Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9VowdbE6pnPPALE2vJ9IIVlSr2o.roa
File: 9VowdbE6pnPPALE2vJ9IIVlSr2o.roa (raw, json)
Hash identifier: Qbpg0/40s7+mNK43s0m1KYSTnWdhdswenwfZjgYRqVQ=
Subject key identifier: F5:5A:30:75:B1:3A:A6:73:CF:00:B1:36:BC:9F:48:21:59:52:AF:6A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BA4AB899F20D9C7E6EEC0BCAE1FD0AF67
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9VowdbE6pnPPALE2vJ9IIVlSr2o.roa
Signing time: Mon 06 Nov 2023 12:46:27 +0000
ROA not before: Mon 06 Nov 2023 12:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
87.120.130.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.250.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:ab:89:9f:20:d9:c7:e6:ee:c0:bc:ae:1f:d0:af:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 6 12:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f55a3075b13aa673cf00b136bc9f48215952af6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:71:83:29:e2:3d:0a:80:31:29:7a:11:38:c5:
2a:40:4c:51:83:70:e2:20:e0:26:36:07:bc:f1:61:
46:3d:a5:03:d1:06:28:3c:83:f9:14:86:40:b9:f9:
be:eb:5f:63:9b:94:a9:75:de:d3:1c:57:cf:4c:f5:
af:d4:2f:6b:50:1c:70:30:49:82:58:c6:2e:5e:6a:
7e:a8:d9:6c:ba:a8:b2:f8:3f:19:8d:8b:3b:93:60:
b6:1d:a1:27:85:94:c3:71:1f:43:f0:14:40:25:00:
ce:a0:67:fe:4e:95:4a:4f:19:29:64:7a:8d:30:82:
86:76:4e:1a:d8:84:f1:25:83:bf:2b:7b:58:ea:dd:
4c:6b:1c:62:ab:d5:52:20:aa:0a:ff:bb:04:fb:33:
23:f6:f1:f8:dc:1d:2d:fa:bf:b0:cf:74:2f:ef:af:
40:8b:85:24:65:1c:6f:c3:c6:ce:29:f0:bf:94:36:
2a:49:f5:95:e6:03:fe:36:40:b2:b1:93:3c:b8:57:
73:74:2e:f9:46:b6:ba:8e:97:92:26:9e:49:77:1a:
f0:57:e5:b7:41:d0:98:9a:fe:5d:3b:97:00:2c:20:
c6:88:6c:6c:49:20:2e:fe:51:cb:4a:f6:7c:7d:f4:
bb:a6:f9:36:01:0c:1d:c0:19:e4:b1:30:e6:5a:07:
91:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:5A:30:75:B1:3A:A6:73:CF:00:B1:36:BC:9F:48:21:59:52:AF:6A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9VowdbE6pnPPALE2vJ9IIVlSr2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.12.255.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
83.219.97.0/24
87.120.130.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.160.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ef:b0:bb:3f:d6:af:a3:72:c5:d0:06:3e:bb:81:6e:5a:6b:
2f:e1:39:63:76:88:dc:ad:f4:ef:a8:b6:c4:56:fe:3e:32:91:
b7:08:46:77:31:af:8a:fa:7a:cb:aa:d2:6e:cf:32:f4:1e:26:
aa:40:40:b2:f2:3e:d7:df:57:0b:62:b5:21:26:3d:64:f7:e7:
a7:2a:7d:b6:09:2c:75:97:37:d3:ef:12:00:ab:8e:c1:de:ab:
75:14:35:63:b4:5b:18:52:82:4f:9b:91:c0:14:4e:ad:ab:85:
e6:3b:43:d5:22:01:61:cd:0b:a0:46:39:e7:ef:0d:6f:ac:db:
21:14:6d:cd:a2:c6:61:53:32:b2:15:0b:ba:25:0d:1d:4a:17:
47:12:58:34:0d:f5:df:29:cf:e5:e4:09:93:a4:70:e8:d1:f7:
1d:21:f1:30:fd:b0:fe:53:db:0f:f5:63:99:9e:2e:6b:b7:ab:
d4:01:ef:d8:ff:26:5c:25:84:58:ec:e3:38:c1:d1:4f:0d:05:
c9:d3:21:97:fb:5d:0a:f0:99:63:eb:4c:1a:b9:20:8a:be:a3:
16:54:c5:66:ae:bb:28:3e:3a:56:23:62:7e:b9:0a:ba:3a:9e:
f2:45:f6:df:7b:b9:f7:4b:e7:1b:20:b0:d2:2c:54:d7:a9:b8:
af:39:40:1d
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYukq4mfINnH5u7AvK4f0K9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTA2MTI0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTVhMzA3NWIxM2FhNjczY2YwMGIxMzZiYzlmNDgyMTU5NTJhZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3GDKeI9CoAxKXoROMUqQExRg3Di
IOAmNge88WFGPaUD0QYoPIP5FIZAufm+619jm5Spdd7THFfPTPWv1C9rUBxwMEmC
WMYuXmp+qNlsuqiy+D8ZjYs7k2C2HaEnhZTDcR9D8BRAJQDOoGf+TpVKTxkpZHqN
MIKGdk4a2ITxJYO/K3tY6t1Maxxiq9VSIKoK/7sE+zMj9vH43B0t+r+wz3Qv769A
i4UkZRxvw8bOKfC/lDYqSfWV5gP+NkCysZM8uFdzdC75Rra6jpeSJp5JdxrwV+W3
QdCYmv5dO5cALCDGiGxsSSAu/lHLSvZ8ffS7pvk2AQwdwBnksTDmWgeRlQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFPVaMHWxOqZzzwCxNryfSCFZUq9qMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOVZvd2RiRTZwblBQQUxFMnZKOUlJVmxTcjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAl
i4IDBAAtCZwDBAAtDP8DBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABPbj0DBABR
oeYDBABRoe8DBABT22EDBABXeIIDBAFXeXwDBABXeaIDBAJbyMADBABc+TADBABe
mqwDBABenKADBABenPgDBABenPoDBAGTTmQwDAMEAKsWEQMEAKsWEgMEAKsWHwME
ALLX4gMEALLX7gMEAMEZ2AMEAMEjEwMEAMK0JzANBgkqhkiG9w0BAQsFAAOCAQEA
m++wuz/Wr6NyxdAGPruBblprL+E5Y3aI3K3076i2xFb+PjKRtwhGdzGvivp6y6rS
bs8y9B4mqkBAsvI+199XC2K1ISY9ZPfnpyp9tgksdZc30+8SAKuOwd6rdRQ1Y7Rb
GFKCT5uRwBROrauF5jtD1SIBYc0LoEY55+8Nb6zbIRRtzaLGYVMyshULuiUNHUoX
RxJYNA313ynP5eQJk6Rw6NH3HSHxMP2w/lPbD/VjmZ4ua7er1AHv2P8mXCWEWOzj
OMHRTw0FydMhl/tdCvCZY+tMGrkgir6jFlTFZq67KD46ViNifrkKujqe8kX233u5
90vnGyCw0ixU16m4rzlAHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:26 2024 by rpki-client on console-ams.rpki-client.org