Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WDiuFOm-m6-yvsIYKfHJ8yJS6y0.roa
File: WDiuFOm-m6-yvsIYKfHJ8yJS6y0.roa (raw, json)
Hash identifier: PVQICjs3bHfp8GSeoAUyB2csruxqHPfPk7cdOCpFU3M=
Subject key identifier: 58:38:AE:14:E9:BE:9B:AF:B2:BE:C2:18:29:F1:C9:F3:22:52:EB:2D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01896E35800549D5B93DC61BA8624B454320
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WDiuFOm-m6-yvsIYKfHJ8yJS6y0.roa
Signing time: Wed 19 Jul 2023 12:52:27 +0000
ROA not before: Wed 19 Jul 2023 12:52:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
37.139.131.0/24 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
193.8.184.0/23 maxlen: 24
193.8.186.0/23 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
93.123.76.0/22 maxlen: 24
87.121.163.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
94.156.176.0/22 maxlen: 24
193.47.62.0/24 maxlen: 24
94.156.180.0/23 maxlen: 24
87.121.104.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
5.253.58.0/23 maxlen: 24
193.25.219.0/24 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:35:80:05:49:d5:b9:3d:c6:1b:a8:62:4b:45:43:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 19 12:52:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5838ae14e9be9bafb2bec21829f1c9f32252eb2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b6:e9:9c:83:25:16:d2:df:9b:3b:ce:e4:f5:
6f:cf:74:6e:4b:e4:c8:ad:c4:e3:e0:d5:20:4c:ca:
2d:4a:ea:87:d7:e2:40:e7:32:67:f6:32:04:d0:08:
08:f7:70:15:c3:6e:6f:cc:15:6a:8f:98:28:19:01:
4c:d5:a3:fd:d7:7f:e6:65:bb:9b:21:90:65:bd:62:
19:c8:a5:f7:bb:0a:02:17:66:f8:62:db:c7:4a:87:
31:11:74:38:f7:84:26:e1:2c:54:36:0c:81:81:b5:
8e:aa:41:8f:3a:d2:72:6f:ef:18:28:ac:3e:b5:5d:
7b:96:eb:70:7c:80:34:f8:5e:60:b3:5c:54:d7:34:
3c:a3:4e:65:93:65:71:7b:ab:ca:7f:d8:5b:41:86:
59:c1:21:f1:4a:12:db:d2:64:a6:66:b4:c6:cf:64:
9a:02:b7:9d:c3:25:9b:cb:90:8a:5f:bf:e5:20:06:
cc:2a:90:c7:3b:cf:e7:a3:d8:24:4d:d3:70:c4:56:
22:14:1e:ba:4f:b0:18:bd:20:f0:43:94:cb:e9:39:
4e:99:88:75:1e:ea:32:b2:c0:08:be:b4:71:93:a8:
96:bb:55:f3:13:79:9d:6a:9d:21:9b:83:33:0e:85:
02:b5:ec:fb:25:e8:aa:00:64:60:ac:b6:52:dc:9b:
a7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:38:AE:14:E9:BE:9B:AF:B2:BE:C2:18:29:F1:C9:F3:22:52:EB:2D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WDiuFOm-m6-yvsIYKfHJ8yJS6y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
37.139.131.0/24
45.8.92.0/24
45.9.208.0/22
45.139.123.0/24
87.120.192.0/23
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.76.0-93.123.80.255
93.123.112.0/22
93.123.117.0/24
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.8.184.0/22
