Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JDyg5EEdvp8OqYflQAK8d_6mii4.roa
File: JDyg5EEdvp8OqYflQAK8d_6mii4.roa (raw, json)
Hash identifier: U7Uvo385zw6VHi6+n219cC3rgVdaUTcjJfEB5ofyMRo=
Subject key identifier: 24:3C:A0:E4:41:1D:BE:9F:0E:A9:87:E5:40:02:BC:77:FE:A6:8A:2E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189B0C80D23063B3845DB12B6914CB34D05
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JDyg5EEdvp8OqYflQAK8d_6mii4.roa
Signing time: Tue 01 Aug 2023 11:07:27 +0000
ROA not before: Tue 01 Aug 2023 11:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
194.113.36.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.235.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
45.95.0.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:c8:0d:23:06:3b:38:45:db:12:b6:91:4c:b3:4d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 1 11:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=243ca0e4411dbe9f0ea987e54002bc77fea68a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e1:aa:2c:6c:aa:53:f9:e7:dc:2b:0f:a0:ae:
e2:fb:50:cf:f5:d5:a0:40:d3:bc:00:3a:ad:5b:1d:
fc:ba:b5:eb:4f:a2:4b:1c:f6:b4:ad:a4:a3:41:ac:
7d:f7:4b:eb:73:a9:08:70:6e:5b:1b:cc:48:3b:31:
0d:b4:a6:0b:f1:6e:92:ff:27:73:af:9b:90:46:6b:
d3:32:a2:cd:d8:6f:a7:5d:ef:c5:6c:46:18:a2:4d:
24:7f:54:71:47:02:32:e5:b1:9c:52:f0:85:97:d7:
ee:b5:23:3d:8d:7b:2c:1a:bb:0f:9e:d2:b4:3b:da:
00:99:9e:a6:0c:88:86:47:e1:28:e6:7e:50:c2:50:
f7:ba:d2:9f:db:dd:a4:de:1a:47:ba:55:47:f5:d7:
ca:aa:06:a6:38:75:0b:a6:1d:7a:1b:ac:d1:7b:2c:
63:cb:2c:9a:4c:33:2a:ac:08:44:77:d7:ec:bd:a6:
2c:f8:80:f9:45:cc:af:54:6b:d6:d5:89:3f:87:63:
13:1f:16:67:70:70:a8:58:3e:d0:11:f4:0e:48:e2:
2b:c5:4e:b8:9a:07:8a:1d:ea:0f:e1:28:4a:90:f9:
36:03:e0:57:a6:31:d2:7d:50:06:47:4e:90:cb:72:
64:62:ca:2f:83:62:34:da:4b:68:70:56:6f:89:cf:
c2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3C:A0:E4:41:1D:BE:9F:0E:A9:87:E5:40:02:BC:77:FE:A6:8A:2E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JDyg5EEdvp8OqYflQAK8d_6mii4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
45.149.235.0/24
45.151.89.0/24
87.121.45.0/24
91.92.21.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
194.113.36.0/22
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:a2:fd:b0:b1:21:6a:34:40:c2:49:b8:61:14:84:08:17:a3:
a3:82:75:75:f9:97:2b:a4:c3:27:92:fa:21:b9:c1:b2:35:0b:
ed:da:b2:66:56:99:62:96:38:ea:96:4a:ee:78:13:e9:0e:89:
1a:33:0a:57:d4:15:75:1a:12:0c:af:e0:f8:9a:07:4b:0d:78:
98:ae:de:c0:7e:8a:d2:23:26:12:de:6c:62:d2:9e:28:0c:a5:
38:98:f3:05:b9:a8:1a:3e:a6:e2:1b:b0:7f:ab:53:ae:c3:2a:
e9:08:51:d2:d3:6a:69:15:94:2e:32:ef:95:dc:50:f3:58:84:
06:3e:b8:6e:7a:81:77:4f:28:33:40:0e:88:5f:52:23:15:0d:
36:cd:14:fe:69:99:b7:9c:cd:84:47:df:f5:ce:98:8a:94:d4:
58:20:89:b7:9a:fc:d3:10:6b:9b:00:f8:09:78:60:56:0f:0f:
37:70:10:88:f5:6f:51:25:75:c1:20:b4:c5:51:cb:33:72:3e:
27:75:4f:f2:e4:c4:dd:e5:6d:a8:b4:f2:79:a2:15:31:14:d7:
09:ed:42:38:cc:53:d3:b5:39:ea:dc:63:e9:4b:3f:c5:45:f6:
b9:b5:40:8d:a8:b0:79:32:9c:58:51:1b:d8:0c:d8:ae:fe:53:
e6:cb:d3:a2
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYmwyA0jBjs4RdsStpFMs00FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODAxMTEwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDNjYTBlNDQxMWRiZTlmMGVhOTg3ZTU0MDAyYmM3N2ZlYTY4YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheGqLGyqU/nn3CsPoK7i+1DP9dWg
QNO8ADqtWx38urXrT6JLHPa0raSjQax990vrc6kIcG5bG8xIOzENtKYL8W6S/ydz
r5uQRmvTMqLN2G+nXe/FbEYYok0kf1RxRwIy5bGcUvCFl9futSM9jXssGrsPntK0
O9oAmZ6mDIiGR+Eo5n5QwlD3utKf292k3hpHulVH9dfKqgamOHULph16G6zReyxj
yyyaTDMqrAhEd9fsvaYs+ID5RcyvVGvW1Yk/h2MTHxZncHCoWD7QEfQOSOIrxU64
mgeKHeoP4ShKkPk2A+BXpjHSfVAGR06Qy3JkYsovg2I02ktocFZvic/CBwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCQ8oORBHb6fDqmH5UACvHf+poouMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSkR5ZzVFRWR2cDhPcVlmbFFBSzhkXzZtaWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAIt
XwADBAAtlesDBAAtl1kDBABXeS0DBABbXBUDBAFcd8QwDAMEAF6aoQMEAl6aoAME
AF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpU
AwQAudqJAwQAudt+AwQAufywAwQCwnEkAwQAwqmuMA0GCSqGSIb3DQEBCwUAA4IB
AQCwov2wsSFqNEDCSbhhFIQIF6OjgnV1+ZcrpMMnkvohucGyNQvt2rJmVpliljjq
lkrueBPpDokaMwpX1BV1GhIMr+D4mgdLDXiYrt7AforSIyYS3mxi0p4oDKU4mPMF
uagaPqbiG7B/q1OuwyrpCFHS02ppFZQuMu+V3FDzWIQGPrhueoF3TygzQA6IX1Ij
FQ02zRT+aZm3nM2ER9/1zpiKlNRYIIm3mvzTEGubAPgJeGBWDw83cBCI9W9RJXXB
ILTFUcszcj4ndU/y5MTd5W2otPJ5ohUxFNcJ7UI4zFPTtTnq3GPpSz/FRfa5tUCN
qLB5MpxYURvYDNiu/lPmy9Oi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:29 2024 by rpki-client on console-ams.rpki-client.org