Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X-go9_xnLwuUYmXkZTsE8MmMPl4.roa
File: X-go9_xnLwuUYmXkZTsE8MmMPl4.roa (raw, json)
Hash identifier: zop3KtZgFZxdZbfva6UKUYOiAu1DpvzO7GoxWBDLQto=
Subject key identifier: 5F:E8:28:F7:FC:67:2F:0B:94:62:65:E4:65:3B:04:F0:C9:8C:3E:5E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BB9AB12D77B44EADDA51BD00E6E8EF01C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X-go9_xnLwuUYmXkZTsE8MmMPl4.roa
Signing time: Fri 10 Nov 2023 14:37:58 +0000
ROA not before: Fri 10 Nov 2023 14:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.81.241.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:ab:12:d7:7b:44:ea:dd:a5:1b:d0:0e:6e:8e:f0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 10 14:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fe828f7fc672f0b946265e4653b04f0c98c3e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:31:47:7c:31:ed:99:43:43:fe:2d:19:cb:c0:
ff:e3:52:cd:c5:ff:15:99:71:f2:87:a5:09:a6:1b:
6f:b0:7a:94:88:9a:8e:14:c1:df:6a:bf:a8:10:f8:
76:9f:8e:ce:ee:ba:04:ba:bd:44:62:fa:3e:bf:01:
0a:4e:b5:72:fb:a8:21:3b:3a:78:f5:7d:16:19:ec:
28:ed:ce:cc:48:53:b8:0c:ba:cd:ec:56:85:93:43:
c2:f3:5d:c7:47:09:32:ba:af:52:2e:88:8e:22:b4:
1f:f8:6f:35:fc:0d:97:7d:fd:44:53:1d:fd:ac:a5:
5b:37:9d:28:33:c9:31:70:6a:e7:bb:3e:8e:dc:fb:
c2:28:06:69:e2:25:6c:62:36:fe:e4:8c:55:a2:37:
dc:e1:48:7e:48:c8:8e:18:be:ab:26:d2:87:b1:c1:
9e:d5:19:a0:89:18:43:3c:d9:1a:9c:0c:ac:07:86:
c3:85:1e:7f:2f:5c:55:7a:85:dc:69:44:ce:22:56:
bc:c8:63:d2:64:e2:7e:25:cc:ed:24:be:32:20:b3:
b5:ed:20:80:fe:a6:4d:b7:4c:56:66:e1:c7:2b:b9:
cd:21:95:03:ee:46:04:f2:e8:6f:78:0b:ad:25:72:
20:18:e3:82:68:e3:41:fd:42:e3:1d:d4:ef:68:a0:
6b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E8:28:F7:FC:67:2F:0B:94:62:65:E4:65:3B:04:F0:C9:8C:3E:5E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X-go9_xnLwuUYmXkZTsE8MmMPl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.241.0/24
45.149.233.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.220.0/23
91.92.24.0/23
92.119.196.0/23
93.123.39.0/24
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
13:25:0b:a6:2c:18:6d:96:ce:5b:ed:3f:9e:66:ee:c2:10:4d:
f6:fa:de:53:4b:31:48:39:20:0b:1d:96:4a:a6:db:26:eb:b5:
e5:47:69:d0:38:d2:07:02:0e:7f:e7:c9:10:80:89:8b:b8:b4:
15:1a:38:03:51:fe:f5:4c:b2:ea:82:d4:c9:76:86:1b:ec:05:
c1:2a:60:a8:db:21:43:57:54:c3:cc:1e:30:d1:3c:9c:8e:6b:
1d:53:83:a1:92:b0:e6:41:5c:9a:74:a6:14:54:50:2e:ed:26:
fa:95:22:b0:b0:7b:df:b2:62:92:b3:f3:56:9b:ae:57:6b:95:
b2:e8:37:a3:49:85:0a:99:ff:53:0f:a3:cb:3a:b4:52:75:a8:
77:ab:b2:5b:39:f2:9a:db:37:26:bf:4c:33:84:c2:6e:9f:1e:
27:23:d1:30:46:8c:ff:13:fa:61:d9:63:89:30:01:fb:99:62:
41:67:df:51:2f:bb:1a:58:ca:d2:a9:5e:ba:ad:f5:72:7d:9b:
12:78:a6:0a:0e:05:a1:37:dd:a3:1b:93:a2:08:39:ca:ec:6a:
c2:f4:5d:5d:af:1f:6c:5d:23:45:86:2d:4d:54:7f:24:09:14:
fb:c6:54:35:bb:14:ed:cf:d7:01:5c:d3:09:38:21:fc:e5:d5:
92:0d:0e:b8
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYu5qxLXe0Tq3aUb0A5ujvAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTEwMTQzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU4MjhmN2ZjNjcyZjBiOTQ2MjY1ZTQ2NTNiMDRmMGM5OGMzZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjFHfDHtmUND/i0Zy8D/41LNxf8V
mXHyh6UJphtvsHqUiJqOFMHfar+oEPh2n47O7roEur1EYvo+vwEKTrVy+6ghOzp4
9X0WGewo7c7MSFO4DLrN7FaFk0PC813HRwkyuq9SLoiOIrQf+G81/A2Xff1EUx39
rKVbN50oM8kxcGrnuz6O3PvCKAZp4iVsYjb+5IxVojfc4Uh+SMiOGL6rJtKHscGe
1RmgiRhDPNkanAysB4bDhR5/L1xVeoXcaUTOIla8yGPSZOJ+JcztJL4yILO17SCA
/qZNt0xWZuHHK7nNIZUD7kYE8uhveAutJXIgGOOCaONB/ULjHdTvaKBrJwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFF/oKPf8Zy8LlGJl5GU7BPDJjD5eMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWC1nbzlfeG5Md3VVWW1Ya1pUc0U4TW1NUGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAAt
UfEDBAAtlekDBAAtl1kDBABXeFcDBABXeS0DBABXeTsDBAFXedwDBAFbXBgDBAFc
d8QDBABdeycDBABde3QwDAMEAF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05k
AwQAk05mAwQCqxZIAwQAsH3/AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKv
AwQAufbfAwQAufywAwQAwqmuAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQATJQum
LBhtls5b7T+eZu7CEE32+t5TSzFIOSALHZZKptsm67XlR2nQONIHAg5/58kQgImL
uLQVGjgDUf71TLLqgtTJdoYb7AXBKmCo2yFDV1TDzB4w0TycjmsdU4OhkrDmQVya
dKYUVFAu7Sb6lSKwsHvfsmKSs/NWm65Xa5Wy6DejSYUKmf9TD6PLOrRSdah3q7Jb
OfKa2zcmv0wzhMJunx4nI9EwRoz/E/ph2WOJMAH7mWJBZ99RL7saWMrSqV66rfVy
fZsSeKYKDgWhN92jG5OiCDnK7GrC9F1drx9sXSNFhi1NVH8kCRT7xlQ1uxTtz9cB
XNMJOCH85dWSDQ64
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:12 2024 by rpki-client on console-fra.rpki-client.org