHx0BEW5Um7gZxrz61sSOVP8VfQXaSJwYh95qmE7q+qUEmcZxpv+
6Wdl2TSHC0THaYC5PL97r0SovL3IIXcxpxakGNPxnOXVGgtA0ZPk7v1W313mmVnm
L6eqZZrpWse3mwj0Dl8C372lrqnylL1m55ruxwImC/51Mlrg6VoauhceQOqkhBYR
syN2CmYYXdO1eLWEv7+pNR/5Jh+nc1NHfC52K5ZiMSTJ2nFDsdeh+hg1ZQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFPMrU8AD1+Qar2IJrxbpJW8GGtASMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOHl0VHdBUFg1QnF2WWdtdkZ1a2xid1lhMEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAt
DP4DBAItWlgDBAAtlfEDBAFPbjADBABUFa0DBABtzu8DBACNYgQDBACNYgcDBACr
FhIDBACrFh8DBACy1+0DBAC53UMwDAMEAMEZ2QMEAMEZ2gMEAME6eAMEAcHeYgME
AMIfzAMEAMIw+AMEAcIxVgMEAMIxXwMEAMI34zAMAwQAwqmtAwQAwqmuAwQAw7J5
MA0GCSqGSIb3DQEBCwUAA4IBAQAEhwBhpHrzcPG870a29EFE7FG0jJPEZ7/M1UrI
lTgEeNVHXApwl35KVno9tZlX31mWDXXKMNocEfMR1+1qXaF5DCobUpY7hOY0pz4V
4sPK2fJ2bJBXtyRmqKhKIFAJWylCiwIt2SlTQAshtSsrSkGHy/DTuiy7PFaVHjlM
EJarLbxbBk6/Mj/JqMt6CH9DrOkZeVsHa1eHI4JbI+6qA9RcdiesUJ24Al9M6kd0
qSuONlz8lbz8xOE2EvAA/FnfSZVrco0zvIdZ35bmqUHxe0p/Zz+svmwsIQvz9990
WaB5JWIPutroMYmNxFifuy+FOMBqfVyxLkcjtA6osVX02d/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org