Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YE2OxjRO5ee-_BDTuGj5clk2IUI.roa
File: YE2OxjRO5ee-_BDTuGj5clk2IUI.roa (raw, json)
Hash identifier: XBawmXKT6vciLS0h+a2xK788vxKxwYG0LTmoCqqWLPU=
Subject key identifier: 60:4D:8E:C6:34:4E:E5:E7:BE:FC:10:D3:B8:68:F9:72:59:36:21:42
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190EA15E1DADF95719BCC2550355815566D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YE2OxjRO5ee-_BDTuGj5clk2IUI.roa
Signing time: Thu 25 Jul 2024 13:30:20 +0000
ROA not before: Thu 25 Jul 2024 13:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.58.95.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.35.18.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
195.178.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ea:15:e1:da:df:95:71:9b:cc:25:50:35:58:15:56:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 25 13:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=604d8ec6344ee5e7befc10d3b868f97259362142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:5d:37:60:ee:36:2a:51:a5:53:c9:b4:60:
a2:2f:dc:fe:3c:9c:2d:b8:8a:b6:fe:83:c9:95:38:
10:17:07:69:bc:69:6d:5d:44:97:79:a8:91:d1:a9:
74:54:ce:ba:d3:48:fc:b3:47:fb:98:cb:2a:27:9a:
65:f1:2f:f0:87:c7:e9:68:eb:b4:02:55:8b:8d:d8:
52:55:f4:96:99:2f:b3:6d:b9:46:ed:09:7a:f0:24:
99:29:db:a0:fb:89:8c:75:20:f6:70:13:3e:9b:c6:
71:35:59:0b:89:88:8a:05:6a:df:7f:b1:79:df:2d:
6c:94:93:65:d7:2a:40:35:cd:9d:9d:57:0c:4e:75:
23:3c:82:7a:d7:ee:1d:c9:6d:da:d0:fc:12:6f:82:
5f:3d:a8:38:48:87:12:0a:65:be:7a:9d:5c:6c:6e:
38:97:be:93:5c:d7:aa:f1:b4:24:7e:1f:3b:3e:32:
62:18:95:cb:09:e3:1c:49:f5:b2:02:18:03:0d:d1:
bb:6c:7e:4a:95:1d:07:d2:cb:81:d9:cf:fd:6c:0a:
bc:c8:f9:42:06:89:0c:6e:e6:99:54:81:3d:e5:75:
52:33:08:a6:0d:8b:2d:69:ca:2e:25:d4:75:04:5c:
9a:be:44:f0:5d:86:bf:5a:80:a9:77:53:6e:d5:54:
5e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:4D:8E:C6:34:4E:E5:E7:BE:FC:10:D3:B8:68:F9:72:59:36:21:42
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YE2OxjRO5ee-_BDTuGj5clk2IUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.8.92.0/24
45.88.90.0/24
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
84.54.51.0/24
85.31.47.0/24
87.120.87.0/24
87.121.38.0/24
87.121.45.0/24
87.121.58.0/24
87.121.69.0/24
87.121.221.0/24
91.92.16.0/24
92.119.196.0/23
93.123.24.0/24
93.123.39.0/24
94.103.124.0/24
94.154.160.0/22
94.156.2.0/24
94.156.8.0/24
94.156.10.0/23
94.156.79.0/24
141.98.1.0/24
141.98.4.0/24
147.78.102.0/23
171.22.72.0/22
178.215.224.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
193.35.18.0/24
193.37.41.0/24
193.37.44.0/24
193.42.32.0/23
193.222.96.0/24
