Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y-gyjxqHEVTV91gINRkn0B1GcXM.roa
File: Y-gyjxqHEVTV91gINRkn0B1GcXM.roa (raw, json)
Hash identifier: 1kKu0Wjw3nM6NUeYK4B3m+8QG7v6YrM/8JmgrxCO4Zs=
Subject key identifier: 63:E8:32:8F:1A:87:11:54:D5:F7:58:08:35:19:27:D0:1D:46:71:73
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018852862CC8B388836205E6BABF7C3B854C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y-gyjxqHEVTV91gINRkn0B1GcXM.roa
Signing time: Thu 25 May 2023 10:48:24 +0000
ROA not before: Thu 25 May 2023 10:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
87.120.130.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
82.115.210.0/23 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:86:2c:c8:b3:88:83:62:05:e6:ba:bf:7c:3b:85:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 25 10:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63e8328f1a871154d5f75808351927d01d467173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6a:37:11:7b:55:a2:83:74:52:fc:a1:8f:e6:
f5:2f:c6:5e:71:b6:10:4b:e3:85:15:b8:2a:f9:ca:
f3:b7:53:9b:a2:4d:ee:09:9b:35:4f:e1:09:65:e6:
a0:f8:8a:83:bf:f4:50:59:ac:ae:09:06:49:4e:f5:
4c:74:5a:f4:82:d2:4f:84:c2:cd:4b:f5:03:c5:43:
14:94:39:ae:23:87:51:38:24:91:f0:2c:fa:48:5a:
86:97:62:33:07:f6:77:56:47:7b:b7:8f:51:b5:1a:
a1:b4:33:ca:e5:14:aa:0a:9c:17:48:ee:fb:e1:85:
bd:ce:20:93:54:38:6d:d1:a4:71:f4:58:46:e9:2b:
bd:37:3f:ac:a3:85:74:73:dc:e3:85:cc:86:3d:39:
ea:d4:73:69:28:50:0c:f8:1e:48:92:59:43:be:60:
b1:07:25:05:fa:7b:4c:81:19:c6:24:fd:b0:56:f3:
54:a7:6f:a8:0d:ab:2d:b4:64:48:65:f7:a4:2c:2e:
d6:73:ca:4d:79:30:44:60:9b:cd:92:cb:a6:10:cd:
8d:35:76:5c:73:a9:71:99:e9:ba:63:aa:18:44:85:
11:47:ea:29:8b:b8:99:be:35:df:cd:78:4b:f1:58:
52:fb:78:f8:7e:d4:e9:f9:24:b9:80:59:7c:98:e6:
52:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E8:32:8F:1A:87:11:54:D5:F7:58:08:35:19:27:D0:1D:46:71:73
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y-gyjxqHEVTV91gINRkn0B1GcXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/23
83.219.97.0/24
87.120.130.0/24
87.121.124.0/23
87.121.162.0/24
87.121.220.0/24
91.200.192.0/22
92.249.48.0/24
93.123.39.0/24
94.154.172.0/24
94.156.160.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
185.246.223.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
05:13:ef:02:ae:d4:fb:67:84:16:41:df:00:fe:e5:41:29:5a:
51:5e:72:ee:a2:84:67:21:35:2e:8a:d1:32:06:fa:dd:7f:d6:
d0:98:89:bd:1f:3c:81:50:14:12:60:49:40:28:41:09:53:9b:
ff:aa:e0:63:72:37:01:d1:71:3e:ae:99:93:a5:14:3f:c3:45:
91:f7:da:68:75:55:e5:a3:65:8f:40:0b:cf:08:95:e6:49:bb:
18:61:f1:59:a3:14:6d:09:9c:08:72:78:25:86:0a:91:11:27:
51:cc:ef:0e:19:aa:3e:15:39:6d:a7:d1:d0:bd:a5:b8:07:85:
1e:cb:3b:46:ab:83:23:81:33:f5:4b:1b:9b:33:41:c2:2e:d0:
c1:67:4d:c0:40:7b:09:77:b7:f4:21:7e:2b:9d:e7:fe:0a:69:
0b:2c:f3:d4:69:a1:7e:de:4a:88:71:64:de:c9:fd:42:19:d9:
0f:e9:9e:01:0a:f3:35:84:91:a1:32:0f:ef:ae:a9:bb:03:d1:
b2:a2:e5:a7:a1:65:a9:31:e8:21:5a:a3:a3:3e:98:3c:e3:c3:
ab:a5:07:d3:59:d0:b1:7d:fe:1a:2a:89:c4:7f:60:40:39:a7:
28:68:6e:61:9f:f6:15:08:ce:dd:cb:96:f0:fa:59:41:3e:1d:
d5:3c:64:21
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYhShizIs4iDYgXmur98O4VMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTI1MTA0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2U4MzI4ZjFhODcxMTU0ZDVmNzU4MDgzNTE5MjdkMDFkNDY3MTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGo3EXtVooN0Uvyhj+b1L8ZecbYQ
S+OFFbgq+crzt1Obok3uCZs1T+EJZeag+IqDv/RQWayuCQZJTvVMdFr0gtJPhMLN
S/UDxUMUlDmuI4dROCSR8Cz6SFqGl2IzB/Z3Vkd7t49RtRqhtDPK5RSqCpwXSO77
4YW9ziCTVDht0aRx9FhG6Su9Nz+so4V0c9zjhcyGPTnq1HNpKFAM+B5IkllDvmCx
ByUF+ntMgRnGJP2wVvNUp2+oDasttGRIZfekLC7Wc8pNeTBEYJvNksumEM2NNXZc
c6lxmem6Y6oYRIURR+opi7iZvjXfzXhL8VhS+3j4ftTp+SS5gFl8mOZS+QIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFGPoMo8ahxFU1fdYCDUZJ9AdRnFzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWS1neWp4cUhFVlRWOTFnSU5Sa24wQjFHY1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAl
i4IDBAAtCZwDBAAtDP8DBAAtQuQDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABP
bj0DBABRoeYDBABRoe8DBAFSc9IDBABT22EDBABXeIIDBAFXeXwDBABXeaIDBABX
edwDBAJbyMADBABc+TADBABdeycDBABemqwDBABenKADBABenPgDBABenPoDBAGT
TmQwDAMEAKsWEQMEAKsWEgMEAKsWHwMEALLX4gMEALLX7gMEALn23wMEAMEZ2AME
AMEjEwMEAMK0JzANBgkqhkiG9w0BAQsFAAOCAQEABRPvAq7U+2eEFkHfAP7lQSla
UV5y7qKEZyE1LorRMgb63X/W0JiJvR88gVAUEmBJQChBCVOb/6rgY3I3AdFxPq6Z
k6UUP8NFkffaaHVV5aNlj0ALzwiV5km7GGHxWaMUbQmcCHJ4JYYKkREnUczvDhmq
PhU5bafR0L2luAeFHss7RquDI4Ez9UsbmzNBwi7QwWdNwEB7CXe39CF+K53n/gpp
Cyzz1Gmhft5KiHFk3sn9QhnZD+meAQrzNYSRoTIP766puwPRsqLlp6FlqTHoIVqj
oz6YPOPDq6UH01nQsX3+GiqJxH9gQDmnKGhuYZ/2FQjO3cuW8PpZQT4d1TxkIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org