Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FFxqiYXrp1QTicQibBhKgwFH_10.roa
File: FFxqiYXrp1QTicQibBhKgwFH_10.roa (raw, json)
Hash identifier: 8Kif2Lisu5gLF53ZGFZud1l101ntIxWy96VgsANc02g=
Subject key identifier: 14:5C:6A:89:85:EB:A7:54:13:89:C4:22:6C:18:4A:83:01:47:FF:5D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BF662576F00EB06C4D74017190278CC2C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FFxqiYXrp1QTicQibBhKgwFH_10.roa
Signing time: Wed 22 Nov 2023 09:35:21 +0000
ROA not before: Wed 22 Nov 2023 09:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
94.156.10.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:62:57:6f:00:eb:06:c4:d7:40:17:19:02:78:cc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 22 09:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=145c6a8985eba7541389c4226c184a830147ff5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bd:18:c2:39:fe:01:a3:78:3a:1c:6c:81:57:
8f:13:71:a9:6a:6c:fa:e9:95:86:fe:59:aa:0b:8b:
67:76:ed:96:9f:e9:22:0f:c9:db:31:4e:08:2d:8b:
31:97:d9:ea:2a:a1:b4:ce:10:f1:f1:4e:ad:29:73:
3a:73:55:0a:3b:be:89:12:78:3f:b0:70:74:d4:39:
2f:40:8b:58:90:0e:62:65:3d:75:e7:b5:fb:48:1b:
1c:9e:71:14:f9:16:98:51:ba:36:3b:07:b8:f7:6e:
4f:5e:af:a8:32:a9:67:57:e1:a4:ee:84:20:7b:9b:
2f:1d:3f:56:73:41:1b:b7:9b:f8:cf:8f:2f:3b:22:
d9:e3:15:23:20:f5:ef:83:a1:17:0c:ec:c1:b6:4b:
73:2a:0a:39:fc:a6:f1:11:64:4f:3d:26:1e:87:d1:
d3:e3:20:ac:f2:b1:b1:32:77:01:b2:d5:b4:cc:3c:
c6:19:87:9d:53:d0:e3:a8:ba:2e:c6:dd:66:f8:ef:
f0:ad:2b:fd:4d:5c:f9:d2:88:fd:15:af:d8:7a:1a:
19:da:68:0d:c3:4e:29:7a:d1:0c:24:c7:80:0d:1e:
fc:a4:0f:45:87:f2:b6:7b:aa:94:f0:a0:2a:4d:5d:
26:96:33:c2:3d:d2:77:29:d0:2b:0c:7a:ce:e6:e0:
d5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5C:6A:89:85:EB:A7:54:13:89:C4:22:6C:18:4A:83:01:47:FF:5D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FFxqiYXrp1QTicQibBhKgwFH_10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.88.90.0/24
45.151.89.0/24
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.220.0/23
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.10.0/24
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a5:de:85:f9:41:4c:f2:45:2f:d5:36:00:9e:3e:5e:0e:64:
49:45:4f:2f:98:84:61:bf:ce:db:ba:4d:a3:6d:cf:c0:b0:e3:
b2:c9:c9:af:4f:92:cf:65:19:49:88:99:b1:5f:bb:85:fb:c2:
cb:c3:3c:7d:4b:b8:1a:5a:01:fc:12:d2:c0:75:cf:ad:d9:13:
67:e5:ca:a5:62:ca:f4:09:73:8d:db:3e:fc:40:b6:6b:91:ad:
85:26:58:75:af:ae:e8:44:ee:8a:1d:7d:9b:19:18:99:50:f4:
8d:eb:31:e8:84:6a:a3:99:04:37:1c:0d:bf:3b:5f:2d:23:ba:
ba:ae:59:86:ae:d1:73:e1:4e:21:6a:ad:c0:6e:f1:02:2a:59:
dc:69:04:87:e0:e0:17:64:99:97:37:07:02:d2:12:03:97:e1:
a7:c6:6d:8f:11:85:47:7f:5f:19:e0:10:43:3b:d5:3f:7c:7a:
91:1a:66:44:19:25:f0:14:d9:3d:37:38:e8:d6:5c:8e:f6:a8:
aa:8e:3e:f0:00:bf:4a:e6:fe:2f:58:12:13:9c:7f:67:a0:d8:
7e:ca:46:ac:ea:70:15:9a:f3:4f:49:f2:dc:46:9c:f4:64:27:
d6:c0:f9:3c:93:99:85:78:86:86:ac:f7:c0:f5:f1:ae:c8:19:
cd:39:8b:f4
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYv2YldvAOsGxNdAFxkCeMwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIyMDkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDVjNmE4OTg1ZWJhNzU0MTM4OWM0MjI2YzE4NGE4MzAxNDdmZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob0Ywjn+AaN4OhxsgVePE3Gpamz6
6ZWG/lmqC4tndu2Wn+kiD8nbMU4ILYsxl9nqKqG0zhDx8U6tKXM6c1UKO76JEng/
sHB01DkvQItYkA5iZT1157X7SBscnnEU+RaYUbo2Owe4925PXq+oMqlnV+Gk7oQg
e5svHT9Wc0Ebt5v4z48vOyLZ4xUjIPXvg6EXDOzBtktzKgo5/KbxEWRPPSYeh9HT
4yCs8rGxMncBstW0zDzGGYedU9DjqLouxt1m+O/wrSv9TVz50oj9Fa/YehoZ2mgN
w04petEMJMeADR78pA9Fh/K2e6qU8KAqTV0mljPCPdJ3KdArDHrO5uDVKQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBRcaomF66dUE4nEImwYSoMBR/9dMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRkZ4cWlZWHJwMVFUaWNRaWJCaEtnd0ZIXzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAAC
O/8DBAAtWFoDBAAtl1kDBABXeCEDBABXeFcDBABXeS0DBABXeTsDBAFXedwDBAFb
XBgDBAFcd8QDBABde3QwDAMEAF6aoQMEAl6aoAMEAF6cCgMEAF6cTgMEAF6c7zAM
AwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKt
AwQAueKvAwQAufbfAwQAufywAwQAwqmuAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IB
AQCVpd6F+UFM8kUv1TYAnj5eDmRJRU8vmIRhv87buk2jbc/AsOOyycmvT5LPZRlJ
iJmxX7uF+8LLwzx9S7gaWgH8EtLAdc+t2RNn5cqlYsr0CXON2z78QLZrka2FJlh1
r67oRO6KHX2bGRiZUPSN6zHohGqjmQQ3HA2/O18tI7q6rlmGrtFz4U4haq3AbvEC
KlncaQSH4OAXZJmXNwcC0hIDl+Gnxm2PEYVHf18Z4BBDO9U/fHqRGmZEGSXwFNk9
Nzjo1lyO9qiqjj7wAL9K5v4vWBITnH9noNh+ykas6nAVmvNPSfLcRpz0ZCfWwPk8
k5mFeIaGrPfA9fGuyBnNOYv0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:02 2024 by rpki-client on console-fra.rpki-client.org