Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EPucA2gKT49pkZl0po-V5Da7MS4.roa
File: EPucA2gKT49pkZl0po-V5Da7MS4.roa (raw, json)
Hash identifier: +F2OXjNunMmpWWJ3rcXXFJKHt2zn75FTxRpSor14s5Y=
Subject key identifier: 10:FB:9C:03:68:0A:4F:8F:69:91:99:74:A6:8F:95:E4:36:BB:31:2E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01857CF66C2E304903A1885A76689A9295E7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EPucA2gKT49pkZl0po-V5Da7MS4.roa
Signing time: Wed 04 Jan 2023 13:26:42 +0000
ROA not before: Wed 04 Jan 2023 13:26:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 45.90.88.0/22 maxlen: 24
45.12.254.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
84.21.173.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
195.178.121.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
171.22.29.0/24 maxlen: 24
81.161.238.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
94.156.161.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
193.222.98.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
185.221.67.0/24 maxlen: 24
79.110.48.0/23 maxlen: 24
194.49.87.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
194.49.95.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:f6:6c:2e:30:49:03:a1:88:5a:76:68:9a:92:95:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 4 13:26:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10fb9c03680a4f8f69919974a68f95e436bb312e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f4:43:41:a7:cd:a5:aa:f9:d4:46:ba:2a:0e:
7c:dd:82:d4:f8:7b:ee:41:d5:4c:61:f2:1e:34:69:
6e:d0:08:ba:e8:a4:af:2b:f5:9c:05:b6:a6:50:11:
94:25:f7:34:a7:d9:0f:4f:bc:d3:e6:28:a7:85:ea:
1a:17:6b:75:9a:9b:58:98:f7:d4:7f:39:d2:bd:5e:
2b:11:a0:88:2d:94:fa:71:54:9e:d7:8f:f8:d5:0c:
5e:9e:3f:97:83:df:d7:1a:5d:5d:3c:33:90:f1:71:
9d:ea:0e:29:a3:e9:8b:35:18:2f:17:df:ec:89:bd:
79:dd:72:40:02:e0:3c:b6:fb:fd:6d:6e:a1:87:56:
23:aa:f8:ed:3b:45:e4:0d:33:17:e7:85:dd:94:43:
6a:47:50:5c:92:77:df:3b:74:02:1a:77:34:f5:e8:
52:3e:34:e5:f1:a2:7d:77:ea:6f:85:c6:0f:e4:27:
d3:78:ad:11:0a:95:25:fd:89:f8:f6:4c:ae:d8:64:
78:5c:cb:42:d3:f4:60:c4:3b:3a:36:b8:0b:c6:9e:
ad:bc:5d:c7:3c:d1:f7:87:dc:64:d3:b4:de:e8:10:
3e:25:d2:6f:c9:9f:61:df:b5:d8:6e:32:16:c9:f3:
37:c3:b4:5d:b2:ab:2b:92:4f:b3:ea:31:90:c1:96:
e6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FB:9C:03:68:0A:4F:8F:69:91:99:74:A6:8F:95:E4:36:BB:31:2E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EPucA2gKT49pkZl0po-V5Da7MS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.90.88.0/22
45.149.233.0/24
45.149.241.0/24
79.110.48.0/23
81.161.238.0/23
84.21.173.0/24
84.54.49.0/24
87.121.220.0/24
94.156.161.0/24
109.206.239.0/24
141.98.4.0/24
141.98.7.0/24
147.78.100.0/23
164.40.185.0/24
