Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LpYhQEt01HrzbhoWGBaUuYPgyKU.roa
File: LpYhQEt01HrzbhoWGBaUuYPgyKU.roa (raw, json)
Hash identifier: 8YR9lsnD4xPSBKL+MNVYkQCwJyKuK8msVa6QUz02bqg=
Subject key identifier: 2E:96:21:40:4B:74:D4:7A:F3:6E:1A:16:18:16:94:B9:83:E0:C8:A5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E5184BCE3F98B7546802AA92B268C04D2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LpYhQEt01HrzbhoWGBaUuYPgyKU.roa
Signing time: Mon 18 Mar 2024 12:23:57 +0000
ROA not before: Mon 18 Mar 2024 12:23:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
45.129.86.0/23 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:84:bc:e3:f9:8b:75:46:80:2a:a9:2b:26:8c:04:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 18 12:23:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e9621404b74d47af36e1a16181694b983e0c8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9c:ab:ca:02:a3:21:e9:9e:fb:26:0a:51:ab:
ab:f4:e2:eb:e1:52:18:bb:8b:39:3b:e3:ad:e0:e3:
c7:48:2b:11:32:d5:72:f7:70:84:fe:af:f5:d8:fe:
da:10:d9:fd:d7:1f:b5:1b:8a:53:d9:1b:9d:02:17:
d0:9b:20:58:00:33:59:c2:2c:82:36:c7:2c:4f:85:
dd:7a:0d:74:b5:9c:38:2e:09:82:54:d3:eb:15:32:
4f:0e:4f:8c:15:69:b1:78:75:78:3b:77:c9:74:46:
08:28:dd:89:30:69:29:19:ef:16:24:22:c4:a9:b3:
5c:a1:f0:8d:95:64:db:f2:bb:a4:05:89:7e:01:c9:
22:2b:3e:70:fd:2e:c3:61:b1:3a:cf:09:d2:8a:a4:
cc:d4:61:ba:1f:a3:ad:ff:48:ee:4f:bf:a1:6b:d6:
cc:e7:fd:83:ae:51:f3:db:b2:4e:b3:0e:01:4e:95:
22:ef:8b:fd:7e:34:72:e1:79:0b:20:62:04:0a:98:
f8:73:ae:f0:79:3f:5b:30:cc:06:95:41:e2:43:b5:
19:33:4a:fa:57:08:7e:90:9f:ca:6b:a0:ec:e3:46:
b6:dd:56:d3:c1:d6:3f:20:33:7f:b7:8c:c4:44:83:
a5:7a:14:dc:f4:47:c8:e3:95:a3:10:22:3b:72:3a:
25:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:96:21:40:4B:74:D4:7A:F3:6E:1A:16:18:16:94:B9:83:E0:C8:A5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LpYhQEt01HrzbhoWGBaUuYPgyKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.129.86.0/23
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.10.0/24
94.156.72.0/23
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.252.176.0/24
185.254.37.0/24
193.37.41.0/24
194.55.186.0/24
194.55.224.0/24
194.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:12:e5:4f:9a:50:b7:10:9f:84:20:22:5e:bd:33:bb:05:4d:
5c:6b:09:99:b1:4b:fd:56:b3:99:e5:ab:f5:eb:a0:6e:86:c3:
6d:b3:01:fb:a1:6d:12:46:c5:1f:17:5e:0d:0c:32:c8:bb:e8:
6c:80:cf:d8:34:a4:6b:53:1b:91:e7:86:80:bd:4c:ad:94:a1:
1c:e3:76:53:e8:7e:37:6a:67:06:f7:9f:9b:18:0c:c8:75:de:
96:cc:65:cb:bf:11:4a:af:f7:70:b0:dd:81:b6:b7:66:df:5b:
5c:b4:6d:ca:22:3e:ea:77:a5:d5:85:78:3b:1c:f5:4f:88:47:
09:1a:d5:a9:95:e1:3b:1c:0a:26:94:a4:30:2e:e5:fc:be:9b:
b8:2b:7a:da:f4:ac:3f:66:62:ed:e5:1f:f5:19:88:d9:6e:d1:
ac:f1:45:6b:e5:f7:d8:0a:01:90:b3:2a:d9:b0:23:1e:67:6f:
6f:88:06:be:23:2b:8b:41:3a:6f:fc:20:c6:8b:a1:db:7d:5b:
78:0e:b7:b1:39:7d:76:94:56:df:4e:8d:9d:86:89:81:52:59:
94:12:f5:df:40:44:a7:2d:ad:ee:71:24:45:89:3c:55:0d:b7:
03:9c:a3:c5:02:92:a8:f4:1e:35:e1:a9:96:7c:ad:80:43:8c:
97:10:5c:7c
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY5RhLzj+Yt1RoAqqSsmjATSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE4MTIyMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTk2MjE0MDRiNzRkNDdhZjM2ZTFhMTYxODE2OTRiOTgzZTBjOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5yrygKjIeme+yYKUaur9OLr4VIY
u4s5O+Ot4OPHSCsRMtVy93CE/q/12P7aENn91x+1G4pT2RudAhfQmyBYADNZwiyC
NscsT4Xdeg10tZw4LgmCVNPrFTJPDk+MFWmxeHV4O3fJdEYIKN2JMGkpGe8WJCLE
qbNcofCNlWTb8rukBYl+AckiKz5w/S7DYbE6zwnSiqTM1GG6H6Ot/0juT7+ha9bM
5/2DrlHz27JOsw4BTpUi74v9fjRy4XkLIGIECpj4c67weT9bMMwGlUHiQ7UZM0r6
Vwh+kJ/Ka6Ds40a23VbTwdY/IDN/t4zERIOlehTc9EfI45WjECI7cjolXwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFC6WIUBLdNR6824aFhgWlLmD4MilMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTHBZaFFFdDAxSHJ6YmhvV0dCYVV1WVBneUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAC
O/8DBAEtgVYDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBAJemqADBABe
nAoDBAFenEgDBABenO8DBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQDBAK5
2lQDBAC5/LADBAC5/iUDBADBJSkDBADCN7oDBADCN+ADBADCqawwDQYJKoZIhvcN
AQELBQADggEBAKQS5U+aULcQn4QgIl69M7sFTVxrCZmxS/1Ws5nlq/XroG6Gw22z
AfuhbRJGxR8XXg0MMsi76GyAz9g0pGtTG5HnhoC9TK2UoRzjdlPofjdqZwb3n5sY
DMh13pbMZcu/EUqv93Cw3YG2t2bfW1y0bcoiPup3pdWFeDsc9U+IRwka1amV4Tsc
CiaUpDAu5fy+m7gretr0rD9mYu3lH/UZiNlu0azxRWvl99gKAZCzKtmwIx5nb2+I
Br4jK4tBOm/8IMaLodt9W3gOt7E5fXaUVt9OjZ2GiYFSWZQS9d9ARKctre5xJEWJ
PFUNtwOco8UCkqj0HjXhqZZ8rYBDjJcQXHw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:05 2024 by rpki-client on console-fra.rpki-client.org