Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WYJl6zepFnjN7FoTi_xrLs1ZW5c.roa
File: WYJl6zepFnjN7FoTi_xrLs1ZW5c.roa (raw, json)
Hash identifier: n3a5zkXYfLGDGYRX1LDy5/DaacVYpzozGAqB4eFDFBA=
Subject key identifier: 59:82:65:EB:37:A9:16:78:CD:EC:5A:13:8B:FC:6B:2E:CD:59:5B:97
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185DE4897BF072B8F89A460E032C5D7F0D9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WYJl6zepFnjN7FoTi_xrLs1ZW5c.roa
Signing time: Mon 23 Jan 2023 10:59:37 +0000
ROA not before: Mon 23 Jan 2023 10:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 81.161.230.0/24 maxlen: 24
94.156.234.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:48:97:bf:07:2b:8f:89:a4:60:e0:32:c5:d7:f0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 23 10:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=598265eb37a91678cdec5a138bfc6b2ecd595b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:84:be:0f:01:bf:46:73:88:b9:da:4b:9e:ae:
5f:95:d6:03:6c:06:aa:7a:6b:63:42:f5:c6:77:e3:
7f:39:73:75:f5:8b:b6:12:bc:0b:23:01:12:50:e2:
3d:1b:f4:24:d7:54:a0:fb:b0:58:71:cc:e4:7c:99:
be:eb:13:ac:f9:6c:eb:70:68:17:7e:76:19:44:b2:
c1:1e:c9:db:19:e2:bb:d9:47:82:cc:8e:ee:3e:d1:
36:fa:0d:e3:33:dd:1b:97:c6:89:3a:3e:70:93:01:
c6:3b:c6:18:18:e6:ae:d7:05:ce:9f:b7:2c:eb:b4:
e6:fc:99:3c:ba:8d:06:28:37:3a:0b:31:03:d7:46:
47:70:94:5d:a3:ae:88:31:ce:ec:02:5f:2b:4a:87:
dc:23:c2:7a:33:84:9d:92:38:3a:dd:ba:3e:dc:22:
b3:ee:9b:70:d0:af:41:33:96:07:8c:49:81:8f:97:
96:4b:07:e7:b8:c3:f0:53:31:0a:a2:e8:db:b5:4e:
50:6b:95:80:09:22:12:35:d1:19:96:c4:d4:c9:83:
99:ba:af:20:60:1f:ee:de:91:32:e3:58:89:8b:e7:
86:62:63:85:8d:7a:b8:18:86:87:e8:8e:12:a9:76:
7d:a1:a0:f4:ea:13:84:a4:07:4f:6f:fe:ee:fa:6d:
23:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:82:65:EB:37:A9:16:78:CD:EC:5A:13:8B:FC:6B:2E:CD:59:5B:97
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WYJl6zepFnjN7FoTi_xrLs1ZW5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.84.91.0/24
45.88.64.0/24
45.129.84.0/24
45.129.86.0/24
81.161.230.0/24
94.154.162.0/24
94.156.160.0/24
94.156.234.0/24
178.215.226.0/24
185.222.160.0/23
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.55.224.0/23
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
02:72:75:99:99:f9:a8:ac:80:69:50:8b:3f:22:5a:a5:d0:e2:
16:91:14:da:aa:af:be:67:73:38:65:6b:75:2a:07:05:ed:c7:
ad:95:ca:c3:a4:06:bd:31:c1:74:29:e4:8c:53:5c:e6:00:af:
3a:45:5b:2f:c8:a7:17:b0:d9:60:9e:16:f5:57:04:6d:36:94:
3d:a2:d8:bb:88:eb:8f:30:b0:55:d7:88:a5:b8:2e:e1:f1:36:
a6:6a:dc:7e:4e:e2:79:93:d9:2c:dd:eb:c0:be:1d:de:75:c7:
8b:60:61:56:a8:7b:a7:31:ff:00:4a:0f:e2:7e:45:b5:c5:73:
6a:3d:8a:5e:ef:68:b0:1b:b6:01:5b:ea:21:08:85:46:a3:61:
69:15:eb:f5:e1:2d:be:e3:9d:d9:43:93:66:d6:0a:b7:c6:21:
3d:08:49:10:8c:5c:73:11:e6:62:22:f2:24:52:a1:f1:cd:2f:
92:4b:d4:6e:49:42:4c:b9:20:4e:e8:14:56:77:a0:dc:4b:4d:
a1:aa:b0:6b:19:00:70:07:bf:cb:dc:38:ce:9b:b4:ef:7b:cc:
75:de:1b:d7:b3:4f:52:50:53:86:b2:f8:0c:f3:fe:cc:b2:6a:
c0:3d:46:66:00:76:c6:fd:54:28:f5:d7:7c:4f:a2:6f:70:44:
e8:9b:ad:40
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYXeSJe/ByuPiaRg4DLF1/DZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTIzMTA1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTgyNjVlYjM3YTkxNjc4Y2RlYzVhMTM4YmZjNmIyZWNkNTk1Yjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioS+DwG/RnOIudpLnq5fldYDbAaq
emtjQvXGd+N/OXN19Yu2ErwLIwESUOI9G/Qk11Sg+7BYcczkfJm+6xOs+WzrcGgX
fnYZRLLBHsnbGeK72UeCzI7uPtE2+g3jM90bl8aJOj5wkwHGO8YYGOau1wXOn7cs
67Tm/Jk8uo0GKDc6CzED10ZHcJRdo66IMc7sAl8rSofcI8J6M4Sdkjg63bo+3CKz
7ptw0K9BM5YHjEmBj5eWSwfnuMPwUzEKoujbtU5Qa5WACSISNdEZlsTUyYOZuq8g
YB/u3pEy41iJi+eGYmOFjXq4GIaH6I4SqXZ9oaD06hOEpAdPb/7u+m0jRwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFmCZes3qRZ4zexaE4v8ay7NWVuXMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV1lKbDZ6ZXBGbmpON0ZvVGlfeHJMczFaVzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0JnAME
AC0M/wMEAC1C5AMEAC1UWwMEAC1YQAMEAC2BVAMEAC2BVgMEAFGh5gMEAF6aogME
AF6coAMEAF6c6gMEALLX4gMEAbneoAMEAMEqIgMEAMEvPAMEAMEvPwMEAcI34AME
AMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAAnJ1mZn5qKyAaVCLPyJapdDiFpEU2qqv
vmdzOGVrdSoHBe3HrZXKw6QGvTHBdCnkjFNc5gCvOkVbL8inF7DZYJ4W9VcEbTaU
PaLYu4jrjzCwVdeIpbgu4fE2pmrcfk7ieZPZLN3rwL4d3nXHi2BhVqh7pzH/AEoP
4n5FtcVzaj2KXu9osBu2AVvqIQiFRqNhaRXr9eEtvuOd2UOTZtYKt8YhPQhJEIxc
cxHmYiLyJFKh8c0vkkvUbklCTLkgTugUVneg3EtNoaqwaxkAcAe/y9w4zpu073vM
dd4b17NPUlBThrL4DPP+zLJqwD1GZgB2xv1UKPXXfE+ib3BE6JutQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org