Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/V1UjvGjKVhhF8BwgB7qECz6YUAM.roa
File: V1UjvGjKVhhF8BwgB7qECz6YUAM.roa (raw, json)
Hash identifier: lPrYH4ru1MJcyIbnAIf4Yy9Uz245Z5F/QcO2En50Fnc=
Subject key identifier: 57:55:23:BC:68:CA:56:18:45:F0:1C:20:07:BA:84:0B:3E:98:50:03
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B5C3D322EF0F7B0E648459D872CAD05FD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/V1UjvGjKVhhF8BwgB7qECz6YUAM.roa
Signing time: Mon 23 Oct 2023 11:13:16 +0000
ROA not before: Mon 23 Oct 2023 11:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
195.178.110.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
93.123.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:3d:32:2e:f0:f7:b0:e6:48:45:9d:87:2c:ad:05:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 23 11:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=575523bc68ca561845f01c2007ba840b3e985003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:68:58:35:30:69:e3:80:26:15:c8:98:24:fd:
52:60:05:8b:c5:65:53:a2:e0:c0:81:10:3e:5a:59:
a4:d2:25:09:ba:b1:4f:99:91:f4:a5:77:5c:49:a7:
63:96:fe:95:c2:21:e2:a1:97:11:11:d9:3a:c3:4c:
09:75:de:8a:8f:d6:cf:9e:7c:be:47:62:87:4c:16:
98:3f:ad:e8:6c:0a:f3:02:e3:aa:34:86:9a:e6:9a:
3d:45:2e:a3:81:99:60:10:9c:b2:01:45:4d:0f:a1:
e5:1d:09:78:b5:d1:38:a6:84:38:65:5f:62:93:11:
91:dc:07:6a:57:bf:f1:fd:c3:fb:d2:59:3b:45:72:
d2:31:7e:e8:d3:aa:2e:56:0f:a6:d4:72:40:db:1b:
e7:bf:6a:d9:df:a2:89:8f:c5:88:2b:3f:d8:63:e5:
e0:26:1c:3c:bb:8e:ba:61:cb:7e:f5:65:f3:18:49:
ef:32:dd:7e:a7:8b:d4:19:0e:8d:a5:d2:46:26:a6:
55:b7:5d:1a:17:73:19:7b:bb:ed:c9:8e:51:f1:f7:
92:96:cf:6d:d9:38:b8:56:91:a7:83:a0:89:db:aa:
0c:19:a8:f6:44:d5:2e:5a:3f:fc:fe:5b:6e:2f:c0:
e4:23:68:17:0a:2e:67:56:46:21:75:1a:f5:27:7f:
ff:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:55:23:BC:68:CA:56:18:45:F0:1C:20:07:BA:84:0B:3E:98:50:03
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/V1UjvGjKVhhF8BwgB7qECz6YUAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
45.151.91.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c1:b8:f3:0f:8d:57:63:b7:ae:2d:71:2c:06:fe:bc:65:ba:
64:1f:9f:5d:47:00:95:58:ad:99:8b:99:db:7b:fa:50:98:f5:
87:7a:25:7f:8e:a0:e7:c8:11:70:d0:d4:10:87:bd:52:e4:69:
b1:ae:8d:cf:82:ef:ca:77:aa:6a:d0:14:3a:7f:65:d3:7e:f8:
65:11:6d:e6:e7:4c:02:a0:53:72:62:2f:a3:24:3d:5b:98:ab:
01:1d:ef:f3:35:64:06:42:5f:46:fb:a0:dd:02:87:94:b9:99:
dd:c8:74:a7:e7:ad:9d:d6:e6:45:2c:a6:5b:7e:4b:5d:40:11:
54:21:90:08:e8:e1:32:18:8c:3d:a7:7d:24:d6:ef:b4:46:8b:
97:3b:4b:cd:96:8c:f5:35:d6:1b:ef:86:6a:c7:60:68:4b:21:
07:fa:66:48:86:ef:2e:16:a2:32:7d:17:bf:dd:a4:55:ad:86:
9c:ea:96:8d:32:56:23:f6:cb:7b:73:0f:77:b1:d6:02:10:fd:
4a:4e:a0:09:f4:83:a6:45:c3:fe:a4:de:0c:80:b4:56:0e:8f:
1a:a6:85:e3:6e:1b:2c:b3:4f:ef:34:cf:82:b0:36:9e:0f:cf:
e1:c2:dd:9e:23:33:5b:bd:fa:ff:fb:30:06:6c:59:aa:92:2b:
71:96:2b:10
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYtcPTIu8Pew5khFnYcsrQX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDIzMTExMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzU1MjNiYzY4Y2E1NjE4NDVmMDFjMjAwN2JhODQwYjNlOTg1MDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2hYNTBp44AmFciYJP1SYAWLxWVT
ouDAgRA+Wlmk0iUJurFPmZH0pXdcSadjlv6VwiHioZcREdk6w0wJdd6Kj9bPnny+
R2KHTBaYP63obArzAuOqNIaa5po9RS6jgZlgEJyyAUVND6HlHQl4tdE4poQ4ZV9i
kxGR3AdqV7/x/cP70lk7RXLSMX7o06ouVg+m1HJA2xvnv2rZ36KJj8WIKz/YY+Xg
Jhw8u466Yct+9WXzGEnvMt1+p4vUGQ6NpdJGJqZVt10aF3MZe7vtyY5R8feSls9t
2Ti4VpGng6CJ26oMGaj2RNUuWj/8/ltuL8DkI2gXCi5nVkYhdRr1J3//YwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFFdVI7xoylYYRfAcIAe6hAs+mFADMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVjFVanZHaktWaGhGOEJ3Z0I3cUVDejZZVUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAt
l1kDBAAtl1sDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAsH3/AwQAstfg
AwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufywAwQAwqmuAwQAwrQyAwQAw7Ju
MA0GCSqGSIb3DQEBCwUAA4IBAQCIwbjzD41XY7euLXEsBv68ZbpkH59dRwCVWK2Z
i5nbe/pQmPWHeiV/jqDnyBFw0NQQh71S5Gmxro3Pgu/Kd6pq0BQ6f2XTfvhlEW3m
50wCoFNyYi+jJD1bmKsBHe/zNWQGQl9G+6DdAoeUuZndyHSn562d1uZFLKZbfktd
QBFUIZAI6OEyGIw9p30k1u+0RouXO0vNloz1NdYb74Zqx2BoSyEH+mZIhu8uFqIy
fRe/3aRVrYac6paNMlYj9st7cw93sdYCEP1KTqAJ9IOmRcP+pN4MgLRWDo8apoXj
bhsss0/vNM+CsDaeD8/hwt2eIzNbvfr/+zAGbFmqkitxlisQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org