Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UOsx8kU9CU9sYfDt2ro3VsY27ww.roa
File: UOsx8kU9CU9sYfDt2ro3VsY27ww.roa (raw, json)
Hash identifier: WShdlXGcQsNTLgcUEbq7klWasr320j1FVL9TvpoORK0=
Subject key identifier: 50:EB:31:F2:45:3D:09:4F:6C:61:F0:ED:DA:BA:37:56:C6:36:EF:0C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCA7FF7A57C416A5AB60347729E713797
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UOsx8kU9CU9sYfDt2ro3VsY27ww.roa
Signing time: Wed 21 Feb 2024 07:10:00 +0000
ROA not before: Wed 21 Feb 2024 07:10:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:7f:f7:a5:7c:41:6a:5a:b6:03:47:72:9e:71:37:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 07:10:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50eb31f2453d094f6c61f0eddaba3756c636ef0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5d:4b:f6:3f:e5:8c:34:1f:6d:99:f3:b6:6b:
a9:bb:d8:f7:cc:45:42:54:cd:4d:42:d1:0b:9a:67:
2d:37:15:28:09:63:8d:5c:3a:63:bb:41:a1:ab:0d:
4a:7e:20:a1:6b:49:d0:c2:0f:54:8b:2f:4c:20:e9:
0f:fb:bb:9b:91:44:a2:c9:2b:1a:37:35:41:c7:2b:
22:d7:40:d8:5a:4c:bf:62:4c:2f:83:e7:5e:59:09:
fc:65:86:e1:df:e4:d9:42:50:24:2b:0e:7e:92:88:
82:9a:b9:8b:f4:f3:fc:7e:a4:36:c3:eb:32:25:65:
88:75:ef:d6:e3:30:c6:40:b8:67:28:e3:3c:9a:cf:
cb:4d:93:6f:28:42:7c:f7:73:06:33:86:d5:cd:72:
f8:32:ce:cb:fc:e1:86:48:e0:13:f4:df:ab:59:9e:
81:15:f2:d9:12:b7:17:53:b9:b5:0d:bd:33:14:9b:
a6:82:8c:62:ca:42:fd:6b:15:6b:09:bd:a2:57:ec:
f9:e9:e4:6e:a6:b3:6d:5c:b5:ea:75:fd:22:48:0a:
79:df:32:79:6e:75:cf:98:b1:84:35:78:c9:d1:5d:
ea:2f:e6:9d:93:fc:8a:7b:fe:c9:ee:ba:68:e4:2a:
eb:66:3a:30:f3:89:4c:46:a1:0e:b5:b8:8f:9a:86:
e2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EB:31:F2:45:3D:09:4F:6C:61:F0:ED:DA:BA:37:56:C6:36:EF:0C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UOsx8kU9CU9sYfDt2ro3VsY27ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
193.25.217.0/24
193.35.19.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.59.31.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:d1:93:8f:c6:60:b5:31:d1:22:ed:43:b3:92:43:65:d2:d7:
d0:1f:2e:c4:19:7a:1d:d6:5e:1e:77:de:33:3f:6d:1e:3b:0f:
32:04:ac:a5:43:fe:96:bd:17:de:a7:5f:80:62:5a:27:26:fe:
2a:49:6d:f7:78:52:07:23:5b:04:67:42:f6:d5:15:94:73:13:
1c:71:db:02:b4:5d:77:eb:6f:4e:50:af:2f:3d:de:9b:be:e9:
66:80:82:0e:63:0a:0e:4b:d5:4c:77:d4:88:9f:aa:be:4f:b8:
ec:d9:69:76:99:a8:bd:2b:1d:39:47:3a:35:b1:8a:52:c9:39:
97:e2:59:42:b2:66:69:c9:e8:da:fa:f3:7c:0e:f3:5a:ba:b4:
57:0a:20:43:c7:ee:ca:ad:a2:1a:6c:79:b6:52:43:90:be:18:
7d:ce:da:fa:ed:89:02:c5:c4:5b:a8:4d:06:bb:9d:80:2f:66:
a4:85:fc:17:5b:63:87:e8:d8:97:08:c4:49:29:b7:b4:ae:0b:
aa:3e:5a:44:21:d5:81:91:93:18:b4:e2:8c:6e:58:bb:46:03:
82:bf:40:d8:03:bf:ed:36:49:cf:0e:af:77:78:02:4f:6e:85:
0d:71:3b:6e:b9:46:cf:23:c0:e3:fd:04:1d:f8:51:af:5e:77:
1c:e2:cb:52
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAY3Kf/elfEFqWrYDR3KecTeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMDcxMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGViMzFmMjQ1M2QwOTRmNmM2MWYwZWRkYWJhMzc1NmM2MzZlZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF1L9j/ljDQfbZnztmupu9j3zEVC
VM1NQtELmmctNxUoCWONXDpju0Ghqw1KfiCha0nQwg9Uiy9MIOkP+7ubkUSiySsa
NzVBxysi10DYWky/Ykwvg+deWQn8ZYbh3+TZQlAkKw5+koiCmrmL9PP8fqQ2w+sy
JWWIde/W4zDGQLhnKOM8ms/LTZNvKEJ893MGM4bVzXL4Ms7L/OGGSOAT9N+rWZ6B
FfLZErcXU7m1Db0zFJumgoxiykL9axVrCb2iV+z56eRuprNtXLXqdf0iSAp53zJ5
bnXPmLGENXjJ0V3qL+adk/yKe/7J7rpo5CrrZjow84lMRqEOtbiPmobiVwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFFDrMfJFPQlPbGHw7dq6N1bGNu8MMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVU9zeDhrVTlDVTlzWWZEdDJybzNWc1kyN3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABcd8YDBABc+TIDBABe
mqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogME
AMEZ2QMEAMEjEwMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMI3uwME
AMI34QMEAMI7HwMEAMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEAHNGTj8Zg
tTHRIu1Ds5JDZdLX0B8uxBl6HdZeHnfeMz9tHjsPMgSspUP+lr0X3qdfgGJaJyb+
Kklt93hSByNbBGdC9tUVlHMTHHHbArRdd+tvTlCvLz3em77pZoCCDmMKDkvVTHfU
iJ+qvk+47NlpdpmovSsdOUc6NbGKUsk5l+JZQrJmacno2vrzfA7zWrq0VwogQ8fu
yq2iGmx5tlJDkL4Yfc7a+u2JAsXEW6hNBrudgC9mpIX8F1tjh+jYlwjESSm3tK4L
qj5aRCHVgZGTGLTijG5Yu0YDgr9A2AO/7TZJzw6vd3gCT26FDXE7brlGzyPA4/0E
HfhRr153HOLLUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org