Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TtKiaEX27laQZDfrxdwFFAdavgQ.roa
File: TtKiaEX27laQZDfrxdwFFAdavgQ.roa (raw, json)
Hash identifier: U/N8UFYcoXD/1wib8n6vn+ElApJMgi7SFrxsyiVY5RY=
Subject key identifier: 4E:D2:A2:68:45:F6:EE:56:90:64:37:EB:C5:DC:05:14:07:5A:BE:04
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01833193E34AD6C90A7231FEA76ABC968C1E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TtKiaEX27laQZDfrxdwFFAdavgQ.roa
Signing time: Mon 12 Sep 2022 12:01:59 +0000
ROA not before: Mon 12 Sep 2022 12:01:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34577
IP address blocks: 93.123.40.0/21 maxlen: 21
87.120.178.0/23 maxlen: 23
87.120.180.0/22 maxlen: 22
87.120.184.0/22 maxlen: 22
93.123.67.0/24 maxlen: 24
212.73.149.0/24 maxlen: 24
93.123.66.0/24 maxlen: 24
87.120.190.0/23 maxlen: 23
87.121.84.0/22 maxlen: 22
87.121.88.0/23 maxlen: 23
87.120.158.0/23 maxlen: 23
87.120.45.119/32 maxlen: 32
94.156.112.0/20 maxlen: 20
37.60.141.0/24 maxlen: 24
87.121.48.0/22 maxlen: 22
87.120.0.0/22 maxlen: 22
93.123.96.0/22 maxlen: 22
93.123.100.0/23 maxlen: 23
87.120.12.0/24 maxlen: 24
87.120.14.0/23 maxlen: 23
87.120.232.0/23 maxlen: 23
87.120.234.0/23 maxlen: 23
87.120.44.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:93:e3:4a:d6:c9:0a:72:31:fe:a7:6a:bc:96:8c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 12 12:01:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ed2a26845f6ee56906437ebc5dc0514075abe04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e1:44:ca:e4:1c:e6:73:e4:86:cb:1c:cf:6b:
8d:3c:22:43:19:fb:62:85:22:65:11:46:1b:ba:9a:
07:49:08:c1:c2:15:70:30:42:b9:44:b2:f5:f7:ca:
44:32:76:50:29:83:35:ab:73:2a:5e:25:24:8b:1e:
99:bb:a2:c3:c1:7b:2f:d8:2e:53:b2:b1:34:6d:04:
67:e6:10:46:de:e0:aa:4b:f0:c7:12:d5:6b:4f:c9:
04:74:52:bc:bf:17:5c:5e:96:95:f1:73:8f:19:35:
fa:85:2a:07:fc:87:3e:f7:f0:ce:55:e3:80:63:dc:
fa:ba:28:4d:9d:ce:00:f8:7a:ab:e2:59:43:58:81:
b0:d5:82:3d:1d:53:c3:af:48:63:7a:36:cb:e2:cc:
90:01:d9:62:fa:68:06:d3:19:dd:0d:22:1d:e8:b6:
25:7f:e0:f5:48:f0:1b:be:23:7a:62:48:d8:07:13:
12:d7:23:29:b2:20:33:63:81:15:cc:d8:4f:c4:23:
1c:38:00:53:07:19:eb:50:bc:45:7d:d7:c6:94:9e:
06:b2:58:2b:86:57:c5:7c:e6:87:98:82:92:47:96:
ee:23:ae:e7:49:3a:c7:f9:25:f5:25:94:05:68:0f:
f9:8f:79:3e:17:73:ae:0f:38:7e:b5:f3:e3:8e:e9:
cf:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D2:A2:68:45:F6:EE:56:90:64:37:EB:C5:DC:05:14:07:5A:BE:04
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TtKiaEX27laQZDfrxdwFFAdavgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.141.0/24
