Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/W3TtWuymFMNCxV26AD634qV4X6g.roa
File: W3TtWuymFMNCxV26AD634qV4X6g.roa (raw, json)
Hash identifier: L/DxYCNQVZmS5urWEeP0+lRwovnOJ8IecQzr3fciAj4=
Subject key identifier: 5B:74:ED:5A:EC:A6:14:C3:42:C5:5D:BA:00:3E:B7:E2:A5:78:5F:A8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ABB1E43F88490F974B55B64F9054116EF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/W3TtWuymFMNCxV26AD634qV4X6g.roa
Signing time: Fri 22 Sep 2023 04:20:37 +0000
ROA not before: Fri 22 Sep 2023 04:20:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:1e:43:f8:84:90:f9:74:b5:5b:64:f9:05:41:16:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 22 04:20:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b74ed5aeca614c342c55dba003eb7e2a5785fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:20:d3:68:dd:cb:c5:5c:9c:53:6a:60:f2:
c9:5f:78:5d:e6:83:8f:fb:e4:0e:45:1c:38:50:59:
79:82:ef:da:2b:44:ac:e2:bb:94:5a:45:4f:b9:3a:
fb:50:3a:98:22:4b:eb:01:ed:79:d1:77:61:bc:d6:
76:f4:b5:86:5c:08:cd:11:ad:b7:04:78:97:43:99:
76:b9:81:0c:ed:cb:2a:cd:8f:83:b7:ed:2c:d3:1a:
2c:e7:bc:57:a7:d6:97:d4:7d:2d:a5:49:14:f3:7f:
60:df:1d:a4:0d:3e:d6:2f:ac:13:8a:a2:72:ca:59:
a2:7d:1f:8b:70:f0:f1:a4:cc:f7:8e:69:0b:f6:ad:
d6:c6:b6:18:92:15:31:af:2e:3f:75:44:83:34:d7:
af:05:f0:48:03:a7:9f:ca:8c:3f:fa:e7:0a:48:71:
65:ef:12:04:41:fb:0f:67:e8:fc:99:72:f8:21:3e:
c5:6e:01:ca:5f:e7:a5:a8:8d:a4:06:a2:fc:ba:87:
e4:b2:56:b1:ac:f9:ed:22:36:36:6d:82:3e:75:fe:
41:69:49:2d:31:67:07:c5:0f:cc:07:79:dd:a2:23:
93:37:6c:59:c3:de:c4:bf:8e:e2:9a:24:da:c1:da:
24:7e:2c:87:a3:f0:d8:d0:5a:c5:66:03:18:39:30:
b2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:74:ED:5A:EC:A6:14:C3:42:C5:5D:BA:00:3E:B7:E2:A5:78:5F:A8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/W3TtWuymFMNCxV26AD634qV4X6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.219.126.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:6a:cf:b3:86:4e:be:5a:c5:f3:87:9e:bb:aa:c7:07:ad:fa:
2b:68:66:49:db:a8:73:36:a5:63:5a:cc:3f:d2:a5:1a:b5:08:
6b:a0:8a:6b:2a:ba:47:26:17:3c:19:6c:f9:a3:43:e4:9b:eb:
31:8e:07:6b:28:fb:6a:b7:92:ee:c2:a0:b7:24:2e:c5:52:21:
f4:87:0b:c1:70:ef:07:9c:21:da:c3:2b:71:f6:f2:46:e9:de:
d8:cb:1f:9b:18:41:57:ba:10:8c:8a:da:56:bc:84:f7:7a:75:
aa:9f:c3:71:f5:4b:6a:a0:f0:e7:06:7d:65:31:1c:27:21:e4:
1e:18:83:2d:75:3b:5e:63:57:02:2c:eb:c3:68:91:ef:27:d5:
0a:02:5e:fd:9f:95:2c:95:8e:ea:2d:18:c4:2f:bb:8d:5a:76:
29:0d:f6:be:84:e4:b7:f9:30:77:6c:b7:93:9b:80:1b:96:2b:
17:58:a2:ee:b5:f2:c4:8c:cc:9f:40:75:bc:dd:5d:3d:50:64:
2f:28:14:10:24:b7:ef:c5:d4:72:71:9f:47:60:5e:1a:ed:ee:
f7:0a:90:71:37:11:c6:74:3c:c0:70:39:b2:8f:eb:47:3e:5b:
81:6c:34:2f:9c:8b:2d:3a:e1:aa:01:6d:95:63:30:91:d0:88:
c1:db:93:0d
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYq7HkP4hJD5dLVbZPkFQRbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTIyMDQyMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc0ZWQ1YWVjYTYxNGMzNDJjNTVkYmEwMDNlYjdlMmE1Nzg1ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7wg02jdy8VcnFNqYPLJX3hd5oOP
++QORRw4UFl5gu/aK0Ss4ruUWkVPuTr7UDqYIkvrAe150XdhvNZ29LWGXAjNEa23
BHiXQ5l2uYEM7csqzY+Dt+0s0xos57xXp9aX1H0tpUkU839g3x2kDT7WL6wTiqJy
ylmifR+LcPDxpMz3jmkL9q3WxrYYkhUxry4/dUSDNNevBfBIA6efyow/+ucKSHFl
7xIEQfsPZ+j8mXL4IT7FbgHKX+elqI2kBqL8uofkslaxrPntIjY2bYI+df5BaUkt
MWcHxQ/MB3ndoiOTN2xZw97Ev47imiTawdokfiyHo/DY0FrFZgMYOTCynQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFFt07VrsphTDQsVdugA+t+KleF+oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVzNUdFd1eW1GTU5DeFYyNkFENjM0cVY0WDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
l1kDBABXeFcDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAudt+AwQAwqmuAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IB
AQAqas+zhk6+WsXzh567qscHrforaGZJ26hzNqVjWsw/0qUatQhroIprKrpHJhc8
GWz5o0Pkm+sxjgdrKPtqt5LuwqC3JC7FUiH0hwvBcO8HnCHawytx9vJG6d7Yyx+b
GEFXuhCMitpWvIT3enWqn8Nx9UtqoPDnBn1lMRwnIeQeGIMtdTteY1cCLOvDaJHv
J9UKAl79n5UslY7qLRjEL7uNWnYpDfa+hOS3+TB3bLeTm4AblisXWKLutfLEjMyf
QHW83V09UGQvKBQQJLfvxdRycZ9HYF4a7e73CpBxNxHGdDzAcDmyj+tHPluBbDQv
nIstOuGqAW2VYzCR0IjB25MN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org