Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YbSx6INQ-CaEXQtl7nHpPMngUj8.roa
File: YbSx6INQ-CaEXQtl7nHpPMngUj8.roa (raw, json)
Hash identifier: 1dHB4glPXroN9f+hqQcAzomRnRXsgS8D9FjZNXRwxQk=
Subject key identifier: 61:B4:B1:E8:83:50:F8:26:84:5D:0B:65:EE:71:E9:3C:C9:E0:52:3F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B38761D387FB6F1C42A59A0E8E1909997
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YbSx6INQ-CaEXQtl7nHpPMngUj8.roa
Signing time: Mon 16 Oct 2023 12:29:06 +0000
ROA not before: Mon 16 Oct 2023 12:29:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
195.178.110.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:76:1d:38:7f:b6:f1:c4:2a:59:a0:e8:e1:90:99:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 16 12:29:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61b4b1e88350f826845d0b65ee71e93cc9e0523f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2e:d2:44:f9:84:d6:c7:13:25:52:67:03:ac:
97:fe:aa:63:0a:c9:9c:8f:bc:f7:aa:6d:a5:20:6f:
7a:2d:d6:db:3f:0a:1a:67:eb:6f:12:d3:78:b4:19:
f1:71:bc:73:d7:2b:c6:0e:5f:a8:38:be:89:a1:ae:
d0:85:da:18:1c:59:b1:aa:ac:8d:4f:71:20:08:f3:
d2:65:93:13:cf:75:c1:b7:fa:32:a0:84:c5:a6:4e:
41:1b:2d:bd:9d:68:a0:94:88:22:c8:da:83:19:f6:
dd:00:35:9a:95:68:b1:aa:10:6e:0c:6a:e3:8b:16:
46:03:6c:00:bc:0c:0b:61:78:aa:16:dd:22:ac:aa:
eb:89:35:09:fe:17:97:17:92:2b:c5:ec:53:7f:e5:
fc:c7:4c:a5:47:37:e2:6e:29:8b:30:6d:be:43:72:
25:f4:dc:4b:ab:15:3b:97:e2:52:19:21:56:bc:7c:
28:c9:6e:5a:51:ff:59:92:ee:55:54:d8:94:48:4b:
24:85:cf:6b:1f:cc:72:fb:cf:00:e4:f5:5e:08:65:
dc:f5:c9:f6:55:a9:06:9a:00:70:92:5c:b2:06:6a:
08:1f:a5:e0:03:14:40:ff:9b:71:1c:ad:b6:a3:67:
9b:db:b1:6d:24:82:ba:62:eb:a1:81:52:32:0a:72:
82:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B4:B1:E8:83:50:F8:26:84:5D:0B:65:EE:71:E9:3C:C9:E0:52:3F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YbSx6INQ-CaEXQtl7nHpPMngUj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
45.151.91.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a0:46:b4:c6:01:13:c9:66:0a:d2:df:14:71:65:1e:67:2b:
0e:4f:6e:cf:2c:a1:87:ed:bd:cb:8c:e8:9d:d8:c2:2e:7e:dd:
fe:d5:28:58:b7:d4:be:ee:30:48:e1:88:3a:7c:a1:04:83:18:
14:bb:4d:d0:10:b1:6f:e0:91:1e:d0:76:06:1a:8b:e5:7a:51:
1c:34:71:6a:2e:38:60:d0:26:63:cc:79:7f:83:4e:53:da:ce:
39:d7:53:c1:d3:70:a7:b4:d7:d9:2a:77:44:f7:4c:69:96:2d:
f3:c9:77:f8:ab:23:67:6c:a4:7e:18:9e:d0:a0:af:61:8a:f3:
dc:64:3b:cb:61:73:7e:33:52:83:ce:f1:65:37:92:e9:43:74:
b7:67:7f:23:42:14:c5:a4:3c:80:34:5a:eb:08:65:9b:07:7c:
b1:64:82:36:a2:05:bc:0a:71:72:16:72:83:b0:24:fc:a0:66:
e2:69:b5:fa:ad:a2:61:cb:72:4c:c3:fb:22:3d:58:c4:48:c3:
bf:16:9b:e4:62:86:91:c8:4c:91:ce:ec:ed:21:46:4d:c0:b3:
a3:e2:d1:c5:10:d1:e9:3f:2e:c7:81:d1:c4:d9:82:fe:38:75:
29:29:73:6f:5a:cb:61:d5:90:5a:6e:24:44:08:8b:57:56:2e:
5f:b0:30:f2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYs4dh04f7bxxCpZoOjhkJmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDE2MTIyOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI0YjFlODgzNTBmODI2ODQ1ZDBiNjVlZTcxZTkzY2M5ZTA1MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC7SRPmE1scTJVJnA6yX/qpjCsmc
j7z3qm2lIG96LdbbPwoaZ+tvEtN4tBnxcbxz1yvGDl+oOL6Joa7QhdoYHFmxqqyN
T3EgCPPSZZMTz3XBt/oyoITFpk5BGy29nWiglIgiyNqDGfbdADWalWixqhBuDGrj
ixZGA2wAvAwLYXiqFt0irKrriTUJ/heXF5IrxexTf+X8x0ylRzfibimLMG2+Q3Il
9NxLqxU7l+JSGSFWvHwoyW5aUf9Zku5VVNiUSEskhc9rH8xy+88A5PVeCGXc9cn2
VakGmgBwklyyBmoIH6XgAxRA/5txHK22o2eb27FtJIK6YuuhgVIyCnKClQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFGG0seiDUPgmhF0LZe5x6TzJ4FI/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWWJTeDZJTlEtQ2FFWFF0bDduSHBQTW5nVWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAt
l1kDBAAtl1sDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAufywAwQAwqmuAwQAwrQyAwQAw7JuMA0GCSqGSIb3DQEB
CwUAA4IBAQBIoEa0xgETyWYK0t8UcWUeZysOT27PLKGH7b3LjOid2MIuft3+1ShY
t9S+7jBI4Yg6fKEEgxgUu03QELFv4JEe0HYGGovlelEcNHFqLjhg0CZjzHl/g05T
2s4511PB03CntNfZKndE90xpli3zyXf4qyNnbKR+GJ7QoK9hivPcZDvLYXN+M1KD
zvFlN5LpQ3S3Z38jQhTFpDyANFrrCGWbB3yxZII2ogW8CnFyFnKDsCT8oGbiabX6
raJhy3JMw/siPVjESMO/FpvkYoaRyEyRzuztIUZNwLOj4tHFENHpPy7HgdHE2YL+
OHUpKXNvWsth1ZBabiRECItXVi5fsDDy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org