Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OjBARgzqGgFe4DHNdabruAxDgCc.roa
File: OjBARgzqGgFe4DHNdabruAxDgCc.roa (raw, json)
Hash identifier: remBVVBkWIV75YkYt35WM1U4K3phINqWBkQ02tn2dNg=
Subject key identifier: 3A:30:40:46:0C:EA:1A:01:5E:E0:31:CD:75:A6:EB:B8:0C:43:80:27
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D9C34B2D217582E4DDBCA973B512AF724
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OjBARgzqGgFe4DHNdabruAxDgCc.roa
Signing time: Mon 12 Feb 2024 07:25:15 +0000
ROA not before: Mon 12 Feb 2024 07:25:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:34:b2:d2:17:58:2e:4d:db:ca:97:3b:51:2a:f7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 12 07:25:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a3040460cea1a015ee031cd75a6ebb80c438027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c8:93:9d:6d:90:14:03:b8:39:8e:68:b9:ac:
16:16:95:4b:98:69:e3:be:cc:4f:6c:a7:35:ba:b7:
af:2a:70:32:66:ca:22:74:18:b5:de:99:16:83:d4:
9c:2a:a2:53:ce:92:7e:a5:af:69:70:b9:7e:04:85:
f3:47:53:56:7d:e1:6b:85:d9:9f:06:5f:be:b6:69:
0d:ba:71:52:07:4e:a9:47:70:93:c2:dd:24:35:b3:
bd:c0:1c:57:ba:cd:8f:0b:f8:b2:12:d1:29:27:62:
33:02:03:6d:01:06:35:5d:5a:4c:59:4c:4e:9b:2f:
9a:98:88:bb:e2:89:df:fa:03:a9:7b:34:2f:fb:89:
07:15:d1:9a:67:ab:48:a8:5d:60:e0:d8:6b:45:59:
28:69:6f:4d:70:4a:1e:46:36:45:e6:60:b9:a6:6f:
8b:3a:60:23:d6:9b:41:ca:ed:d3:2c:80:8d:7f:15:
95:53:54:01:fe:af:3b:83:8d:bd:61:0b:eb:76:ab:
4e:38:a3:e6:a7:4a:4b:ed:76:1c:11:d3:4b:80:08:
ee:8e:a6:4d:f9:d6:ba:84:e3:17:4a:a2:81:af:b0:
cd:f3:76:bb:1a:8b:0d:42:ad:86:68:ff:6a:24:7e:
05:7b:c5:4a:9f:19:82:c4:a4:8c:49:9c:70:aa:52:
08:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:30:40:46:0C:EA:1A:01:5E:E0:31:CD:75:A6:EB:B8:0C:43:80:27
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OjBARgzqGgFe4DHNdabruAxDgCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.9.156.0/24
45.84.89.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.35.19.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.225.0/24
194.59.31.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:01:29:c0:be:8f:c0:3a:15:2f:cf:1a:ff:a4:43:f1:19:06:
d5:47:74:33:ea:cf:0d:4a:a4:1f:b2:8d:f1:25:cd:e8:d0:97:
b0:6c:de:e6:c8:3b:29:c4:8f:f5:cd:b2:bd:b5:8d:44:55:c8:
43:e4:36:3c:cf:8f:ae:cb:06:e4:94:31:4c:e0:28:eb:4a:d3:
b4:58:f8:d8:f0:96:84:08:f5:f4:fc:94:29:e4:60:fe:63:7f:
63:03:10:a3:e4:ca:43:08:70:78:93:af:ff:2f:64:23:5c:35:
78:47:fd:2f:39:01:bd:d5:16:a2:a4:26:5e:fb:07:b4:7e:3c:
31:a4:5f:1e:63:20:45:92:d9:93:6b:62:bd:0d:62:e1:ca:d7:
d7:48:5d:09:35:6a:90:1f:9b:ad:c5:16:dc:05:d1:12:44:e0:
e2:31:72:0c:ea:78:a8:47:9f:21:07:34:09:6f:9f:a4:3f:95:
f5:40:66:41:53:5c:56:1a:1f:cc:7b:ad:c4:2b:fc:f6:12:9f:
08:29:f2:3b:fd:3f:e9:ba:cd:37:c6:43:f8:d1:ea:ff:3d:36:
f5:33:17:29:ed:29:d6:ff:88:eb:c7:1f:dc:48:8a:dc:56:1c:
f5:48:92:75:21:4a:8f:6f:45:a9:64:b1:56:fd:75:e8:5d:cb:
88:76:e2:3b
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY2cNLLSF1guTdvKlztRKvckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjEyMDcyNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTMwNDA0NjBjZWExYTAxNWVlMDMxY2Q3NWE2ZWJiODBjNDM4MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxciTnW2QFAO4OY5ouawWFpVLmGnj
vsxPbKc1urevKnAyZsoidBi13pkWg9ScKqJTzpJ+pa9pcLl+BIXzR1NWfeFrhdmf
Bl++tmkNunFSB06pR3CTwt0kNbO9wBxXus2PC/iyEtEpJ2IzAgNtAQY1XVpMWUxO
my+amIi74onf+gOpezQv+4kHFdGaZ6tIqF1g4NhrRVkoaW9NcEoeRjZF5mC5pm+L
OmAj1ptByu3TLICNfxWVU1QB/q87g429YQvrdqtOOKPmp0pL7XYcEdNLgAjujqZN
+da6hOMXSqKBr7DN83a7GosNQq2GaP9qJH4Fe8VKnxmCxKSMSZxwqlII2wIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFDowQEYM6hoBXuAxzXWm67gMQ4AnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT2pCQVJnenFHZ0ZlNERITmRhYnJ1QXhEZ0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAAC
O/0DBAAtCZwDBAAtVFkDBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABc
d8YDBABc+TIDBABemqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAME
BbneoAMEALneogMEALn23wMEAMEZ2QMEAMEjEwMEAMElKAMEAMElKgMEAMElLAME
AMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMI3uwMEAMI34QMEAMI7HwMEAMKprAME
AMK0JjANBgkqhkiG9w0BAQsFAAOCAQEAjQEpwL6PwDoVL88a/6RD8RkG1Ud0M+rP
DUqkH7KN8SXN6NCXsGze5sg7KcSP9c2yvbWNRFXIQ+Q2PM+PrssG5JQxTOAo60rT
tFj42PCWhAj19PyUKeRg/mN/YwMQo+TKQwhweJOv/y9kI1w1eEf9LzkBvdUWoqQm
XvsHtH48MaRfHmMgRZLZk2tivQ1i4crX10hdCTVqkB+brcUW3AXREkTg4jFyDOp4
qEefIQc0CW+fpD+V9UBmQVNcVhofzHutxCv89hKfCCnyO/0/6brNN8ZD+NHq/z02
9TMXKe0p1v+I68cf3EiK3FYc9UiSdSFKj29FqWSxVv116F3LiHbiOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:06 2024 by rpki-client on console-fra.rpki-client.org