Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tbc8_gqSo1rzbA54gVWOoAHACFk.roa
File: Tbc8_gqSo1rzbA54gVWOoAHACFk.roa (raw, json)
Hash identifier: 4xVWRrfEt7vc0JH1ZFtPC0KFcHQUvT3AudKWUH+Mf7c=
Subject key identifier: 4D:B7:3C:FE:0A:92:A3:5A:F3:6C:0E:78:81:55:8E:A0:01:C0:08:59
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188B53B51C2A4C6C941924681A780250E83
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tbc8_gqSo1rzbA54gVWOoAHACFk.roa
Signing time: Tue 13 Jun 2023 14:49:03 +0000
ROA not before: Tue 13 Jun 2023 14:49:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.103.124.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:3b:51:c2:a4:c6:c9:41:92:46:81:a7:80:25:0e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 13 14:49:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4db73cfe0a92a35af36c0e7881558ea001c00859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:47:ca:65:8a:c0:48:32:03:70:e7:1f:e7:66:
81:31:b0:44:74:7b:aa:40:18:02:c5:5b:8e:27:95:
81:73:a0:82:0b:c3:ce:06:31:f3:93:14:4f:07:77:
53:c2:85:ec:80:6b:09:b0:ef:9c:48:ed:76:57:4d:
3d:c6:b9:59:c4:a1:d7:8c:7e:a8:1a:5f:a7:33:68:
0d:0e:b0:78:dc:2f:a2:21:79:8c:c5:63:c5:14:66:
62:b3:aa:6a:16:86:f2:70:96:eb:28:2e:f0:ff:82:
5d:7e:b3:6d:89:02:7a:ed:40:db:0d:25:17:1b:a4:
75:1c:6e:23:da:c5:b5:89:a1:0e:4f:8c:42:c1:b3:
32:c2:89:42:61:06:dd:47:dc:63:70:01:e6:c2:98:
34:46:19:27:cb:77:4b:bd:a7:01:46:b0:f7:9e:45:
d7:0f:42:aa:bc:16:4b:c0:bd:85:6c:65:e5:34:90:
53:f4:51:07:b0:06:15:4c:c2:42:0d:01:75:01:9f:
7e:74:41:af:13:55:2b:5e:67:72:80:79:ba:76:11:
ac:d2:f7:ff:81:22:51:96:aa:3c:9f:4c:88:e7:7a:
92:e0:1d:41:0a:93:25:c6:e3:f3:1f:38:6b:08:b8:
ff:ac:77:c8:73:6b:85:03:a0:fc:9d:47:f3:fa:ff:
c8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B7:3C:FE:0A:92:A3:5A:F3:6C:0E:78:81:55:8E:A0:01:C0:08:59
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tbc8_gqSo1rzbA54gVWOoAHACFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
92.119.196.0/23
94.103.124.0/24
94.103.126.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
37:cf:8e:77:14:a8:25:03:ba:97:81:1a:9f:c9:86:67:34:30:
a2:b7:bb:b7:9d:6d:2b:14:7d:e5:43:77:52:a2:08:90:b1:72:
f1:b5:db:c1:b6:64:d1:f3:7d:c1:1b:c5:09:38:b8:23:15:f7:
ea:8d:ed:fc:ad:3e:3c:d4:ca:9f:f2:9a:fc:fa:1a:a1:cb:b7:
38:c5:3b:dc:07:d7:a6:c8:5f:7a:af:8c:5e:eb:8e:e6:98:13:
b7:62:72:47:e0:62:c1:44:bd:0e:41:f4:c5:e4:e3:00:98:f3:
ce:07:7c:1f:33:e6:6c:57:dd:66:18:36:a2:8a:40:fd:b8:85:
05:ff:cd:a3:08:12:a3:30:03:9c:f9:f2:0d:0b:e6:2b:ca:2e:
c4:fe:ee:e8:99:1d:32:ad:81:b8:c4:4d:f2:49:d7:0e:e3:9a:
61:66:e1:f5:18:a8:a5:4b:87:d4:88:23:3e:e3:1a:aa:36:4b:
e0:ef:e6:6f:6f:44:c5:d2:24:59:6d:ed:a7:54:bc:d3:a8:25:
e9:4c:4f:aa:6c:cb:11:05:31:a9:2b:d5:90:1a:2c:6d:9f:ec:
b3:56:6d:16:35:ec:f0:de:6d:58:fd:ad:a3:9c:61:de:28:46:
22:61:fb:d8:76:ed:e3:af:91:50:b2:8e:7a:03:a8:b4:fe:aa:
42:d4:11:d5
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYi1O1HCpMbJQZJGgaeAJQ6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjEzMTQ0OTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI3M2NmZTBhOTJhMzVhZjM2YzBlNzg4MTU1OGVhMDAxYzAwODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkfKZYrASDIDcOcf52aBMbBEdHuq
QBgCxVuOJ5WBc6CCC8POBjHzkxRPB3dTwoXsgGsJsO+cSO12V009xrlZxKHXjH6o
Gl+nM2gNDrB43C+iIXmMxWPFFGZis6pqFobycJbrKC7w/4JdfrNtiQJ67UDbDSUX
G6R1HG4j2sW1iaEOT4xCwbMywolCYQbdR9xjcAHmwpg0Rhkny3dLvacBRrD3nkXX
D0KqvBZLwL2FbGXlNJBT9FEHsAYVTMJCDQF1AZ9+dEGvE1UrXmdygHm6dhGs0vf/
gSJRlqo8n0yI53qS4B1BCpMlxuPzHzhrCLj/rHfIc2uFA6D8nUfz+v/IrwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFE23PP4KkqNa82wOeIFVjqABwAhZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVGJjOF9ncVNvMXJ6YkE1NGdWV09vQUhBQ0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQALZdZAwQB
XHfEAwQAXmd8AwQAXmd+MAwDBABemqEDBAJemqADBABenO8DBAGTTmQDBAKrFkgD
BACy1+wDBAK52FQDBAK52lQDBAC52okDBAC5234DBADCMPswDQYJKoZIhvcNAQEL
BQADggEBADfPjncUqCUDupeBGp/Jhmc0MKK3u7edbSsUfeVDd1KiCJCxcvG128G2
ZNHzfcEbxQk4uCMV9+qN7fytPjzUyp/ymvz6GqHLtzjFO9wH16bIX3qvjF7rjuaY
E7dickfgYsFEvQ5B9MXk4wCY884HfB8z5mxX3WYYNqKKQP24hQX/zaMIEqMwA5z5
8g0L5ivKLsT+7uiZHTKtgbjETfJJ1w7jmmFm4fUYqKVLh9SIIz7jGqo2S+Dv5m9v
RMXSJFlt7adUvNOoJelMT6psyxEFMakr1ZAaLG2f7LNWbRY17PDebVj9raOcYd4o
RiJh+9h27eOvkVCyjnoDqLT+qkLUEdU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:07 2024 by rpki-client on console-fra.rpki-client.org