Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/E9k24oSSixceyVPDEedxjJXLaGc.roa
File: E9k24oSSixceyVPDEedxjJXLaGc.roa (raw, json)
Hash identifier: FFV8PYEYL9Y7DPItRCgucDJxhKeL2Eizl5Eg0nPidaE=
Subject key identifier: 13:D9:36:E2:84:92:8B:17:1E:C9:53:C3:11:E7:71:8C:95:CB:68:67
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A21DE727EEE4F46C19BAD00992F5730F5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/E9k24oSSixceyVPDEedxjJXLaGc.roa
Signing time: Wed 23 Aug 2023 10:09:00 +0000
ROA not before: Wed 23 Aug 2023 10:09:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
93.123.76.0/22 maxlen: 24
141.98.5.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
94.156.178.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
94.156.180.0/23 maxlen: 24
87.121.104.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.119.0/24 maxlen: 24
5.253.58.0/23 maxlen: 24
193.25.219.0/24 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:de:72:7e:ee:4f:46:c1:9b:ad:00:99:2f:57:30:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 23 10:09:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13d936e284928b171ec953c311e7718c95cb6867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:6a:aa:b2:95:25:73:7c:89:0d:d4:ab:83:
07:35:bf:70:da:67:d5:a8:30:fa:cf:03:bb:74:92:
ea:8c:56:2a:41:a6:11:b6:91:6e:6d:fe:75:27:6e:
21:cd:10:49:ab:f6:06:ce:76:20:3a:20:f4:15:2e:
55:d1:86:c5:3f:ae:da:7b:ef:29:3d:00:09:81:d0:
1e:d5:16:42:8f:98:3a:ca:de:eb:d6:dd:4b:10:ca:
59:55:8b:bd:f0:f4:c0:25:02:b8:29:de:0b:9e:a6:
48:b8:c9:bc:d2:67:96:ce:2a:ca:bd:9b:aa:66:3b:
77:62:bb:46:b9:f1:83:c0:37:42:21:7b:bb:d8:49:
35:c9:ae:7c:37:d1:1b:49:59:09:58:c3:7e:d4:9a:
f7:1d:21:fb:62:43:a5:b7:7f:74:0b:85:ed:84:e4:
b8:37:b8:d7:de:10:5f:78:3a:82:f3:3c:4d:36:f3:
c7:50:0c:cc:45:2a:17:6c:89:8f:35:86:42:2e:20:
07:a9:0e:a2:5b:5e:07:e3:37:17:fc:31:a0:76:71:
08:a6:54:3d:59:f7:e7:ec:9b:77:d0:b8:f9:93:37:
2b:63:f2:75:17:ad:58:7f:d6:fc:3d:3c:d7:b8:ad:
1c:f2:c3:09:b0:63:df:51:8c:02:f9:d3:a4:49:fb:
13:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D9:36:E2:84:92:8B:17:1E:C9:53:C3:11:E7:71:8C:95:CB:68:67
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/E9k24oSSixceyVPDEedxjJXLaGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
45.8.92.0/24
45.9.208.0/22
45.139.123.0/24
87.120.192.0/23
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.76.0-93.123.80.255
93.123.112.0/22
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.178.0/24
94.156.180.0/23
94.156.237.0-94.156.238.255
