Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GKj18qq-abRgRMEXi8CduGpjLbU.roa
File: GKj18qq-abRgRMEXi8CduGpjLbU.roa (raw, json)
Hash identifier: dUhw5WV7qxPbE0yVJwasOXlw/w1CWz8zaBoZYgb75A4=
Subject key identifier: 18:A8:F5:F2:AA:BE:69:B4:60:44:C1:17:8B:C0:9D:B8:6A:63:2D:B5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B95D8822C848D0CB1A8C8A72DD13D053C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GKj18qq-abRgRMEXi8CduGpjLbU.roa
Signing time: Fri 03 Nov 2023 15:41:16 +0000
ROA not before: Fri 03 Nov 2023 15:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:d8:82:2c:84:8d:0c:b1:a8:c8:a7:2d:d1:3d:05:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 15:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18a8f5f2aabe69b46044c1178bc09db86a632db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ae:08:ea:1e:84:e0:26:70:5b:8c:97:ec:cd:
ba:88:fb:95:8b:f6:d5:00:f1:fa:07:52:6d:4e:9e:
a5:c7:0e:f8:6d:96:3b:90:68:41:ba:90:3a:6b:b9:
77:c8:1c:1b:8b:9b:db:a9:cc:93:e6:9b:cd:63:7e:
11:10:ec:39:14:30:59:90:6e:7a:8a:f5:03:68:72:
c4:4f:1f:4e:98:20:57:41:25:75:ad:45:e1:39:20:
df:63:f4:e4:00:c9:6e:24:7b:0e:64:ad:97:75:f0:
34:d4:77:1a:71:b0:a2:70:b5:8b:e1:c8:c3:2e:c0:
cf:09:84:d9:02:e3:07:3a:23:41:bd:4f:96:1e:d3:
83:23:ca:f9:84:89:2f:e7:c3:96:bc:45:28:5d:b6:
26:83:28:c3:cd:60:a0:2b:df:f7:af:ef:2f:a9:89:
39:8d:73:af:be:af:38:0b:5b:61:73:69:41:68:30:
c4:75:50:40:62:14:80:f2:77:13:bd:b0:8c:98:97:
66:22:e0:9d:91:2d:47:de:70:0f:ec:8c:be:75:bd:
93:81:1d:b8:4b:42:0e:e2:94:e7:52:aa:5b:ac:bd:
36:1d:06:4c:53:c6:14:1d:8c:56:2d:4b:1d:18:ad:
78:b5:e5:9a:a8:1d:ec:cf:22:87:e5:5f:bd:f4:74:
35:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A8:F5:F2:AA:BE:69:B4:60:44:C1:17:8B:C0:9D:B8:6A:63:2D:B5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GKj18qq-abRgRMEXi8CduGpjLbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.221.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ec:2e:79:ff:c3:fe:5b:03:32:93:1d:c7:6b:d4:3d:4e:2e:
f5:49:19:5a:dd:64:34:68:24:7c:07:7c:e7:05:bc:4c:25:46:
33:6b:1e:cc:0a:2e:0b:d4:ec:79:81:e0:67:81:8d:e7:14:52:
3b:dd:36:5d:07:df:30:73:94:06:a1:3f:04:b5:e9:d0:7e:60:
36:ad:36:b2:a6:37:94:c4:eb:92:a9:00:a3:de:7e:b3:96:fd:
8d:8e:14:a6:e7:35:70:d9:b8:e0:0c:18:a9:d1:f9:13:5f:4e:
16:80:10:59:3f:8b:f7:6b:b0:cc:c9:c1:1e:3a:19:c0:d3:a9:
04:92:d7:90:93:13:42:08:32:57:06:e0:bc:5d:4d:8e:e8:6a:
f0:b7:84:01:e1:f0:66:37:20:2c:f1:95:12:bc:c5:5e:5f:22:
22:be:70:02:ba:dd:77:dd:4a:04:e1:be:35:53:46:4c:39:35:
5a:98:8d:bb:1d:2a:f0:62:08:1a:8f:47:1f:fb:f6:86:49:f9:
3f:d0:8e:a9:8c:2c:b7:61:3a:4c:60:30:7c:2b:a9:2d:14:3b:
d2:ed:82:50:e4:fb:8b:9f:80:59:9b:5a:4e:90:79:39:6e:cd:
06:b6:3a:54:f2:1b:34:2a:32:07:95:cc:56:e4:11:db:fd:8c:
dd:d6:94:d9
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYuV2IIshI0MsajIpy3RPQU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMTU0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGE4ZjVmMmFhYmU2OWI0NjA0NGMxMTc4YmMwOWRiODZhNjMyZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka4I6h6E4CZwW4yX7M26iPuVi/bV
APH6B1JtTp6lxw74bZY7kGhBupA6a7l3yBwbi5vbqcyT5pvNY34REOw5FDBZkG56
ivUDaHLETx9OmCBXQSV1rUXhOSDfY/TkAMluJHsOZK2XdfA01HcacbCicLWL4cjD
LsDPCYTZAuMHOiNBvU+WHtODI8r5hIkv58OWvEUoXbYmgyjDzWCgK9/3r+8vqYk5
jXOvvq84C1thc2lBaDDEdVBAYhSA8ncTvbCMmJdmIuCdkS1H3nAP7Iy+db2TgR24
S0IO4pTnUqpbrL02HQZMU8YUHYxWLUsdGK14teWaqB3szyKH5V+99HQ1YwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFBio9fKqvmm0YETBF4vAnbhqYy21MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR0tqMThxcS1hYlJnUk1FWGk4Q2R1R3BqTGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAt
l1kDBABXeFcDBABXeS0DBABXeTsDBABXed0DBAFbXBgDBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAsH3/
AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufywAwQAwqmuAwQAwrQy
MA0GCSqGSIb3DQEBCwUAA4IBAQBo7C55/8P+WwMykx3Ha9Q9Ti71SRla3WQ0aCR8
B3znBbxMJUYzax7MCi4L1Ox5geBngY3nFFI73TZdB98wc5QGoT8EtenQfmA2rTay
pjeUxOuSqQCj3n6zlv2NjhSm5zVw2bjgDBip0fkTX04WgBBZP4v3a7DMycEeOhnA
06kEkteQkxNCCDJXBuC8XU2O6Grwt4QB4fBmNyAs8ZUSvMVeXyIivnACut133UoE
4b41U0ZMOTVamI27HSrwYggaj0cf+/aGSfk/0I6pjCy3YTpMYDB8K6ktFDvS7YJQ
5PuLn4BZm1pOkHk5bs0GtjpU8hs0KjIHlcxW5BHb/Yzd1pTZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:28 2024 by rpki-client on console-ams.rpki-client.org