Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C9i5VFX1hw8swMFg5JHpdtjWSCE.roa
File: C9i5VFX1hw8swMFg5JHpdtjWSCE.roa (raw, json)
Hash identifier: qg7lIoz7ehKDSwIZhlzLdzYpQm1eFHmBA8pVi88s2Co=
Subject key identifier: 0B:D8:B9:54:55:F5:87:0F:2C:C0:C1:60:E4:91:E9:76:D8:D6:48:21
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C7BE83D06474154D42FCFA3E68762C60A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C9i5VFX1hw8swMFg5JHpdtjWSCE.roa
Signing time: Mon 18 Dec 2023 07:51:06 +0000
ROA not before: Mon 18 Dec 2023 07:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:e8:3d:06:47:41:54:d4:2f:cf:a3:e6:87:62:c6:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 18 07:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bd8b95455f5870f2cc0c160e491e976d8d64821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d5:ca:61:3a:23:e5:43:d1:c5:7d:ac:4e:03:
63:e0:be:48:4e:d0:07:60:86:01:03:e1:16:bd:24:
7b:76:c1:25:0b:c6:bc:0d:dc:5e:ea:bc:16:02:9d:
89:c1:5c:e7:c0:07:f8:f2:f7:cf:8a:be:63:4f:84:
63:ae:0f:ec:ec:3e:cd:6e:09:97:d7:a4:23:0a:8c:
f1:b8:82:38:1d:cf:38:1a:ff:7a:d2:1c:a9:57:97:
ed:e7:2c:98:1f:15:7d:90:8e:40:9c:28:f1:c0:4b:
51:1b:b8:2c:22:5a:51:2f:cf:bd:04:cf:33:99:1f:
9c:73:9a:09:bc:72:63:05:26:0a:b6:5b:60:9d:eb:
ee:71:d0:ff:5b:ae:ee:8b:cc:36:dc:c7:21:00:59:
e4:90:da:b3:c2:97:c5:e7:94:ac:65:5f:f6:91:29:
46:31:55:8c:a0:d3:b3:f7:05:0d:ef:73:fb:51:10:
0a:7e:2d:d0:b3:bb:2c:96:20:6b:fd:9b:19:d9:91:
a4:b3:36:c0:c4:b1:6b:dd:7d:aa:25:87:a5:9e:0d:
76:6e:a0:30:dd:d8:2c:3d:0c:01:87:01:0d:b1:f2:
86:b6:1b:83:c7:d1:3a:ce:27:92:56:5a:58:56:57:
0d:ce:c3:84:c3:0b:1a:58:05:78:6b:01:09:f3:5c:
0d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D8:B9:54:55:F5:87:0F:2C:C0:C1:60:E4:91:E9:76:D8:D6:48:21
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C9i5VFX1hw8swMFg5JHpdtjWSCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.129.86.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
83.219.97.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:92:3a:4b:ab:cc:8e:42:30:67:22:bc:92:9b:d2:da:c8:0e:
c5:a9:0f:c1:be:06:d4:3e:de:7a:c8:79:d9:57:e6:42:df:e8:
11:2c:b3:d0:32:a9:5c:92:f1:9f:d1:a4:63:99:33:5e:b9:a0:
fe:1d:4b:1e:10:d2:04:aa:b5:84:ad:62:4b:79:83:27:9d:6e:
bc:7b:8c:96:e6:03:2d:35:6b:48:ba:df:32:24:6b:74:b6:b4:
e6:c2:d5:1b:1d:9a:96:10:be:ff:f2:0d:58:d6:16:3b:2a:d1:
8c:8f:cc:63:ed:eb:e5:2b:a2:71:06:c4:96:1b:8b:3b:eb:7f:
ec:10:8f:f6:a1:29:ab:f5:13:20:6d:71:92:94:e4:63:0f:b8:
d6:9b:e8:71:8f:95:a5:db:e2:bf:c4:94:da:e0:50:b0:fb:d4:
61:7f:a0:70:49:46:a6:ff:06:2d:64:e4:3c:e6:f7:67:38:05:
9c:f6:00:70:5a:5a:27:af:84:c0:d8:06:bf:2b:20:da:2b:c1:
cd:c0:14:8a:50:b5:0d:48:02:07:9f:06:d5:39:cf:00:c6:40:
04:52:dd:34:fe:5d:50:ef:8d:3a:a8:54:23:70:ee:72:1b:51:
0c:19:71:46:4d:e9:21:36:50:08:4b:76:55:80:39:16:74:f8:
37:2c:43:2f
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYx76D0GR0FU1C/Po+aHYsYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjE4MDc1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQ4Yjk1NDU1ZjU4NzBmMmNjMGMxNjBlNDkxZTk3NmQ4ZDY0ODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNXKYToj5UPRxX2sTgNj4L5ITtAH
YIYBA+EWvSR7dsElC8a8Ddxe6rwWAp2JwVznwAf48vfPir5jT4Rjrg/s7D7NbgmX
16QjCozxuII4Hc84Gv960hypV5ft5yyYHxV9kI5AnCjxwEtRG7gsIlpRL8+9BM8z
mR+cc5oJvHJjBSYKtltgnevucdD/W67ui8w23MchAFnkkNqzwpfF55SsZV/2kSlG
MVWMoNOz9wUN73P7URAKfi3Qs7ssliBr/ZsZ2ZGkszbAxLFr3X2qJYelng12bqAw
3dgsPQwBhwENsfKGthuDx9E6zieSVlpYVlcNzsOEwwsaWAV4awEJ81wNtQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAvYuVRV9YcPLMDBYOSR6XbY1kghMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQzlpNVZGWDFodzhzd01GZzVKSHBkdGpXU0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEACWLggME
AC2BVAMEAC2BVgMEAC2NngMEAE9uPQMEAFGh7wMEAFPbYQMEAVd5fAMEAFd5ogME
AlvIwAMEAFz5MAMEAF6arAMEAF6c+AMEAZNOZDAMAwQAqxYRAwQAqxYSAwQAqxYf
AwQAwRnYAwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQB7kjpLq8yOQjBnIrySm9La
yA7FqQ/BvgbUPt56yHnZV+ZC3+gRLLPQMqlckvGf0aRjmTNeuaD+HUseENIEqrWE
rWJLeYMnnW68e4yW5gMtNWtIut8yJGt0trTmwtUbHZqWEL7/8g1Y1hY7KtGMj8xj
7evlK6JxBsSWG4s763/sEI/2oSmr9RMgbXGSlORjD7jWm+hxj5Wl2+K/xJTa4FCw
+9Rhf6BwSUam/wYtZOQ85vdnOAWc9gBwWlonr4TA2Aa/KyDaK8HNwBSKULUNSAIH
nwbVOc8AxkAEUt00/l1Q7406qFQjcO5yG1EMGXFGTekhNlAIS3ZVgDkWdPg3LEMv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org