Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ahkt8N3_Qjhe6z5s6EAR5PdPxxM.roa
File: Ahkt8N3_Qjhe6z5s6EAR5PdPxxM.roa (raw, json)
Hash identifier: UCLe+k4Gw8DclPpBz8Z4gl+acdQ26KbO3HEZ+axW8g4=
Subject key identifier: 02:19:2D:F0:DD:FF:42:38:5E:EB:3E:6C:E8:40:11:E4:F7:4F:C7:13
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BD37F014F31BCFDEBB0D770A5C0E3C28B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ahkt8N3_Qjhe6z5s6EAR5PdPxxM.roa
Signing time: Wed 15 Nov 2023 14:59:57 +0000
ROA not before: Wed 15 Nov 2023 14:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:7f:01:4f:31:bc:fd:eb:b0:d7:70:a5:c0:e3:c2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 15 14:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02192df0ddff42385eeb3e6ce84011e4f74fc713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:62:d8:1a:7d:68:4e:de:9a:1f:e5:5f:24:0f:
ba:ea:07:45:93:c6:79:0e:43:b2:db:55:33:ba:e9:
37:35:ae:3e:14:00:ac:67:8f:b8:8b:e4:bd:e7:53:
2d:cc:ff:11:03:be:1f:66:4f:d6:f5:b2:5d:91:a9:
fc:23:fc:75:25:f6:b5:0a:87:fa:18:c2:62:1c:bc:
d0:d9:63:83:d4:70:59:c3:2e:0b:35:d4:70:5b:84:
c3:27:25:cc:27:db:5f:59:17:20:5c:fc:3e:dc:c8:
1e:8f:2f:41:c7:1f:81:8f:5c:35:59:a8:ea:ff:89:
18:ea:c2:e3:04:90:a3:27:be:6b:6e:cb:e8:88:67:
90:7b:c1:97:df:be:28:ab:80:d9:8c:65:e2:7e:48:
95:43:cc:ae:9e:b2:6a:16:69:4b:4b:c1:18:3e:1e:
52:ec:b3:7d:df:3c:95:af:76:c8:73:22:1a:cb:0b:
98:ef:6d:da:22:55:95:4c:a0:d7:ea:d4:7d:a3:a2:
55:5a:05:ee:b7:05:01:af:35:75:89:a1:d7:87:6f:
92:d9:f5:81:d9:0b:f0:7d:f8:5e:bc:6b:7d:4e:d9:
6d:88:44:25:f7:2f:79:ba:37:6a:e2:35:5b:56:10:
63:4e:22:6d:fe:5f:e5:cc:fb:44:e0:b6:6e:bc:73:
68:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:19:2D:F0:DD:FF:42:38:5E:EB:3E:6C:E8:40:11:E4:F7:4F:C7:13
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ahkt8N3_Qjhe6z5s6EAR5PdPxxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.66.228.0/24
45.151.90.0/24
79.110.50.0/23
82.115.211.0/24
84.54.49.0/24
87.121.105.0/24
94.156.176.0/24
185.226.175.0/24
193.37.47.0/24
193.149.28.0/22
194.49.86.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
67:06:38:a3:69:a5:5a:82:11:37:7f:b8:00:38:0c:a4:b0:45:
89:f0:d4:c0:41:eb:5b:75:c1:71:67:f9:0f:8d:53:88:6a:25:
7c:a2:19:ed:8d:4b:ab:ae:a3:53:7d:bc:88:34:2c:b2:25:6a:
80:cf:6d:b1:79:39:71:27:d8:0d:f1:d0:6c:46:f2:9f:05:6a:
d0:77:3e:0e:9f:3b:a2:0e:76:59:38:c0:c9:4c:8b:32:2b:75:
fd:95:08:f3:c7:b7:1e:ff:83:fd:e8:34:bc:86:42:90:22:1c:
6c:69:3d:32:17:59:38:8c:23:39:2f:da:e4:0b:81:5b:ba:6e:
a8:22:5b:9f:f8:7d:a2:ec:63:67:9f:db:3b:5f:a8:c1:b9:17:
ed:9a:3d:70:e5:b4:1c:03:93:15:96:f4:d6:34:71:88:58:0d:
1e:85:9a:28:7a:40:da:73:33:e9:cb:42:44:41:5f:18:0f:cb:
b6:4f:9a:f5:b5:02:b6:bb:69:9d:c2:5a:49:a1:dd:2c:08:9e:
bb:4e:e8:4c:54:35:ce:51:e0:d1:a6:b1:eb:41:cd:58:4a:39:
5b:35:aa:df:5b:bc:03:fd:2a:ce:6a:c5:f4:64:26:14:8d:3c:
1a:51:8e:cc:80:ac:4e:52:7f:ab:64:74:2b:0b:32:24:95:c3:
19:65:89:6a
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYvTfwFPMbz967DXcKXA48KLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTE1MTQ1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE5MmRmMGRkZmY0MjM4NWVlYjNlNmNlODQwMTFlNGY3NGZjNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWLYGn1oTt6aH+VfJA+66gdFk8Z5
DkOy21Uzuuk3Na4+FACsZ4+4i+S951MtzP8RA74fZk/W9bJdkan8I/x1Jfa1Cof6
GMJiHLzQ2WOD1HBZwy4LNdRwW4TDJyXMJ9tfWRcgXPw+3Mgejy9Bxx+Bj1w1Wajq
/4kY6sLjBJCjJ75rbsvoiGeQe8GX374oq4DZjGXifkiVQ8yunrJqFmlLS8EYPh5S
7LN93zyVr3bIcyIaywuY723aIlWVTKDX6tR9o6JVWgXutwUBrzV1iaHXh2+S2fWB
2QvwffhevGt9TtltiEQl9y95ujdq4jVbVhBjTiJt/l/lzPtE4LZuvHNo0wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAIZLfDd/0I4Xus+bOhAEeT3T8cTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQWhrdDhOM19RamhlNno1czZFQVI1UGRQeHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQhdAwQA
LULkAwQALZdaAwQBT24yAwQAUnPTAwQAVDYxAwQAV3lpAwQAXpywAwQAueKvAwQA
wSUvAwQCwZUcAwQAwjFWAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQBnBjijaaVa
ghE3f7gAOAyksEWJ8NTAQetbdcFxZ/kPjVOIaiV8ohntjUurrqNTfbyINCyyJWqA
z22xeTlxJ9gN8dBsRvKfBWrQdz4OnzuiDnZZOMDJTIsyK3X9lQjzx7ce/4P96DS8
hkKQIhxsaT0yF1k4jCM5L9rkC4Fbum6oIluf+H2i7GNnn9s7X6jBuRftmj1w5bQc
A5MVlvTWNHGIWA0ehZooekDaczPpy0JEQV8YD8u2T5r1tQK2u2mdwlpJod0sCJ67
TuhMVDXOUeDRprHrQc1YSjlbNarfW7wD/SrOasX0ZCYUjTwaUY7MgKxOUn+rZHQr
CzIklcMZZYlq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:26 2024 by rpki-client on console-ams.rpki-client.org