Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S6QJzqUEf1drrqb7bGKq7j3vaxE.roa
File: S6QJzqUEf1drrqb7bGKq7j3vaxE.roa (raw, json)
Hash identifier: Vin+BMfgycQ8eNmT7WjZMR+Os2tMGBTeSHm67/I3Ti0=
Subject key identifier: 4B:A4:09:CE:A5:04:7F:57:6B:AE:A6:FB:6C:62:AA:EE:3D:EF:6B:11
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01876EC9AA41D5354BA35E76F861909B34C1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S6QJzqUEf1drrqb7bGKq7j3vaxE.roa
Signing time: Tue 11 Apr 2023 05:28:42 +0000
ROA not before: Tue 11 Apr 2023 05:28:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 45.90.88.0/22 maxlen: 24
141.98.4.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
45.12.254.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
195.178.121.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:c9:aa:41:d5:35:4b:a3:5e:76:f8:61:90:9b:34:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 11 05:28:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ba409cea5047f576baea6fb6c62aaee3def6b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:c1:84:cd:67:ed:00:1d:f8:45:aa:3e:d6:
57:54:b2:e7:c9:fb:4c:40:18:98:2c:1f:ee:ac:1e:
93:b1:b3:2c:ea:09:9b:b3:22:28:c2:93:3a:3c:15:
bb:72:28:64:97:d0:cb:ce:d3:8f:0e:e3:64:32:91:
11:fa:03:a7:61:7a:1f:78:11:ee:12:e6:5a:03:79:
0d:29:29:f7:f1:41:d1:c1:2e:c4:41:c7:44:5f:03:
f2:5e:c2:34:eb:8f:8d:1f:3b:0c:cc:6c:3a:e8:4b:
fb:2b:dc:1c:ea:c8:df:f7:40:31:4f:e3:93:ca:b1:
66:95:d6:a3:a5:96:33:0b:65:0a:f4:76:4d:11:1e:
ea:ff:7c:6a:b4:24:84:12:e2:87:2a:5a:ec:1e:df:
ab:0a:83:23:37:32:3d:6e:ef:40:7c:06:d3:6b:80:
28:e7:ab:fa:87:7a:e1:6c:a7:34:49:40:88:ba:3a:
c8:82:2c:c6:bf:0a:1b:71:94:bd:4e:d4:e6:a1:01:
8f:8b:8a:f7:c2:b9:16:2e:95:bb:40:b1:b1:1d:33:
43:f2:54:bc:c1:fe:38:99:19:17:5e:98:c7:ac:16:
fd:40:28:c2:12:c7:d0:90:6a:41:e8:cd:4b:18:5f:
5c:9d:37:a5:90:c1:22:bd:41:7d:fc:30:01:07:b1:
4b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A4:09:CE:A5:04:7F:57:6B:AE:A6:FB:6C:62:AA:EE:3D:EF:6B:11
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S6QJzqUEf1drrqb7bGKq7j3vaxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.90.88.0/22
45.149.241.0/24
109.206.239.0/24
141.98.4.0/24
193.25.218.0/24
193.58.120.0/24
194.31.204.0/24
194.48.248.0/24
194.49.86.0/24
194.55.227.0/24
194.169.173.0-194.169.174.255
195.178.121.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:81:13:85:6e:73:11:ad:8c:a4:8a:8d:af:c3:32:0a:b0:6c:
79:56:d2:35:33:29:77:de:62:de:5f:29:15:cc:f2:36:cb:a8:
f4:ca:77:8d:75:3e:1d:69:39:45:f0:73:10:0f:90:ba:af:96:
69:85:42:0a:86:73:16:68:80:89:8d:77:e9:e5:ef:a1:88:c4:
fe:4a:9d:90:0f:6d:3a:82:e2:b3:3a:86:99:3d:79:b7:2b:6c:
15:20:fb:ec:53:dc:21:c0:76:c3:03:81:ec:62:6c:f8:b4:6d:
ea:dd:f3:6e:4f:82:f4:c0:37:58:1f:47:1e:55:76:7d:56:7f:
e9:7c:49:c3:a4:0a:3c:9f:cf:46:51:60:f5:96:11:d4:98:01:
cf:19:8f:b9:ae:97:c0:37:8f:33:40:b5:90:a6:9a:a7:a4:e8:
5c:16:c0:ae:9b:17:f7:27:24:65:62:e9:62:8b:17:a5:4c:a5:
ed:4d:b3:a6:56:74:b4:f4:a0:f1:32:1d:af:97:dd:bd:b9:d0:
5f:74:a2:54:a6:57:f4:1f:41:9a:0b:05:35:f5:ee:2f:a3:95:
e1:9a:59:57:d4:2c:63:2d:71:fe:dd:f7:05:00:ca:f2:c6:da:
b4:32:12:0b:8e:0c:d3:7f:71:13:75:ec:4f:2c:01:cf:54:7e:
ae:4f:4c:94
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYduyapB1TVLo152+GGQmzTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDExMDUyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE0MDljZWE1MDQ3ZjU3NmJhZWE2ZmI2YzYyYWFlZTNkZWY2YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZHBhM1n7QAd+EWqPtZXVLLnyftM
QBiYLB/urB6TsbMs6gmbsyIowpM6PBW7cihkl9DLztOPDuNkMpER+gOnYXofeBHu
EuZaA3kNKSn38UHRwS7EQcdEXwPyXsI064+NHzsMzGw66Ev7K9wc6sjf90AxT+OT
yrFmldajpZYzC2UK9HZNER7q/3xqtCSEEuKHKlrsHt+rCoMjNzI9bu9AfAbTa4Ao
56v6h3rhbKc0SUCIujrIgizGvwobcZS9TtTmoQGPi4r3wrkWLpW7QLGxHTND8lS8
wf44mRkXXpjHrBb9QCjCEsfQkGpB6M1LGF9cnTelkMEivUF9/DABB7FLiwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFEukCc6lBH9Xa66m+2xiqu4972sRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUzZRSnpxVUVmMWRycnFiN2JHS3E3ajN2YXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALQz+AwQC
LVpYAwQALZXxAwQAbc7vAwQAjWIEAwQAwRnaAwQAwTp4AwQAwh/MAwQAwjD4AwQA
wjFWAwQAwjfjMAwDBADCqa0DBADCqa4DBADDsnkwDQYJKoZIhvcNAQELBQADggEB
AKGBE4VucxGtjKSKja/DMgqwbHlW0jUzKXfeYt5fKRXM8jbLqPTKd411Ph1pOUXw
cxAPkLqvlmmFQgqGcxZogImNd+nl76GIxP5KnZAPbTqC4rM6hpk9ebcrbBUg++xT
3CHAdsMDgexibPi0berd825PgvTAN1gfRx5Vdn1Wf+l8ScOkCjyfz0ZRYPWWEdSY
Ac8Zj7mul8A3jzNAtZCmmqek6FwWwK6bF/cnJGVi6WKLF6VMpe1Ns6ZWdLT0oPEy
Ha+X3b250F90olSmV/QfQZoLBTX17i+jleGaWVfULGMtcf7d9wUAyvLG2rQyEguO
DNN/cRN17E8sAc9Ufq5PTJQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org