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a7:5a:51:68:17:21:bf:62:2d:cd:ae:5a:1d:36:47:ee:6e:
79:43:80:9c:4e:2a:d3:cd:03:25:61:ad:bb:3b:99:6f:e0:65:
9b:38:6f:6c:50:97:26:45:aa:8a:fa:32:3d:3c:b2:47:28:85:
8a:df:3f:11:3b:06:ff:8b:06:d0:97:45:91:a5:28:b3:1d:fe:
f6:be:dd:03:14:ea:e7:fd:47:e9:69:ea:29:76:54:e3:f4:23:
f1:76:0d:89:db:18:38:d2:02:58:98:b8:7a:e3:0d:1d:4a:72:
dc:06:c8:ef:2d:33:0f:c5:fb:29:6b:5b:b3:fc:3e:14:84:18:
fd:94:de:b3:83:a1:04:94:cd:54:78:d6:2e:1d:b3:ad:50:dd:
55:83:75:4f:72:cc:bd:d0:6e:05:13:70:67:74:95:4b:54:6d:
b6:d7:d4:ce:1b:c6:20:c7:97:92:fb:8b:ce:93:0f:b3:9c:26:
14:d6:11:08:7d:9c:18:ed:f4:bd:5a:54:f8:56:08:60:72:f9:
1a:a8:52:8e:23:20:70:42:ea:be:22:a6:56:e9:2d:4e:08:f6:
40:55:5a:d5:0b:55:98:c6:bf:b3:1e:33:e4:16:93:f8:b3:ce:
90:8a:aa:b9:d5:43:e1:86:1f:c6:f6:78:a5:72:08:39:60:39:
e8:f1:da:ce
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYluNYAFSdW5PcYbqGJLRUMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzE5MTI1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODM4YWUxNGU5YmU5YmFmYjJiZWMyMTgyOWYxYzlmMzIyNTJlYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLbpnIMlFtLfmzvO5PVvz3RuS+TI
rcTj4NUgTMotSuqH1+JA5zJn9jIE0AgI93AVw25vzBVqj5goGQFM1aP913/mZbub
IZBlvWIZyKX3uwoCF2b4YtvHSocxEXQ494Qm4SxUNgyBgbWOqkGPOtJyb+8YKKw+
tV17lutwfIA0+F5gs1xU1zQ8o05lk2Vxe6vKf9hbQYZZwSHxShLb0mSmZrTGz2Sa
AredwyWby5CKX7/lIAbMKpDHO8/no9gkTdNwxFYiFB66T7AYvSDwQ5TL6TlOmYh1
HuoyssAIvrRxk6iWu1XzE3mdap0hm4MzDoUCtez7JeiqAGRgrLZS3JunqQIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFFg4rhTpvpuvsr7CGCnxyfMiUustMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV0RpdUZPbS1tNi15dnNJWUtmSEo4eUpTNnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAgX9OAMEACWLgwMEAC0IXAMEAi0J0AMEAC2LewMEAVd4wDAMAwQCV3kkAwQA
V3kmAwQCV3k8MAwDBABXeWcDBABXeWgDBAFXeXIDBAFXeZIDBABXeaMDBABbXBAD
BAFbXBoDBABbXEMDBABdexgDBAFdexoDBAFdex4wDAMEAl17TAMEAF17UAMEAl17
cAMEAF17dQMEAF17dwMEAV6aoAMEAF6arQMEAF6cAgMEAF6cmAMEAV6cmjAMAwQE
XpywAwQBXpy0MAwDBABenO0DBABenO4DBAK5k2QDBAG5zw4DBAC5/LEDBALBCLgD
BADBGdsDBADBLz4DBADBOnkDBADBOnsDBADCN+IDBADUV80wDQYJKoZIhvcNAQEL
BQADggEBABCnWlFoFyG/Yi3NrlodNkfubnlDgJxOKtPNAyVhrbs7mW/gZZs4b2xQ
lyZFqor6Mj08skcohYrfPxE7Bv+LBtCXRZGlKLMd/va+3QMU6uf9R+lp6il2VOP0
I/F2DYnbGDjSAliYuHrjDR1KctwGyO8tMw/F+ylrW7P8PhSEGP2U3rODoQSUzVR4
1i4ds61Q3VWDdU9yzL3QbgUTcGd0lUtUbbbX1M4bxiDHl5L7i86TD7OcJhTWEQh9
nBjt9L1aVPhWCGBy+RqoUo4jIHBC6r4iplbpLU4I9kBVWtULVZjGv7MeM+QWk/iz
zpCKqrnVQ+GGH8b2eKVyCDlgOejx2s4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:12 2024 by rpki-client on console-fra.rpki-client.org