Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZSeOwYArC6uRMVXdlh_eSvgI00s.roa
File: ZSeOwYArC6uRMVXdlh_eSvgI00s.roa (raw, json)
Hash identifier: z6V1VTziZK0nHEGH7TND6XNdoymeMbPzUfiufBiPtv4=
Subject key identifier: 65:27:8E:C1:80:2B:0B:AB:91:31:55:DD:96:1F:DE:4A:F8:08:D3:4B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B1466AFFC3D94E637080C5C1B5ABCE827
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZSeOwYArC6uRMVXdlh_eSvgI00s.roa
Signing time: Mon 09 Oct 2023 12:25:55 +0000
ROA not before: Mon 09 Oct 2023 12:25:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 194.169.172.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:66:af:fc:3d:94:e6:37:08:0c:5c:1b:5a:bc:e8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 9 12:25:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65278ec1802b0bab913155dd961fde4af808d34b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6d:aa:eb:c1:82:cd:6c:06:a1:53:36:43:92:
80:4d:5b:dd:0e:9f:b9:f0:21:87:e3:25:08:b0:15:
c6:f4:50:11:42:1c:02:9b:5a:93:40:db:52:7a:f8:
75:37:64:f3:97:f5:2a:2a:54:73:6b:53:61:f2:0d:
bd:4f:68:84:ae:f6:1b:a7:b9:f4:33:54:a3:e8:b4:
57:df:e6:f6:13:0f:ec:f9:66:68:82:9a:36:0f:32:
b1:99:6b:18:ba:ed:30:8f:73:e2:95:67:82:37:44:
9e:b2:7e:e3:a6:d1:56:e5:f2:de:6f:81:7e:4d:53:
3a:82:3d:50:02:8a:41:09:99:73:aa:03:b8:07:e4:
d7:25:89:81:de:a8:8f:93:ee:d8:50:9d:5a:57:15:
3c:63:f2:b7:c9:a3:78:cd:44:c0:c5:be:98:0a:ce:
2b:60:fe:11:05:23:ed:11:4a:fd:32:a5:a2:16:cb:
5a:ad:15:0f:2a:d3:ee:5e:eb:52:f3:d9:3a:22:7f:
06:a0:a7:4f:9a:61:30:24:db:f3:e4:c7:59:3b:67:
1c:18:b1:2b:99:09:c7:95:c5:bd:ac:de:d7:db:5d:
86:fe:f1:52:44:86:75:08:5b:2c:18:ce:53:59:dd:
ac:3a:d8:da:87:c8:67:cf:ae:84:cc:e3:cb:bf:29:
54:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:27:8E:C1:80:2B:0B:AB:91:31:55:DD:96:1F:DE:4A:F8:08:D3:4B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZSeOwYArC6uRMVXdlh_eSvgI00s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.8.93.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.226.172.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.225.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:de:78:b6:5d:09:63:10:66:15:61:98:19:58:43:95:fa:66:
c9:25:6e:3c:c5:e2:80:60:06:02:27:1c:32:ed:9d:cf:8f:a2:
db:f7:21:29:0b:6d:e8:8a:af:b5:52:5b:13:43:00:2b:b2:a8:
c1:d0:1f:dc:c9:d2:80:3b:a4:62:7c:b8:51:57:a9:0e:75:e2:
84:a6:b6:81:79:b4:f6:be:14:34:6f:fa:a1:48:06:5a:2a:f4:
e5:7b:b9:81:51:d0:fe:a3:7e:8a:34:e2:00:8c:3e:49:33:c9:
2f:ab:d6:85:f5:b0:d1:84:0d:98:1a:5f:3f:34:13:75:7f:39:
b1:18:fe:c4:10:4b:b6:62:b4:3d:a0:f2:b7:4b:ae:28:35:39:
f3:4f:44:62:44:d9:1e:e7:ae:57:80:07:93:3e:e4:28:07:78:
d3:d1:b6:06:12:e5:2c:30:33:f6:03:c0:ed:99:6e:c3:be:ce:
9a:11:a2:7d:6f:cd:5e:dc:73:66:fe:28:ce:3b:e5:19:28:c9:
ab:d5:eb:86:c0:75:45:fb:c5:73:16:96:9e:43:b0:26:27:ed:
aa:fb:89:28:8a:8c:c5:ad:38:70:6e:24:d3:d8:9b:0c:0a:fa:
a1:63:60:00:a0:e3:0f:be:ed:e7:e8:25:cc:ea:53:6f:8c:7b:
47:22:3a:29
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYsUZq/8PZTmNwgMXBtavOgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDA5MTIyNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI3OGVjMTgwMmIwYmFiOTEzMTU1ZGQ5NjFmZGU0YWY4MDhkMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW2q68GCzWwGoVM2Q5KATVvdDp+5
8CGH4yUIsBXG9FARQhwCm1qTQNtSevh1N2Tzl/UqKlRza1Nh8g29T2iErvYbp7n0
M1Sj6LRX3+b2Ew/s+WZogpo2DzKxmWsYuu0wj3PilWeCN0Sesn7jptFW5fLeb4F+
TVM6gj1QAopBCZlzqgO4B+TXJYmB3qiPk+7YUJ1aVxU8Y/K3yaN4zUTAxb6YCs4r
YP4RBSPtEUr9MqWiFstarRUPKtPuXutS89k6In8GoKdPmmEwJNvz5MdZO2ccGLEr
mQnHlcW9rN7X212G/vFSRIZ1CFssGM5TWd2sOtjah8hnz66EzOPLvylUZwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFGUnjsGAKwurkTFV3ZYf3kr4CNNLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWlNlT3dZQXJDNnVSTVZYZGxoX2VTdmdJMDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAC
O/0DBAAtCF0DBAAtVFsDBAAtWEADBAAtWFsDBABcd8YDBABc+TIDBABemqIDBABt
zu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogMEALnirAMEAMEZ2QME
AMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMI3uwME
AMI34QMEAMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEADN54tl0JYxBmFWGY
GVhDlfpmySVuPMXigGAGAiccMu2dz4+i2/chKQtt6IqvtVJbE0MAK7KowdAf3MnS
gDukYny4UVepDnXihKa2gXm09r4UNG/6oUgGWir05Xu5gVHQ/qN+ijTiAIw+STPJ
L6vWhfWw0YQNmBpfPzQTdX85sRj+xBBLtmK0PaDyt0uuKDU5809EYkTZHueuV4AH
kz7kKAd409G2BhLlLDAz9gPA7Zluw77OmhGifW/NXtxzZv4ozjvlGSjJq9XrhsB1
RfvFcxaWnkOwJiftqvuJKIqMxa04cG4k09ibDAr6oWNgAKDjD77t5+glzOpTb4x7
RyI6KQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org