Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LBXtDksU7bkANzFyqjZeRbscQbo.roa
File: LBXtDksU7bkANzFyqjZeRbscQbo.roa (raw, json)
Hash identifier: v+K1xVANTC6VWxUIIRrxQ1mCNLImH4mjp9IopuNehYs=
Subject key identifier: 2C:15:ED:0E:4B:14:ED:B9:00:37:31:72:AA:36:5E:45:BB:1C:41:BA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018577FC01668B72EC9798934A8DEB314623
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LBXtDksU7bkANzFyqjZeRbscQbo.roa
Signing time: Tue 03 Jan 2023 14:14:41 +0000
ROA not before: Tue 03 Jan 2023 14:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 45.90.88.0/22 maxlen: 24
45.12.254.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
84.21.173.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
195.178.121.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.238.0/23 maxlen: 24
178.215.226.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
193.222.98.0/23 maxlen: 24
193.47.63.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
185.221.67.0/24 maxlen: 24
79.110.48.0/23 maxlen: 24
194.49.87.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
194.49.95.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:fc:01:66:8b:72:ec:97:98:93:4a:8d:eb:31:46:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 3 14:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c15ed0e4b14edb900373172aa365e45bb1c41ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d9:07:4c:93:dc:21:e6:16:f1:7c:2c:a0:f1:
13:65:e0:8a:ab:e4:01:41:6a:a9:99:9a:9c:16:9b:
9b:32:c9:84:0d:98:48:f2:45:94:3f:99:34:30:b6:
e8:9d:81:8e:21:b6:ad:a9:f1:86:a7:63:40:f9:10:
96:9f:f8:67:ba:5b:8c:16:6f:6c:96:ea:e8:3f:42:
6b:46:23:af:e9:7e:1f:7a:a9:e6:db:71:7f:14:2d:
10:55:94:9f:1c:38:55:0c:66:2e:04:a9:37:ce:3f:
78:3c:a6:c5:a2:9e:d7:71:66:21:92:9c:39:49:89:
30:42:37:a8:9b:70:6d:5a:fa:02:f2:81:15:fc:7a:
61:b3:79:c6:45:e4:6b:ec:f3:ef:95:86:20:2d:87:
94:c3:25:59:2b:6b:0a:b3:2a:25:fb:6f:23:bd:8f:
bc:07:7a:a8:83:e0:17:c2:ce:73:fd:e6:44:b9:a2:
4e:4f:1d:15:ad:83:ca:e9:5c:44:cd:0f:b7:66:71:
aa:eb:23:91:0e:ba:f8:e9:f7:5e:4c:04:1e:cb:4c:
50:44:71:bd:a6:a1:84:87:f1:63:bd:92:9a:6f:df:
17:96:32:4d:b6:fc:b2:d8:f6:61:be:8f:4e:1e:21:
9e:4f:de:96:7f:13:f7:c7:bc:73:6e:41:97:1b:78:
27:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:15:ED:0E:4B:14:ED:B9:00:37:31:72:AA:36:5E:45:BB:1C:41:BA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LBXtDksU7bkANzFyqjZeRbscQbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.90.88.0/22
45.149.233.0/24
45.149.241.0/24
79.110.48.0/23
81.161.238.0/23
82.115.208.0/24
84.21.173.0/24
84.54.49.0/24
87.121.220.0/24
109.206.239.0/24
141.98.4.0/24
141.98.7.0/24
147.78.100.0/23
171.22.18.0/24
171.22.31.0/24
178.215.226.0/24