141.98.5.0/24
185.147.100.0/22
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6a:a9:4c:f2:44:82:ac:ae:dd:cd:5d:be:a3:7d:e4:00:87:
7a:58:d4:c9:50:49:d3:77:7e:2a:fd:02:bc:61:36:53:05:b9:
6d:f9:22:df:62:1d:eb:10:bf:57:08:e0:46:17:3a:2a:4b:88:
43:21:4c:cf:c4:0b:14:90:9a:34:e3:12:1c:48:9d:16:68:07:
8a:c2:9a:b1:ea:3e:34:99:52:2f:e2:13:37:71:77:13:90:8b:
1f:d8:70:a6:7a:11:1a:fe:ef:08:88:73:f8:11:72:a8:ac:cd:
d5:bf:4c:01:fa:98:1b:5a:4d:15:51:75:be:f0:0c:a0:1f:ce:
0a:24:74:ad:b5:5f:e7:6f:51:a8:e8:14:4b:46:c3:04:0a:38:
c1:29:8c:91:c6:77:78:45:1f:00:45:85:c7:f6:44:ca:4d:17:
49:fc:50:d6:59:30:8b:51:04:d1:69:91:e1:2f:74:42:41:ca:
70:f9:72:d6:19:4b:b9:1a:9e:57:a3:15:8d:8f:2f:83:c0:db:
e1:07:f7:95:36:87:2d:f1:70:61:1b:f1:59:f8:5b:7d:f6:ad:
08:cc:91:b5:16:c7:6b:47:89:8a:c5:b0:84:af:12:36:14:31:
ff:c0:a9:97:17:ab:74:3a:4f:74:5f:a2:03:1b:52:3a:75:05:
63:3c:fd:cc
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAYoh3nJ+7k9GwZutAJkvVzD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIzMTAwOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2Q5MzZlMjg0OTI4YjE3MWVjOTUzYzMxMWU3NzE4Yzk1Y2I2ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYxqqrKVJXN8iQ3Uq4MHNb9w2mfV
qDD6zwO7dJLqjFYqQaYRtpFubf51J24hzRBJq/YGznYgOiD0FS5V0YbFP67ae+8p
PQAJgdAe1RZCj5g6yt7r1t1LEMpZVYu98PTAJQK4Kd4LnqZIuMm80meWzirKvZuq
Zjt3YrtGufGDwDdCIXu72Ek1ya58N9EbSVkJWMN+1Jr3HSH7YkOlt390C4XthOS4
N7jX3hBfeDqC8zxNNvPHUAzMRSoXbImPNYZCLiAHqQ6iW14H4zcX/DGgdnEIplQ9
Wffn7Jt30Lj5kzcrY/J1F61Yf9b8PTzXuK0c8sMJsGPfUYwC+dOkSfsTewIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFBPZNuKEkosXHslTwxHncYyVy2hnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRTlrMjRvU1NpeGNleVZQREVlZHhqSlhMYUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BAIF/TgDBAAtCFwDBAItCdADBAAti3sDBAFXeMAwDAMEAld5JAMEAFd5JgMEAld5
PDAMAwQAV3lnAwQAV3loAwQBV3lyAwQBV3mSAwQAV3mjAwQAW1wQAwQBW1waAwQA
W1xDAwQAXXsYAwQBXXsaMAwDBAJde0wDBABde1ADBAJde3ADBABde3cDBAFemqAD
BABemq0DBABenAIDBABenJgDBAFenJoDBABenLIDBAFenLQwDAMEAF6c7QMEAF6c
7gMEAI1iBQMEArmTZAMEALn8sQMEAMEZ2wMEAMEvPgMEAME6eQMEAME6ewMEAMI3
4gMEANRXzTANBgkqhkiG9w0BAQsFAAOCAQEALmqpTPJEgqyu3c1dvqN95ACHeljU
yVBJ03d+Kv0CvGE2UwW5bfki32Id6xC/VwjgRhc6KkuIQyFMz8QLFJCaNOMSHEid
FmgHisKaseo+NJlSL+ITN3F3E5CLH9hwpnoRGv7vCIhz+BFyqKzN1b9MAfqYG1pN
FVF1vvAMoB/OCiR0rbVf529RqOgUS0bDBAo4wSmMkcZ3eEUfAEWFx/ZEyk0XSfxQ
1lkwi1EE0WmR4S90QkHKcPly1hlLuRqeV6MVjY8vg8Db4Qf3lTaHLfFwYRvxWfhb
ffatCMyRtRbHa0eJisWwhK8SNhQx/8CplxerdDpPdF+iAxtSOnUFYzz9zA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org