Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KVWWGv5Yrx4NBVuHr_K2c2xGM6M.roa
File: KVWWGv5Yrx4NBVuHr_K2c2xGM6M.roa (raw, json)
Hash identifier: SZ+MK73YZZHVZQwj7UsghQIfzlvu+vT+Lx2EGmN4juQ=
Subject key identifier: 29:55:96:1A:FE:58:AF:1E:0D:05:5B:87:AF:F2:B6:73:6C:46:33:A3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A791289607BEAA9483F1E5D6A7EBA5563
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KVWWGv5Yrx4NBVuHr_K2c2xGM6M.roa
Signing time: Sat 09 Sep 2023 08:32:52 +0000
ROA not before: Sat 09 Sep 2023 08:32:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 194.169.172.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:79:12:89:60:7b:ea:a9:48:3f:1e:5d:6a:7e:ba:55:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 9 08:32:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2955961afe58af1e0d055b87aff2b6736c4633a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:95:b0:be:f3:f4:e6:e6:75:1a:d8:f2:cd:
ca:b9:c4:51:7b:ef:b7:3a:4b:66:ce:cc:95:e6:c7:
e2:6a:07:bf:44:00:ba:57:e1:4a:59:34:72:8f:f7:
3a:a3:e9:2f:95:ce:c6:e7:79:df:0c:66:70:d7:6f:
69:b7:26:fd:4d:81:e1:35:ff:71:84:ed:4c:ca:ab:
2e:c2:78:87:ca:72:b0:22:fc:01:54:57:c4:52:db:
b3:4f:c8:17:e2:f2:b4:e5:78:d4:97:f9:ee:61:ea:
b8:c0:46:90:ec:55:1e:a5:54:fe:dc:10:a8:79:ca:
6e:af:87:ea:c7:d7:af:c5:de:ad:ae:9c:52:95:58:
ce:b9:cb:06:4d:da:5a:49:22:76:a3:59:13:06:a9:
ce:d1:0b:60:d2:08:25:2d:2f:3a:6e:f7:53:60:28:
3a:2f:90:9c:2b:6c:7d:81:f1:17:6d:76:37:47:23:
99:89:3b:33:12:3c:b3:ba:0e:ea:5f:11:4a:d8:61:
ad:0f:b5:c1:45:99:14:d9:8d:b6:30:5f:61:c9:68:
24:1c:92:a7:96:4f:13:1a:9b:9d:52:e0:9d:bb:90:
90:31:90:fc:20:01:f1:e3:28:f9:ef:fd:f9:0b:6c:
48:59:27:07:c7:82:2e:5b:c8:b7:4e:7d:f0:56:77:
39:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:55:96:1A:FE:58:AF:1E:0D:05:5B:87:AF:F2:B6:73:6C:46:33:A3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KVWWGv5Yrx4NBVuHr_K2c2xGM6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.8.93.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.225.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
36:f8:27:55:c0:e5:4b:ab:0b:15:59:3f:1e:37:ff:a9:5f:14:
5f:34:98:06:5b:00:b0:c9:7a:95:be:41:4f:16:5a:95:5d:c4:
30:5b:4f:b5:93:f4:3a:12:84:56:b3:9c:da:10:d6:6b:99:0c:
68:ed:7a:ef:21:6b:5c:ef:ec:fc:d5:09:12:1d:0c:3a:63:b2:
e8:67:ca:c9:8d:fe:2b:0e:f4:94:57:d5:5d:61:45:7f:f4:67:
61:84:2c:98:f0:a5:35:58:33:9a:e0:1f:d4:4b:44:60:14:6b:
4a:3d:42:c7:6d:00:3a:3d:70:58:3c:00:7b:7c:24:27:b2:28:
c4:61:d4:f9:58:50:09:ea:a6:b5:e6:f1:ef:6e:be:d9:76:d1:
41:15:29:af:74:7c:9e:58:70:31:d0:ce:0b:f9:7d:ce:97:78:
bb:f9:d9:3a:7c:49:86:16:5e:f6:99:2c:fd:9b:b1:11:5c:0c:
6a:fd:b5:16:59:9f:13:d2:8c:43:a2:49:38:ff:2e:f8:3a:85:
f6:24:37:66:67:3e:ba:3d:57:b0:5d:03:48:0c:9a:4c:0e:aa:
76:58:9a:4d:a7:2b:e6:55:af:39:2c:0b:53:73:10:e3:c3:3b:
2e:23:74:c6:51:89:30:45:7b:e0:46:84:c5:38:98:f2:10:de:
b5:5a:a9:64
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYp5Eolge+qpSD8eXWp+ulVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTA5MDgzMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU1OTYxYWZlNThhZjFlMGQwNTViODdhZmYyYjY3MzZjNDYzM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXSVsL7z9ObmdRrY8s3KucRRe++3
OktmzsyV5sfiage/RAC6V+FKWTRyj/c6o+kvlc7G53nfDGZw129ptyb9TYHhNf9x
hO1MyqsuwniHynKwIvwBVFfEUtuzT8gX4vK05XjUl/nuYeq4wEaQ7FUepVT+3BCo
ecpur4fqx9evxd6trpxSlVjOucsGTdpaSSJ2o1kTBqnO0Qtg0gglLS86bvdTYCg6
L5CcK2x9gfEXbXY3RyOZiTszEjyzug7qXxFK2GGtD7XBRZkU2Y22MF9hyWgkHJKn
lk8TGpudUuCdu5CQMZD8IAHx4yj57/35C2xIWScHx4IuW8i3Tn3wVnc5TQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFClVlhr+WK8eDQVbh6/ytnNsRjOjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS1ZXV0d2NVlyeDROQlZ1SHJfSzJjMnhHTTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAC
O/0DBAAtCF0DBAAtVFsDBAAtWEADBAAtWFsDBABcd8YDBABc+TIDBABemqIDBABt
zu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogMEAMEZ2QMEAMElKAME
AMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMI3uwMEAMI34QME
AMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEANvgnVcDlS6sLFVk/Hjf/qV8U
XzSYBlsAsMl6lb5BTxZalV3EMFtPtZP0OhKEVrOc2hDWa5kMaO167yFrXO/s/NUJ
Eh0MOmOy6GfKyY3+Kw70lFfVXWFFf/RnYYQsmPClNVgzmuAf1EtEYBRrSj1Cx20A
Oj1wWDwAe3wkJ7IoxGHU+VhQCeqmtebx726+2XbRQRUpr3R8nlhwMdDOC/l9zpd4
u/nZOnxJhhZe9pks/ZuxEVwMav21FlmfE9KMQ6JJOP8u+DqF9iQ3Zmc+uj1XsF0D
SAyaTA6qdliaTacr5lWvOSwLU3MQ48M7LiN0xlGJMEV74EaExTiY8hDetVqpZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org