Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BWDHOEwvMvQEebnmgv-G5_h1CC8.roa
File: BWDHOEwvMvQEebnmgv-G5_h1CC8.roa (raw, json)
Hash identifier: RJ1MurkR/56kRgKsSt6o6m3e9lB/kBsf+eOu9ChQmv4=
Subject key identifier: 05:60:C7:38:4C:2F:32:F4:04:79:B9:E6:82:FF:86:E7:F8:75:08:2F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018713EB18AE303D94B052371F3D5DFC3CF4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BWDHOEwvMvQEebnmgv-G5_h1CC8.roa
Signing time: Fri 24 Mar 2023 13:59:47 +0000
ROA not before: Fri 24 Mar 2023 13:59:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
194.49.87.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:eb:18:ae:30:3d:94:b0:52:37:1f:3d:5d:fc:3c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 24 13:59:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0560c7384c2f32f40479b9e682ff86e7f875082f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a2:a9:bc:cf:be:ae:ca:83:e2:f9:19:d8:a7:
00:d3:69:39:c4:a1:2f:17:d4:82:30:ee:fe:ec:d1:
9a:a6:1c:70:fb:07:ae:1b:33:1f:60:2b:45:9e:72:
8c:d0:3a:a0:70:95:0d:bd:3c:0a:02:65:f5:bd:6a:
aa:87:a9:e0:66:58:9d:ec:8c:f9:90:a4:4b:74:d3:
38:d1:54:f7:ab:a8:5e:50:72:a2:09:70:89:50:7a:
15:75:e4:48:68:ce:45:82:36:4e:fe:bb:d6:55:47:
98:64:e0:3b:5c:2c:9c:d3:37:80:fc:21:dd:d4:53:
f4:68:72:c4:0c:1c:ee:80:50:5f:0a:96:44:bd:6d:
dd:4d:e9:c2:23:9c:bd:80:58:99:fa:02:64:b8:b5:
94:bd:52:5d:11:16:6a:21:90:58:af:3d:af:f2:83:
cf:92:83:2a:e3:bf:83:42:a9:96:cc:06:3b:df:38:
05:d0:9f:c7:61:74:ee:37:55:72:4a:af:8c:e2:e7:
51:cf:b8:30:2c:bd:bf:0f:46:e1:e4:eb:13:46:68:
12:d4:e4:d3:45:07:85:1c:b8:44:55:e9:b4:2a:3b:
68:3b:a1:99:6e:b8:c3:38:41:17:fe:f6:27:ac:b5:
37:f3:45:17:3c:41:86:f4:95:1e:a4:a6:50:4f:c2:
97:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:60:C7:38:4C:2F:32:F4:04:79:B9:E6:82:FF:86:E7:F8:75:08:2F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BWDHOEwvMvQEebnmgv-G5_h1CC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.124.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.19.0/24
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e1:83:07:3a:f1:d6:c7:82:27:b7:7c:61:1a:f3:9d:f7:a1:
7a:a0:7e:6c:46:fb:2c:b3:d7:ec:27:e0:92:b6:9d:47:48:0d:
98:20:d9:17:1f:0d:b7:46:1a:1d:61:b5:2d:32:fc:a8:27:2a:
7d:cc:0f:3b:92:2c:3a:a9:7a:9e:ea:ff:dc:1a:f2:e8:66:57:
c0:87:40:2b:25:72:bd:a5:e5:60:e2:41:47:54:40:c7:eb:14:
80:fd:e2:61:fe:fc:65:c2:e8:fc:2a:12:37:35:82:df:aa:b4:
d4:12:0e:dc:1c:46:c6:65:69:92:65:72:88:1a:29:c6:9e:72:
ed:8d:35:1e:75:c1:e5:14:ec:16:64:24:6b:c7:94:7b:a4:63:
5a:be:4d:b0:1e:24:2c:c9:ec:e7:af:fb:a8:87:ce:7a:cc:b6:
d6:d5:21:ed:d5:92:a4:f0:e4:eb:d0:76:6a:64:c0:37:00:8f:
cb:52:71:96:1d:d9:9d:1a:7c:b3:e9:9d:f2:86:85:cd:ce:c4:
92:5a:4b:ba:b4:5e:c3:2c:d8:40:a7:2e:13:d9:ca:81:43:a8:
8d:15:b5:10:e3:d7:78:a2:b2:2e:e7:09:a6:63:f8:02:ad:11:
0d:df:5c:2e:f6:c8:fa:11:8b:72:05:80:7f:bc:89:06:36:d8:
dd:73:55:57
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYcT6xiuMD2UsFI3Hz1d/Dz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzI0MTM1OTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTYwYzczODRjMmYzMmY0MDQ3OWI5ZTY4MmZmODZlN2Y4NzUwODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6KpvM++rsqD4vkZ2KcA02k5xKEv
F9SCMO7+7NGaphxw+weuGzMfYCtFnnKM0DqgcJUNvTwKAmX1vWqqh6ngZlid7Iz5
kKRLdNM40VT3q6heUHKiCXCJUHoVdeRIaM5FgjZO/rvWVUeYZOA7XCyc0zeA/CHd
1FP0aHLEDBzugFBfCpZEvW3dTenCI5y9gFiZ+gJkuLWUvVJdERZqIZBYrz2v8oPP
koMq47+DQqmWzAY73zgF0J/HYXTuN1VySq+M4udRz7gwLL2/D0bh5OsTRmgS1OTT
RQeFHLhEVem0KjtoO6GZbrjDOEEX/vYnrLU380UXPEGG9JUepKZQT8KXiwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFAVgxzhMLzL0BHm55oL/huf4dQgvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQldESE9Fd3ZNdlFFZWJubWd2LUc1X2gxQ0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAt
gOkDBAAtlekDBAAtl1kDBABSc9EDBABUNjEDBAFXeEADBAFXeXwDBABXedwDBAFc
d8QDBABeZ30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAMEAKsWEwME
AqsWSAMEAbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEAMIxVzANBgkqhkiG
9w0BAQsFAAOCAQEAf+GDBzrx1seCJ7d8YRrznfeheqB+bEb7LLPX7CfgkradR0gN
mCDZFx8Nt0YaHWG1LTL8qCcqfcwPO5IsOql6nur/3Bry6GZXwIdAKyVyvaXlYOJB
R1RAx+sUgP3iYf78ZcLo/CoSNzWC36q01BIO3BxGxmVpkmVyiBopxp5y7Y01HnXB
5RTsFmQka8eUe6RjWr5NsB4kLMns56/7qIfOesy21tUh7dWSpPDk69B2amTANwCP
y1Jxlh3ZnRp8s+md8oaFzc7EklpLurRewyzYQKcuE9nKgUOojRW1EOPXeKKyLucJ
pmP4Aq0RDd9cLvbI+hGLcgWAf7yJBjbY3XNVVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:01 2024 by rpki-client on console-fra.rpki-client.org