Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GC6j0w7PkPeLb5eaKgp_8TemYR0.roa
File: GC6j0w7PkPeLb5eaKgp_8TemYR0.roa (raw, json)
Hash identifier: aPN0C6NsAUtCDcasUfEcYoU8giYTgTiaxmocTV60QY4=
Subject key identifier: 18:2E:A3:D3:0E:CF:90:F7:8B:6F:97:9A:2A:0A:7F:F1:37:A6:61:1D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01882F036FD9BD08910A030E4F762856E3CE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GC6j0w7PkPeLb5eaKgp_8TemYR0.roa
Signing time: Thu 18 May 2023 13:18:54 +0000
ROA not before: Thu 18 May 2023 13:18:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2f:03:6f:d9:bd:08:91:0a:03:0e:4f:76:28:56:e3:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 18 13:18:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=182ea3d30ecf90f78b6f979a2a0a7ff137a6611d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:47:8e:1f:1c:c0:f4:e7:bf:39:66:79:7c:
c6:f5:25:2b:f5:88:7c:81:84:38:ed:36:a4:15:f5:
fd:f4:10:7a:a4:86:34:2d:d9:e5:01:40:90:fb:93:
70:57:aa:ba:b6:c9:88:39:7b:8b:30:93:08:de:66:
4a:ad:5b:23:2d:65:d1:e5:8a:04:14:aa:38:9c:98:
38:35:24:86:bb:62:e5:22:bc:4a:69:57:4d:c9:fd:
ef:f9:1e:21:9b:51:8f:cc:01:df:8c:ca:3f:7b:ed:
4d:de:18:d8:c0:dc:25:d7:4b:f5:22:d5:2d:84:3b:
32:32:60:9a:80:19:b1:15:e0:1f:88:53:07:3d:f6:
07:fc:2f:8e:72:67:6a:35:f0:78:e0:c3:2e:8a:5f:
6d:7b:3e:86:62:e0:cf:f8:ad:22:ea:b8:54:70:a8:
65:e2:60:05:33:f0:b7:f0:74:79:a5:36:c8:bf:39:
0d:57:65:6a:21:a8:af:32:8a:41:60:4a:f1:ff:22:
35:17:a6:37:cf:56:9f:dd:f3:73:57:68:64:3c:95:
6e:da:73:fc:b6:41:6b:c1:f9:f3:ae:08:83:2d:4d:
df:55:35:fa:34:f4:f9:1d:6e:6f:a6:40:be:9a:ef:
c4:f9:35:f5:59:b4:3a:62:2e:8f:27:61:09:45:c6:
e2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2E:A3:D3:0E:CF:90:F7:8B:6F:97:9A:2A:0A:7F:F1:37:A6:61:1D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GC6j0w7PkPeLb5eaKgp_8TemYR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b2:42:57:fa:4a:46:13:9b:c0:2a:a1:59:ea:97:05:d0:37:
de:f7:4b:8a:49:c9:b6:b5:97:be:9d:2e:27:a8:a3:c6:c5:b7:
54:ac:5d:24:8c:51:a0:01:96:a2:1e:e3:85:46:74:e6:a1:63:
b1:2d:5f:5c:04:be:1e:54:e4:a9:4c:22:1c:74:54:25:99:15:
8b:14:97:61:0f:1b:25:d5:77:38:76:e6:08:42:b0:48:8d:2f:
ef:fb:f5:0b:87:43:07:86:16:13:2e:e4:14:61:9e:27:ae:13:
e5:1a:0a:a2:90:17:d6:99:6d:d6:c5:93:45:83:d9:19:8b:9c:
d2:77:6a:23:c0:2f:95:8c:56:7d:9a:6a:2c:7a:ae:78:5c:c4:
c6:b7:31:b1:7f:4d:47:e8:10:27:c4:8a:6a:63:be:c5:1b:41:
ff:73:f3:f6:7e:dd:3e:a4:92:58:22:53:ff:4e:75:fc:cf:61:
5a:b6:b9:b3:1c:6e:38:da:a5:5a:99:8b:31:aa:11:1d:01:42:
e6:45:68:e0:20:58:ae:5f:e1:c4:69:4c:02:b6:05:fa:f9:1c:
b2:a9:03:8e:64:88:91:50:b0:9d:e3:01:06:77:c5:86:a1:61:
3b:26:7c:5a:91:c3:38:eb:f7:22:15:15:11:05:29:b1:19:d7:
f7:ed:70:f6
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYgvA2/ZvQiRCgMOT3YoVuPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE4MTMxODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODJlYTNkMzBlY2Y5MGY3OGI2Zjk3OWEyYTBhN2ZmMTM3YTY2MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnINHjh8cwPTnvzlmeXzG9SUr9Yh8
gYQ47TakFfX99BB6pIY0LdnlAUCQ+5NwV6q6tsmIOXuLMJMI3mZKrVsjLWXR5YoE
FKo4nJg4NSSGu2LlIrxKaVdNyf3v+R4hm1GPzAHfjMo/e+1N3hjYwNwl10v1ItUt
hDsyMmCagBmxFeAfiFMHPfYH/C+OcmdqNfB44MMuil9tez6GYuDP+K0i6rhUcKhl
4mAFM/C38HR5pTbIvzkNV2VqIaivMopBYErx/yI1F6Y3z1af3fNzV2hkPJVu2nP8
tkFrwfnzrgiDLU3fVTX6NPT5HW5vpkC+mu/E+TX1WbQ6Yi6PJ2EJRcbiZQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFBguo9MOz5D3i2+XmioKf/E3pmEdMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR0M2ajB3N1BrUGVMYjVlYUtncF84VGVtWVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALZdZAwQB
XHfEAwQAXmd+MAwDBABemqEDBAJemqADBAGTTmQDBAKrFkgDBACy1+wDBAC52EYD
BAK52FQDBAK52lQDBAC52okDBAC5234wDQYJKoZIhvcNAQELBQADggEBAFOyQlf6
SkYTm8AqoVnqlwXQN973S4pJyba1l76dLieoo8bFt1SsXSSMUaABlqIe44VGdOah
Y7EtX1wEvh5U5KlMIhx0VCWZFYsUl2EPGyXVdzh25ghCsEiNL+/79QuHQweGFhMu
5BRhnieuE+UaCqKQF9aZbdbFk0WD2RmLnNJ3aiPAL5WMVn2aaix6rnhcxMa3MbF/
TUfoECfEimpjvsUbQf9z8/Z+3T6kklgiU/9OdfzPYVq2ubMcbjjapVqZizGqER0B
QuZFaOAgWK5f4cRpTAK2Bfr5HLKpA45kiJFQsJ3jAQZ3xYahYTsmfFqRwzjr9yIV
FREFKbEZ1/ftcPY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:03 2024 by rpki-client on console-fra.rpki-client.org