Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/V5R9qAkVMVvubI3aUJ5Ue9YLqnU.roa
File: V5R9qAkVMVvubI3aUJ5Ue9YLqnU.roa (raw, json)
Hash identifier: OBpT7hv94Jp72XZa9N91iQQOYwO2VPn4PI2jQy9fSyM=
Subject key identifier: 57:94:7D:A8:09:15:31:5B:EE:6C:8D:DA:50:9E:54:7B:D6:0B:AA:75
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D3F755B0DC96ADD2FA660D6F89E1DA768
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/V5R9qAkVMVvubI3aUJ5Ue9YLqnU.roa
Signing time: Thu 25 Jan 2024 07:11:11 +0000
ROA not before: Thu 25 Jan 2024 07:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:75:5b:0d:c9:6a:dd:2f:a6:60:d6:f8:9e:1d:a7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 25 07:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57947da80915315bee6c8dda509e547bd60baa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f3:a0:37:ba:22:ca:89:c7:42:b8:41:e6:dc:
3c:09:fb:52:11:30:12:80:94:37:b2:e5:8f:86:7d:
7b:45:5b:0e:da:d0:dc:a4:5a:54:e9:2a:e5:86:80:
79:77:60:21:50:cb:c9:f9:69:3c:9c:86:c5:df:7b:
61:53:9a:ec:ae:86:8a:d7:0f:0d:a5:d1:74:73:c3:
53:d7:fa:24:bf:20:d2:ef:e8:e9:ff:e0:0b:0d:c3:
b6:69:6b:ec:b3:6c:ff:cb:e8:a3:a7:31:33:c7:5e:
da:19:0b:4b:2b:92:a4:95:67:34:8b:7f:07:09:5a:
fa:01:11:ee:9c:4e:95:46:e2:53:83:19:c7:cc:42:
46:86:81:33:11:72:21:01:94:0f:b7:3a:a5:70:83:
a4:8e:e4:54:8c:de:ce:06:99:d4:6a:5c:1d:13:9d:
ee:fc:dd:e6:12:78:a7:a2:54:ac:96:d9:4c:9e:84:
de:f0:86:80:ee:15:a5:6a:01:a6:cb:0b:88:c8:fc:
61:d7:87:6e:96:58:52:05:9d:70:d4:1c:87:c1:71:
8b:96:a1:29:fc:52:a8:88:5f:6b:a5:b2:79:e2:7c:
0c:95:0a:7b:b0:00:1f:b7:38:eb:e6:8e:e8:fd:43:
9a:28:ae:07:f7:4a:4c:7e:2e:bd:11:18:ba:f8:10:
97:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:94:7D:A8:09:15:31:5B:EE:6C:8D:DA:50:9E:54:7B:D6:0B:AA:75
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/V5R9qAkVMVvubI3aUJ5Ue9YLqnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.9.156.0/24
45.84.89.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
82.115.208.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.35.19.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.225.0/24
194.59.31.0/24
194.169.172.0/24
194.180.38.0/23
Signature Algorithm: sha256WithRSAEncryption
38:b5:ce:d5:ad:98:8d:8d:57:ed:d0:9e:00:c1:59:f3:93:a0:
d6:d7:d7:18:e5:ce:57:15:45:96:0b:61:0b:47:29:e7:ff:7f:
ad:3b:e6:53:27:2d:56:41:7d:42:b3:82:66:c4:14:59:e9:46:
58:0a:06:df:25:38:4f:77:6a:53:ba:ff:3f:2c:4e:58:ff:a0:
49:65:52:4f:ee:07:46:02:9d:52:89:60:dd:15:ae:eb:d7:10:
b4:1c:c4:0a:2a:e8:e1:a5:76:c0:ce:fb:af:c8:14:49:9a:a8:
71:98:f4:c0:a8:45:9e:96:c9:82:f5:54:43:c6:e6:f2:89:75:
a3:62:80:96:d3:fd:80:58:49:f1:44:41:21:52:ac:a4:d2:c8:
52:95:54:9d:ad:85:4b:8e:97:49:7a:c9:48:5e:c2:7c:23:b7:
ef:b5:28:35:3e:5c:e4:ec:e1:e8:5a:3b:21:f4:ee:18:a8:75:
53:6e:c3:1b:ed:19:7e:0c:52:b8:b6:ba:5f:3d:43:94:33:b5:
4c:7c:52:b1:50:d0:f0:75:ec:d6:4c:fe:b1:05:95:d4:36:cd:
36:56:62:56:4c:a8:8a:71:67:eb:90:4d:a4:8a:cb:d3:5c:4b:
0a:47:0f:a8:e1:c1:68:24:56:ba:94:10:0d:43:95:26:f0:c0:
bf:ca:a5:20
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY0/dVsNyWrdL6Zg1vieHadoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTI1MDcxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Nzk0N2RhODA5MTUzMTViZWU2YzhkZGE1MDllNTQ3YmQ2MGJhYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvOgN7oiyonHQrhB5tw8CftSETAS
gJQ3suWPhn17RVsO2tDcpFpU6SrlhoB5d2AhUMvJ+Wk8nIbF33thU5rsroaK1w8N
pdF0c8NT1/okvyDS7+jp/+ALDcO2aWvss2z/y+ijpzEzx17aGQtLK5KklWc0i38H
CVr6ARHunE6VRuJTgxnHzEJGhoEzEXIhAZQPtzqlcIOkjuRUjN7OBpnUalwdE53u
/N3mEninolSsltlMnoTe8IaA7hWlagGmywuIyPxh14dullhSBZ1w1ByHwXGLlqEp
/FKoiF9rpbJ54nwMlQp7sAAftzjr5o7o/UOaKK4H90pMfi69ERi6+BCXBQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFFeUfagJFTFb7myN2lCeVHvWC6p1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVjVSOXFBa1ZNVnZ1YkkzYVVKNVVlOVlMcW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAAC
O/0DBAAtCZwDBAAtVFkDBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABSc9ADBABT
22EDBABcd8YDBABc+TIDBABemqIDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAME
BbneoAMEALneogMEALn23wMEAMEZ2QMEAMEjEwMEAMElKAMEAMElKgMEAMElLAME
AMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMI3uwMEAMI34QMEAMI7HwMEAMKprAME
AcK0JjANBgkqhkiG9w0BAQsFAAOCAQEAOLXO1a2YjY1X7dCeAMFZ85Og1tfXGOXO
VxVFlgthC0cp5/9/rTvmUyctVkF9QrOCZsQUWelGWAoG3yU4T3dqU7r/PyxOWP+g
SWVST+4HRgKdUolg3RWu69cQtBzECiro4aV2wM77r8gUSZqocZj0wKhFnpbJgvVU
Q8bm8ol1o2KAltP9gFhJ8URBIVKspNLIUpVUna2FS46XSXrJSF7CfCO377UoNT5c
5Ozh6Fo7IfTuGKh1U27DG+0ZfgxSuLa6Xz1DlDO1THxSsVDQ8HXs1kz+sQWV1DbN
NlZiVkyoinFn65BNpIrL01xLCkcPqOHBaCRWupQQDUOVJvDAv8qlIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org