Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YC0fEOSLbKgm2TQ08yaMQ5Ac-h8.roa
File: YC0fEOSLbKgm2TQ08yaMQ5Ac-h8.roa (raw, json)
Hash identifier: faUogeJqlVlZV+ZVwO/U72QqdoUfW3afR3GNijWy/o8=
Subject key identifier: 60:2D:1F:10:E4:8B:6C:A8:26:D9:34:34:F3:26:8C:43:90:1C:FA:1F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C8B520B0EC5DE56C896CF84A4BB480017
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YC0fEOSLbKgm2TQ08yaMQ5Ac-h8.roa
Signing time: Thu 21 Dec 2023 07:40:58 +0000
ROA not before: Thu 21 Dec 2023 07:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:52:0b:0e:c5:de:56:c8:96:cf:84:a4:bb:48:00:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 21 07:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=602d1f10e48b6ca826d93434f3268c43901cfa1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:60:34:6c:41:ce:1a:12:99:f4:90:ee:63:e9:
02:c4:cd:31:32:43:06:01:b6:cd:4f:f1:70:1e:46:
36:e5:ff:d1:66:c7:54:50:7e:c5:d8:07:cc:16:29:
8a:48:e2:24:cc:47:ac:c8:1b:c8:95:be:44:3c:75:
d7:1f:f8:68:69:dd:dc:fe:38:6b:68:fc:ae:2b:02:
c2:0d:bd:58:12:05:ae:ed:0c:a4:d9:2f:0e:a7:12:
9f:22:70:b8:d5:d3:9f:29:b2:15:79:46:99:28:7e:
6a:19:34:68:69:88:6c:d1:c9:d1:12:1b:bc:51:6b:
25:b9:88:36:3d:0c:df:77:52:1e:52:91:f5:fd:09:
e8:48:61:f1:3e:dc:66:06:b5:e7:0c:21:ea:16:50:
88:b5:f8:55:cf:c2:45:6d:98:79:b2:28:7e:0e:8e:
4b:5b:6b:b6:26:c8:d7:9b:c9:11:fa:52:c4:d6:1b:
85:c8:e2:e8:99:f6:f8:09:95:da:0a:8f:35:ee:61:
85:1a:1b:94:cd:6e:80:f5:17:37:67:f5:59:a9:b0:
fe:21:6b:df:af:04:70:ef:f5:4b:9c:2c:94:d1:fe:
13:66:51:c9:1b:bd:78:11:86:ed:8a:9a:00:c4:75:
30:ab:37:3b:97:f1:b0:c7:20:ff:47:d8:72:56:b6:
f8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2D:1F:10:E4:8B:6C:A8:26:D9:34:34:F3:26:8C:43:90:1C:FA:1F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YC0fEOSLbKgm2TQ08yaMQ5Ac-h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
82.115.210.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:12:e2:cf:35:ac:04:95:b1:88:c3:ed:18:e2:18:51:14:6a:
d5:06:67:e0:5e:28:0f:ac:f0:25:84:5d:03:40:39:b8:c1:78:
d2:85:62:9a:13:fc:62:78:72:31:b8:31:57:c9:33:30:a6:9d:
ae:fd:a0:2b:b9:c7:65:0e:3a:d8:5d:34:bd:27:83:e1:df:4b:
0f:7a:6c:65:50:a2:88:4b:0f:bc:69:15:74:53:df:79:35:83:
d6:b7:8c:c9:41:bf:b2:ef:a5:22:50:f2:62:0b:52:6e:e6:07:
bc:65:c6:fd:de:54:47:29:70:cf:3b:01:f8:c4:11:fa:a8:88:
7d:2f:e2:5e:b4:2c:33:06:f3:a9:6f:4f:e0:a1:1f:08:5c:1b:
04:86:0c:1f:9b:76:1b:cb:1b:ea:41:09:ae:8a:22:64:03:12:
fc:ce:00:30:26:7d:f4:85:52:a3:b9:42:ed:a9:34:cd:bb:da:
39:c9:aa:ce:5d:90:94:69:bf:87:e9:86:42:7a:70:82:14:01:
38:c5:25:e7:36:16:e6:d9:bf:6f:ae:f3:66:72:0f:0b:89:74:
21:ea:9d:02:cd:ad:88:ae:9f:e5:04:be:23:da:de:e6:64:67:
87:f3:57:ff:f9:c1:82:09:d8:3b:46:62:a0:3f:0f:ef:07:ad:
9d:67:e0:65
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYyLUgsOxd5WyJbPhKS7SAAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMDc0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJkMWYxMGU0OGI2Y2E4MjZkOTM0MzRmMzI2OGM0MzkwMWNmYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmA0bEHOGhKZ9JDuY+kCxM0xMkMG
AbbNT/FwHkY25f/RZsdUUH7F2AfMFimKSOIkzEesyBvIlb5EPHXXH/hoad3c/jhr
aPyuKwLCDb1YEgWu7Qyk2S8OpxKfInC41dOfKbIVeUaZKH5qGTRoaYhs0cnREhu8
UWsluYg2PQzfd1IeUpH1/QnoSGHxPtxmBrXnDCHqFlCItfhVz8JFbZh5sih+Do5L
W2u2JsjXm8kR+lLE1huFyOLomfb4CZXaCo817mGFGhuUzW6A9Rc3Z/VZqbD+IWvf
rwRw7/VLnCyU0f4TZlHJG714EYbtipoAxHUwqzc7l/GwxyD/R9hyVrb4aQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFGAtHxDki2yoJtk0NPMmjEOQHPofMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUMwZkVPU0xiS2dtMlRRMDh5YU1RNUFjLWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEACWLggME
AC2BVAMEAC2NngMEAE9uPQMEAFGh7wMEAFJz0gMEAVd5fAMEAFd5ogMEAlvIwAME
AFz5MAMEAF6arAMEAF6c+AMEAZNOZDAMAwQAqxYRAwQAqxYSAwQAqxYfAwQAwRnY
AwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQAbEuLPNawElbGIw+0Y4hhRFGrVBmfg
XigPrPAlhF0DQDm4wXjShWKaE/xieHIxuDFXyTMwpp2u/aArucdlDjrYXTS9J4Ph
30sPemxlUKKISw+8aRV0U995NYPWt4zJQb+y76UiUPJiC1Ju5ge8Zcb93lRHKXDP
OwH4xBH6qIh9L+JetCwzBvOpb0/goR8IXBsEhgwfm3YbyxvqQQmuiiJkAxL8zgAw
Jn30hVKjuULtqTTNu9o5yarOXZCUab+H6YZCenCCFAE4xSXnNhbm2b9vrvNmcg8L
iXQh6p0Cza2Irp/lBL4j2t7mZGeH81f/+cGCCdg7RmKgPw/vB62dZ+Bl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org