Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WS-jCK8WVLIzirRDfJoR4NQN1Jo.roa
File: WS-jCK8WVLIzirRDfJoR4NQN1Jo.roa (raw, json)
Hash identifier: j6kk4IwdYQfwFPuqyXI87zTUhizP6C1bQI87oy3LNdQ=
Subject key identifier: 59:2F:A3:08:AF:16:54:B2:33:8A:B4:43:7C:9A:11:E0:D4:0D:D4:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CFC6C3C3CA9C2593DAB14E9444B6F78EF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WS-jCK8WVLIzirRDfJoR4NQN1Jo.roa
Signing time: Fri 12 Jan 2024 06:46:40 +0000
ROA not before: Fri 12 Jan 2024 06:46:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 194.169.172.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:6c:3c:3c:a9:c2:59:3d:ab:14:e9:44:4b:6f:78:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 12 06:46:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=592fa308af1654b2338ab4437c9a11e0d40dd49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:50:ec:99:0a:cb:a7:eb:ba:e7:ac:08:bf:14:
54:07:af:d2:3f:5f:f6:86:f9:df:fd:df:2d:2d:a2:
cc:30:04:50:fb:46:2d:c2:28:3a:e0:15:6e:d5:9c:
96:a0:b3:f6:b6:54:52:0b:75:40:19:f1:2f:ef:8e:
8c:b8:21:20:9e:39:85:99:0e:68:b1:f9:a6:95:64:
f0:2b:05:2f:5f:46:82:3a:3e:70:ae:47:9a:73:14:
a2:b7:d6:90:22:9a:ae:4f:f8:35:2a:c2:52:55:62:
ff:93:10:86:bf:20:a2:ef:a3:0e:df:b1:da:07:b2:
90:f5:68:3c:54:4a:81:7c:64:de:b4:d4:91:ec:7c:
06:7a:e2:ca:97:2c:76:d8:2e:04:5b:0a:4a:32:82:
46:95:b3:ac:fc:ca:25:22:e1:bf:db:14:5e:aa:e7:
e2:88:a9:a8:2a:19:a9:ea:65:36:6e:55:ae:4b:d2:
b7:7a:4f:70:4f:b9:bf:d0:30:fb:57:9e:63:00:90:
c0:ad:b6:df:5a:04:8d:e6:30:e3:86:ca:fb:e7:04:
a2:79:c3:f2:60:48:53:9e:07:5d:66:66:9a:3b:f9:
44:44:18:68:35:11:1a:ec:dc:40:07:cd:84:b5:4c:
33:03:91:84:70:01:4b:a3:ee:a7:62:8c:dd:c7:1b:
35:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2F:A3:08:AF:16:54:B2:33:8A:B4:43:7C:9A:11:E0:D4:0D:D4:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WS-jCK8WVLIzirRDfJoR4NQN1Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.89.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
82.115.208.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.224.0/23
194.169.172.0/24
194.180.38.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:0c:aa:00:ac:ef:d2:1c:60:c8:4f:33:3c:85:37:08:67:ff:
f1:4c:53:e8:13:c4:75:1c:80:e9:73:2e:a3:8a:7d:f7:4c:8d:
07:be:6a:7a:2e:e3:0c:29:4c:84:9f:c3:cc:be:2f:68:54:75:
41:67:ae:67:22:fd:76:ca:16:08:65:42:a7:03:8e:13:54:b8:
e1:e5:80:81:0d:e6:05:b6:71:7c:3c:d7:0c:ac:45:75:ad:73:
ea:6c:20:46:f0:72:9b:57:3b:3c:6c:f1:15:1d:a1:98:f7:b0:
6c:dd:d5:b6:d8:37:fc:32:1c:c9:d0:bc:e7:2a:44:91:ba:90:
c3:26:87:ee:d9:b7:7a:de:e5:09:54:7d:0f:5f:fa:df:d7:ad:
21:18:ed:90:57:10:94:e9:87:d8:ab:5e:61:79:a6:bf:58:05:
f9:7e:f6:5a:ae:ea:2d:fa:b9:09:d7:2f:a1:34:78:f3:98:9e:
81:88:ad:d7:a9:5c:a1:36:fc:63:dd:11:9c:4c:8f:c9:3d:48:
85:93:e6:d5:23:7c:4b:40:dd:00:bb:aa:5b:52:d0:a0:50:7c:
29:a4:68:7a:d9:70:02:e2:b1:2d:91:07:eb:16:79:91:4a:71:
ff:a9:c5:af:9a:f3:68:a6:e9:f7:81:fd:76:7b:96:af:09:c7:
9f:1b:db:fc
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYz8bDw8qcJZPasU6URLb3jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTEyMDY0NjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJmYTMwOGFmMTY1NGIyMzM4YWI0NDM3YzlhMTFlMGQ0MGRkNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1DsmQrLp+u656wIvxRUB6/SP1/2
hvnf/d8tLaLMMARQ+0Ytwig64BVu1ZyWoLP2tlRSC3VAGfEv746MuCEgnjmFmQ5o
sfmmlWTwKwUvX0aCOj5wrkeacxSit9aQIpquT/g1KsJSVWL/kxCGvyCi76MO37Ha
B7KQ9Wg8VEqBfGTetNSR7HwGeuLKlyx22C4EWwpKMoJGlbOs/MolIuG/2xRequfi
iKmoKhmp6mU2blWuS9K3ek9wT7m/0DD7V55jAJDArbbfWgSN5jDjhsr75wSiecPy
YEhTngddZmaaO/lERBhoNREa7NxAB82EtUwzA5GEcAFLo+6nYozdxxs1DQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFFkvowivFlSyM4q0Q3yaEeDUDdSaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV1MtakNLOFdWTEl6aXJSRGZKb1I0TlFOMUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAC
O/0DBAAtVFkDBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABSc9ADBABT22EDBABc
d8YDBABc+TIDBABemqIDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAME
ALneogMEAMEZ2QMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMIfzQME
AMIw+AMEAMI3uwMEAcI34AMEAMKprAMEAcK0JjANBgkqhkiG9w0BAQsFAAOCAQEA
sAyqAKzv0hxgyE8zPIU3CGf/8UxT6BPEdRyA6XMuo4p990yNB75qei7jDClMhJ/D
zL4vaFR1QWeuZyL9dsoWCGVCpwOOE1S44eWAgQ3mBbZxfDzXDKxFda1z6mwgRvBy
m1c7PGzxFR2hmPewbN3Vttg3/DIcydC85ypEkbqQwyaH7tm3et7lCVR9D1/639et
IRjtkFcQlOmH2KteYXmmv1gF+X72Wq7qLfq5CdcvoTR485iegYit16lcoTb8Y90R
nEyPyT1IhZPm1SN8S0DdALuqW1LQoFB8KaRoetlwAuKxLZEH6xZ5kUpx/6nFr5rz
aKbp94H9dnuWrwnHnxvb/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:12 2024 by rpki-client on console-fra.rpki-client.org