Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D9OdOxvNCT7TdC058UtMdT_gZTE.roa
File: D9OdOxvNCT7TdC058UtMdT_gZTE.roa (raw, json)
Hash identifier: W1Io203X1oOWn0v/DSN0ORaee9dBP6jwmGSuRXpy9J4=
Subject key identifier: 0F:D3:9D:3B:1B:CD:09:3E:D3:74:2D:39:F1:4B:4C:75:3F:E0:65:31
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E616EA69724245A693CB549F506D9FC0D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D9OdOxvNCT7TdC058UtMdT_gZTE.roa
Signing time: Thu 21 Mar 2024 14:33:45 +0000
ROA not before: Thu 21 Mar 2024 14:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:6e:a6:97:24:24:5a:69:3c:b5:49:f5:06:d9:fc:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 21 14:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd39d3b1bcd093ed3742d39f14b4c753fe06531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:27:f1:61:4d:2f:57:92:6b:6c:f8:a6:73:24:
04:66:06:39:c9:d2:b3:d6:61:61:8c:bf:2f:d7:88:
e2:88:e3:36:cb:82:0b:6d:f1:2f:bb:b5:54:2b:9b:
c4:ee:b8:60:40:b8:07:b0:4e:5c:3f:ba:d2:d6:41:
a8:33:ef:02:16:5f:c9:ba:6a:05:41:ec:8d:11:e7:
6e:09:31:79:60:20:f8:ed:e1:ab:b0:b0:e0:aa:c9:
6b:9d:ca:f7:3c:b8:5f:4f:f3:60:8d:60:60:f3:07:
42:64:e7:0d:6e:c2:5f:41:c0:b4:88:85:33:fc:91:
62:b7:25:42:10:4c:cb:6a:20:aa:7e:79:e3:9d:8b:
c3:95:6a:91:0f:0d:24:9b:4a:78:bd:02:0a:c3:84:
5d:a8:4d:68:fd:c5:ca:ec:5f:24:32:fc:8a:ba:b7:
c5:78:6c:87:18:3c:92:a2:99:97:03:99:d3:ec:47:
96:58:d3:85:90:14:bf:42:1f:0b:10:06:73:a3:c4:
5b:74:a2:c9:2d:6c:84:59:21:cf:9d:1d:b5:e5:d0:
80:a1:af:31:e7:d6:c0:e3:cb:25:e0:aa:9a:62:95:
39:d5:5e:46:f3:ad:4c:28:61:70:9f:04:18:b0:e7:
11:7c:d7:40:22:cd:74:fd:5e:c1:dd:03:82:c2:83:
e1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D3:9D:3B:1B:CD:09:3E:D3:74:2D:39:F1:4B:4C:75:3F:E0:65:31
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D9OdOxvNCT7TdC058UtMdT_gZTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.9.156.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
185.252.176.0/24
185.254.37.0/24
193.37.41.0/24
194.48.250.0/24
194.55.186.0/24
194.55.224.0/24
194.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:4e:78:d6:af:b8:a1:89:12:f8:c8:08:19:92:ad:54:f1:46:
3f:ba:23:56:f0:0f:9b:eb:c5:9a:49:37:a3:63:97:c2:38:98:
83:a4:07:2e:44:97:1a:c4:a9:9a:55:a0:dc:26:8c:17:53:a3:
56:7f:26:cf:fd:b1:67:e7:1b:26:62:67:a3:30:51:d0:df:8b:
bc:22:8b:2c:ca:df:a6:87:ab:f8:f5:1a:f1:03:f0:ce:80:81:
d7:33:19:2f:04:ef:51:f0:59:a2:d0:3e:5c:5a:0f:15:db:34:
85:6b:4d:2f:b8:eb:0e:14:0b:8e:fd:7f:eb:8d:c8:a4:9a:ff:
09:66:58:d5:6b:18:0f:44:0f:04:9f:96:31:b8:5e:4d:8a:bf:
bd:ab:00:33:05:51:75:20:eb:d5:c8:92:4a:d9:2b:80:77:e6:
12:87:49:79:d8:56:e5:0b:e3:f4:1b:96:e3:7a:db:96:f3:19:
b7:71:f2:1f:8c:ff:a9:25:42:ea:d9:12:8a:92:70:7f:f2:a9:
8a:fe:91:53:97:8d:50:23:94:0c:ae:83:4d:37:76:41:67:a8:
9d:dc:5f:bd:fb:ea:b6:81:da:1a:4b:bf:9c:96:21:47:01:0b:
ac:75:7f:00:9e:19:d7:51:c4:6c:02:20:00:ec:01:a7:88:d1:
eb:e2:a7:7c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAY5hbqaXJCRaaTy1SfUG2fwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzIxMTQzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQzOWQzYjFiY2QwOTNlZDM3NDJkMzlmMTRiNGM3NTNmZTA2NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlifxYU0vV5JrbPimcyQEZgY5ydKz
1mFhjL8v14jiiOM2y4ILbfEvu7VUK5vE7rhgQLgHsE5cP7rS1kGoM+8CFl/JumoF
QeyNEeduCTF5YCD47eGrsLDgqslrncr3PLhfT/NgjWBg8wdCZOcNbsJfQcC0iIUz
/JFityVCEEzLaiCqfnnjnYvDlWqRDw0km0p4vQIKw4RdqE1o/cXK7F8kMvyKurfF
eGyHGDySopmXA5nT7EeWWNOFkBS/Qh8LEAZzo8RbdKLJLWyEWSHPnR215dCAoa8x
59bA48sl4KqaYpU51V5G861MKGFwnwQYsOcRfNdAIs10/V7B3QOCwoPhlQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFA/TnTsbzQk+03QtOfFLTHU/4GUxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRDlPZE94dk5DVDdUZEMwNThVdE1kVF9nWlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAC
O/8DBAAtCZwDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBAJemqADBAFe
nEgDBABenO8DBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQDBAK52lQDBAC5
9t8DBAC5/LADBAC5/iUDBADBJSkDBADCMPoDBADCN7oDBADCN+ADBADCqawwDQYJ
KoZIhvcNAQELBQADggEBAG9OeNavuKGJEvjICBmSrVTxRj+6I1bwD5vrxZpJN6Nj
l8I4mIOkBy5ElxrEqZpVoNwmjBdTo1Z/Js/9sWfnGyZiZ6MwUdDfi7wiiyzK36aH
q/j1GvED8M6AgdczGS8E71HwWaLQPlxaDxXbNIVrTS+46w4UC479f+uNyKSa/wlm
WNVrGA9EDwSfljG4Xk2Kv72rADMFUXUg69XIkkrZK4B35hKHSXnYVuUL4/QbluN6
25bzGbdx8h+M/6klQurZEoqScH/yqYr+kVOXjVAjlAyug003dkFnqJ3cX7376raB
2hpLv5yWIUcBC6x1fwCeGddRxGwCIADsAaeI0evip3w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org