Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GylrGJ0Z8kCg8u7dbmMm3fLFD9s.roa
File: GylrGJ0Z8kCg8u7dbmMm3fLFD9s.roa (raw, json)
Hash identifier: dYKJwUfKk4JsqlUU7JFLAWqZB96QBAn2rZTEcBsYTcY=
Subject key identifier: 1B:29:6B:18:9D:19:F2:40:A0:F2:EE:DD:6E:63:26:DD:F2:C5:0F:DB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BED38C2174EABD0D6CE75F896EFA8F29D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GylrGJ0Z8kCg8u7dbmMm3fLFD9s.roa
Signing time: Mon 20 Nov 2023 14:53:21 +0000
ROA not before: Mon 20 Nov 2023 14:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:38:c2:17:4e:ab:d0:d6:ce:75:f8:96:ef:a8:f2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 20 14:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b296b189d19f240a0f2eedd6e6326ddf2c50fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:64:93:d9:a4:56:a1:6b:9b:42:25:10:73:08:
5e:0c:a7:2d:5c:ee:91:9c:13:ea:94:81:91:2c:d2:
fd:43:7f:6d:c1:35:48:14:8c:16:33:b4:71:5e:35:
f6:e7:22:2b:ee:bc:96:e7:20:f8:6d:76:55:0e:86:
e0:90:12:77:2c:5e:70:c3:39:79:bf:c0:8d:44:09:
bc:47:74:61:8c:05:7c:b2:5a:24:8e:f0:df:f0:9a:
54:cf:d2:57:89:c6:49:a9:3c:58:f6:85:20:0a:9f:
ed:06:6e:af:dd:7f:0d:e6:a0:94:af:99:a1:93:75:
ca:12:d7:79:89:de:67:47:0f:f7:87:fc:7d:dc:4f:
3c:fe:07:d8:a1:1c:99:c2:cf:52:4a:fb:53:d7:8e:
a8:c1:ef:1c:ac:0a:e5:9e:11:f0:c8:13:d4:06:c2:
aa:ea:66:9a:8f:c2:7d:7e:05:18:df:02:57:ce:45:
3d:e0:1d:3b:58:72:4b:c1:7b:42:4e:63:b4:52:ac:
9d:65:e7:55:1f:af:92:ad:5a:15:f2:2d:ac:f9:6e:
d2:63:f4:8a:1b:2e:ca:fe:f9:46:cd:a7:ad:44:c3:
23:c9:94:a0:87:a0:65:9e:d2:1d:44:00:f7:91:2e:
24:f2:d8:2b:47:42:96:cd:bb:b3:9e:c5:1e:13:f3:
17:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:29:6B:18:9D:19:F2:40:A0:F2:EE:DD:6E:63:26:DD:F2:C5:0F:DB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GylrGJ0Z8kCg8u7dbmMm3fLFD9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.220.0/23
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
81:3a:64:b3:a0:d0:bc:03:99:f3:78:b2:0d:85:61:d1:1e:e7:
58:92:e2:6e:b0:e5:7e:a4:57:a6:3a:3b:2f:78:76:0f:cd:ab:
60:ab:a0:45:4d:9a:34:06:fb:97:34:bc:3c:09:ac:7e:11:75:
65:7d:16:90:75:25:4a:39:46:91:64:0a:91:58:cd:cc:89:52:
0d:24:2c:b9:05:44:7a:7c:4a:09:1f:47:82:7c:82:a5:b5:09:
57:b5:c7:18:3f:1c:00:10:e8:d1:0e:82:11:48:2e:e2:ca:7a:
e6:8c:9b:48:c0:49:72:c0:3a:5d:55:f1:12:f4:f2:5a:8f:e8:
5b:26:74:6f:5d:6e:a2:67:de:14:23:bf:dd:46:dc:2a:e3:98:
20:e0:19:8a:83:a6:bd:da:1f:5d:46:b7:5e:04:4c:56:23:6e:
7d:b4:1b:f8:20:35:30:b9:d8:97:ca:0d:d2:29:09:ed:80:1e:
33:fd:28:57:88:1f:50:a7:f7:36:08:d1:ca:e8:ba:21:37:c5:
a2:83:bd:40:f5:ee:27:ae:a2:7b:a1:69:20:ef:ac:0b:d6:a5:
ad:7b:8b:09:5a:d4:47:c3:57:5e:5a:b5:67:cd:41:9a:46:4d:
4c:37:80:1e:ef:6d:77:3a:f8:59:0f:9b:d0:d2:4c:13:89:c5:
b6:c0:f2:f4
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYvtOMIXTqvQ1s51+JbvqPKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIwMTQ1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjI5NmIxODlkMTlmMjQwYTBmMmVlZGQ2ZTYzMjZkZGYyYzUwZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWST2aRWoWubQiUQcwheDKctXO6R
nBPqlIGRLNL9Q39twTVIFIwWM7RxXjX25yIr7ryW5yD4bXZVDobgkBJ3LF5wwzl5
v8CNRAm8R3RhjAV8slokjvDf8JpUz9JXicZJqTxY9oUgCp/tBm6v3X8N5qCUr5mh
k3XKEtd5id5nRw/3h/x93E88/gfYoRyZws9SSvtT146owe8crArlnhHwyBPUBsKq
6maaj8J9fgUY3wJXzkU94B07WHJLwXtCTmO0UqydZedVH6+SrVoV8i2s+W7SY/SK
Gy7K/vlGzaetRMMjyZSgh6BlntIdRAD3kS4k8tgrR0KWzbuznsUeE/MXLQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFBspaxidGfJAoPLu3W5jJt3yxQ/bMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR3lsckdKMFo4a0NnOHU3ZGJtTW0zZkxGRDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAAt
WFoDBAAtl1kDBABXeCEDBABXeFcDBABXeS0DBABXeTsDBAFXedwDBAFbXBgDBAFc
d8QDBABde3QwDAMEAF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05m
AwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufbf
AwQAufywAwQAwqmuAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQCBOmSzoNC8A5nz
eLINhWHRHudYkuJusOV+pFemOjsveHYPzatgq6BFTZo0BvuXNLw8Cax+EXVlfRaQ
dSVKOUaRZAqRWM3MiVINJCy5BUR6fEoJH0eCfIKltQlXtccYPxwAEOjRDoIRSC7i
ynrmjJtIwElywDpdVfES9PJaj+hbJnRvXW6iZ94UI7/dRtwq45gg4BmKg6a92h9d
RrdeBExWI259tBv4IDUwudiXyg3SKQntgB4z/ShXiB9Qp/c2CNHK6LohN8Wig71A
9e4nrqJ7oWkg76wL1qWte4sJWtRHw1deWrVnzUGaRk1MN4Ae7213OvhZD5vQ0kwT
icW2wPL0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:29 2024 by rpki-client on console-ams.rpki-client.org