Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BGZe7dvPcgHtlmNLAhsE4ZshDV0.roa
File: BGZe7dvPcgHtlmNLAhsE4ZshDV0.roa (raw, json)
Hash identifier: xC8D2lMbyZnnwjGlzxYL0cUZseBZ7QvJbNH7tj+0JbQ=
Subject key identifier: 04:66:5E:ED:DB:CF:72:01:ED:96:63:4B:02:1B:04:E1:9B:21:0D:5D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188479EBBA04A4C6C43944E1F8CB60A5ABE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BGZe7dvPcgHtlmNLAhsE4ZshDV0.roa
Signing time: Tue 23 May 2023 07:59:24 +0000
ROA not before: Tue 23 May 2023 07:59:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:9e:bb:a0:4a:4c:6c:43:94:4e:1f:8c:b6:0a:5a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 23 07:59:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04665eeddbcf7201ed96634b021b04e19b210d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:91:4a:61:30:73:75:c5:76:e3:f7:89:01:c8:
76:05:50:16:04:6f:b2:68:f9:ec:a1:ec:49:5d:be:
3a:22:fd:6f:81:64:ad:9d:ee:cf:cb:2a:a8:30:94:
f9:10:e7:28:5a:19:0a:4d:81:24:38:34:f8:d8:f0:
9a:87:b6:d6:f3:60:d3:b7:d8:4f:62:50:00:12:75:
b9:ae:22:73:91:aa:8a:f9:08:77:a4:c7:92:13:57:
5c:63:b7:8d:46:c8:2f:e0:04:f9:06:b8:38:fa:59:
8d:75:6f:0c:1d:91:b6:6a:ee:29:6f:bf:2d:57:9f:
bc:d1:15:5e:84:2e:71:aa:45:20:ac:ca:c8:35:5b:
bb:94:0f:64:a2:4f:38:8b:ec:42:76:b2:69:82:0a:
09:65:6d:81:dc:d8:b9:2d:22:55:43:f7:f3:d3:8d:
17:90:99:67:ef:e6:2f:83:90:ef:09:5e:00:e7:42:
b1:da:7b:58:a2:3d:48:2c:2c:e8:85:b1:0f:44:bb:
7f:b5:19:60:92:7f:3e:a8:b5:7d:03:3f:d3:91:6f:
39:e0:e2:f5:ee:e7:de:c6:e2:82:7f:3b:aa:cb:d8:
20:91:00:10:06:f9:cc:35:64:a0:49:4e:d0:6e:9a:
a4:29:e9:6b:36:fd:c1:2e:cd:a5:da:ca:22:78:c6:
1c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:66:5E:ED:DB:CF:72:01:ED:96:63:4B:02:1B:04:E1:9B:21:0D:5D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BGZe7dvPcgHtlmNLAhsE4ZshDV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
94.156.10.0/24
94.156.239.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5e:91:02:f9:f4:3d:df:5c:07:2d:7a:f0:dc:96:f3:ca:18:
3f:cd:08:0a:94:da:46:31:d6:c5:e6:d6:16:ee:f8:5e:03:e9:
f9:8f:22:8e:bd:8a:5e:70:dc:25:a8:cf:ca:b3:39:cc:d9:ae:
e7:79:77:22:18:58:30:a1:20:24:a8:eb:d1:70:ac:e2:36:d4:
3f:28:9d:77:bb:7c:66:10:58:cc:57:e6:1b:ea:a5:a0:5b:ab:
98:9b:9a:90:93:bd:d2:01:18:9e:dd:31:84:9e:05:96:a2:49:
bb:19:22:c8:3e:ec:9d:85:9e:13:6b:66:88:c0:2b:cf:31:15:
82:8a:69:5f:9e:d8:dc:53:41:fc:b7:d6:8d:5d:65:a1:cd:2c:
6c:1f:7d:af:b6:05:3a:9e:51:2f:46:e4:77:dd:8b:0e:d7:5c:
6b:96:77:e7:53:fc:4e:eb:41:64:f1:4f:e0:24:87:2d:3d:c7:
07:26:03:48:a2:05:85:4e:14:b1:f7:8b:d6:47:31:5f:a5:c8:
67:47:16:6f:61:40:f5:9a:eb:96:bd:b7:ff:2f:90:62:c3:ac:
43:8f:f4:09:bb:11:84:b8:12:6e:5a:e4:80:61:fe:1e:80:8f:
46:09:04:69:ce:00:0c:ad:76:ed:56:82:61:cb:a1:cd:46:3a:
42:b4:12:fb
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYhHnrugSkxsQ5ROH4y2Clq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIzMDc1OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY2NWVlZGRiY2Y3MjAxZWQ5NjYzNGIwMjFiMDRlMTliMjEwZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZFKYTBzdcV24/eJAch2BVAWBG+y
aPnsoexJXb46Iv1vgWStne7PyyqoMJT5EOcoWhkKTYEkODT42PCah7bW82DTt9hP
YlAAEnW5riJzkaqK+Qh3pMeSE1dcY7eNRsgv4AT5Brg4+lmNdW8MHZG2au4pb78t
V5+80RVehC5xqkUgrMrINVu7lA9kok84i+xCdrJpggoJZW2B3Ni5LSJVQ/fz040X
kJln7+Yvg5DvCV4A50Kx2ntYoj1ILCzohbEPRLt/tRlgkn8+qLV9Az/TkW854OL1
7ufexuKCfzuqy9ggkQAQBvnMNWSgSU7QbpqkKelrNv3BLs2l2soieMYcyQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFARmXu3bz3IB7ZZjSwIbBOGbIQ1dMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQkdaZTdkdlBjZ0h0bG1OTEFoc0U0WnNoRFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQALZdZAwQB
XHfEAwQAXmd+MAwDBABemqEDBAJemqADBABenAoDBABenO8DBAGTTmQDBAKrFkgD
BACy1+wDBAC52EYDBAK52FQDBAK52lQDBAC52okDBAC5234wDQYJKoZIhvcNAQEL
BQADggEBAFRekQL59D3fXActevDclvPKGD/NCAqU2kYx1sXm1hbu+F4D6fmPIo69
il5w3CWoz8qzOczZrud5dyIYWDChICSo69FwrOI21D8onXe7fGYQWMxX5hvqpaBb
q5ibmpCTvdIBGJ7dMYSeBZaiSbsZIsg+7J2FnhNrZojAK88xFYKKaV+e2NxTQfy3
1o1dZaHNLGwffa+2BTqeUS9G5Hfdiw7XXGuWd+dT/E7rQWTxT+Akhy09xwcmA0ii
BYVOFLH3i9ZHMV+lyGdHFm9hQPWa65a9t/8vkGLDrEOP9Am7EYS4Em5a5IBh/h6A
j0YJBGnOAAytdu1WgmHLoc1GOkK0Evs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:26 2024 by rpki-client on console-ams.rpki-client.org