Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DNo6PYo-u35xhmdozXbPggWutI8.roa
File: DNo6PYo-u35xhmdozXbPggWutI8.roa (raw, json)
Hash identifier: iFWSLJOkGkQJFFT9j6qr1lmWAap1HBJjtFTZacHPqjc=
Subject key identifier: 0C:DA:3A:3D:8A:3E:BB:7E:71:86:67:68:CD:76:CF:82:05:AE:B4:8F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D0C43C84EB6CB965D6E484BE7395C14E3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DNo6PYo-u35xhmdozXbPggWutI8.roa
Signing time: Mon 15 Jan 2024 08:36:25 +0000
ROA not before: Mon 15 Jan 2024 08:36:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61302
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:43:c8:4e:b6:cb:96:5d:6e:48:4b:e7:39:5c:14:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 15 08:36:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cda3a3d8a3ebb7e71866768cd76cf8205aeb48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6f:d0:de:b0:65:15:28:46:e0:33:ed:d4:1a:
a3:96:62:3c:00:63:c0:9d:6e:9d:ae:6e:53:c6:13:
9a:6d:14:3f:c0:3b:90:a6:76:5a:02:c2:bc:cd:9c:
87:74:2b:1e:c9:1f:ef:52:45:f8:cf:ad:83:2c:af:
1b:2f:be:bc:2c:72:1f:36:aa:0c:d1:76:b1:79:19:
0d:00:83:5f:89:aa:15:e8:4e:2e:18:a6:d4:48:e4:
26:16:9e:bb:1d:4d:55:a2:7a:cb:9a:e3:43:f9:ab:
c2:79:7e:a4:d0:76:9f:7d:e2:99:0f:48:3f:3b:c2:
be:c0:ce:16:c2:3f:c3:28:aa:b5:dd:7d:8f:d9:9a:
62:e1:a1:ef:2e:48:2f:14:97:f1:b9:92:f8:6d:e5:
ad:87:32:1a:20:54:c4:ff:e8:29:52:34:e0:a5:27:
31:56:34:12:f5:4d:56:8a:b3:9c:38:4d:25:ca:70:
9a:d2:92:db:47:3c:29:8d:c3:51:0a:98:1b:d6:ab:
e2:47:3e:fb:e4:4c:64:7d:98:9d:50:d4:e5:2e:c3:
ca:42:47:d8:ab:b1:90:94:bc:32:96:ba:3c:fc:b9:
b5:4c:a1:52:ea:ea:a4:ce:ae:10:9c:25:30:ae:ce:
70:8a:82:d4:43:45:9e:7b:42:ca:bc:eb:89:59:94:
75:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DA:3A:3D:8A:3E:BB:7E:71:86:67:68:CD:76:CF:82:05:AE:B4:8F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DNo6PYo-u35xhmdozXbPggWutI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
82.115.210.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
94.156.248.0/24
147.78.100.0/24
171.22.17.0/24
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:03:ae:2b:a5:69:4b:0e:e9:e5:36:a3:5f:20:16:7d:c2:e3:
42:0d:7b:76:71:4a:0a:c6:0b:49:1a:f0:45:a7:29:ae:c5:90:
65:e1:4a:6f:b1:d0:cb:33:ff:6d:02:6d:27:e3:d6:71:6c:0a:
35:f6:f5:be:f1:f2:3b:c2:6f:f0:9d:7a:59:86:d7:22:0d:dd:
0a:f3:23:fa:76:c6:ae:36:97:0c:ef:d5:49:37:e1:5d:ef:a0:
fc:7a:ee:17:c5:2e:0e:16:16:be:ed:10:9a:b4:72:01:1f:83:
64:77:b4:d8:05:a0:d3:2c:d5:4c:1c:ac:4b:9b:8b:e7:b3:ef:
b4:bc:23:4e:ba:e8:5e:68:14:c1:cd:e9:e7:86:5e:66:6b:c0:
b0:00:be:34:1f:43:da:9f:39:15:1c:9a:03:f7:a1:8a:4d:e8:
5b:f0:15:84:3a:02:40:05:cb:ec:e3:fd:98:26:30:e8:67:63:
54:cc:3a:ee:0d:fc:3a:a7:08:55:89:c4:5a:0b:d9:88:ab:b0:
dd:a3:24:ed:dd:2e:8a:11:e1:0c:f8:f0:93:6c:5d:c9:50:ba:
5d:d5:b8:3c:c2:62:96:af:4c:40:25:ca:0c:0c:f8:0e:5e:30:
b6:fb:10:db:ea:bf:ab:77:ee:6f:a4:1c:6c:47:a3:64:e9:6b:
d3:8c:33:ce
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY0MQ8hOtsuWXW5IS+c5XBTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE1MDgzNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RhM2EzZDhhM2ViYjdlNzE4NjY3NjhjZDc2Y2Y4MjA1YWViNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm/Q3rBlFShG4DPt1BqjlmI8AGPA
nW6drm5TxhOabRQ/wDuQpnZaAsK8zZyHdCseyR/vUkX4z62DLK8bL768LHIfNqoM
0XaxeRkNAINfiaoV6E4uGKbUSOQmFp67HU1VonrLmuND+avCeX6k0HaffeKZD0g/
O8K+wM4Wwj/DKKq13X2P2Zpi4aHvLkgvFJfxuZL4beWthzIaIFTE/+gpUjTgpScx
VjQS9U1WirOcOE0lynCa0pLbRzwpjcNRCpgb1qviRz775ExkfZidUNTlLsPKQkfY
q7GQlLwylro8/Lm1TKFS6uqkzq4QnCUwrs5wioLUQ0Wee0LKvOuJWZR1uwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAzaOj2KPrt+cYZnaM12z4IFrrSPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRE5vNlBZby11MzV4aG1kb3pYYlBnZ1d1dEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAJYuCAwQA
LYFUAwQALY2eAwQAT249AwQAUaHvAwQAUnPSAwQBV3l8AwQAV3miAwQCW8jAAwQA
Xpz4AwQAk05kAwQAqxYRAwQAqxYfAwQAwRnYAwQAwSMTMA0GCSqGSIb3DQEBCwUA
A4IBAQAdA64rpWlLDunlNqNfIBZ9wuNCDXt2cUoKxgtJGvBFpymuxZBl4UpvsdDL
M/9tAm0n49ZxbAo19vW+8fI7wm/wnXpZhtciDd0K8yP6dsauNpcM79VJN+Fd76D8
eu4XxS4OFha+7RCatHIBH4Nkd7TYBaDTLNVMHKxLm4vns++0vCNOuuheaBTBzenn
hl5ma8CwAL40H0PanzkVHJoD96GKTehb8BWEOgJABcvs4/2YJjDoZ2NUzDruDfw6
pwhVicRaC9mIq7DdoyTt3S6KEeEM+PCTbF3JULpd1bg8wmKWr0xAJcoMDPgOXjC2
+xDb6r+rd+5vpBxsR6Nk6WvTjDPO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:01 2024 by rpki-client on console-fra.rpki-client.org