Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SrDT7zMZOZKtU2FxhujFvo9jU08.roa
File: SrDT7zMZOZKtU2FxhujFvo9jU08.roa (raw, json)
Hash identifier: wpFxCEUlsjhmgrXTHsOsrEE0tUujCfyL8AVFUQFrdpI=
Subject key identifier: 4A:B0:D3:EF:33:19:39:92:AD:53:61:71:86:E8:C5:BE:8F:63:53:4F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018852862C74DF441D5BCE42974144C681DD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SrDT7zMZOZKtU2FxhujFvo9jU08.roa
Signing time: Thu 25 May 2023 10:48:24 +0000
ROA not before: Thu 25 May 2023 10:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
87.120.130.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
185.246.223.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
82.115.210.0/23 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:86:2c:74:df:44:1d:5b:ce:42:97:41:44:c6:81:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 25 10:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ab0d3ef33193992ad53617186e8c5be8f63534f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6d:b8:cb:06:e2:62:e5:15:8b:12:44:a8:20:
1a:14:21:f9:ad:7f:05:dc:cb:d3:34:5f:b1:2a:b7:
46:56:c8:19:bb:57:6b:7e:79:d7:21:70:19:27:64:
74:d8:b4:04:66:28:59:99:70:7e:f9:75:5c:bb:8e:
67:28:4e:35:a3:65:44:7a:56:9e:8c:88:d0:2f:9b:
07:d5:31:f8:60:30:30:24:89:40:83:05:31:e8:77:
f9:e5:cc:c2:46:0c:25:17:6e:58:a7:f8:da:0e:24:
fe:f9:cf:a4:a6:ca:54:a8:1d:56:3e:4a:4a:3f:e6:
c0:26:78:45:ea:d1:c9:96:00:6c:c4:24:ed:4d:f7:
aa:93:bd:a8:b7:db:fa:f0:52:69:3b:8d:f4:b1:eb:
17:c5:ab:28:45:6b:b5:79:61:09:e1:29:e8:d6:29:
0e:2d:91:bb:d9:7b:48:11:f6:5f:d6:42:31:c0:35:
df:30:f3:ec:76:a4:38:f6:e0:58:c3:e1:b2:1e:f8:
b0:f7:da:f5:04:97:fd:fe:77:5f:5e:d9:c2:d7:4d:
23:30:85:85:fa:83:2b:5c:0f:12:82:4c:31:d0:0d:
28:c8:4f:d8:10:b3:fc:70:73:26:71:25:83:cb:f6:
a8:a7:1a:98:d1:0a:2c:59:0a:d7:04:c7:8a:23:4a:
e0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B0:D3:EF:33:19:39:92:AD:53:61:71:86:E8:C5:BE:8F:63:53:4F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SrDT7zMZOZKtU2FxhujFvo9jU08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/23
83.219.97.0/24
87.120.130.0/24
87.121.124.0/23
87.121.162.0/24
87.121.220.0/24
91.200.192.0/22
92.249.48.0/24
93.123.39.0/24
94.154.172.0/24
94.156.160.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
185.246.223.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:56:e9:b7:b5:be:a9:26:a4:42:b2:9c:ec:85:d6:8a:55:a4:
b5:a6:57:ea:f2:19:6f:89:89:18:56:98:19:94:00:1a:5e:0e:
14:0a:fd:57:d0:8d:d3:63:91:21:70:61:ad:8a:b3:00:e8:19:
f8:ce:29:30:9c:ce:b3:e9:f4:3b:9c:df:87:17:d5:75:31:51:
26:93:4f:63:b3:80:ec:90:6d:e5:9d:32:23:bd:98:68:c2:0e:
9d:bc:27:e4:4a:4c:cd:b0:04:b8:57:64:17:80:cd:26:37:23:
9c:54:3f:9c:de:d9:ff:d6:c9:50:c5:ba:06:9d:37:8e:ab:be:
58:21:1d:03:75:99:2a:ad:4d:cd:8a:1c:d6:f0:9c:67:f6:08:
dd:91:73:ad:87:17:f4:40:33:21:c3:48:5d:67:a2:ee:d0:11:
f6:1d:e8:d3:c3:d7:f6:97:18:3c:9e:c9:cb:3d:dc:a2:28:4e:
7d:f0:c2:0d:98:cc:fa:b1:47:07:75:36:9b:3b:19:8c:9c:06:
b9:97:bc:30:6a:ac:c8:c9:c7:ec:7e:6f:ec:ab:40:7d:f7:86:
fc:d6:32:c0:08:b5:c5:44:b6:06:a6:a2:bb:78:e2:0c:07:89:
8e:e6:ae:ff:e2:33:2b:e1:36:8b:ac:3c:47:bd:dd:49:9f:d5:
db:59:b9:c2
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYhShix030QdW85Cl0FExoHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTI1MTA0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWIwZDNlZjMzMTkzOTkyYWQ1MzYxNzE4NmU4YzViZThmNjM1MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG24ywbiYuUVixJEqCAaFCH5rX8F
3MvTNF+xKrdGVsgZu1drfnnXIXAZJ2R02LQEZihZmXB++XVcu45nKE41o2VEelae
jIjQL5sH1TH4YDAwJIlAgwUx6Hf55czCRgwlF25Yp/jaDiT++c+kpspUqB1WPkpK
P+bAJnhF6tHJlgBsxCTtTfeqk72ot9v68FJpO430sesXxasoRWu1eWEJ4Sno1ikO
LZG72XtIEfZf1kIxwDXfMPPsdqQ49uBYw+GyHviw99r1BJf9/ndfXtnC100jMIWF
+oMrXA8Sgkwx0A0oyE/YELP8cHMmcSWDy/aopxqY0QosWQrXBMeKI0rgeQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFEqw0+8zGTmSrVNhcYboxb6PY1NPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU3JEVDd6TVpPWkt0VTJGeGh1akZ2bzlqVTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAl
i4IDBAAtCZwDBAAtDP8DBAAtQuQDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABP
bj0DBABRoeYDBABRoe8DBAFSc9IDBABT22EDBABXeIIDBAFXeXwDBABXeaIDBABX
edwDBAJbyMADBABc+TADBABdeycDBABemqwDBABenKADBABenPgDBABenPoDBAGT
TmQwDAMEAKsWEQMEAKsWEgMEAKsWHwMEALLX4gMEALLX7gMEALn23wMEAMEZ2AME
AMEjEwMEAMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAbFbpt7W+qSakQrKc7IXWilWk
taZX6vIZb4mJGFaYGZQAGl4OFAr9V9CN02ORIXBhrYqzAOgZ+M4pMJzOs+n0O5zf
hxfVdTFRJpNPY7OA7JBt5Z0yI72YaMIOnbwn5EpMzbAEuFdkF4DNJjcjnFQ/nN7Z
/9bJUMW6Bp03jqu+WCEdA3WZKq1NzYoc1vCcZ/YI3ZFzrYcX9EAzIcNIXWei7tAR
9h3o08PX9pcYPJ7Jyz3coihOffDCDZjM+rFHB3U2mzsZjJwGuZe8MGqsyMnH7H5v
7KtAffeG/NYywAi1xUS2Bqaiu3jiDAeJjuau/+IzK+E2i6w8R73dSZ/V21m5wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org