Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F6IocCaavsIYu0K_53JMLAyeILI.roa
File: F6IocCaavsIYu0K_53JMLAyeILI.roa (raw, json)
Hash identifier: 3GFal2Y7GTjQAygyWZaEjKb/2AxXvJrAHNmjwZCpzpY=
Subject key identifier: 17:A2:28:70:26:9A:BE:C2:18:BB:42:BF:E7:72:4C:2C:0C:9E:20:B2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E74AA5B5E4867D4163387D5E42673CBD0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F6IocCaavsIYu0K_53JMLAyeILI.roa
Signing time: Mon 25 Mar 2024 08:11:45 +0000
ROA not before: Mon 25 Mar 2024 08:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:aa:5b:5e:48:67:d4:16:33:87:d5:e4:26:73:cb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 25 08:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17a22870269abec218bb42bfe7724c2c0c9e20b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7d:1e:b4:31:1f:21:4c:b4:f8:69:51:a9:ad:
14:e1:0a:86:a3:d4:c9:a8:90:82:cb:1b:f2:25:ad:
5e:e4:61:57:29:00:01:bd:08:96:a3:6d:fc:e4:12:
b7:2a:15:de:94:56:fd:78:c8:97:af:93:1e:e9:e3:
51:7c:41:3a:0e:cb:ee:97:ba:2c:98:91:37:4a:7c:
e6:64:7a:b2:96:15:0b:34:ba:48:92:01:d1:5f:a3:
58:bc:32:a4:41:44:6d:4c:6f:f4:a3:e7:c0:af:25:
7d:ce:68:3d:a7:65:56:83:94:4c:44:7b:f4:d8:5f:
d8:fa:75:a2:88:19:72:b7:ef:98:ba:3e:a7:1a:26:
15:35:ae:9f:de:d4:31:a1:e7:ce:51:ff:0b:74:c9:
44:71:f4:9e:0c:ba:e6:ed:bb:25:16:1b:f7:0f:59:
2b:05:bd:08:6a:c4:6d:d3:9a:75:fc:73:7d:52:3c:
9b:3e:3a:99:a1:19:f0:67:99:a0:a8:78:7f:e7:64:
6e:c4:de:f7:e6:ce:51:6d:93:e3:78:1c:92:c0:07:
6d:bb:7b:06:26:90:66:bc:1b:ed:56:f7:90:ea:f5:
c3:90:e8:cc:0e:01:7c:97:99:01:e4:93:4b:89:ae:
30:f1:d4:eb:9f:cd:9c:5b:49:ad:73:c6:7e:ae:0f:
5c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A2:28:70:26:9A:BE:C2:18:BB:42:BF:E7:72:4C:2C:0C:9E:20:B2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F6IocCaavsIYu0K_53JMLAyeILI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
34:cc:29:71:42:9a:49:03:e2:d5:1e:bc:02:27:95:44:52:f6:
77:a0:f2:e4:f4:37:cd:1d:7b:2a:14:e0:75:3b:0d:0e:aa:da:
3c:a2:ff:df:84:44:5c:7e:05:88:42:b8:b7:9b:e2:3b:92:1d:
3f:ed:51:7f:1e:f7:65:be:d4:19:a4:62:97:49:ee:37:3f:c9:
d9:fb:4c:94:c9:84:9b:2b:06:dc:5a:11:14:85:df:82:2f:3c:
34:28:e1:82:da:04:8b:a2:82:44:46:61:2c:35:fc:8c:9a:7f:
fc:e1:01:d5:b0:eb:4b:53:0d:25:d1:cd:8a:0f:f2:4f:e7:fb:
e0:bf:d7:38:f5:1d:80:25:70:6f:87:47:7d:56:be:dc:00:cc:
17:a0:28:b2:33:0b:ce:af:b7:40:7e:cc:8d:a7:8d:c3:a8:5c:
27:99:34:aa:b6:7a:33:97:98:df:fd:70:29:aa:4a:c6:ef:71:
1e:14:af:54:9d:a9:bd:9b:38:25:30:86:2d:e3:13:b7:88:f5:
70:92:b2:13:5a:40:b9:f7:40:ae:b5:5c:5d:65:f0:ef:75:46:
eb:42:f4:c6:be:53:2f:2b:5b:a0:69:51:fe:fc:d6:3d:9d:37:
c7:76:2b:a6:2e:8b:e7:64:43:98:7e:24:c2:24:26:ce:df:ff:
5c:42:74:c9
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY50qlteSGfUFjOH1eQmc8vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzI1MDgxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2EyMjg3MDI2OWFiZWMyMThiYjQyYmZlNzcyNGMyYzBjOWUyMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH0etDEfIUy0+GlRqa0U4QqGo9TJ
qJCCyxvyJa1e5GFXKQABvQiWo2385BK3KhXelFb9eMiXr5Me6eNRfEE6Dsvul7os
mJE3SnzmZHqylhULNLpIkgHRX6NYvDKkQURtTG/0o+fAryV9zmg9p2VWg5RMRHv0
2F/Y+nWiiBlyt++Yuj6nGiYVNa6f3tQxoefOUf8LdMlEcfSeDLrm7bslFhv3D1kr
Bb0IasRt05p1/HN9UjybPjqZoRnwZ5mgqHh/52RuxN735s5RbZPjeBySwAdtu3sG
JpBmvBvtVveQ6vXDkOjMDgF8l5kB5JNLia4w8dTrn82cW0mtc8Z+rg9cnwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFBeiKHAmmr7CGLtCv+dyTCwMniCyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRjZJb2NDYWF2c0lZdTBLXzUzSk1MQXllSUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABcd8YDBABc+TIDBABe
mqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogME
ALn23wMEAMEZ2QMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMI3uwME
AMI34QMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEANMwpcUKaSQPi1R68AieVRFL2
d6Dy5PQ3zR17KhTgdTsNDqraPKL/34REXH4FiEK4t5viO5IdP+1Rfx73Zb7UGaRi
l0nuNz/J2ftMlMmEmysG3FoRFIXfgi88NCjhgtoEi6KCREZhLDX8jJp//OEB1bDr
S1MNJdHNig/yT+f74L/XOPUdgCVwb4dHfVa+3ADMF6AosjMLzq+3QH7MjaeNw6hc
J5k0qrZ6M5eY3/1wKapKxu9xHhSvVJ2pvZs4JTCGLeMTt4j1cJKyE1pAufdArrVc
XWXw73VG60L0xr5TLytboGlR/vzWPZ03x3Yrpi6L52RDmH4kwiQmzt//XEJ0yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:28 2024 by rpki-client on console-ams.rpki-client.org