Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UWP4It9O4i4mfcsb7hYx_L9z1Fg.roa
File: UWP4It9O4i4mfcsb7hYx_L9z1Fg.roa (raw, json)
Hash identifier: natPkMVrH64liRMI8Rp5kP5Keguu1QxJ6qJBArdulW4=
Subject key identifier: 51:63:F8:22:DF:4E:E2:2E:26:7D:CB:1B:EE:16:31:FC:BF:73:D4:58
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EA9365934062251EDFB6FBF40A5C6C874
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UWP4It9O4i4mfcsb7hYx_L9z1Fg.roa
Signing time: Thu 04 Apr 2024 13:04:55 +0000
ROA not before: Thu 04 Apr 2024 13:04:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:36:59:34:06:22:51:ed:fb:6f:bf:40:a5:c6:c8:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 4 13:04:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5163f822df4ee22e267dcb1bee1631fcbf73d458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:de:b9:ee:86:d2:f6:8c:e3:78:8c:b4:8c:63:
61:d6:b3:6d:1f:e4:a3:83:61:5e:3a:bc:39:ee:a2:
d0:4f:cf:22:fb:2c:7e:77:45:3a:60:2a:c7:21:6a:
00:c3:66:29:cc:1b:8b:4e:fe:68:59:d6:04:7e:e1:
34:e0:84:0f:ed:07:db:4d:f2:88:50:ef:9b:2b:4c:
9a:2b:10:f2:17:98:4c:cb:20:d4:a8:18:dc:de:5d:
a8:c6:85:89:36:61:b1:3b:bb:76:fe:f7:4e:88:be:
41:d6:18:71:56:6c:03:51:de:71:f0:eb:bf:19:32:
17:37:3c:47:bb:1f:ca:88:13:5c:ed:00:b1:e9:24:
86:1c:2c:8b:b5:20:b5:cf:c5:46:46:54:59:ea:4c:
0c:bb:ea:30:06:bf:b6:4b:75:f2:6b:01:fe:26:be:
9c:12:b7:28:b5:dd:c8:53:ea:d2:12:b6:a2:00:64:
b4:c7:ba:d6:ce:f0:e1:b0:a1:d6:85:e1:f4:34:d9:
03:b0:fe:eb:31:9f:63:67:25:c0:25:10:96:67:e7:
b1:87:fb:cb:db:9f:21:c0:47:c2:db:54:3b:52:b7:
c4:d0:6d:9e:7c:ab:dd:ab:83:2e:94:a2:fd:ad:66:
d8:c6:ee:19:68:cc:17:01:f6:f5:f3:f7:f4:e1:e6:
e6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:63:F8:22:DF:4E:E2:2E:26:7D:CB:1B:EE:16:31:FC:BF:73:D4:58
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UWP4It9O4i4mfcsb7hYx_L9z1Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
87.120.166.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
34:18:42:48:52:67:10:9a:42:cb:1a:3e:b5:49:6a:5b:c6:e3:
b4:67:65:cf:de:be:bd:88:86:f1:95:79:96:25:76:e9:fb:ed:
d9:e6:e4:8e:ee:04:2c:01:c2:f7:03:0d:66:34:f5:ef:68:73:
33:86:92:91:9e:b2:7b:dc:f0:e3:86:3e:d8:4c:e8:72:20:3f:
4b:44:dc:0a:71:30:8a:54:c5:e8:b4:ae:46:20:88:b7:82:5c:
45:9d:29:3c:aa:ee:71:af:c4:c6:ef:1b:0f:72:61:7b:f9:f3:
cb:15:91:7e:58:6a:42:03:6a:cd:67:6b:e2:d9:ce:9a:e7:09:
cb:48:ac:df:52:c2:cc:e3:65:31:e7:5e:83:61:b0:c6:d0:90:
50:28:a1:46:c9:01:b0:3a:90:9c:22:35:6b:7c:16:a7:d8:6a:
2a:47:56:f0:45:fd:ae:83:7b:f5:7d:35:c8:a4:9c:97:df:90:
12:04:d6:23:ce:7d:61:f8:1e:4c:26:67:b0:81:91:96:8d:8c:
13:3e:9f:48:df:b5:1c:49:1b:18:26:fe:98:c4:d0:ab:4c:22:
41:f9:58:a4:e4:47:8f:44:5d:cf:36:33:48:22:d1:27:3f:e5:
d3:6b:50:ce:60:cb:fd:f7:c8:c6:58:ef:ad:26:c5:db:09:13:
95:12:4d:df
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY6pNlk0BiJR7ftvv0Clxsh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDA0MTMwNDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTYzZjgyMmRmNGVlMjJlMjY3ZGNiMWJlZTE2MzFmY2JmNzNkNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd657obS9ozjeIy0jGNh1rNtH+Sj
g2FeOrw57qLQT88i+yx+d0U6YCrHIWoAw2YpzBuLTv5oWdYEfuE04IQP7QfbTfKI
UO+bK0yaKxDyF5hMyyDUqBjc3l2oxoWJNmGxO7t2/vdOiL5B1hhxVmwDUd5x8Ou/
GTIXNzxHux/KiBNc7QCx6SSGHCyLtSC1z8VGRlRZ6kwMu+owBr+2S3XyawH+Jr6c
Ercotd3IU+rSEraiAGS0x7rWzvDhsKHWheH0NNkDsP7rMZ9jZyXAJRCWZ+exh/vL
258hwEfC21Q7UrfE0G2efKvdq4MulKL9rWbYxu4ZaMwXAfb18/f04ebmYQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFFFj+CLfTuIuJn3LG+4WMfy/c9RYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVVdQNEl0OU80aTRtZmNzYjdoWXhfTDl6MUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAC
O/0DBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABXeKYDBABcd8YDBABc+TIDBABe
mqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogME
ALn23wMEAMEZ2QMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMI3uwME
AMI34QMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEANBhCSFJnEJpCyxo+tUlqW8bj
tGdlz96+vYiG8ZV5liV26fvt2ebkju4ELAHC9wMNZjT172hzM4aSkZ6ye9zw44Y+
2EzociA/S0TcCnEwilTF6LSuRiCIt4JcRZ0pPKruca/Exu8bD3Jhe/nzyxWRflhq
QgNqzWdr4tnOmucJy0is31LCzONlMedeg2GwxtCQUCihRskBsDqQnCI1a3wWp9hq
KkdW8EX9roN79X01yKScl9+QEgTWI859YfgeTCZnsIGRlo2MEz6fSN+1HEkbGCb+
mMTQq0wiQflYpORHj0RdzzYzSCLRJz/l02tQzmDL/ffIxljvrSbF2wkTlRJN3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org