Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I35IWUyAVs-cGEZhZV_glNqQQU8.roa
File: I35IWUyAVs-cGEZhZV_glNqQQU8.roa (raw, json)
Hash identifier: I3IC5DwgIDUpvXPWZGccpFNN9o4wnC+KMX7HdT/eGAg=
Subject key identifier: 23:7E:48:59:4C:80:56:CF:9C:18:46:61:65:5F:E0:94:DA:90:41:4F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A088DCCD00BA6FB1C856C088E4B38D864
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I35IWUyAVs-cGEZhZV_glNqQQU8.roa
Signing time: Fri 18 Aug 2023 12:10:25 +0000
ROA not before: Fri 18 Aug 2023 12:10:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.21.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
194.113.36.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.235.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
92.119.196.0/23 maxlen: 24
45.95.0.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.219.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:8d:cc:d0:0b:a6:fb:1c:85:6c:08:8e:4b:38:d8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 18 12:10:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=237e48594c8056cf9c184661655fe094da90414f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:43:c8:fd:23:a6:2c:fc:4a:43:99:7d:99:96:
5c:39:5f:35:77:f9:6e:e8:10:1a:ed:53:f4:2c:97:
02:1d:1c:19:a2:b6:22:fd:32:f5:3b:25:26:57:63:
c6:f5:03:30:a1:36:d8:2e:a0:a7:7f:d9:44:41:b2:
56:8a:f9:c0:5c:53:02:bf:5d:ab:8f:83:17:0b:7b:
1e:01:69:01:a8:97:d4:2c:3b:4d:f3:e7:a0:e3:6a:
26:03:6d:6d:9d:c6:22:35:a1:7b:64:00:48:8d:c3:
6c:f2:b4:73:ec:8c:12:79:c6:e2:3a:3e:11:f2:95:
b6:6b:2f:b0:d1:c7:85:94:a1:b4:40:8d:44:0d:73:
ef:48:b2:72:ce:bd:79:e3:7b:fd:79:fd:f2:d7:53:
42:8a:de:25:ad:06:ab:52:51:0d:28:af:41:7c:b5:
5a:46:33:85:b3:0f:7c:7c:58:d4:9e:49:99:33:db:
2b:91:7e:1c:4a:30:f9:5d:c8:8f:12:69:c8:20:a9:
87:fd:48:be:5e:25:44:ab:d1:fb:6f:c4:87:71:6f:
9c:5b:4b:fb:bf:fa:24:b1:0f:5d:bc:48:a2:4e:ab:
30:7a:9c:d7:e9:08:70:05:b3:e8:ea:4b:c9:eb:22:
20:8a:0a:68:81:7f:40:bc:6e:1e:d9:5f:77:b1:a7:
19:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7E:48:59:4C:80:56:CF:9C:18:46:61:65:5F:E0:94:DA:90:41:4F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I35IWUyAVs-cGEZhZV_glNqQQU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
45.149.235.0/24
45.151.89.0/24
87.121.45.0/24
91.92.21.0/24
92.119.196.0/23
93.123.30.0/23
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
193.37.41.0/24
194.113.36.0/22
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:78:d4:82:a9:a5:df:c8:65:f6:86:b9:dc:d3:51:f0:1a:5a:
c4:bb:f8:e7:77:5b:46:dd:db:f2:96:4f:12:02:a2:68:d2:df:
ab:6d:a8:80:e3:4e:50:c2:07:9f:a1:2b:2d:bd:04:77:54:c9:
c9:d8:a9:be:e9:f6:82:1d:d7:31:eb:18:67:c4:09:10:43:7f:
af:fb:3c:71:68:db:7a:f8:b5:81:bf:0d:b2:64:03:f2:1f:f1:
9d:4b:b3:b5:69:14:f4:d4:3b:bc:46:d5:6c:d6:6a:7f:79:8d:
67:46:7c:67:f6:ed:16:d2:6f:3b:4a:49:d9:cc:33:52:32:44:
77:b7:59:90:96:d8:85:d5:ae:04:a7:31:76:bd:e4:e4:6f:7e:
f6:b9:4b:6a:f2:bd:a6:97:fa:04:5a:fe:f3:6b:96:f8:76:38:
e3:40:1c:6d:88:ae:2d:b1:81:13:21:d2:1b:11:b3:19:20:c6:
6f:71:66:d0:43:3c:9b:89:27:95:7a:f6:15:6e:ab:3e:f1:57:
6c:c1:9a:f3:2a:cb:51:48:1d:ca:48:11:d8:25:d2:1f:a1:d8:
09:43:54:db:76:e8:b6:8f:0a:18:44:72:0d:02:10:52:9a:c3:
9e:44:80:7e:c8:ef:4b:5b:8d:76:00:44:60:98:8d:39:90:0f:
a9:0f:66:7c
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYoIjczQC6b7HIVsCI5LONhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODE4MTIxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdlNDg1OTRjODA1NmNmOWMxODQ2NjE2NTVmZTA5NGRhOTA0MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kPI/SOmLPxKQ5l9mZZcOV81d/lu
6BAa7VP0LJcCHRwZorYi/TL1OyUmV2PG9QMwoTbYLqCnf9lEQbJWivnAXFMCv12r
j4MXC3seAWkBqJfULDtN8+eg42omA21tncYiNaF7ZABIjcNs8rRz7IwSecbiOj4R
8pW2ay+w0ceFlKG0QI1EDXPvSLJyzr1543v9ef3y11NCit4lrQarUlENKK9BfLVa
RjOFsw98fFjUnkmZM9srkX4cSjD5XciPEmnIIKmH/Ui+XiVEq9H7b8SHcW+cW0v7
v/oksQ9dvEiiTqswepzX6QhwBbPo6kvJ6yIgigpogX9AvG4e2V93sacZvQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFCN+SFlMgFbPnBhGYWVf4JTakEFPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTM1SVdVeUFWcy1jR0VaaFpWX2dsTnFRUVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIt
XwADBAAtlesDBAAtl1kDBABXeS0DBABbXBUDBAFcd8QDBAFdex4wDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAudqJAwQAudt+AwQAufywAwQAwSUpAwQCwnEkAwQAwqmu
MA0GCSqGSIb3DQEBCwUAA4IBAQCdeNSCqaXfyGX2hrnc01HwGlrEu/jnd1tG3dvy
lk8SAqJo0t+rbaiA405QwgefoSstvQR3VMnJ2Km+6faCHdcx6xhnxAkQQ3+v+zxx
aNt6+LWBvw2yZAPyH/GdS7O1aRT01Du8RtVs1mp/eY1nRnxn9u0W0m87SknZzDNS
MkR3t1mQltiF1a4EpzF2veTkb372uUtq8r2ml/oEWv7za5b4djjjQBxtiK4tsYET
IdIbEbMZIMZvcWbQQzybiSeVevYVbqs+8VdswZrzKstRSB3KSBHYJdIfodgJQ1Tb
dui2jwoYRHINAhBSmsOeRIB+yO9LW412AERgmI05kA+pD2Z8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:29 2024 by rpki-client on console-ams.rpki-client.org