Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HrdmihPxxmYQF_TttUpk0wYLjbk.roa
File: HrdmihPxxmYQF_TttUpk0wYLjbk.roa (raw, json)
Hash identifier: 30BQxGZgqHM9bKuosOka2xF4wKOJBU5fwQse70+tJSY=
Subject key identifier: 1E:B7:66:8A:13:F1:C6:66:10:17:F4:ED:B5:4A:64:D3:06:0B:8D:B9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C8C493BDBEDF482500B77582EADDAF39B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HrdmihPxxmYQF_TttUpk0wYLjbk.roa
Signing time: Thu 21 Dec 2023 12:10:58 +0000
ROA not before: Thu 21 Dec 2023 12:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:49:3b:db:ed:f4:82:50:0b:77:58:2e:ad:da:f3:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 21 12:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eb7668a13f1c6661017f4edb54a64d3060b8db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:86:e0:3a:a4:fe:2a:a4:15:68:44:48:cc:9e:
94:3f:af:12:90:f4:02:31:e1:bf:6c:02:2c:31:75:
16:e4:4f:48:5b:0f:ad:03:5b:80:d5:db:f7:94:7f:
7c:85:56:41:50:ae:82:3c:73:03:d4:ce:c0:62:1b:
f8:09:ac:bf:ff:f7:8d:a8:1b:21:62:67:97:98:93:
96:d2:20:c7:ea:e3:65:64:61:44:c9:d2:ab:d2:1a:
23:e3:1c:35:4e:94:a8:85:41:05:44:c3:ad:89:4b:
fc:a7:1b:b6:60:d8:e8:1f:29:19:1d:55:62:90:68:
f6:11:eb:70:ca:a2:ee:7d:1b:41:5e:4e:41:28:5d:
c1:f9:74:8f:42:c0:ee:d2:ef:bb:e8:8a:2c:ee:f2:
da:7a:d2:0a:a2:d5:43:a1:31:cc:22:66:fe:80:3d:
ea:ed:89:9c:e4:a4:24:10:25:41:56:47:f7:81:34:
c2:4c:68:4a:4b:4a:7d:8f:73:fd:87:71:8f:2c:e9:
ae:0f:90:83:b2:1d:0b:9e:fb:bb:2b:85:be:ab:ff:
54:21:69:d9:2d:7a:31:d9:26:cf:d5:91:df:ad:f1:
bf:d2:7b:8c:7b:22:1c:76:e6:71:c2:95:89:d0:c8:
c7:c0:8d:a0:de:80:49:39:c7:01:3f:8c:6a:b3:c3:
0f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B7:66:8A:13:F1:C6:66:10:17:F4:ED:B5:4A:64:D3:06:0B:8D:B9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HrdmihPxxmYQF_TttUpk0wYLjbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.12.255.0/24
45.66.228.0/24
45.151.90.0/24
79.110.50.0/24
82.115.211.0/24
84.54.49.0/24
87.121.105.0/24
94.156.176.0/24
185.226.175.0/24
193.37.47.0/24
193.149.28.0/22
194.49.86.0/24
194.180.36.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:f4:28:2f:92:a6:dd:89:f2:ec:fd:89:82:f4:7e:44:d8:c6:
e8:04:37:37:a6:c9:64:71:69:9b:5a:a3:4e:cd:bb:1d:0c:87:
05:d8:4f:09:95:6e:b4:a5:0d:18:83:f0:fe:d9:30:39:80:9a:
93:5d:48:85:78:05:49:e5:5b:90:22:63:11:11:b1:32:d0:67:
32:bc:d6:19:3d:31:cc:a5:37:dd:0d:42:1c:95:9d:cd:5b:93:
9a:13:90:4d:ef:e6:9b:bf:a8:b5:24:eb:43:2b:0c:de:2b:2e:
bb:9f:d5:13:0e:46:d5:6b:d2:79:aa:fa:dc:0c:6d:a7:29:e3:
dc:bc:8c:71:88:5d:94:45:3e:90:f2:63:4f:e7:e8:9f:ad:5b:
9c:d4:6d:54:27:08:db:9a:7f:b5:85:9a:a1:c7:5d:b3:15:f8:
7d:56:63:8b:60:25:1d:00:eb:15:e4:ea:5b:92:49:c1:67:a8:
1a:d1:27:8c:1e:02:2c:58:c3:68:2e:5d:03:51:6b:06:1b:70:
38:44:20:5f:69:67:46:b4:bc:83:5c:48:a8:77:1a:10:6e:14:
07:23:23:0b:05:51:2a:ef:16:c7:e4:58:5e:06:6a:df:d9:df:
f7:7c:04:72:60:fa:06:f3:21:90:bc:42:ed:58:8b:d9:f0:08:
14:23:4a:de
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYyMSTvb7fSCUAt3WC6t2vObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMTIxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWI3NjY4YTEzZjFjNjY2MTAxN2Y0ZWRiNTRhNjRkMzA2MGI4ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYbgOqT+KqQVaERIzJ6UP68SkPQC
MeG/bAIsMXUW5E9IWw+tA1uA1dv3lH98hVZBUK6CPHMD1M7AYhv4Cay///eNqBsh
YmeXmJOW0iDH6uNlZGFEydKr0hoj4xw1TpSohUEFRMOtiUv8pxu2YNjoHykZHVVi
kGj2EetwyqLufRtBXk5BKF3B+XSPQsDu0u+76Ios7vLaetIKotVDoTHMImb+gD3q
7Ymc5KQkECVBVkf3gTTCTGhKS0p9j3P9h3GPLOmuD5CDsh0Lnvu7K4W+q/9UIWnZ
LXox2SbP1ZHfrfG/0nuMeyIcduZxwpWJ0MjHwI2g3oBJOccBP4xqs8MPRwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFB63ZooT8cZmEBf07bVKZNMGC425MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSHJkbWloUHh4bVlRRl9UdHRVcGswd1lMamJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALQhdAwQA
LQz/AwQALULkAwQALZdaAwQAT24yAwQAUnPTAwQAVDYxAwQAV3lpAwQAXpywAwQA
ueKvAwQAwSUvAwQCwZUcAwQAwjFWAwQAwrQkAwQA1HMpMA0GCSqGSIb3DQEBCwUA
A4IBAQAL9CgvkqbdifLs/YmC9H5E2MboBDc3pslkcWmbWqNOzbsdDIcF2E8JlW60
pQ0Yg/D+2TA5gJqTXUiFeAVJ5VuQImMREbEy0GcyvNYZPTHMpTfdDUIclZ3NW5Oa
E5BN7+abv6i1JOtDKwzeKy67n9UTDkbVa9J5qvrcDG2nKePcvIxxiF2URT6Q8mNP
5+ifrVuc1G1UJwjbmn+1hZqhx12zFfh9VmOLYCUdAOsV5OpbkknBZ6ga0SeMHgIs
WMNoLl0DUWsGG3A4RCBfaWdGtLyDXEiodxoQbhQHIyMLBVEq7xbH5FheBmrf2d/3
fARyYPoG8yGQvELtWIvZ8AgUI0re
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:03 2024 by rpki-client on console-fra.rpki-client.org