Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/InusDkP6HPd5TtbwR5XNt0KNGZo.roa
File: InusDkP6HPd5TtbwR5XNt0KNGZo.roa (raw, json)
Hash identifier: mr5SbXnbA8ERCCYn5RSrnc/oZ/+ioH0O1brLk2hxrV4=
Subject key identifier: 22:7B:AC:0E:43:FA:1C:F7:79:4E:D6:F0:47:95:CD:B7:42:8D:19:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193AB5128D50DC64240EBFA5CE113D21502
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/InusDkP6HPd5TtbwR5XNt0KNGZo.roa
Signing time: Mon 09 Dec 2024 12:07:23 +0000
ROA not before: Mon 09 Dec 2024 12:07:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.12.255.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.90.88.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
93.123.84.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.179.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.58.122.0/24 maxlen: 24
194.49.94.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:51:28:d5:0d:c6:42:40:eb:fa:5c:e1:13:d2:15:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 9 12:07:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=227bac0e43fa1cf7794ed6f04795cdb7428d199a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c4:23:90:39:d6:d8:64:0b:12:4f:df:4b:84:
28:f1:e8:97:11:13:86:71:30:04:b3:36:f4:0b:bc:
ea:55:0f:54:47:93:1b:6a:5d:94:ac:aa:23:44:84:
a4:58:3f:11:03:bd:ba:34:e2:dd:04:45:bf:11:1f:
13:4b:fa:d4:d7:e1:2b:c0:0e:f9:a2:50:14:b8:4b:
c1:34:fc:32:87:d4:8b:65:07:5a:dd:aa:c6:15:b0:
84:a3:10:49:25:99:c3:0e:c7:19:65:a0:c7:67:97:
30:c6:5c:eb:a9:f6:53:05:91:ef:97:6d:9a:62:3f:
84:39:7b:39:00:c1:00:53:81:40:ac:ba:80:29:cc:
29:5f:a4:68:f4:36:66:0e:ca:6a:dd:8d:51:2f:4f:
ea:30:89:58:ab:31:19:be:f6:50:8e:2e:45:68:bf:
08:87:2a:c4:2b:a1:6a:71:3e:51:64:e5:0e:9c:c9:
1d:7a:a9:9c:bc:b9:fa:94:c5:f5:3f:d4:1a:15:66:
cd:f1:e3:12:c1:db:61:f5:ca:3f:23:b4:ba:f0:a8:
40:1e:c8:4b:1c:88:3e:45:76:e2:0d:e2:8d:9f:62:
89:6e:1b:66:f5:0d:19:9f:65:fe:18:e7:17:d7:d2:
47:0b:81:81:c5:e1:47:f8:2b:a1:57:5a:ef:b0:ef:
47:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7B:AC:0E:43:FA:1C:F7:79:4E:D6:F0:47:95:CD:B7:42:8D:19:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/InusDkP6HPd5TtbwR5XNt0KNGZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.255.0/24
45.14.164.0/24
45.66.228.0/24
45.88.64.0/24
45.90.88.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0-45.151.91.255
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.166.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
93.123.84.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
94.156.179.0/24
141.98.1.0/24
147.78.100.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
193.58.122.0/24
194.49.94.0/24
Signature Algorithm: sha256WithRSAEncryption
54:64:15:91:b0:9c:15:84:33:25:27:ae:65:e7:a5:70:7c:37:
ba:ce:fe:32:ad:ea:a7:9c:39:56:30:9a:1a:5a:7a:3d:62:33:
13:2f:be:15:fd:81:56:1c:17:50:82:0d:0e:b9:04:1d:4c:0f:
ce:c0:21:c4:f1:2d:dc:cb:4a:2c:96:59:e3:03:a1:88:7b:d7:
99:3f:d7:4e:0a:6c:6d:7d:58:54:f2:6a:e3:20:be:07:ee:9b:
ee:b8:a1:01:dc:68:0e:ac:93:3f:fa:bf:b7:f7:60:0b:ff:c0:
c9:14:a5:42:7b:71:10:dc:d1:c9:25:a8:2b:0e:37:87:b1:ea:
3d:db:f3:df:49:7f:7a:c9:a7:88:0b:ae:67:f8:ef:0d:83:d8:
d4:e2:ff:89:15:ac:b6:a2:99:94:16:36:b8:db:74:8c:2a:ef:
a3:a0:8c:f5:23:b8:98:fe:24:e5:ef:6c:f2:1e:d5:41:85:d3:
fa:23:ab:01:35:4e:ab:80:e9:20:01:70:d4:24:cc:ae:a9:61:
b8:1d:24:e3:f6:45:5e:a0:4b:d9:f3:08:03:30:87:f4:44:d6:
4f:0f:54:a8:9e:3e:d9:77:51:60:cf:05:b4:02:20:ee:f9:0b:
bf:69:37:7f:73:77:f4:70:5e:a6:c0:f0:47:fc:85:68:f2:9b:
32:51:85:eb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZOrUSjVDcZCQOv6XOET0hUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjA5MTIwNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjdiYWMwZTQzZmExY2Y3Nzk0ZWQ2ZjA0Nzk1Y2RiNzQyOGQxOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcQjkDnW2GQLEk/fS4Qo8eiXEROG
cTAEszb0C7zqVQ9UR5Mbal2UrKojRISkWD8RA726NOLdBEW/ER8TS/rU1+ErwA75
olAUuEvBNPwyh9SLZQda3arGFbCEoxBJJZnDDscZZaDHZ5cwxlzrqfZTBZHvl22a
Yj+EOXs5AMEAU4FArLqAKcwpX6Ro9DZmDspq3Y1RL0/qMIlYqzEZvvZQji5FaL8I
hyrEK6FqcT5RZOUOnMkdeqmcvLn6lMX1P9QaFWbN8eMSwdth9co/I7S68KhAHshL
HIg+RXbiDeKNn2KJbhtm9Q0Zn2X+GOcX19JHC4GBxeFH+CuhV1rvsO9HlwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFCJ7rA5D+hz3eU7W8EeVzbdCjRmaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSW51c0RrUDZIUGQ1VHRid1I1WE50MEtOR1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAAt
DP8DBAAtDqQDBAAtQuQDBAAtWEADBAAtWlgDBAAti2oDBAAtjZ4wDAMEAC2XWQME
Ai2XWAMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4pgMEAFd5LQMEAFd5VwMEAVd5fAME
AFd5ogMEAFd5pQMEBFtc8AMEAVx3xAMEAF17VAMEAl6aoAMEAF6cCwMEA16cQAME
AF6cswMEAI1iAQMEAJNOZAMEAqsWSAMEArnYVAMEArnaVAMEAME6egMEAMIxXjAN
BgkqhkiG9w0BAQsFAAOCAQEAVGQVkbCcFYQzJSeuZeelcHw3us7+Mq3qp5w5VjCa
Glp6PWIzEy++Ff2BVhwXUIINDrkEHUwPzsAhxPEt3MtKLJZZ4wOhiHvXmT/XTgps
bX1YVPJq4yC+B+6b7rihAdxoDqyTP/q/t/dgC//AyRSlQntxENzRySWoKw43h7Hq
Pdvz30l/esmniAuuZ/jvDYPY1OL/iRWstqKZlBY2uNt0jCrvo6CM9SO4mP4k5e9s
8h7VQYXT+iOrATVOq4DpIAFw1CTMrqlhuB0k4/ZFXqBL2fMIAzCH9ETWTw9UqJ4+
2XdRYM8FtAIg7vkLv2k3f3N39HBepsDwR/yFaPKbMlGF6w==
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:35:59 2025 by rpki-client