Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AyExe9BEBaDDudLPKDLZQ7SNh1s.roa
File: AyExe9BEBaDDudLPKDLZQ7SNh1s.roa (raw, json)
Hash identifier: BoDrJshnwNXC/B1VxkfVdPKRPuHtwTfOkXW9zFWpfzM=
Subject key identifier: 03:21:31:7B:D0:44:05:A0:C3:B9:D2:CF:28:32:D9:43:B4:8D:87:5B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186E91848E5D7586A99599E155EFD08C4F3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AyExe9BEBaDDudLPKDLZQ7SNh1s.roa
Signing time: Thu 16 Mar 2023 06:25:28 +0000
ROA not before: Thu 16 Mar 2023 06:25:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e9:18:48:e5:d7:58:6a:99:59:9e:15:5e:fd:08:c4:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 16 06:25:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0321317bd04405a0c3b9d2cf2832d943b48d875b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c8:5e:f0:de:45:7d:55:12:27:67:c0:af:1c:
41:52:79:bf:eb:01:3b:b4:d2:bd:81:cc:98:a6:49:
09:1d:2b:dc:9a:34:40:4d:d7:bc:61:da:f1:95:2b:
10:cf:1f:e0:7e:74:68:9c:47:69:3b:0b:b8:d5:46:
5e:56:f4:40:c2:96:ce:e4:c2:16:05:8a:8a:ce:b5:
b4:ae:37:3c:19:bc:2a:bb:f9:7b:54:1f:b7:bd:0f:
83:cc:fa:6c:35:5a:f3:a0:50:9e:ea:6b:7c:8c:76:
72:47:c6:3a:b3:20:54:fc:46:bf:de:d7:ca:f7:37:
5a:63:84:2c:3e:56:3a:2c:ed:51:d1:65:39:dd:21:
db:3b:7f:ae:4e:5d:3e:3b:22:6d:d0:b5:f2:fd:ab:
a1:54:2a:e0:56:a4:2c:df:00:f8:69:f0:a2:4e:2a:
0d:b4:26:a1:29:93:c1:d3:d3:06:33:7a:72:14:1b:
99:3b:74:11:98:6e:26:35:d9:ce:f3:f6:8c:43:57:
00:9b:92:80:b9:9a:16:aa:58:ce:9a:e4:6d:5f:01:
9b:2f:52:ee:5d:71:bc:1a:a5:77:fa:a1:25:f9:99:
a4:b7:bb:a6:77:a7:36:e6:05:7a:0c:1b:6d:b0:32:
9a:a9:2f:a4:8b:3f:21:25:ad:fb:1c:fe:40:cf:12:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:21:31:7B:D0:44:05:A0:C3:B9:D2:CF:28:32:D9:43:B4:8D:87:5B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AyExe9BEBaDDudLPKDLZQ7SNh1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.151.89.0/24
87.120.64.0/23
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
164.40.185.0/24
171.22.19.0/24
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:40:60:29:4c:0a:3a:47:23:6a:5a:cc:27:da:9f:ed:e0:3e:
c9:5f:f3:03:1d:f5:2f:8e:c4:da:69:b8:3e:2f:57:d7:68:28:
76:3f:ba:0c:7a:fb:29:b7:ee:78:b7:80:59:10:e1:cf:d8:c4:
72:36:aa:f1:0f:5c:00:66:34:8f:7e:b1:1d:2a:aa:6e:10:27:
10:3c:e3:1b:d0:b2:ab:25:be:43:03:c6:1e:61:02:4e:e0:1b:
43:17:45:0a:4d:11:3a:c3:0d:12:8e:8b:8b:b5:26:c0:46:5f:
28:4b:a3:55:f4:7a:77:ab:a7:27:29:a6:52:f4:11:42:bd:50:
39:15:b7:24:35:79:d2:c8:8a:97:b3:f4:49:ee:1e:bb:38:06:
83:44:cc:00:ee:74:f2:d4:28:1d:72:fa:73:dd:f4:a6:0e:39:
5f:ab:e2:7c:32:ff:c6:44:b5:37:2e:2b:ab:e2:78:e1:04:19:
b2:fc:9e:ff:93:b4:21:d6:fd:11:35:00:3f:d0:c4:f7:1f:41:
0c:4a:e8:ae:63:52:db:ce:f5:1d:68:1b:af:e1:48:b8:ad:8b:
42:33:95:4e:c8:b8:39:90:5b:98:bc:f0:67:ac:aa:8c:d1:73:
b8:ab:7a:4d:75:eb:3f:bb:40:90:0d:8a:2c:36:06:8e:af:3f:
77:d3:0d:c7
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYbpGEjl11hqmVmeFV79CMTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzE2MDYyNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIxMzE3YmQwNDQwNWEwYzNiOWQyY2YyODMyZDk0M2I0OGQ4NzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8he8N5FfVUSJ2fArxxBUnm/6wE7
tNK9gcyYpkkJHSvcmjRATde8YdrxlSsQzx/gfnRonEdpOwu41UZeVvRAwpbO5MIW
BYqKzrW0rjc8Gbwqu/l7VB+3vQ+DzPpsNVrzoFCe6mt8jHZyR8Y6syBU/Ea/3tfK
9zdaY4QsPlY6LO1R0WU53SHbO3+uTl0+OyJt0LXy/auhVCrgVqQs3wD4afCiTioN
tCahKZPB09MGM3pyFBuZO3QRmG4mNdnO8/aMQ1cAm5KAuZoWqljOmuRtXwGbL1Lu
XXG8GqV3+qEl+Zmkt7umd6c25gV6DBttsDKaqS+kiz8hJa37HP5AzxKR5wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFAMhMXvQRAWgw7nSzygy2UO0jYdbMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQXlFeGU5QkVCYUREdWRMUEtETFpRN1NOaDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQALYDpAwQA
LZdZAwQBV3hAAwQBV3l8AwQBXHfEMAwDBABemqEDBAJemqADBACkKLkDBACrFhMD
BAKrFkgDBACy1+wDBAK52FQDBAK52lQDBAC52okDBAC5234DBAC5/LAwDQYJKoZI
hvcNAQELBQADggEBAF5AYClMCjpHI2pazCfan+3gPslf8wMd9S+OxNppuD4vV9do
KHY/ugx6+ym37ni3gFkQ4c/YxHI2qvEPXABmNI9+sR0qqm4QJxA84xvQsqslvkMD
xh5hAk7gG0MXRQpNETrDDRKOi4u1JsBGXyhLo1X0enerpycpplL0EUK9UDkVtyQ1
edLIipez9EnuHrs4BoNEzADudPLUKB1y+nPd9KYOOV+r4nwy/8ZEtTcuK6vieOEE
GbL8nv+TtCHW/RE1AD/QxPcfQQxK6K5jUtvO9R1oG6/hSLiti0IzlU7IuDmQW5i8
8GesqozRc7irek116z+7QJANiiw2Bo6vP3fTDcc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org