Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y_vTg6kg14rS9qiPck-abkpzh9A.roa
File: Y_vTg6kg14rS9qiPck-abkpzh9A.roa (raw, json)
Hash identifier: Qhe0CxxbQKDYU7d1PxC6o1dS648fQudSgccgbfPi4nI=
Subject key identifier: 63:FB:D3:83:A9:20:D7:8A:D2:F6:A8:8F:72:4F:9A:6E:4A:73:87:D0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D3FE8B5559DD379CC474DFB140FE442F1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y_vTg6kg14rS9qiPck-abkpzh9A.roa
Signing time: Thu 25 Jan 2024 09:17:11 +0000
ROA not before: Thu 25 Jan 2024 09:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.172.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
95.214.24.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.226.173.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:e8:b5:55:9d:d3:79:cc:47:4d:fb:14:0f:e4:42:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 25 09:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63fbd383a920d78ad2f6a88f724f9a6e4a7387d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b5:1d:a0:49:3c:ee:aa:d5:02:d4:cc:6a:1c:
55:85:37:07:20:c5:1b:2a:99:59:74:43:6e:35:c9:
0e:3d:07:5f:61:b0:9f:e4:fe:1c:62:cb:c0:57:0f:
4a:c1:db:38:52:8a:99:04:0e:94:41:92:e4:5a:1d:
3f:e1:52:00:e3:be:dc:17:dc:b7:33:1f:a1:e1:cc:
e9:82:77:ee:37:c0:32:19:c6:ad:db:1b:3c:b8:37:
55:d8:c8:2d:ae:a6:e8:75:f3:da:df:89:b0:88:c4:
0a:9e:11:89:32:5a:ca:51:04:44:62:ee:82:b7:14:
6a:e6:5c:79:93:ce:66:57:47:b6:3d:7a:a2:3e:c1:
da:bd:d4:5c:fb:d8:46:31:91:b9:c7:52:6c:2f:e4:
c4:b4:c4:b0:51:52:1e:f6:d2:29:e4:bc:09:b8:2e:
f1:06:59:65:a1:63:19:5b:16:61:c9:28:7f:4a:8f:
42:b7:0d:c2:81:cf:d7:86:e2:94:82:bc:f3:a3:63:
bd:4d:b2:32:31:1b:93:cc:93:f9:99:f0:5c:12:01:
c6:c6:5f:15:92:1d:f8:d7:31:e7:46:28:8a:f2:f3:
7b:cf:40:d3:2d:57:59:59:6a:5d:4c:68:b8:81:da:
51:c1:7b:40:6d:ec:0a:a5:67:70:89:c5:19:fd:64:
7d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FB:D3:83:A9:20:D7:8A:D2:F6:A8:8F:72:4F:9A:6E:4A:73:87:D0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y_vTg6kg14rS9qiPck-abkpzh9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.84.89.0/24
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.10.0/24
94.156.239.0/24
95.214.24.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.252.176.0/24
194.48.251.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:ae:48:b8:3d:3f:ac:6b:04:f0:60:e5:5a:40:91:1c:2b:4f:
34:44:af:b0:ae:48:bc:b2:94:81:b4:89:ae:31:e2:62:fe:7a:
37:6d:86:c1:60:d6:f9:b0:4e:c0:84:9b:31:f5:7d:45:2e:95:
d5:8a:66:e4:19:7a:79:4a:3e:3f:68:78:ab:69:16:9b:96:2b:
8e:1c:7b:dc:a1:a5:f8:bf:c5:2b:b9:bc:7d:5a:56:51:a2:10:
d3:79:90:35:28:63:ac:aa:8a:07:c8:61:c9:a7:be:88:46:e8:
9e:c0:f0:d5:ec:8d:64:81:9d:84:5b:78:d4:ac:6e:c2:f3:8d:
5a:a6:1d:ba:a4:9c:bd:4e:39:ae:04:b6:e4:45:27:27:d9:9e:
85:7d:06:d0:b5:75:30:8b:66:50:72:9d:0a:dd:6c:9a:02:41:
1d:f0:45:3c:7d:45:14:2b:c6:41:47:3a:73:e2:ad:be:9a:07:
18:1f:11:1e:0e:c2:bd:69:0d:00:a5:45:e1:47:05:05:be:11:
9c:3e:b6:43:bd:a6:48:9d:be:8f:6f:51:24:63:91:7f:a2:66:
40:6c:fd:01:d5:a5:bc:0f:dd:d9:b6:8e:0e:ea:68:fe:bb:ff:
21:77:5c:22:ab:de:59:15:75:2e:10:02:55:3f:9e:91:06:f2:
26:6a:57:1e
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY0/6LVVndN5zEdN+xQP5ELxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTI1MDkxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2ZiZDM4M2E5MjBkNzhhZDJmNmE4OGY3MjRmOWE2ZTRhNzM4N2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrUdoEk87qrVAtTMahxVhTcHIMUb
KplZdENuNckOPQdfYbCf5P4cYsvAVw9Kwds4UoqZBA6UQZLkWh0/4VIA477cF9y3
Mx+h4czpgnfuN8AyGcat2xs8uDdV2MgtrqbodfPa34mwiMQKnhGJMlrKUQREYu6C
txRq5lx5k85mV0e2PXqiPsHavdRc+9hGMZG5x1JsL+TEtMSwUVIe9tIp5LwJuC7x
BllloWMZWxZhySh/So9Ctw3Cgc/XhuKUgrzzo2O9TbIyMRuTzJP5mfBcEgHGxl8V
kh341zHnRiiK8vN7z0DTLVdZWWpdTGi4gdpRwXtAbewKpWdwicUZ/WR9JQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFGP704OpINeK0vaoj3JPmm5Kc4fQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWV92VGc2a2cxNHJTOXFpUGNrLWFia3B6aDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAAC
O/8DBAAtVFkDBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QwDAME
AF6aoQMEAl6aoAMEAF6arAMEAF6cCgMEAF6c7wMEAF/WGDAMAwQAk05lAwQAk05m
AwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAufywAwQAwjD7
AwQAwjfgMA0GCSqGSIb3DQEBCwUAA4IBAQBsrki4PT+sawTwYOVaQJEcK080RK+w
rki8spSBtImuMeJi/no3bYbBYNb5sE7AhJsx9X1FLpXVimbkGXp5Sj4/aHiraRab
liuOHHvcoaX4v8Urubx9WlZRohDTeZA1KGOsqooHyGHJp76IRuiewPDV7I1kgZ2E
W3jUrG7C841aph26pJy9TjmuBLbkRScn2Z6FfQbQtXUwi2ZQcp0K3WyaAkEd8EU8
fUUUK8ZBRzpz4q2+mgcYHxEeDsK9aQ0ApUXhRwUFvhGcPrZDvaZInb6Pb1EkY5F/
omZAbP0B1aW8D93Zto4O6mj+u/8hd1wiq95ZFXUuEAJVP56RBvImalce
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org