Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZDJqGVNpl9ckNkyRD_RvlkPmGjk.roa
File: ZDJqGVNpl9ckNkyRD_RvlkPmGjk.roa (raw, json)
Hash identifier: 59vKUyNdB3SSxKXGpKNyywiGRUG39XqRzdI7E9KRsTA=
Subject key identifier: 64:32:6A:19:53:69:97:D7:24:36:4C:91:0F:F4:6F:96:43:E6:1A:39
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E848330D8C1C6E826FF828CA28A42E493
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZDJqGVNpl9ckNkyRD_RvlkPmGjk.roa
Signing time: Thu 28 Mar 2024 10:02:53 +0000
ROA not before: Thu 28 Mar 2024 10:02:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:83:30:d8:c1:c6:e8:26:ff:82:8c:a2:8a:42:e4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 28 10:02:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64326a19536997d724364c910ff46f9643e61a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:11:7c:c9:0c:8a:b4:fd:80:5b:2c:cf:07:83:
87:b6:d0:97:58:62:e6:18:f2:45:2f:20:9c:f1:6e:
bd:76:44:af:eb:1b:9b:48:2b:d7:aa:3c:d8:9b:0b:
46:c4:07:35:30:78:57:56:22:df:53:dd:65:2a:31:
49:99:47:46:31:cc:1a:d1:36:4a:f1:2c:fd:3b:1e:
60:34:ea:23:27:eb:04:6e:ba:5e:95:2e:dd:55:96:
bb:2d:6f:ec:a4:4a:db:59:a1:18:41:29:e4:9b:09:
ad:66:d4:8a:57:97:aa:7e:f8:a8:22:65:3b:74:10:
73:5f:5f:8d:87:c8:30:54:9d:d7:76:d9:a2:63:45:
08:cb:18:d7:4c:fd:97:a5:7e:b9:33:a5:dd:93:28:
07:69:d6:93:06:4e:6c:42:e5:8f:1e:44:e3:c3:39:
01:eb:2c:82:a3:a8:79:df:c0:f3:31:66:2e:ef:2b:
ce:3e:bd:38:63:88:14:ec:21:a3:75:53:1c:54:34:
4b:40:63:c3:12:55:9f:25:26:2c:5f:a6:dd:b3:60:
45:51:49:ed:71:7b:53:cc:32:f5:6a:5d:22:2e:5c:
48:4d:7d:61:b0:76:6e:ba:01:24:39:19:a6:0e:4f:
72:b0:36:a8:cc:b9:76:02:d3:f0:79:c8:f3:16:9a:
1c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:32:6A:19:53:69:97:D7:24:36:4C:91:0F:F4:6F:96:43:E6:1A:39
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZDJqGVNpl9ckNkyRD_RvlkPmGjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
87.120.166.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e0:ff:e6:df:3c:ed:a5:a8:d8:cd:5c:6f:5f:42:78:52:e3:
e3:23:3d:30:65:ca:82:30:26:78:55:a6:77:5a:1d:2a:20:26:
87:b2:56:63:46:fa:a1:8e:32:07:13:90:d8:e1:1d:9d:11:7d:
58:60:c2:34:09:de:98:92:2c:4a:c3:f9:bf:59:04:93:aa:20:
96:16:f5:a4:d9:a8:ae:91:a7:17:43:e1:50:f9:7e:7a:df:77:
c6:d7:89:b8:32:09:1b:60:2a:af:6a:b7:61:c1:a4:1e:39:0b:
d6:69:b9:38:75:fd:33:a9:e4:2e:08:7d:c4:08:01:b9:54:db:
c1:79:8f:f7:66:dd:74:21:3c:d7:1f:38:5a:1e:fe:de:13:c7:
ca:ad:77:38:e3:5d:3e:1c:0e:39:cc:6e:a0:a5:e7:fd:8a:f2:
b2:1b:a2:1e:8e:a2:ae:60:ed:ce:c7:68:ed:c9:70:e8:27:d8:
36:41:9f:fb:d2:e3:b5:41:3b:b2:91:b6:b3:14:88:a7:9a:42:
95:0f:1e:76:cb:41:75:a4:16:c2:cd:80:44:92:55:96:a1:6f:
5f:7d:25:b0:33:c7:9d:3e:fe:80:bb:95:a4:76:db:20:72:5e:
57:b5:06:1e:d6:55:0b:ea:97:ea:40:21:b5:57:74:5d:17:ea:
a8:43:57:65
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAY6EgzDYwcboJv+CjKKKQuSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzI4MTAwMjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMyNmExOTUzNjk5N2Q3MjQzNjRjOTEwZmY0NmY5NjQzZTYxYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRF8yQyKtP2AWyzPB4OHttCXWGLm
GPJFLyCc8W69dkSv6xubSCvXqjzYmwtGxAc1MHhXViLfU91lKjFJmUdGMcwa0TZK
8Sz9Ox5gNOojJ+sEbrpelS7dVZa7LW/spErbWaEYQSnkmwmtZtSKV5eqfvioImU7
dBBzX1+Nh8gwVJ3XdtmiY0UIyxjXTP2XpX65M6XdkygHadaTBk5sQuWPHkTjwzkB
6yyCo6h538DzMWYu7yvOPr04Y4gU7CGjdVMcVDRLQGPDElWfJSYsX6bds2BFUUnt
cXtTzDL1al0iLlxITX1hsHZuugEkORmmDk9ysDaozLl2AtPwecjzFpocvwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFGQyahlTaZfXJDZMkQ/0b5ZD5ho5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWkRKcUdWTnBsOWNrTmt5UkRfUnZsa1BtR2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABXeKYDBABcd8YDBABc
+TIDBABemqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAME
ALneogMEALn23wMEAMEZ2QMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwME
AMI3uwMEAMI34QMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEAguD/5t887aWo2M1c
b19CeFLj4yM9MGXKgjAmeFWmd1odKiAmh7JWY0b6oY4yBxOQ2OEdnRF9WGDCNAne
mJIsSsP5v1kEk6oglhb1pNmorpGnF0PhUPl+et93xteJuDIJG2Aqr2q3YcGkHjkL
1mm5OHX9M6nkLgh9xAgBuVTbwXmP92bddCE81x84Wh7+3hPHyq13OONdPhwOOcxu
oKXn/YryshuiHo6irmDtzsdo7clw6CfYNkGf+9LjtUE7spG2sxSIp5pClQ8edstB
daQWws2ARJJVlqFvX30lsDPHnT7+gLuVpHbbIHJeV7UGHtZVC+qX6kAhtVd0XRfq
qENXZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org