Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F6p8SIM99EutbYAS5WYAzevVHY4.roa
File: F6p8SIM99EutbYAS5WYAzevVHY4.roa (raw, json)
Hash identifier: cezG1opcZo0x1ltoXowGK7yf9ag93222Skl2xyaG/tY=
Subject key identifier: 17:AA:7C:48:83:3D:F4:4B:AD:6D:80:12:E5:66:00:CD:EB:D5:1D:8E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186987984BDF3BBD1F04CC3B122CC387365
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F6p8SIM99EutbYAS5WYAzevVHY4.roa
Signing time: Tue 28 Feb 2023 14:42:25 +0000
ROA not before: Tue 28 Feb 2023 14:42:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:79:84:bd:f3:bb:d1:f0:4c:c3:b1:22:cc:38:73:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 28 14:42:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17aa7c48833df44bad6d8012e56600cdebd51d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e6:8b:7a:e5:50:b6:29:2a:9e:d0:1a:02:92:
fa:fb:8a:5e:38:19:9e:54:a7:4a:b0:94:b0:a2:8e:
61:af:c2:1a:96:93:5c:b7:41:12:37:e2:1e:95:4c:
47:d0:dd:32:99:4c:2d:7d:bb:9d:62:03:82:d9:ba:
d9:5e:4d:c3:52:ae:b8:a5:66:16:1f:bb:89:64:02:
f4:44:ef:ef:2f:20:df:bd:40:d0:3d:db:91:37:16:
78:29:f7:a1:49:3c:3b:dc:50:44:05:7f:ec:ec:45:
da:ed:ca:aa:e0:77:09:20:97:92:e4:c1:e1:49:55:
d8:df:14:40:6c:2a:83:2c:88:ac:7d:33:46:cd:74:
15:3f:76:04:13:bf:43:94:6a:a4:62:24:08:83:c3:
2d:d2:c6:83:95:7d:66:e4:81:5a:8a:94:5d:70:57:
b6:49:a2:79:6c:7f:0b:29:15:aa:6f:06:1a:5f:43:
87:c0:54:7b:4c:14:63:34:37:87:28:65:00:82:68:
ac:e5:1b:ce:61:0a:de:9f:80:6f:53:f1:38:a8:1f:
2b:48:bb:56:c3:c0:25:b1:53:c8:65:94:2b:c5:7c:
29:70:2c:71:1f:e9:96:be:56:0a:00:be:eb:6f:2e:
10:31:17:9f:85:0a:10:ca:6c:b8:25:52:ba:bb:95:
3a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AA:7C:48:83:3D:F4:4B:AD:6D:80:12:E5:66:00:CD:EB:D5:1D:8E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F6p8SIM99EutbYAS5WYAzevVHY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
171.22.19.0/24
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
92:8e:09:c2:b2:9f:a8:77:2a:7a:d5:5d:26:b9:d2:31:9f:32:
fb:11:b9:5a:a3:ff:56:c9:8e:70:a4:30:4d:01:25:41:be:c8:
aa:28:db:20:10:cd:20:02:6e:1b:3b:64:38:93:76:7a:31:0a:
bb:a4:fc:c4:d3:b2:9e:37:af:3a:86:0f:06:c3:a5:22:13:3f:
d2:6f:20:4b:49:8d:cf:b9:e0:e7:f3:31:d6:0b:0a:7c:16:07:
65:c9:64:4a:37:18:86:81:aa:7b:40:bb:6c:cb:83:5a:1e:84:
dc:5f:aa:10:2a:40:43:d5:78:ba:86:4f:36:4d:43:ef:41:34:
4e:e1:47:18:e6:9e:ad:67:c5:91:63:69:23:36:97:7d:52:16:
06:4d:f6:41:e2:41:56:94:54:0f:71:49:b6:23:82:7b:16:18:
a1:23:85:18:c4:02:6c:ec:04:0c:58:ec:51:df:42:0d:a2:c1:
a6:e6:d2:7b:22:f0:3d:cc:73:57:c0:57:5a:c5:56:0f:74:07:
ec:16:9d:6c:dd:92:7e:a0:c0:f3:7b:fe:48:60:9e:f1:4f:a6:
97:05:cf:40:78:47:17:87:c2:66:4b:d2:cd:0b:2f:d6:71:bf:
31:a6:dc:d8:ed:98:11:9f:f3:e7:8a:31:97:d3:c3:76:80:f0:
bc:38:3b:b5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYaYeYS987vR8EzDsSLMOHNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjI4MTQ0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FhN2M0ODgzM2RmNDRiYWQ2ZDgwMTJlNTY2MDBjZGViZDUxZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOaLeuVQtikqntAaApL6+4peOBme
VKdKsJSwoo5hr8IalpNct0ESN+IelUxH0N0ymUwtfbudYgOC2brZXk3DUq64pWYW
H7uJZAL0RO/vLyDfvUDQPduRNxZ4KfehSTw73FBEBX/s7EXa7cqq4HcJIJeS5MHh
SVXY3xRAbCqDLIisfTNGzXQVP3YEE79DlGqkYiQIg8Mt0saDlX1m5IFaipRdcFe2
SaJ5bH8LKRWqbwYaX0OHwFR7TBRjNDeHKGUAgmis5RvOYQren4BvU/E4qB8rSLtW
w8AlsVPIZZQrxXwpcCxxH+mWvlYKAL7rby4QMRefhQoQymy4JVK6u5U6nQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFBeqfEiDPfRLrW2AEuVmAM3r1R2OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRjZwOFNJTTk5RXV0YllBUzVXWUF6ZXZWSFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALZdZAwQB
V3l8AwQBXHfEMAwDBABemqEDBAJemqADBACrFhMDBAKrFkgDBACy1+wDBAK52FQD
BAK52lQDBAC52okDBAC5234DBAC5/LAwDQYJKoZIhvcNAQELBQADggEBAJKOCcKy
n6h3KnrVXSa50jGfMvsRuVqj/1bJjnCkME0BJUG+yKoo2yAQzSACbhs7ZDiTdnox
Cruk/MTTsp43rzqGDwbDpSITP9JvIEtJjc+54OfzMdYLCnwWB2XJZEo3GIaBqntA
u2zLg1oehNxfqhAqQEPVeLqGTzZNQ+9BNE7hRxjmnq1nxZFjaSM2l31SFgZN9kHi
QVaUVA9xSbYjgnsWGKEjhRjEAmzsBAxY7FHfQg2iwabm0nsi8D3Mc1fAV1rFVg90
B+wWnWzdkn6gwPN7/khgnvFPppcFz0B4RxeHwmZL0s0LL9ZxvzGm3NjtmBGf8+eK
MZfTw3aA8Lw4O7U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:02 2024 by rpki-client on console-fra.rpki-client.org