Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xjyf2tV6OXc-AvRklahRowYxEpo.roa
File: Xjyf2tV6OXc-AvRklahRowYxEpo.roa (raw, json)
Hash identifier: xA4FZGWGgJFLo/K/O3noNVoaNVZphb/XsjIDDpLnrSI=
Subject key identifier: 5E:3C:9F:DA:D5:7A:39:77:3E:02:F4:64:95:A8:51:A3:06:31:12:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EEBD9DAC46DD05463C4538F3979CAA435
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xjyf2tV6OXc-AvRklahRowYxEpo.roa
Signing time: Wed 17 Apr 2024 11:38:26 +0000
ROA not before: Wed 17 Apr 2024 11:38:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
85.209.133.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:d9:da:c4:6d:d0:54:63:c4:53:8f:39:79:ca:a4:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 17 11:38:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e3c9fdad57a39773e02f46495a851a30631129a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f6:aa:10:9c:59:65:ac:7c:51:8e:e0:8a:93:
85:9f:01:53:fe:73:14:a5:d6:56:e4:53:95:a6:2e:
19:91:d6:c1:4a:28:95:0c:ee:6c:ad:60:fe:e1:69:
83:d6:f1:50:59:f1:9f:15:ee:4a:1b:5b:14:b2:85:
f8:fa:ff:d5:61:be:bc:05:12:d8:19:b0:3b:f4:35:
8e:eb:3a:e4:21:46:d6:71:bb:b7:83:82:dc:92:c2:
ac:4b:ec:0c:05:53:23:c6:b7:2d:74:a3:2d:fb:e8:
bd:06:52:e3:fe:82:ee:02:8c:7e:c6:c1:4e:a4:0f:
0e:d9:e1:5b:c6:fb:58:aa:98:6a:48:46:dc:7f:76:
83:28:4a:0e:97:18:d0:f2:92:b6:be:ca:1c:e3:20:
e9:c0:79:20:09:58:60:14:03:38:ad:18:2d:ee:fc:
f5:4e:a2:75:c4:df:78:b7:a6:50:74:e4:72:10:4b:
ad:7d:9f:9f:e5:a1:e5:f2:37:41:e6:41:03:90:23:
5a:9a:95:c0:39:f0:77:a9:39:fd:b2:79:cc:6f:d4:
ae:ed:35:c6:7e:e3:de:ec:64:25:9a:15:ce:66:f5:
ce:b1:7e:6d:d4:a6:e3:30:33:c9:43:71:4b:dd:9a:
22:aa:cf:55:ed:c2:e9:83:f4:df:aa:5d:85:1d:2b:
71:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3C:9F:DA:D5:7A:39:77:3E:02:F4:64:95:A8:51:A3:06:31:12:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xjyf2tV6OXc-AvRklahRowYxEpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.88.88.0/24
45.151.89.0/24
83.219.97.0/24
84.21.174.0/23
85.209.133.0/24
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.239.0/24
95.214.25.0-95.214.26.255
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
194.48.248.0/24
194.55.186.0/24
194.55.224.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:67:65:f8:fa:d4:14:cf:5d:c0:cb:92:2c:ce:d3:5a:28:15:
ca:b2:18:31:eb:91:a8:28:ea:c4:1d:03:97:0e:5b:ab:b9:2e:
2c:56:6f:fe:fa:ac:ce:f6:fb:97:db:96:ee:61:6a:28:ec:d3:
63:fc:af:bb:87:1a:54:e6:22:c5:e1:e5:e5:47:61:40:df:af:
b9:8e:bd:1d:70:f3:19:e4:b0:e5:ba:9e:6a:60:d7:21:5c:50:
c8:f3:71:d9:3e:67:59:cf:bd:32:97:6e:ac:d1:bf:9a:bf:00:
46:0c:f0:33:0c:83:b0:18:e9:04:e6:72:79:a7:16:20:68:3f:
8d:3d:e8:c7:8b:e6:4e:b5:e8:ce:a7:ed:9a:ac:d3:34:a9:b8:
47:30:d6:27:04:c2:86:a6:4f:a5:34:0a:cf:11:91:14:97:96:
79:30:c9:69:4f:f1:94:87:0e:ef:19:7f:a0:a6:0f:a9:f5:33:
31:3e:ea:0c:16:be:14:13:e8:1a:03:be:76:e4:25:32:a5:bb:
9f:f8:f2:48:b1:d1:e6:56:5d:fa:04:68:8b:11:ce:94:6a:e4:
c2:ca:a5:ee:29:e7:3e:cb:8a:34:7d:7d:32:72:3b:5d:bf:4a:
cb:6c:b8:96:92:94:25:13:9a:47:4d:fd:93:a3:a5:51:1b:14:
a9:fc:8a:9f
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAY7r2drEbdBUY8RTjzl5yqQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDE3MTEzODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTNjOWZkYWQ1N2EzOTc3M2UwMmY0NjQ5NWE4NTFhMzA2MzExMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvaqEJxZZax8UY7gipOFnwFT/nMU
pdZW5FOVpi4ZkdbBSiiVDO5srWD+4WmD1vFQWfGfFe5KG1sUsoX4+v/VYb68BRLY
GbA79DWO6zrkIUbWcbu3g4LcksKsS+wMBVMjxrctdKMt++i9BlLj/oLuAox+xsFO
pA8O2eFbxvtYqphqSEbcf3aDKEoOlxjQ8pK2vsoc4yDpwHkgCVhgFAM4rRgt7vz1
TqJ1xN94t6ZQdORyEEutfZ+f5aHl8jdB5kEDkCNampXAOfB3qTn9snnMb9Su7TXG
fuPe7GQlmhXOZvXOsX5t1KbjMDPJQ3FL3Zoiqs9V7cLpg/Tfql2FHStxcQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFF48n9rVejl3PgL0ZJWoUaMGMRKaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWGp5ZjJ0VjZPWGMtQXZSa2xhaFJvd1l4RXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAt
CZwDBAAtWFgDBAAtl1kDBABT22EDBAFUFa4DBABV0YUDBABXeFcDBABXeS0DBAFX
eVYDBABXed0DBAFcd8QDBAJemqADBAFenEgDBABenO8wDAMEAF/WGQMEAF/WGgME
AJNOZgMEAqsWSAMEALLX4AMEALLX7AMEArnYVAMEArnaVAMEAcEqIAMEAMIw+AME
AMI3ugMEAMI34AMEAMI7HzANBgkqhkiG9w0BAQsFAAOCAQEAD2dl+PrUFM9dwMuS
LM7TWigVyrIYMeuRqCjqxB0Dlw5bq7kuLFZv/vqszvb7l9uW7mFqKOzTY/yvu4ca
VOYixeHl5UdhQN+vuY69HXDzGeSw5bqeamDXIVxQyPNx2T5nWc+9MpdurNG/mr8A
RgzwMwyDsBjpBOZyeacWIGg/jT3ox4vmTrXozqftmqzTNKm4RzDWJwTChqZPpTQK
zxGRFJeWeTDJaU/xlIcO7xl/oKYPqfUzMT7qDBa+FBPoGgO+duQlMqW7n/jySLHR
5lZd+gRoixHOlGrkwsql7innPsuKNH19MnI7Xb9Ky2y4lpKUJROaR039k6OlURsU
qfyKnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org