Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EveLvnVXCOMY8Xp4fpj0erTGDJs.roa
File: EveLvnVXCOMY8Xp4fpj0erTGDJs.roa (raw, json)
Hash identifier: sQtpOL4wu9d4o60wcp08KWlSallICE2sO1Sieg/hdIc=
Subject key identifier: 12:F7:8B:BE:75:57:08:E3:18:F1:7A:78:7E:98:F4:7A:B4:C6:0C:9B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DB0CF263A80F23880D29C3FA9008A906F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EveLvnVXCOMY8Xp4fpj0erTGDJs.roa
Signing time: Fri 16 Feb 2024 07:26:22 +0000
ROA not before: Fri 16 Feb 2024 07:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.84.89.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
95.214.24.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.226.173.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:cf:26:3a:80:f2:38:80:d2:9c:3f:a9:00:8a:90:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 16 07:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12f78bbe755708e318f17a787e98f47ab4c60c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:e1:98:96:46:8a:77:28:bd:50:cf:c2:9e:
f3:20:e9:48:d1:f9:fd:9f:aa:31:ce:a8:52:4f:28:
94:ec:a6:ba:eb:2a:9e:c4:05:82:0a:23:91:3e:15:
db:4c:56:f0:52:48:9f:ac:90:70:59:64:02:07:4d:
f3:82:00:31:13:38:cf:cd:31:08:e7:6c:22:e5:ef:
92:7b:bd:cb:10:07:8d:3e:f2:34:5d:2c:31:e4:72:
e7:ac:85:6d:e4:56:8c:96:db:a6:bd:43:13:23:d3:
8f:d0:2f:f3:54:8f:e6:03:f5:28:4b:95:7a:7c:93:
cb:1b:96:ee:b5:da:57:d7:82:6d:29:0f:80:e3:3f:
c9:6b:00:21:b8:36:6e:ef:1b:02:4f:e7:e4:51:b0:
8e:7f:d3:f6:1b:4f:b0:ea:67:7c:6f:e7:aa:ec:79:
c5:7a:0f:98:6b:04:8d:8a:1f:87:c8:6c:82:73:a1:
28:2c:f0:ff:a5:27:f1:8a:ad:e5:36:fa:da:16:f4:
e5:a9:83:52:76:81:18:aa:f1:f2:92:73:b7:15:f2:
ab:5b:cf:de:f4:d6:86:f5:08:86:e8:54:e8:d5:4b:
3c:d8:db:e2:c7:3c:d6:51:4f:5b:8f:75:47:27:34:
f7:24:eb:32:43:17:64:32:97:cc:bc:61:00:62:2a:
f8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F7:8B:BE:75:57:08:E3:18:F1:7A:78:7E:98:F4:7A:B4:C6:0C:9B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EveLvnVXCOMY8Xp4fpj0erTGDJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.239.0/24
95.214.24.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.246.223.0/24
185.252.176.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ed:73:f1:7d:f6:92:6c:09:55:5f:ff:1c:41:77:55:01:0e:
5c:a3:98:d8:75:f0:e8:03:3b:f1:de:1e:ed:0d:08:ee:a1:70:
1f:8a:b9:a2:99:3d:c1:3e:ee:43:d2:dd:44:97:c3:d1:f5:1e:
f2:3b:13:1d:c8:3a:05:95:b8:37:1e:f4:ce:85:c5:8c:8f:4f:
ef:5f:7c:7b:09:41:84:cd:e7:59:fb:7a:71:df:60:81:0a:2f:
f1:a9:01:b8:2f:a3:e5:17:dc:b3:0f:67:80:49:54:92:84:b6:
3f:6c:3b:d9:ea:c2:4b:eb:d0:70:6f:51:5b:7b:30:cb:80:c3:
2d:72:3b:64:73:56:db:32:f1:f6:3b:29:81:82:9b:ce:14:77:
de:79:c5:fb:87:68:c6:a1:ad:3c:82:15:79:cd:91:f4:e6:16:
98:a7:88:aa:83:8a:79:1e:44:9b:f0:68:b5:69:15:2d:2c:fd:
08:bf:3f:77:db:8c:66:cb:63:7b:6b:6c:29:dc:ef:60:39:08:
a6:a6:b2:92:e8:f1:92:dd:d9:13:20:aa:00:fc:2f:6d:46:cb:
11:eb:3e:9f:00:37:24:2d:6a:0e:b2:63:af:bb:17:47:4e:59:
38:c0:b3:f3:e0:28:83:71:b8:45:b1:12:88:5a:56:1c:b0:43:
37:4a:8c:4c
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY2wzyY6gPI4gNKcP6kAipBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjE2MDcyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmY3OGJiZTc1NTcwOGUzMThmMTdhNzg3ZTk4ZjQ3YWI0YzYwYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR7hmJZGincovVDPwp7zIOlI0fn9
n6oxzqhSTyiU7Ka66yqexAWCCiORPhXbTFbwUkifrJBwWWQCB03zggAxEzjPzTEI
52wi5e+Se73LEAeNPvI0XSwx5HLnrIVt5FaMltumvUMTI9OP0C/zVI/mA/UoS5V6
fJPLG5butdpX14JtKQ+A4z/JawAhuDZu7xsCT+fkUbCOf9P2G0+w6md8b+eq7HnF
eg+YawSNih+HyGyCc6EoLPD/pSfxiq3lNvraFvTlqYNSdoEYqvHyknO3FfKrW8/e
9NaG9QiG6FTo1Us82NvixzzWUU9bj3VHJzT3JOsyQxdkMpfMvGEAYir4aQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFBL3i751VwjjGPF6eH6Y9Hq0xgybMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRXZlTHZuVlhDT01ZOFhwNGZwajBlclRHREpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC1U
WQMEAC2XWQMEAFd4VwMEAFd5LQMEAFd53QMEAVx3xAMEAl6aoAMEAF6c7wMEAF/W
GDAMAwQAk05lAwQAk05mAwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQA
ueKtAwQAufbfAwQAufywAwQAwjfgMA0GCSqGSIb3DQEBCwUAA4IBAQAy7XPxffaS
bAlVX/8cQXdVAQ5co5jYdfDoAzvx3h7tDQjuoXAfirmimT3BPu5D0t1El8PR9R7y
OxMdyDoFlbg3HvTOhcWMj0/vX3x7CUGEzedZ+3px32CBCi/xqQG4L6PlF9yzD2eA
SVSShLY/bDvZ6sJL69Bwb1FbezDLgMMtcjtkc1bbMvH2OymBgpvOFHfeecX7h2jG
oa08ghV5zZH05haYp4iqg4p5HkSb8Gi1aRUtLP0Ivz9324xmy2N7a2wp3O9gOQim
prKS6PGS3dkTIKoA/C9tRssR6z6fADckLWoOsmOvuxdHTlk4wLPz4CiDcbhFsRKI
WlYcsEM3SoxM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:28 2024 by rpki-client on console-ams.rpki-client.org