Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YEobVVI0ArHFj4IvPT-AETtmduI.roa
File: YEobVVI0ArHFj4IvPT-AETtmduI.roa (raw, json)
Hash identifier: 663/8iqg0Fg9wgBgDCnGjxqc5SQQsTTNLoXkMDGYi08=
Subject key identifier: 60:4A:1B:55:52:34:02:B1:C5:8F:82:2F:3D:3F:80:11:3B:66:76:E2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A03C5BB6AD57CA075DF1AB3959C54C8EC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YEobVVI0ArHFj4IvPT-AETtmduI.roa
Signing time: Thu 17 Aug 2023 13:53:24 +0000
ROA not before: Thu 17 Aug 2023 13:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
93.123.76.0/22 maxlen: 24
87.121.163.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
94.156.178.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
94.156.180.0/23 maxlen: 24
87.121.104.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.119.0/24 maxlen: 24
5.253.58.0/23 maxlen: 24
193.25.219.0/24 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:c5:bb:6a:d5:7c:a0:75:df:1a:b3:95:9c:54:c8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 17 13:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=604a1b55523402b1c58f822f3d3f80113b6676e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5b:7f:d8:51:02:1f:59:79:14:c0:6e:71:d5:
57:39:6f:d4:48:b4:79:d2:3a:5b:cf:30:83:e0:2f:
e4:82:d0:4b:b3:bc:db:ef:ae:be:79:fd:b3:32:70:
c5:98:5f:1c:90:ef:15:87:69:36:b5:de:a5:57:03:
b7:9c:25:63:2e:46:f5:b2:df:f3:09:78:54:d7:df:
eb:71:c9:a3:0f:48:31:2d:7e:5a:da:7f:f7:43:60:
80:f3:0f:62:50:06:7a:27:ce:9b:42:3d:55:5c:73:
31:e3:76:ab:30:9b:ac:16:75:c6:3b:b3:31:af:f2:
a6:c4:6f:e2:6d:70:b3:4f:a7:01:be:90:7c:92:61:
3e:a4:84:68:6d:4a:48:99:26:0e:a4:a7:ee:b2:7c:
6f:54:1a:2f:ce:cb:b6:e7:20:02:2b:9a:83:ed:a5:
fb:66:78:80:18:33:2a:f0:4d:2c:a3:3c:70:9e:18:
8e:0e:a1:0f:cd:f4:42:1e:61:fa:22:88:f5:49:87:
d4:d3:c0:e7:d6:04:e4:64:70:2b:7b:2d:e9:9f:f7:
4a:f5:90:d0:f3:48:10:c4:f3:4d:84:45:f3:d5:3a:
65:96:09:c9:ec:99:75:cf:d8:4d:b8:c5:34:bd:86:
2b:b9:d1:bb:c0:e4:4a:3c:51:c1:9b:f5:be:f6:dd:
4f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:4A:1B:55:52:34:02:B1:C5:8F:82:2F:3D:3F:80:11:3B:66:76:E2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YEobVVI0ArHFj4IvPT-AETtmduI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
45.8.92.0/24
45.9.208.0/22
45.139.123.0/24
87.120.192.0/23
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.76.0-93.123.80.255
93.123.112.0/22
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.178.0/24
94.156.180.0/23
94.156.237.0-94.156.238.255
185.147.100.0/22
