Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZV1Ui3A4jOSfuvLXzM3ppPpBoqE.roa
File: ZV1Ui3A4jOSfuvLXzM3ppPpBoqE.roa (raw, json)
Hash identifier: 0sIOBicz5dKpoPNZv4OwGJ2VbaJKIsJYqpgxakPplJk=
Subject key identifier: 65:5D:54:8B:70:38:8C:E4:9F:BA:F2:D7:CC:CD:E9:A4:FA:41:A2:A1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B93EBF875561F089800AA98D4C1917CCB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZV1Ui3A4jOSfuvLXzM3ppPpBoqE.roa
Signing time: Fri 03 Nov 2023 06:43:17 +0000
ROA not before: Fri 03 Nov 2023 06:43:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
87.120.130.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
185.246.223.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.250.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:eb:f8:75:56:1f:08:98:00:aa:98:d4:c1:91:7c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 06:43:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655d548b70388ce49fbaf2d7cccde9a4fa41a2a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b4:25:ff:3c:75:ec:27:80:79:69:e3:5f:8a:
f5:52:a9:80:12:d0:23:c2:87:ff:cd:88:7f:f3:50:
0a:f2:0a:66:75:e3:dc:4a:ec:f9:42:02:29:53:47:
43:c7:f1:96:5d:e1:a3:4a:4b:4e:cf:a2:53:24:81:
5d:74:d9:9e:2d:87:29:3c:04:e3:4f:f0:f8:5c:56:
79:d2:52:3f:5e:af:08:57:26:bc:63:bb:a5:a2:1f:
e5:f1:eb:a0:3e:9d:49:f5:60:b6:ff:4d:90:54:b5:
fd:36:d5:3b:72:83:ce:54:85:c1:5d:98:02:47:a3:
c8:d9:3f:5b:62:c5:ee:8b:34:84:00:eb:1b:8c:3b:
ce:76:e8:03:fd:bf:3a:7c:61:92:f6:12:45:95:61:
9d:27:fd:3e:6e:bc:a6:cc:55:67:e4:ed:2b:ef:f9:
70:7f:f0:44:bc:58:ff:09:0e:b6:13:7c:4e:eb:30:
fb:39:36:d3:b7:1c:be:c7:1d:32:4a:ad:d8:cd:0a:
3d:38:ba:f2:08:43:90:ae:8e:ab:9d:7a:84:97:56:
f2:ad:14:42:4c:15:d0:8d:de:ca:fc:02:bd:08:fd:
ae:eb:07:2f:e2:ba:5c:41:8b:0c:3a:b6:b2:89:75:
01:01:2c:4c:3d:91:a7:ec:ac:12:e1:61:ba:36:0d:
ad:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5D:54:8B:70:38:8C:E4:9F:BA:F2:D7:CC:CD:E9:A4:FA:41:A2:A1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZV1Ui3A4jOSfuvLXzM3ppPpBoqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.12.255.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
83.219.97.0/24
87.120.130.0/24
87.121.124.0/23
87.121.162.0/24
87.121.220.0/24
91.200.192.0/22
92.249.48.0/24
93.123.39.0/24
94.154.172.0/24
94.156.160.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
185.246.223.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:20:a4:75:33:c2:fa:f1:54:ad:c3:50:78:ad:39:8b:36:9d:
56:ac:1d:c1:98:17:c2:86:7b:d4:d4:f5:94:f5:82:67:84:37:
06:5d:e2:59:c7:eb:e5:d8:1f:f0:98:f9:04:01:0d:b5:10:dc:
72:d8:5b:fb:8f:9e:40:63:a5:54:96:18:61:61:f4:da:1b:bd:
d9:f0:bf:91:a1:6a:fc:5e:1a:ac:8e:d8:85:1c:92:2d:e5:ae:
74:0e:14:de:62:ab:96:4b:35:da:2e:40:91:1c:ba:59:c9:d4:
0b:2e:d0:d9:dc:63:d4:33:b9:19:51:dc:ba:10:42:e0:c8:fa:
01:86:14:28:c6:e4:3d:60:0f:8e:ef:4c:b6:f0:78:dc:1a:dc:
8b:c0:b3:4a:0e:6d:d2:2e:c1:7c:57:12:4b:d6:f5:2e:d9:b4:
65:93:03:83:9d:e3:00:58:f2:6a:3d:aa:7f:33:0c:1f:af:54:
26:1a:a1:f9:e7:af:c1:f6:91:0c:b1:94:ec:c1:e4:a3:7f:4d:
dd:ce:59:ee:79:49:b9:99:b1:66:91:45:46:62:59:6f:9d:d9:
f9:01:cb:c4:a6:d8:9d:8b:0a:3e:0b:56:5a:d4:ed:d3:a9:2e:
33:5e:0a:30:3d:f8:41:3f:c8:91:68:55:94:50:1e:e9:09:1b:
8d:68:36:b8
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYuT6/h1Vh8ImACqmNTBkXzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMDY0MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTVkNTQ4YjcwMzg4Y2U0OWZiYWYyZDdjY2NkZTlhNGZhNDFhMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLQl/zx17CeAeWnjX4r1UqmAEtAj
wof/zYh/81AK8gpmdePcSuz5QgIpU0dDx/GWXeGjSktOz6JTJIFddNmeLYcpPATj
T/D4XFZ50lI/Xq8IVya8Y7uloh/l8eugPp1J9WC2/02QVLX9NtU7coPOVIXBXZgC
R6PI2T9bYsXuizSEAOsbjDvOdugD/b86fGGS9hJFlWGdJ/0+brymzFVn5O0r7/lw
f/BEvFj/CQ62E3xO6zD7OTbTtxy+xx0ySq3YzQo9OLryCEOQro6rnXqEl1byrRRC
TBXQjd7K/AK9CP2u6wcv4rpcQYsMOrayiXUBASxMPZGn7KwS4WG6Ng2t4wIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFGVdVItwOIzkn7ry18zN6aT6QaKhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWlYxVWkzQTRqT1NmdXZMWHpNM3BwUHBCb3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAAl
i4IDBAAtCZwDBAAtDP8DBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABPbj0DBABR
oeYDBABRoe8DBABT22EDBABXeIIDBAFXeXwDBABXeaIDBABXedwDBAJbyMADBABc
+TADBABdeycDBABemqwDBABenKADBABenPgDBABenPoDBAGTTmQwDAMEAKsWEQME
AKsWEgMEAKsWHwMEALLX4gMEALLX7gMEALn23wMEAMEZ2AMEAMEjEwMEAMK0JzAN
BgkqhkiG9w0BAQsFAAOCAQEAtiCkdTPC+vFUrcNQeK05izadVqwdwZgXwoZ71NT1
lPWCZ4Q3Bl3iWcfr5dgf8Jj5BAENtRDccthb+4+eQGOlVJYYYWH02hu92fC/kaFq
/F4arI7YhRySLeWudA4U3mKrlks12i5AkRy6WcnUCy7Q2dxj1DO5GVHcuhBC4Mj6
AYYUKMbkPWAPju9MtvB43Brci8CzSg5t0i7BfFcSS9b1Ltm0ZZMDg53jAFjyaj2q
fzMMH69UJhqh+eevwfaRDLGU7MHko39N3c5Z7nlJuZmxZpFFRmJZb53Z+QHLxKbY
nYsKPgtWWtTt06kuM14KMD34QT/IkWhVlFAe6QkbjWg2uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org