194.48.251.0/24
194.55.224.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
26:20:12:5c:9e:56:ad:5c:4b:53:00:25:39:74:67:29:e4:d4:
b3:cd:8a:74:ff:eb:b9:bb:e3:55:06:2d:ce:0e:a9:af:6c:ff:
6c:69:57:5e:59:67:c0:97:fd:e6:80:32:35:32:59:bb:6e:7c:
d2:9f:79:27:93:61:ec:b2:7e:03:07:e2:f2:ea:33:4e:a6:f3:
5f:1f:3a:55:e9:be:c7:d7:24:3a:5b:51:e4:88:cc:0a:66:d0:
3c:50:93:e9:66:03:77:ba:fd:51:8a:78:68:e6:ce:42:c7:ed:
05:fd:9e:a3:2e:21:29:46:9b:f3:6b:93:e8:9d:2b:4f:05:53:
1a:f4:e1:13:7e:ce:a8:15:40:57:40:a5:5a:4c:97:83:59:db:
f2:12:a6:18:bb:7f:d2:a9:cb:33:2e:0f:c3:ae:6a:f8:c8:c3:
aa:ac:e2:dd:67:d3:5e:21:59:5d:a2:d1:b6:28:89:0c:f8:46:
83:93:58:f9:17:2f:76:a3:c1:7c:60:e1:f6:b7:05:86:10:30:
cf:ed:7f:98:b7:2d:6f:3e:09:c1:a1:be:6e:67:30:bf:18:57:
3a:c9:e6:df:70:54:58:70:a6:7b:c7:2f:f9:4e:5f:29:fa:77:
e8:a5:87:bb:b3:3a:21:31:04:3b:6a:7a:b5:bd:8f:da:3f:4b:
cb:71:3a:28
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZDqFeHa35Vxm8wlUDVYFVZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzI1MTMzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDRkOGVjNjM0NGVlNWU3YmVmYzEwZDNiODY4Zjk3MjU5MzYyMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNtdN2DuNipRpVPJtGCiL9z+PJwt
uIq2/oPJlTgQFwdpvGltXUSXeaiR0al0VM6600j8s0f7mMsqJ5pl8S/wh8fpaOu0
AlWLjdhSVfSWmS+zbblG7Ql68CSZKdug+4mMdSD2cBM+m8ZxNVkLiYiKBWrff7F5
3y1slJNl1ypANc2dnVcMTnUjPIJ61+4dyW3a0PwSb4JfPag4SIcSCmW+ep1cbG44
l76TXNeq8bQkfh87PjJiGJXLCeMcSfWyAhgDDdG7bH5KlR0H0suB2c/9bAq8yPlC
BokMbuaZVIE95XVSMwimDYstacouJdR1BFyavkTwXYa/WoCpd1Nu1VReGQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFGBNjsY0TuXnvvwQ07ho+XJZNiFCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUUyT3hqUk81ZWUtX0JEVHVHajVjbGsySVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAAI6XwMEAC0IXAMEAC1YWgMEAC2AYAMEAC2A6AMEAC2QmgMEAC2XWQMEAFBM
MwMEAFGh7gMEAFPbYQMEAVQVrgMEAFQ2MAMEAFQ2MwMEAFUfLwMEAFd4VwMEAFd5
JgMEAFd5LQMEAFd5OgMEAFd5RQMEAFd53QMEAFtcEAMEAVx3xAMEAF17GAMEAF17
JwMEAF5nfAMEAl6aoAMEAF6cAgMEAF6cCAMEAV6cCgMEAF6cTwMEAI1iAQMEAI1i
BAMEAZNOZgMEAqsWSAMEALLX4AMEALnYRgMEArnYVAMEArnaVAMEAMEjEgMEAMEl
KQMEAMElLAMEAcEqIAMEAMHeYAMEAMIw+wMEAMI34AMEAMOybjANBgkqhkiG9w0B
AQsFAAOCAQEAJiASXJ5WrVxLUwAlOXRnKeTUs82KdP/rubvjVQYtzg6pr2z/bGlX
XllnwJf95oAyNTJZu2580p95J5Nh7LJ+Awfi8uozTqbzXx86Vem+x9ckOltR5IjM
CmbQPFCT6WYDd7r9UYp4aObOQsftBf2eoy4hKUab82uT6J0rTwVTGvThE37OqBVA
V0ClWkyXg1nb8hKmGLt/0qnLMy4Pw65q+MjDqqzi3WfTXiFZXaLRtiiJDPhGg5NY
+RcvdqPBfGDh9rcFhhAwz+1/mLctbz4JwaG+bmcwvxhXOsnm33BUWHCme8cv+U5f
Kfp36KWHu7M6ITEEO2p6tb2P2j9Ly3E6KA==
-----END CERTIFICATE-----
Generated at Fri Jul 26 14:45:33 2024 by rpki-client on console-ams.rpki-client.org