Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N0abiO873T6n3IGmY7vkQXQQTr4.roa
File: N0abiO873T6n3IGmY7vkQXQQTr4.roa (raw, json)
Hash identifier: U0WywV/HGuMaBYUA30OQOqH5OUsMJY1iysgglEokZMk=
Subject key identifier: 37:46:9B:88:EF:3B:DD:3E:A7:DC:81:A6:63:BB:E4:41:74:10:4E:BE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018832F0B0AF2A37610DBA0D4F6F15F4B760
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N0abiO873T6n3IGmY7vkQXQQTr4.roa
Signing time: Fri 19 May 2023 07:36:54 +0000
ROA not before: Fri 19 May 2023 07:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
185.222.163.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:32:f0:b0:af:2a:37:61:0d:ba:0d:4f:6f:15:f4:b7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 07:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37469b88ef3bdd3ea7dc81a663bbe44174104ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d9:70:5c:2e:fe:50:34:95:7e:13:24:a0:14:
31:46:e6:fe:13:69:6e:4c:90:dc:65:7b:c1:17:cb:
63:dd:f7:65:fe:00:c5:49:8c:28:ea:1e:ef:07:d3:
54:59:5e:5d:f8:49:8e:4d:81:d0:55:fb:af:17:36:
4f:7e:35:22:5b:5d:e4:4d:a6:df:71:76:8c:d6:bd:
a3:c7:2f:fe:d0:f0:8b:50:9a:b9:92:e3:f3:7f:29:
3e:67:de:14:ca:6d:1d:9b:09:63:7f:84:2e:af:79:
22:e7:e4:3e:24:5c:95:31:27:7f:cf:dd:23:a5:46:
f6:b2:a0:f7:75:46:f1:ba:d4:2c:35:c9:f4:52:5a:
e3:a2:7f:18:88:fe:01:db:6a:1b:55:83:b7:4e:fc:
6c:77:09:5d:f0:7d:76:5c:64:dc:dc:68:ed:3e:1a:
c3:f0:56:36:f8:5b:28:6b:e6:81:d0:ff:ba:5f:4b:
56:7b:d3:97:8a:ca:7e:b0:e4:17:29:90:85:f0:bf:
ba:ba:f3:24:92:a5:f6:d9:f4:7f:1e:0c:0a:7c:54:
54:6c:1e:da:b6:f3:41:6a:af:f6:e9:57:2a:bc:af:
70:2e:a2:58:f9:c7:51:bb:d0:af:9b:f7:67:dd:32:
a2:79:d2:5b:33:c7:7e:df:3a:a3:54:ca:59:94:d7:
8d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:46:9B:88:EF:3B:DD:3E:A7:DC:81:A6:63:BB:E4:41:74:10:4E:BE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N0abiO873T6n3IGmY7vkQXQQTr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.222.163.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:21:d6:a5:13:09:31:36:6f:eb:84:09:b0:7e:ee:d9:23:6f:
0d:74:52:4e:05:39:61:8d:4c:66:42:42:09:fc:c4:4a:eb:9b:
60:eb:9d:65:31:90:d5:22:9e:46:2d:66:f4:ae:b5:3a:af:06:
9e:7e:47:2d:34:10:e6:d8:12:29:c9:f2:ba:6e:81:e2:6d:d6:
34:c5:74:53:12:8a:13:e8:1b:fc:2f:72:ad:2a:39:2c:e7:33:
37:cb:44:a8:c2:db:e0:79:4b:9e:eb:26:34:69:70:18:84:9a:
3b:ff:d1:94:e0:dd:04:e4:28:7a:cd:d1:91:55:33:bd:6a:f9:
92:e7:43:ba:28:49:41:0b:e9:96:39:c2:25:7a:b4:43:e3:df:
49:8f:98:ca:0b:98:87:6e:35:33:b0:bc:01:5a:d8:43:c7:92:
15:ae:ad:32:be:0f:66:1e:69:4f:94:26:c4:68:6d:62:c0:f7:
ce:f1:ed:de:41:46:a6:34:d7:cb:b4:dd:35:13:bd:25:f5:5c:
0d:8d:0f:16:cc:a3:e8:07:49:84:7e:18:9b:c5:98:21:84:c1:
3d:14:57:ae:cb:fd:15:17:34:40:a4:ab:57:e4:1a:25:e7:9d:
33:00:81:a5:d5:2b:6e:97:a3:19:fc:34:49:5a:1d:4a:90:a2:
9f:37:5f:b8
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYgy8LCvKjdhDboNT28V9LdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDczNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQ2OWI4OGVmM2JkZDNlYTdkYzgxYTY2M2JiZTQ0MTc0MTA0ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9lwXC7+UDSVfhMkoBQxRub+E2lu
TJDcZXvBF8tj3fdl/gDFSYwo6h7vB9NUWV5d+EmOTYHQVfuvFzZPfjUiW13kTabf
cXaM1r2jxy/+0PCLUJq5kuPzfyk+Z94Uym0dmwljf4Qur3ki5+Q+JFyVMSd/z90j
pUb2sqD3dUbxutQsNcn0Ulrjon8YiP4B22obVYO3Tvxsdwld8H12XGTc3GjtPhrD
8FY2+Fsoa+aB0P+6X0tWe9OXisp+sOQXKZCF8L+6uvMkkqX22fR/HgwKfFRUbB7a
tvNBaq/26VcqvK9wLqJY+cdRu9Cvm/dn3TKiedJbM8d+3zqjVMpZlNeNOQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFDdGm4jvO90+p9yBpmO75EF0EE6+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTjBhYmlPODczVDZuM0lHbVk3dmtRWFFRVHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALZdZAwQB
XHfEAwQAXmd+MAwDBABemqEDBAJemqADBAGTTmQDBAKrFkgDBACy1+wDBAC52EYD
BAK52FQDBAK52lQDBAC52okDBAC5234DBAC53qMwDQYJKoZIhvcNAQELBQADggEB
AKoh1qUTCTE2b+uECbB+7tkjbw10Uk4FOWGNTGZCQgn8xErrm2DrnWUxkNUinkYt
ZvSutTqvBp5+Ry00EObYEinJ8rpugeJt1jTFdFMSihPoG/wvcq0qOSznMzfLRKjC
2+B5S57rJjRpcBiEmjv/0ZTg3QTkKHrN0ZFVM71q+ZLnQ7ooSUEL6ZY5wiV6tEPj
30mPmMoLmIduNTOwvAFa2EPHkhWurTK+D2YeaU+UJsRobWLA987x7d5BRqY018u0
3TUTvSX1XA2NDxbMo+gHSYR+GJvFmCGEwT0UV67L/RUXNECkq1fkGiXnnTMAgaXV
K26Xoxn8NElaHUqQop83X7g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:31 2024 by rpki-client on console-ams.rpki-client.org