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
62:97:68:08:85:03:af:d8:a2:ce:9b:d1:f8:48:ed:64:ba:1b:
f8:0e:fa:f6:88:ea:d4:07:db:81:9f:5d:68:06:47:61:d5:0a:
5b:d9:87:82:e2:43:0a:85:8e:6c:8a:63:48:8f:60:20:23:b6:
2d:07:69:5e:f4:5d:82:57:0c:45:9a:e9:6a:0a:76:41:63:2c:
d5:92:a8:26:ac:f3:b0:8f:66:62:4e:9a:fa:f4:1e:1b:55:07:
4f:7e:9a:4d:95:bd:05:ab:08:a5:a2:17:61:6c:9b:21:47:e3:
f4:4b:cc:ea:2b:47:69:e0:89:ac:2e:03:ee:24:c1:dd:ba:a3:
c3:56:7b:d7:cc:e4:71:be:a6:07:d1:b8:b4:96:bd:22:b7:44:
03:22:0a:74:9a:b6:83:e9:ec:e2:8f:8f:3d:83:d0:91:df:cf:
f1:46:f7:df:a3:92:ef:90:d7:19:da:d0:db:a8:fb:6f:7f:24:
02:32:cf:a1:6d:37:13:11:5b:6a:09:a7:75:22:e7:42:5c:10:
3d:84:f8:b2:33:22:40:e2:23:69:6f:c1:aa:22:1b:d7:94:82:
02:29:d4:1f:c8:54:81:a4:c0:f9:8b:b5:f5:a3:1d:b0:a3:8b:
e3:eb:b2:bf:e0:38:c0:a3:dc:4a:da:d1:dd:83:9f:a2:d2:28:
9b:6e:c6:88
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAYoDxbtq1Xygdd8as5WcVMjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODE3MTM1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDRhMWI1NTUyMzQwMmIxYzU4ZjgyMmYzZDNmODAxMTNiNjY3NmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFt/2FECH1l5FMBucdVXOW/USLR5
0jpbzzCD4C/kgtBLs7zb766+ef2zMnDFmF8ckO8Vh2k2td6lVwO3nCVjLkb1st/z
CXhU19/rccmjD0gxLX5a2n/3Q2CA8w9iUAZ6J86bQj1VXHMx43arMJusFnXGO7Mx
r/KmxG/ibXCzT6cBvpB8kmE+pIRobUpImSYOpKfusnxvVBovzsu25yACK5qD7aX7
ZniAGDMq8E0sozxwnhiODqEPzfRCHmH6Ioj1SYfU08Dn1gTkZHArey3pn/dK9ZDQ
80gQxPNNhEXz1TpllgnJ7Jl1z9hNuMU0vYYrudG7wORKPFHBm/W+9t1PgQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFGBKG1VSNAKxxY+CLz0/gBE7ZnbiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUVvYlZWSTBBckhGajRJdlBULUFFVHRtZHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQC
Bf04AwQALQhcAwQCLQnQAwQALYt7AwQBV3jAMAwDBAJXeSQDBABXeSYDBAJXeTww
DAMEAFd5ZwMEAFd5aAMEAVd5cgMEAVd5kgMEAFd5owMEAFtcEAMEAVtcGgMEAFtc
QwMEAF17GAMEAV17GjAMAwQCXXtMAwQAXXtQAwQCXXtwAwQAXXt3AwQBXpqgAwQA
XpqtAwQAXpwCAwQAXpyYAwQBXpyaAwQAXpyyAwQBXpy0MAwDBABenO0DBABenO4D
BAK5k2QDBAC5/LEDBADBGdsDBADBLz4DBADBOnkDBADBOnsDBADCN+IDBADUV80w
DQYJKoZIhvcNAQELBQADggEBAGKXaAiFA6/Yos6b0fhI7WS6G/gO+vaI6tQH24Gf
XWgGR2HVClvZh4LiQwqFjmyKY0iPYCAjti0HaV70XYJXDEWa6WoKdkFjLNWSqCas
87CPZmJOmvr0HhtVB09+mk2VvQWrCKWiF2FsmyFH4/RLzOorR2ngiawuA+4kwd26
o8NWe9fM5HG+pgfRuLSWvSK3RAMiCnSatoPp7OKPjz2D0JHfz/FG99+jku+Q1xna
0Nuo+29/JAIyz6FtNxMRW2oJp3Ui50JcED2E+LIzIkDiI2lvwaoiG9eUggIp1B/I
VIGkwPmLtfWjHbCji+Prsr/gOMCj3Era0d2Dn6LSKJtuxog=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:36 2024 by rpki-client on console-ams.rpki-client.org