178.215.237.0/24
185.221.67.0/24
193.25.217.0-193.25.218.255
193.47.63.0/24
193.58.120.0/24
193.222.98.0/23
194.31.204.0/24
194.48.248.0/24
194.49.86.0/23
194.49.95.0/24
194.55.227.0/24
194.169.173.0-194.169.174.255
195.178.121.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:4d:51:26:22:99:ba:32:77:32:a8:6e:2c:ac:8d:1a:ec:b7:
68:cc:6c:9d:5e:0c:59:ba:15:63:4d:05:55:65:f0:11:eb:6d:
bb:b1:96:68:13:0a:80:6e:ea:f8:c8:1c:22:2b:0d:14:21:a0:
df:aa:e5:e2:ab:27:62:0c:08:b3:c4:65:ae:5e:f9:5c:c3:f3:
53:af:03:89:e2:3f:06:57:01:83:43:2a:f1:f8:89:dd:1d:85:
68:01:de:f2:66:4e:0a:45:6f:9e:4a:12:e9:32:a1:18:99:52:
b5:81:90:05:e7:d6:1a:f2:1c:0b:76:b9:56:4a:da:8c:19:ca:
2b:16:2b:ad:5b:e5:ed:00:ea:90:f9:65:7c:df:5f:b0:4a:78:
a7:b0:09:92:97:a8:25:ad:c2:bc:6d:3e:0c:e1:9f:c2:db:4a:
21:1e:f6:12:d5:1f:be:1d:ab:e9:85:ba:ca:87:70:be:04:79:
de:72:16:1e:5f:4b:ef:45:e4:2f:c1:45:23:e7:a6:74:3f:1d:
82:57:b3:cd:1a:a5:7f:35:53:8f:e9:43:65:7d:f4:01:d3:03:
35:8a:1c:09:46:c1:cc:c3:8c:f7:5c:76:2c:51:7e:46:bf:86:
39:7b:3e:35:fb:8a:ae:54:31:aa:52:b9:6c:b5:c7:d6:52:db:
f4:36:d9:b6
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYV3/AFmi3Lsl5iTSo3rMUYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAzMTQxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzE1ZWQwZTRiMTRlZGI5MDAzNzMxNzJhYTM2NWU0NWJiMWM0MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNkHTJPcIeYW8XwsoPETZeCKq+QB
QWqpmZqcFpubMsmEDZhI8kWUP5k0MLbonYGOIbatqfGGp2NA+RCWn/hnuluMFm9s
luroP0JrRiOv6X4feqnm23F/FC0QVZSfHDhVDGYuBKk3zj94PKbFop7XcWYhkpw5
SYkwQjeom3BtWvoC8oEV/Hphs3nGReRr7PPvlYYgLYeUwyVZK2sKsyol+28jvY+8
B3qog+AXws5z/eZEuaJOTx0VrYPK6VxEzQ+3ZnGq6yORDrr46fdeTAQey0xQRHG9
pqGEh/FjvZKab98XljJNtvyy2PZhvo9OHiGeT96WfxP3x7xzbkGXG3gnDQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFCwV7Q5LFO25ADcxcqo2XkW7HEG6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTEJYdERrc1U3YmtBTnpGeXFqWmVSYnNjUWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAAt
DP4DBAItWlgDBAAtlekDBAAtlfEDBAFPbjADBAFRoe4DBABSc9ADBABUFa0DBABU
NjEDBABXedwDBABtzu8DBACNYgQDBACNYgcDBAGTTmQDBACrFhIDBACrFh8DBACy
1+IDBACy1+0DBAC53UMwDAMEAMEZ2QMEAMEZ2gMEAMEvPwMEAME6eAMEAcHeYgME
AMIfzAMEAMIw+AMEAcIxVgMEAMIxXwMEAMI34zAMAwQAwqmtAwQAwqmuAwQAw7J5
MA0GCSqGSIb3DQEBCwUAA4IBAQCjTVEmIpm6MncyqG4srI0a7LdozGydXgxZuhVj
TQVVZfAR6227sZZoEwqAbur4yBwiKw0UIaDfquXiqydiDAizxGWuXvlcw/NTrwOJ
4j8GVwGDQyrx+IndHYVoAd7yZk4KRW+eShLpMqEYmVK1gZAF59Ya8hwLdrlWStqM
GcorFiutW+XtAOqQ+WV831+wSninsAmSl6glrcK8bT4M4Z/C20ohHvYS1R++Havp
hbrKh3C+BHnechYeX0vvReQvwUUj56Z0Px2CV7PNGqV/NVOP6UNlffQB0wM1ihwJ
RsHMw4z3XHYsUX5Gv4Y5ez41+4quVDGqUrlstcfWUtv0Ntm2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:30 2024 by rpki-client on console-ams.rpki-client.org