Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LiF5YT6fOHkinwFI0gRd8Y4jiVA.roa
File: LiF5YT6fOHkinwFI0gRd8Y4jiVA.roa (raw, json)
Hash identifier: BiXRPJvoXPILit13PugXcgWKBKtNaIzaMPt2pP8s5CY=
Subject key identifier: 2E:21:79:61:3E:9F:38:79:22:9F:01:48:D2:04:5D:F1:8E:23:89:50
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B95A71351EDE15FCBC14D80CE7617D94A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LiF5YT6fOHkinwFI0gRd8Y4jiVA.roa
Signing time: Fri 03 Nov 2023 14:47:16 +0000
ROA not before: Fri 03 Nov 2023 14:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:a7:13:51:ed:e1:5f:cb:c1:4d:80:ce:76:17:d9:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 14:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e2179613e9f3879229f0148d2045df18e238950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:09:a8:71:3b:ae:59:72:fd:9d:52:04:f4:93:
22:b5:b4:41:7c:50:03:13:3a:d6:f3:d7:2f:b9:c9:
93:f6:61:0f:53:6f:5a:32:5d:1f:ba:46:5c:b0:b0:
28:af:11:d1:75:ce:e7:f0:23:c3:bc:d2:bd:75:d2:
36:fd:df:c0:f8:3e:e0:64:08:62:5c:51:9a:56:0a:
df:a5:0a:a0:b6:aa:83:d0:44:6b:40:cb:51:3d:29:
86:1d:84:5b:7d:c3:ab:b4:3c:9e:d9:d7:6b:6c:73:
0a:73:c0:1e:91:4f:9f:d2:71:73:97:e9:2e:df:8a:
cf:3b:db:db:ff:53:91:12:8a:87:8a:84:59:ef:dd:
7c:02:e2:db:e7:4f:b9:2a:db:b9:d1:d9:57:c3:fa:
09:7b:20:0f:cd:cb:43:95:80:59:d8:37:ef:33:e0:
e8:7d:f6:e1:86:6d:cc:7d:80:b3:7d:9c:bc:66:9f:
62:23:02:6e:11:ce:e8:e8:ba:38:80:fe:68:60:63:
00:8d:5c:a2:3b:11:5f:ea:2d:c6:06:e9:96:d7:6d:
60:cd:c9:81:8f:8d:d3:e3:80:5f:9f:04:ad:2e:43:
3f:10:4c:e6:de:57:da:e1:0a:60:e8:35:fa:83:72:
c0:5b:2f:b4:7c:87:df:91:fc:0e:3b:e8:28:ee:ef:
eb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:21:79:61:3E:9F:38:79:22:9F:01:48:D2:04:5D:F1:8E:23:89:50
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LiF5YT6fOHkinwFI0gRd8Y4jiVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
52:e8:ac:ff:d5:2c:8a:fa:c8:49:8f:82:24:9e:20:91:98:ae:
6b:72:03:c9:5a:95:b8:5a:5a:31:39:be:19:b1:71:32:83:84:
c6:ae:33:fc:4d:5e:08:e4:79:05:b1:81:d6:02:a6:09:25:40:
dd:15:6d:90:79:4e:6f:40:a9:62:83:3c:96:3a:80:6c:b7:2d:
f4:0c:e4:5a:1b:e5:e4:ce:c0:0b:68:80:d9:27:ce:94:97:42:
a3:ad:d2:b3:e4:bd:9e:08:2a:2a:96:23:27:fb:51:78:83:e3:
0f:ff:63:da:37:a5:18:d9:7f:1f:fa:13:ab:2e:2e:0b:8b:6c:
d2:c9:b3:eb:a6:46:15:3f:90:9d:23:a5:c8:62:d0:c0:ee:b4:
90:a9:d8:5c:f6:3b:e4:50:89:b2:93:1c:bc:da:5c:ad:6e:55:
57:aa:dc:4f:e3:f7:be:90:8c:b3:b3:20:71:e3:43:2b:5f:7e:
62:e7:89:cd:39:b5:b9:f7:72:1e:84:cb:e1:52:7c:3a:96:be:
d3:aa:ad:17:17:f1:6f:3f:e5:b5:97:96:59:5b:73:a4:bb:d3:
42:9d:e6:b5:ae:d5:01:db:b2:b7:61:64:bf:75:88:69:9a:38:
71:48:5c:9a:86:6e:5d:0c:3a:66:0a:d0:51:b1:f8:50:91:90:
93:42:fd:5d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYuVpxNR7eFfy8FNgM52F9lKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMTQ0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTIxNzk2MTNlOWYzODc5MjI5ZjAxNDhkMjA0NWRmMThlMjM4OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQmocTuuWXL9nVIE9JMitbRBfFAD
EzrW89cvucmT9mEPU29aMl0fukZcsLAorxHRdc7n8CPDvNK9ddI2/d/A+D7gZAhi
XFGaVgrfpQqgtqqD0ERrQMtRPSmGHYRbfcOrtDye2ddrbHMKc8AekU+f0nFzl+ku
34rPO9vb/1OREoqHioRZ7918AuLb50+5Ktu50dlXw/oJeyAPzctDlYBZ2DfvM+Do
ffbhhm3MfYCzfZy8Zp9iIwJuEc7o6Lo4gP5oYGMAjVyiOxFf6i3GBumW121gzcmB
j43T44BfnwStLkM/EEzm3lfa4Qpg6DX6g3LAWy+0fIffkfwOO+go7u/r5QIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFC4heWE+nzh5Ip8BSNIEXfGOI4lQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTGlGNVlUNmZPSGtpbndGSTBnUmQ4WTRqaVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAt
l1kDBABXeFcDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAsH3/AwQAstfg
AwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufywAwQAwqmuAwQAwrQyMA0GCSqG
SIb3DQEBCwUAA4IBAQBS6Kz/1SyK+shJj4IkniCRmK5rcgPJWpW4WloxOb4ZsXEy
g4TGrjP8TV4I5HkFsYHWAqYJJUDdFW2QeU5vQKligzyWOoBsty30DORaG+XkzsAL
aIDZJ86Ul0KjrdKz5L2eCCoqliMn+1F4g+MP/2PaN6UY2X8f+hOrLi4Li2zSybPr
pkYVP5CdI6XIYtDA7rSQqdhc9jvkUImykxy82lytblVXqtxP4/e+kIyzsyBx40Mr
X35i54nNObW593IehMvhUnw6lr7Tqq0XF/FvP+W1l5ZZW3Oku9NCnea1rtUB27K3
YWS/dYhpmjhxSFyahm5dDDpmCtBRsfhQkZCTQv1d
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:30 2024 by rpki-client on console-ams.rpki-client.org