Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SQ_0RPu3tbhVxfFwlP528BzJjYU.roa
File: SQ_0RPu3tbhVxfFwlP528BzJjYU.roa (raw, json)
Hash identifier: uSOF50YxmJbhSyodcQZT2ADVd/u3unHIWCBhLh1f0vo=
Subject key identifier: 49:0F:F4:44:FB:B7:B5:B8:55:C5:F1:70:94:FE:76:F0:1C:C9:8D:85
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186931FE32A69633365B542CD39B6AE8CBA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SQ_0RPu3tbhVxfFwlP528BzJjYU.roa
Signing time: Mon 27 Feb 2023 13:46:25 +0000
ROA not before: Mon 27 Feb 2023 13:46:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:1f:e3:2a:69:63:33:65:b5:42:cd:39:b6:ae:8c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 27 13:46:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=490ff444fbb7b5b855c5f17094fe76f01cc98d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:17:c5:1e:ae:1b:af:b3:a8:84:bc:c1:81:
9b:af:b2:ef:5a:39:20:5f:ed:d6:f5:b4:e2:db:82:
1e:45:59:68:e3:d9:70:f4:f6:7d:25:1f:b5:9a:76:
06:00:45:31:81:a2:c2:5a:a1:53:68:f6:fd:ad:b5:
f2:91:63:ae:e4:5c:b8:32:31:62:1e:a2:e2:5c:28:
e8:21:08:28:41:78:4c:14:c9:a3:c4:b2:3f:bf:4d:
a0:55:79:7e:72:16:0c:e2:04:db:b4:d7:8d:1c:b8:
c0:06:36:45:f6:d5:24:5f:f5:c5:74:a3:c9:d5:60:
e4:85:76:39:e4:27:a8:e7:66:b3:06:a6:11:ad:37:
19:e7:32:28:c6:ed:2d:21:f7:9f:09:df:da:48:63:
ae:60:d7:d3:7c:f5:e9:c9:77:5a:d6:d9:87:49:c4:
e1:70:cf:fe:15:b3:2b:3e:9b:8e:29:af:9d:ee:f3:
3e:9e:92:a6:69:02:07:97:d0:79:d4:d5:1a:c7:7b:
87:77:74:26:cf:38:38:71:be:a5:8c:24:61:a7:bd:
ef:70:e6:bf:96:df:0c:f4:45:1d:45:e8:b0:e2:6c:
85:76:38:6a:79:92:ab:3a:5e:83:eb:8b:34:33:3f:
66:4d:e6:7d:37:db:04:38:ca:3f:00:9b:be:64:6c:
e7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0F:F4:44:FB:B7:B5:B8:55:C5:F1:70:94:FE:76:F0:1C:C9:8D:85
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SQ_0RPu3tbhVxfFwlP528BzJjYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
171.22.19.0/24
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:40:0c:b2:22:d2:cb:b6:2a:e8:63:25:c8:b9:5c:f2:29:ce:
91:07:9d:66:3a:02:27:0f:e8:2a:90:26:4e:7b:aa:bb:f2:cd:
ba:0c:bb:04:5c:70:8f:f8:7c:da:e1:68:05:e1:77:70:d0:bf:
9f:41:e3:34:51:fb:26:9e:ee:03:c7:b7:e7:95:45:43:31:26:
8e:51:f8:aa:4b:77:d2:2d:2e:04:e7:a6:7a:61:72:5f:48:ec:
4d:7d:e2:3c:25:ce:e5:b3:0d:77:41:51:3f:33:bd:01:6d:60:
ff:b9:43:5d:0f:a5:f6:79:68:fa:84:0f:3c:38:f4:6d:33:1e:
89:cd:8c:7b:85:8c:d9:e2:d3:4a:d1:c1:02:28:67:4d:7c:83:
d9:d2:7b:cc:8f:7b:62:5f:3f:e3:22:0c:59:23:b5:71:71:dc:
0f:48:ac:9b:3c:96:b6:5f:62:c8:ea:8b:3c:34:1d:3a:7b:2d:
15:58:fe:ed:15:e5:cc:6f:ca:c7:72:4d:79:cc:ef:ef:b7:39:
fe:0d:12:f4:30:93:84:33:d8:d9:f1:51:de:c2:6b:9f:6c:65:
26:48:02:8c:6d:61:11:75:92:b2:f2:42:f7:f7:c9:9b:55:d4:
1f:74:4f:6b:b1:60:79:8d:1f:ee:d6:ac:de:d7:99:3f:53:45:
00:43:6d:a0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYaTH+MqaWMzZbVCzTm2roy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjI3MTM0NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBmZjQ0NGZiYjdiNWI4NTVjNWYxNzA5NGZlNzZmMDFjYzk4ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlncXxR6uG6+zqIS8wYGbr7LvWjkg
X+3W9bTi24IeRVlo49lw9PZ9JR+1mnYGAEUxgaLCWqFTaPb9rbXykWOu5Fy4MjFi
HqLiXCjoIQgoQXhMFMmjxLI/v02gVXl+chYM4gTbtNeNHLjABjZF9tUkX/XFdKPJ
1WDkhXY55Ceo52azBqYRrTcZ5zIoxu0tIfefCd/aSGOuYNfTfPXpyXda1tmHScTh
cM/+FbMrPpuOKa+d7vM+npKmaQIHl9B51NUax3uHd3Qmzzg4cb6ljCRhp73vcOa/
lt8M9EUdReiw4myFdjhqeZKrOl6D64s0Mz9mTeZ9N9sEOMo/AJu+ZGznTwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEkP9ET7t7W4VcXxcJT+dvAcyY2FMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU1FfMFJQdTN0YmhWeGZGd2xQNTI4QnpKallVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALZdZAwQB
V3l8AwQBXHfEMAwDBABemqEDBAJemqADBACrFhMDBAKrFkgDBACy1+wDBAK52FQD
BAK52lQDBAC52okDBAC5234DBAC5/LAwDQYJKoZIhvcNAQELBQADggEBAF1ADLIi
0su2KuhjJci5XPIpzpEHnWY6AicP6CqQJk57qrvyzboMuwRccI/4fNrhaAXhd3DQ
v59B4zRR+yae7gPHt+eVRUMxJo5R+KpLd9ItLgTnpnphcl9I7E194jwlzuWzDXdB
UT8zvQFtYP+5Q10PpfZ5aPqEDzw49G0zHonNjHuFjNni00rRwQIoZ018g9nSe8yP
e2JfP+MiDFkjtXFx3A9IrJs8lrZfYsjqizw0HTp7LRVY/u0V5cxvysdyTXnM7++3
Of4NEvQwk4Qz2NnxUd7Ca59sZSZIAoxtYRF1krLyQvf3yZtV1B90T2uxYHmNH+7W
rN7XmT9TRQBDbaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org