Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EjCE0RA1Ud8dgeSw5UGcXkRhnPY.roa
File: EjCE0RA1Ud8dgeSw5UGcXkRhnPY.roa (raw, json)
Hash identifier: PXrHVLNBfDPmx+NZ3/aH+czzhV7A+g49pXpmeqyU+/s=
Subject key identifier: 12:30:84:D1:10:35:51:DF:1D:81:E4:B0:E5:41:9C:5E:44:61:9C:F6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018851E7C9A6EEB4B64DB4B32336E1189E47
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EjCE0RA1Ud8dgeSw5UGcXkRhnPY.roa
Signing time: Thu 25 May 2023 07:55:24 +0000
ROA not before: Thu 25 May 2023 07:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 91.92.24.0/24 maxlen: 24
91.92.24.0/23 maxlen: 23
91.92.25.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
185.221.67.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:51:e7:c9:a6:ee:b4:b6:4d:b4:b3:23:36:e1:18:9e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 25 07:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=123084d1103551df1d81e4b0e5419c5e44619cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:d4:15:32:c3:f7:27:c4:98:86:76:a5:2f:
fb:22:d6:4f:4e:15:59:a5:75:1c:6e:06:cc:a2:47:
7a:d0:01:d2:86:a4:5d:6e:5b:46:88:0b:45:e6:2b:
d0:7e:71:db:76:0a:fe:ca:4f:34:54:00:72:e6:0e:
05:2b:ca:af:35:32:97:9f:35:f4:40:f3:1a:7f:40:
52:03:0a:9a:d2:4d:28:9f:9b:7d:69:94:72:04:98:
0a:8c:ce:eb:fe:11:97:94:bd:74:a6:77:22:36:78:
15:84:ea:9c:da:f1:fd:07:e7:0c:ee:7e:54:56:78:
e3:19:78:a2:f5:49:a2:a6:4f:88:bc:e2:46:14:d7:
a7:e5:bd:e2:f2:66:32:22:a5:2a:16:c5:cb:a2:30:
e2:a5:bb:10:ef:06:85:0d:3b:f0:15:37:e7:33:10:
24:5c:32:9b:be:7c:a3:89:e3:af:45:49:c7:12:e8:
b7:2a:5f:21:fe:a9:24:e2:3c:30:9c:46:5b:98:85:
c7:d1:b4:4d:9b:b7:ed:a0:bc:3a:74:ef:d6:e3:27:
72:64:b1:be:9e:fe:ec:fa:31:51:c9:44:1c:a6:cd:
b1:c7:de:1c:bc:cd:41:a0:33:58:55:5a:45:2f:7f:
61:52:a8:0c:ff:ee:51:82:80:fb:06:d5:aa:6f:d4:
4b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:30:84:D1:10:35:51:DF:1D:81:E4:B0:E5:41:9C:5E:44:61:9C:F6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EjCE0RA1Ud8dgeSw5UGcXkRhnPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
87.120.87.0/24
91.92.24.0/23
93.123.116.0/24
171.22.19.0/24
176.125.255.0/24
185.221.67.0/24
193.149.28.0/22
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:d7:2d:55:57:ed:31:68:b1:b9:41:46:90:51:08:28:a9:da:
d6:5a:a9:12:f3:71:e7:c9:f5:83:48:cc:c9:78:ad:cd:92:19:
e1:ad:1a:28:a3:5b:c1:57:a2:53:ef:b6:7f:dc:2f:84:46:30:
68:92:20:75:e8:24:45:30:52:81:b6:33:19:d1:41:6d:e2:37:
65:c4:25:d1:b8:da:ad:2a:3e:60:74:73:69:de:a7:83:de:4c:
37:e3:05:1b:81:49:2c:00:39:84:a6:a3:6f:9b:08:b3:d7:0e:
6a:ef:af:b0:6c:0d:29:f4:50:c5:3c:fa:b3:78:9f:97:67:5d:
1d:0b:07:0e:c7:69:0a:94:0e:a4:de:75:c2:bf:f9:dd:5a:c9:
90:9c:87:0a:ff:15:32:fe:4b:43:0c:a0:16:6b:37:f2:a8:e0:
37:47:e6:44:05:07:11:86:36:63:8b:12:ca:43:8a:be:68:65:
c1:e7:08:e1:8d:b2:46:9c:3e:11:fc:02:56:66:60:be:f4:9a:
0f:bc:5a:12:b1:55:f5:c9:a5:ab:dd:6d:88:6c:58:05:c0:c4:
30:24:4b:80:0f:10:f9:4e:d7:26:de:6b:25:e0:da:6c:2f:7e:
1b:d7:99:67:d8:ad:8b:3c:ab:59:43:11:a3:0a:9f:57:c0:b8:
08:b9:6f:d8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYhR58mm7rS2TbSzIzbhGJ5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTI1MDc1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjMwODRkMTEwMzU1MWRmMWQ4MWU0YjBlNTQxOWM1ZTQ0NjE5Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfrUFTLD9yfEmIZ2pS/7ItZPThVZ
pXUcbgbMokd60AHShqRdbltGiAtF5ivQfnHbdgr+yk80VABy5g4FK8qvNTKXnzX0
QPMaf0BSAwqa0k0on5t9aZRyBJgKjM7r/hGXlL10pnciNngVhOqc2vH9B+cM7n5U
VnjjGXii9Umipk+IvOJGFNen5b3i8mYyIqUqFsXLojDipbsQ7waFDTvwFTfnMxAk
XDKbvnyjieOvRUnHEui3Kl8h/qkk4jwwnEZbmIXH0bRNm7ftoLw6dO/W4ydyZLG+
nv7s+jFRyUQcps2xx94cvM1BoDNYVVpFL39hUqgM/+5RgoD7BtWqb9RLuQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBIwhNEQNVHfHYHksOVBnF5EYZz2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRWpDRTBSQTFVZDhkZ2VTdzVVR2NYa1JoblBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALYDpAwQA
V3hXAwQBW1wYAwQAXXt0AwQAqxYTAwQAsH3/AwQAud1DAwQCwZUcAwQAwrQyMA0G
CSqGSIb3DQEBCwUAA4IBAQCy1y1VV+0xaLG5QUaQUQgoqdrWWqkS83HnyfWDSMzJ
eK3NkhnhrRooo1vBV6JT77Z/3C+ERjBokiB16CRFMFKBtjMZ0UFt4jdlxCXRuNqt
Kj5gdHNp3qeD3kw34wUbgUksADmEpqNvmwiz1w5q76+wbA0p9FDFPPqzeJ+XZ10d
CwcOx2kKlA6k3nXCv/ndWsmQnIcK/xUy/ktDDKAWazfyqOA3R+ZEBQcRhjZjixLK
Q4q+aGXB5wjhjbJGnD4R/AJWZmC+9JoPvFoSsVX1yaWr3W2IbFgFwMQwJEuADxD5
Ttcm3msl4NpsL34b15ln2K2LPKtZQxGjCp9XwLgIuW/Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:28 2024 by rpki-client on console-ams.rpki-client.org