87.120.0.0/22
87.120.12.0/24
87.120.14.0/23
87.120.44.0/23
87.120.158.0/23
87.120.178.0-87.120.187.255
87.120.190.0/23
87.120.232.0/22
87.121.48.0/22
87.121.84.0-87.121.89.255
93.123.40.0/21
93.123.66.0/23
93.123.96.0-93.123.101.255
94.156.112.0/20
212.73.149.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:47:51:76:41:e0:48:d9:8e:29:95:b6:3b:c1:e6:27:6d:64:
83:13:e3:9a:4d:35:4f:3b:d0:e7:61:71:b7:65:f7:f0:57:a8:
d0:ac:d9:0c:ad:47:48:9b:97:3d:a1:51:6b:e8:bf:00:f7:98:
80:a1:bd:bf:f2:4f:45:77:93:bb:ef:0f:ac:b8:65:00:a8:65:
8a:ba:57:54:22:7d:08:75:23:68:5a:cb:52:89:a0:82:a3:d9:
f2:94:33:29:17:b6:53:53:fb:33:d8:f1:a8:04:8a:f2:47:18:
4b:cd:15:14:fc:e4:1e:97:81:b1:94:f0:c9:c0:f6:10:12:0b:
18:6f:63:81:c7:8a:f5:1e:37:07:a7:3d:63:dd:d9:d6:70:0b:
1d:b2:a3:6b:14:7e:dd:e6:23:e3:50:bd:c6:21:84:35:76:3b:
4b:fa:2c:5b:a5:25:8f:50:6a:53:30:f8:20:18:79:7b:1e:b0:
b2:05:50:e6:de:32:65:79:78:8f:e7:21:a9:37:8f:a2:07:55:
ee:b6:9f:02:16:a2:08:2f:a6:8e:e3:6b:c1:46:ca:5d:8b:85:
92:e0:43:e2:3c:1e:fc:4d:e5:2c:4d:36:fe:c5:f4:dc:c9:76:
52:91:2e:e6:6c:d9:7e:e9:9d:b9:b5:3a:9c:d9:ca:40:6c:89:
96:6d:8d:5d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYMxk+NK1skKcjH+p2q8loweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTEyMTIwMTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQyYTI2ODQ1ZjZlZTU2OTA2NDM3ZWJjNWRjMDUxNDA3NWFiZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeFEyuQc5nPkhsscz2uNPCJDGfti
hSJlEUYbupoHSQjBwhVwMEK5RLL198pEMnZQKYM1q3MqXiUkix6Zu6LDwXsv2C5T
srE0bQRn5hBG3uCqS/DHEtVrT8kEdFK8vxdcXpaV8XOPGTX6hSoH/Ic+9/DOVeOA
Y9z6uihNnc4A+Hqr4llDWIGw1YI9HVPDr0hjejbL4syQAdli+mgG0xndDSId6LYl
f+D1SPAbviN6YkjYBxMS1yMpsiAzY4EVzNhPxCMcOABTBxnrULxFfdfGlJ4Gslgr
hlfFfOaHmIKSR5buI67nSTrH+SX1JZQFaA/5j3k+F3OuDzh+tfPjjunPLQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFE7SomhF9u5WkGQ368XcBRQHWr4EMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVHRLaWFFWDI3bGFRWkRmcnhkd0ZGQWRhdmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAJTyN
AwQCV3gAAwQAV3gMAwQBV3gOAwQBV3gsAwQBV3ieMAwDBAFXeLIDBAJXeLgDBAFX
eL4DBAJXeOgDBAJXeTAwDAMEAld5VAMEAVd5WAMEA117KAMEAV17QjAMAwQFXXtg
AwQBXXtkAwQEXpxwAwQA1EmVMA0GCSqGSIb3DQEBCwUAA4IBAQCpR1F2QeBI2Y4p
lbY7weYnbWSDE+OaTTVPO9DnYXG3ZffwV6jQrNkMrUdIm5c9oVFr6L8A95iAob2/
8k9Fd5O77w+suGUAqGWKuldUIn0IdSNoWstSiaCCo9nylDMpF7ZTU/sz2PGoBIry
RxhLzRUU/OQel4GxlPDJwPYQEgsYb2OBx4r1HjcHpz1j3dnWcAsdsqNrFH7d5iPj
UL3GIYQ1djtL+ixbpSWPUGpTMPggGHl7HrCyBVDm3jJleXiP5yGpN4+iB1Xutp8C
FqIIL6aO42vBRspdi4WS4EPiPB78TeUsTTb+xfTcyXZSkS7mbNl+6Z25tTqc2cpA
bImWbY1d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org