171.22.18.0/24
171.22.29.0/24
171.22.31.0/24
178.215.237.0/24
185.221.67.0/24
193.25.217.0-193.25.218.255
193.58.120.0/24
193.222.98.0/23
194.31.204.0/24
194.48.248.0/24
194.49.86.0/23
194.49.95.0/24
194.55.227.0/24
194.169.173.0-194.169.174.255
195.178.121.0/24
Signature Algorithm: sha256WithRSAEncryption
11:01:7a:57:3f:9e:14:69:bf:4a:56:c7:b4:a9:82:76:18:88:
4d:a4:2d:a1:04:73:ca:c6:32:bd:34:bc:70:8c:fa:07:94:02:
91:4d:10:8d:04:05:e5:ec:c6:08:b8:db:ea:44:77:5e:6a:18:
fb:db:2e:2d:ba:36:c1:85:b8:a7:89:53:e0:61:49:73:fa:16:
81:12:ce:6f:16:a4:de:52:43:0a:12:c2:75:16:a7:d4:06:72:
44:7f:5b:55:43:6a:a6:d3:1f:96:e4:b3:3c:1b:45:fd:3c:8e:
b4:2f:07:a1:dd:0c:de:83:cc:30:e6:be:14:82:3b:21:79:97:
07:9f:3d:44:a9:75:39:99:ea:b3:4c:54:5b:4d:b7:c5:44:63:
24:f4:b3:ce:aa:78:07:64:3d:ec:e3:15:d6:53:57:e6:12:17:
31:34:00:f4:39:63:7e:df:89:40:d4:25:d1:21:57:74:a7:6b:
15:33:27:0d:43:24:ca:a5:b0:9f:14:9a:7f:01:5e:f1:a5:96:
b7:3d:58:7e:3c:64:35:4e:17:db:e8:c5:20:d0:0e:ab:98:40:
ea:4a:07:be:14:cf:42:c9:d1:8e:d0:fd:4f:96:d8:65:c8:40:
1b:03:62:10:7f:f2:8c:9d:12:bd:13:46:76:b4:ac:28:f5:b2:
37:6a:38:97
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYV89mwuMEkDoYhadmiakpXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTA0MTMyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZiOWMwMzY4MGE0ZjhmNjk5MTk5NzRhNjhmOTVlNDM2YmIzMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPRDQafNpar51Ea6Kg583YLU+Hvu
QdVMYfIeNGlu0Ai66KSvK/WcBbamUBGUJfc0p9kPT7zT5iinheoaF2t1mptYmPfU
fznSvV4rEaCILZT6cVSe14/41Qxenj+Xg9/XGl1dPDOQ8XGd6g4po+mLNRgvF9/s
ib153XJAAuA8tvv9bW6hh1YjqvjtO0XkDTMX54XdlENqR1BcknffO3QCGnc09ehS
PjTl8aJ9d+pvhcYP5CfTeK0RCpUl/Yn49kyu2GR4XMtC0/RgxDs6NrgLxp6tvF3H
PNH3h9xk07Te6BA+JdJvyZ9h37XYbjIWyfM3w7Rdsqsrkk+z6jGQwZbmZwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFBD7nANoCk+PaZGZdKaPleQ2uzEuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRVB1Y0EyZ0tUNDlwa1psMHBvLVY1RGE3TVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAAt
DP4DBAItWlgDBAAtlekDBAAtlfEDBAFPbjADBAFRoe4DBABUFa0DBABUNjEDBABX
edwDBABenKEDBABtzu8DBACNYgQDBACNYgcDBAGTTmQDBACkKLkDBACrFhIDBACr
Fh0DBACrFh8DBACy1+0DBAC53UMwDAMEAMEZ2QMEAMEZ2gMEAME6eAMEAcHeYgME
AMIfzAMEAMIw+AMEAcIxVgMEAMIxXwMEAMI34zAMAwQAwqmtAwQAwqmuAwQAw7J5
MA0GCSqGSIb3DQEBCwUAA4IBAQARAXpXP54Uab9KVse0qYJ2GIhNpC2hBHPKxjK9
NLxwjPoHlAKRTRCNBAXl7MYIuNvqRHdeahj72y4tujbBhbiniVPgYUlz+haBEs5v
FqTeUkMKEsJ1FqfUBnJEf1tVQ2qm0x+W5LM8G0X9PI60Lweh3Qzeg8ww5r4Ugjsh
eZcHnz1EqXU5meqzTFRbTbfFRGMk9LPOqngHZD3s4xXWU1fmEhcxNAD0OWN+34lA
1CXRIVd0p2sVMycNQyTKpbCfFJp/AV7xpZa3PVh+PGQ1Thfb6MUg0A6rmEDqSge+
FM9CydGO0P1PlthlyEAbA2IQf/KMnRK9E0Z2tKwo9bI3ajiX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:02 2024 by rpki-client on console-fra.rpki-client.org