Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OYTvMM6iZke70MJYcCbno8yOY0o.roa
File: OYTvMM6iZke70MJYcCbno8yOY0o.roa (raw, json)
Hash identifier: kRmHvVsO9WXg9JuJ9Qa0sAfdMD4VfaCwSy8a9/+3Rgo=
Subject key identifier: 39:84:EF:30:CE:A2:66:47:BB:D0:C2:58:70:26:E7:A3:CC:8E:63:4A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187987ADE4F053C4229456D19A3FE51085B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OYTvMM6iZke70MJYcCbno8yOY0o.roa
Signing time: Wed 19 Apr 2023 07:46:41 +0000
ROA not before: Wed 19 Apr 2023 07:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
79.110.50.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.88.0/23 maxlen: 24
45.88.88.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:7a:de:4f:05:3c:42:29:45:6d:19:a3:fe:51:08:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 19 07:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3984ef30cea26647bbd0c2587026e7a3cc8e634a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b3:08:7d:6d:61:36:ed:95:4f:02:70:a3:d3:
06:cf:b5:20:b6:fc:bd:fc:a3:96:83:d9:26:ff:74:
cd:17:10:15:19:42:b7:fb:03:43:3a:6e:76:03:43:
28:02:ee:bc:32:46:a6:ed:68:06:ab:6a:12:90:53:
ab:9d:cf:6b:29:00:d7:ec:a2:2f:29:e5:8c:13:3a:
5f:e4:92:b7:1d:94:08:3c:c8:b6:e5:80:13:60:4e:
a0:bf:7d:da:49:38:db:d2:eb:cf:ca:80:c7:f7:70:
77:7c:29:26:b2:2d:05:20:44:60:92:f2:2a:a2:0f:
d8:aa:9c:8c:f2:48:f1:8e:8b:b7:4a:03:dc:4e:eb:
70:fd:41:3b:7f:ce:7d:de:f7:c9:79:aa:64:fb:d1:
e1:7d:19:d5:dd:44:36:4f:6e:0b:5e:1a:82:18:8c:
b2:32:3f:81:07:ed:56:14:67:5e:f3:b8:d0:d2:29:
04:3d:32:b6:27:67:7d:7d:23:3c:cd:0d:f9:99:17:
a8:8b:3d:72:a1:f7:bd:52:2b:1a:58:18:98:e3:74:
76:02:8e:e0:51:7d:f3:d1:cb:f7:53:69:b7:d0:44:
69:88:0e:b6:ce:44:d4:a5:89:07:dc:96:95:24:96:
67:a9:f4:ea:bf:e5:9b:d7:8f:c6:fd:7c:af:63:99:
9f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:84:EF:30:CE:A2:66:47:BB:D0:C2:58:70:26:E7:A3:CC:8E:63:4A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OYTvMM6iZke70MJYcCbno8yOY0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/23
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
79.110.50.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
08:85:39:1e:91:06:af:80:ac:dc:d7:2f:c3:f7:eb:1a:96:3e:
61:b6:7e:95:69:45:c7:f4:c3:89:87:95:b9:f0:0d:73:0d:cb:
0d:14:8f:eb:09:c6:c6:91:54:f4:29:5f:04:15:13:49:d6:b0:
c9:bf:f6:07:21:a0:11:13:6a:94:f0:d5:0a:f7:60:d6:70:56:
29:a0:88:6d:73:2f:e6:15:6f:71:a2:1f:15:d5:6c:e4:bb:22:
61:97:65:a9:23:24:02:57:7b:91:02:71:bf:f6:17:e0:45:e1:
17:76:4f:60:53:bc:38:15:81:28:ba:b7:5d:a7:9d:c9:3b:9c:
93:4a:7e:c7:2a:b3:b9:ef:37:a7:80:ed:cf:32:63:02:ac:2d:
32:fd:f5:a2:5e:fa:ca:ca:59:17:92:70:59:19:db:1a:c9:3d:
cb:c2:69:97:07:c9:53:1e:f2:82:b6:e3:36:7c:12:ff:43:35:
e3:c9:fa:d2:bf:1b:2e:d2:24:24:8f:1b:33:ef:b8:c3:4a:64:
15:18:6f:5d:5b:89:4b:ee:04:5a:65:1c:8a:47:b1:77:20:7a:
6e:a5:54:f3:22:c0:96:19:78:c8:78:4e:55:53:07:db:02:eb:
40:cd:e5:3c:c8:71:35:fb:8d:12:85:49:58:5a:fb:70:8f:be:
ff:65:14:6e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYeYet5PBTxCKUVtGaP+UQhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE5MDc0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTg0ZWYzMGNlYTI2NjQ3YmJkMGMyNTg3MDI2ZTdhM2NjOGU2MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrMIfW1hNu2VTwJwo9MGz7Ugtvy9
/KOWg9km/3TNFxAVGUK3+wNDOm52A0MoAu68Mkam7WgGq2oSkFOrnc9rKQDX7KIv
KeWMEzpf5JK3HZQIPMi25YATYE6gv33aSTjb0uvPyoDH93B3fCkmsi0FIERgkvIq
og/YqpyM8kjxjou3SgPcTutw/UE7f8593vfJeapk+9HhfRnV3UQ2T24LXhqCGIyy
Mj+BB+1WFGde87jQ0ikEPTK2J2d9fSM8zQ35mReoiz1yofe9UisaWBiY43R2Ao7g
UX3z0cv3U2m30ERpiA62zkTUpYkH3JaVJJZnqfTqv+Wb14/G/XyvY5mfAQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFDmE7zDOomZHu9DCWHAm56PMjmNKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT1lUdk1NNmlaa2U3ME1KWWNDYm5vOHlPWTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAEt
WFgDBAAtgOkDBAAtlekDBAAtl1kDBABPbjIDBABSc9EDBABUNjEDBAFXeEADBABX
edwDBAFcd8QDBABeZ30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAME
AqsWSAMEAbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEAMIxVzANBgkqhkiG
9w0BAQsFAAOCAQEACIU5HpEGr4Cs3Ncvw/frGpY+YbZ+lWlFx/TDiYeVufANcw3L
DRSP6wnGxpFU9ClfBBUTSdawyb/2ByGgERNqlPDVCvdg1nBWKaCIbXMv5hVvcaIf
FdVs5LsiYZdlqSMkAld7kQJxv/YX4EXhF3ZPYFO8OBWBKLq3XaedyTuck0p+xyqz
ue83p4DtzzJjAqwtMv31ol76yspZF5JwWRnbGsk9y8JplwfJUx7ygrbjNnwS/0M1
48n60r8bLtIkJI8bM++4w0pkFRhvXVuJS+4EWmUcikexdyB6bqVU8yLAlhl4yHhO
VVMH2wLrQM3lPMhxNfuNEoVJWFr7cI++/2UUbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:06 2024 by rpki-client on console-fra.rpki-client.org