Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QegD_KLB-2yLNHvGJZ33I3LGNxQ.roa
File: QegD_KLB-2yLNHvGJZ33I3LGNxQ.roa (raw, json)
Hash identifier: PKCLub9r3NNx3BBvh0kPXq6Ol3a/S1im9Ja04i+VQIA=
Subject key identifier: 41:E8:03:FC:A2:C1:FB:6C:8B:34:7B:C6:25:9D:F7:23:72:C6:37:14
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AAD7091D37CBBBBEE2C718EECF8FFC97C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QegD_KLB-2yLNHvGJZ33I3LGNxQ.roa
Signing time: Tue 19 Sep 2023 12:35:50 +0000
ROA not before: Tue 19 Sep 2023 12:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:70:91:d3:7c:bb:bb:ee:2c:71:8e:ec:f8:ff:c9:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 19 12:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41e803fca2c1fb6c8b347bc6259df72372c63714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:37:a0:c9:a8:f4:21:4d:cf:5b:9d:9e:1e:a8:
0b:d3:f9:c9:e2:ca:34:64:c7:5c:43:0e:16:3c:be:
db:17:6c:fd:f6:56:02:20:6a:02:91:79:7d:8b:3f:
b8:c9:1a:91:5d:a8:31:47:74:a7:77:c5:c2:59:b9:
e1:ce:73:a7:f6:59:34:a9:db:34:d4:05:d6:e4:40:
41:36:37:bf:5d:40:9f:07:75:28:d8:ce:c1:41:54:
b3:67:d3:18:2f:d3:86:ed:08:78:22:a3:32:03:97:
1e:3e:8f:85:13:06:f9:95:04:0c:f5:08:c1:60:0e:
88:6c:2d:09:97:b5:c9:9c:41:2b:47:1b:03:eb:7d:
79:07:d7:9e:56:c5:5d:34:b5:79:e8:92:28:81:15:
35:2d:f8:09:0b:09:b1:0c:35:6f:a0:c4:ea:95:1e:
ca:85:89:42:3c:c0:c0:d7:75:f1:25:8d:45:54:fb:
d9:9e:50:cf:fd:d7:ff:fe:75:3b:18:83:7c:30:41:
32:51:7d:2e:f7:53:63:ab:54:0c:27:e5:6f:02:a3:
21:7c:3d:08:e4:4a:fc:7a:ab:e5:5a:5a:17:06:30:
bd:b7:62:f5:f8:99:d1:d8:aa:ba:1d:38:5b:35:4a:
dc:57:f6:12:d8:2c:f9:d9:67:d4:77:07:c6:c3:37:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E8:03:FC:A2:C1:FB:6C:8B:34:7B:C6:25:9D:F7:23:72:C6:37:14
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QegD_KLB-2yLNHvGJZ33I3LGNxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.219.126.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
27:20:d7:d9:9c:30:43:cb:de:5a:fb:16:92:9b:6c:eb:42:7f:
5d:a3:f5:7c:fd:7e:43:cd:7a:92:58:4d:65:e8:0c:81:5e:da:
21:92:e7:06:53:fa:9c:1f:c6:ca:2d:93:62:77:01:4b:f4:9e:
84:bd:22:08:b8:60:f3:c1:3c:25:b6:4d:de:20:02:56:09:16:
76:b1:4d:00:04:93:90:86:40:e0:0f:c4:50:d9:23:82:85:1a:
b3:03:e7:78:d4:77:54:9e:8f:ab:a3:4b:4c:e9:f2:f9:6e:d7:
6b:f9:33:43:fe:fb:76:70:96:65:fe:37:1e:ad:ce:31:83:c6:
5e:1a:bf:31:21:48:35:b4:bd:78:1d:04:74:03:d5:3e:38:3f:
e7:99:9e:16:df:cd:79:61:a0:e5:17:65:15:01:50:5c:ab:e2:
4a:4c:82:86:d8:9d:a8:46:9a:ab:d8:ec:72:e0:69:b7:1d:b0:
56:4a:cf:81:65:da:e4:cb:3d:1c:99:45:5a:14:5f:a4:c3:61:
4a:bd:39:56:d0:6f:dd:51:ee:03:7a:dd:2a:36:04:c5:9e:03:
06:fe:8a:4e:a9:ee:1a:c8:fc:71:96:08:aa:6d:0f:48:b7:3e:
c8:b0:56:2f:17:3e:53:1e:11:04:99:2e:83:ee:6c:cb:0d:c6:
aa:38:68:ad
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYqtcJHTfLu77ixxjuz4/8l8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTE5MTIzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU4MDNmY2EyYzFmYjZjOGIzNDdiYzYyNTlkZjcyMzcyYzYzNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDegyaj0IU3PW52eHqgL0/nJ4so0
ZMdcQw4WPL7bF2z99lYCIGoCkXl9iz+4yRqRXagxR3Snd8XCWbnhznOn9lk0qds0
1AXW5EBBNje/XUCfB3Uo2M7BQVSzZ9MYL9OG7Qh4IqMyA5cePo+FEwb5lQQM9QjB
YA6IbC0Jl7XJnEErRxsD6315B9eeVsVdNLV56JIogRU1LfgJCwmxDDVvoMTqlR7K
hYlCPMDA13XxJY1FVPvZnlDP/df//nU7GIN8MEEyUX0u91Njq1QMJ+VvAqMhfD0I
5Er8eqvlWloXBjC9t2L1+JnR2Kq6HThbNUrcV/YS2Cz52WfUdwfGwzdAJQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFEHoA/yiwftsizR7xiWd9yNyxjcUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUWVnRF9LTEItMnlMTkh2R0paMzNJM0xHTnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAt
l1kDBABXeFcDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAsH3/AwQAstfg
AwQAstfsAwQCudhUAwQCudpUAwQAudt+AwQAufywAwQAwqmuAwQAwrQyMA0GCSqG
SIb3DQEBCwUAA4IBAQAnINfZnDBDy95a+xaSm2zrQn9do/V8/X5DzXqSWE1l6AyB
XtohkucGU/qcH8bKLZNidwFL9J6EvSIIuGDzwTwltk3eIAJWCRZ2sU0ABJOQhkDg
D8RQ2SOChRqzA+d41HdUno+ro0tM6fL5btdr+TND/vt2cJZl/jcerc4xg8ZeGr8x
IUg1tL14HQR0A9U+OD/nmZ4W3815YaDlF2UVAVBcq+JKTIKG2J2oRpqr2Oxy4Gm3
HbBWSs+BZdrkyz0cmUVaFF+kw2FKvTlW0G/dUe4Det0qNgTFngMG/opOqe4ayPxx
lgiqbQ9Itz7IsFYvFz5THhEEmS6D7mzLDcaqOGit
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:06 2024 by rpki-client on console-fra.rpki-client.org