Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_Fn1FjU3OKoge0Xi8We16VjJQoE.roa
File: _Fn1FjU3OKoge0Xi8We16VjJQoE.roa (raw, json)
Hash identifier: rEYlw9rzmmCrahspInA08S0oK3l2/gkJIp9Mb1Hd1y8=
Subject key identifier: FC:59:F5:16:35:37:38:AA:20:7B:45:E2:F1:67:B5:E9:58:C9:42:81
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E564E726E1C55D053B0DFCE430513CDC7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_Fn1FjU3OKoge0Xi8We16VjJQoE.roa
Signing time: Tue 19 Mar 2024 10:42:45 +0000
ROA not before: Tue 19 Mar 2024 10:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:4e:72:6e:1c:55:d0:53:b0:df:ce:43:05:13:cd:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 19 10:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc59f516353738aa207b45e2f167b5e958c94281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:12:37:f6:e5:7e:e3:b0:b5:ff:d7:e4:4e:08:
45:16:f3:2f:4a:59:a3:84:64:d7:60:4e:8c:a8:76:
ba:c0:e2:24:46:89:c9:2f:a6:65:ff:ff:7d:63:f5:
12:26:41:39:7d:b4:bb:6d:d2:75:c8:c0:0e:3f:f2:
2a:45:66:cf:0e:a1:81:62:79:e3:31:f4:89:62:2d:
e3:78:37:ca:76:2b:f6:d4:2a:a3:59:a9:6f:cd:b8:
50:c4:7c:78:41:b1:6e:27:05:13:a8:17:be:e4:2b:
ce:e2:ec:c9:59:c4:14:dc:dc:c5:36:0b:dd:87:0e:
c7:14:fd:94:18:f6:62:aa:4b:0e:6b:d1:91:b2:59:
5e:1c:5a:28:5c:4d:7a:06:57:22:87:e8:00:b7:24:
eb:e4:7b:fc:57:b8:42:d7:0b:13:cc:d7:44:2c:1c:
81:a3:d0:93:b7:32:0f:82:d9:ae:cb:30:64:87:2c:
4b:30:5f:0f:fa:c9:db:31:31:19:80:f3:80:7d:a5:
75:e6:49:c8:6a:8f:7f:c5:14:0e:97:93:42:a7:14:
51:a4:eb:04:3d:4e:c4:77:76:7e:09:ed:8b:36:18:
30:60:b3:35:ec:c9:39:05:0b:ef:f4:fa:63:93:41:
c5:f6:07:a1:00:f8:e1:ce:ea:c5:8d:88:f8:9d:97:
ca:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:59:F5:16:35:37:38:AA:20:7B:45:E2:F1:67:B5:E9:58:C9:42:81
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_Fn1FjU3OKoge0Xi8We16VjJQoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.59.31.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
27:83:ab:de:c9:bc:26:03:8b:7a:9f:14:25:30:3b:70:d5:ef:
69:07:bd:58:69:8d:1d:ac:ae:60:53:2c:9e:ee:1f:28:34:44:
36:fd:4d:4a:e6:c2:57:94:fa:b8:6c:cb:06:6b:71:1c:c4:c3:
71:93:9a:4f:be:bc:9a:25:31:df:38:36:1d:0a:1c:3a:bc:d1:
35:c0:ec:59:69:de:97:58:06:96:61:c8:83:98:09:36:ca:58:
da:9a:df:78:95:cd:65:3e:5b:5d:be:37:e9:ae:15:94:e3:8c:
5b:61:a9:f9:37:60:31:af:26:51:c0:65:03:de:fe:9a:e0:d6:
84:da:1f:e9:4d:ea:10:18:ed:8a:6c:00:d8:aa:f2:08:88:b8:
8f:36:01:9d:59:9f:a7:8f:cf:63:ec:37:a1:2b:b1:fa:da:03:
6c:01:82:67:ba:9c:95:15:b7:f8:af:59:8a:07:75:cd:1a:d2:
fd:f8:2e:21:08:52:d8:47:3a:e1:c2:1d:73:01:a4:ec:9e:b3:
2f:4c:2a:39:7b:4d:bf:f0:c5:0f:1d:a5:81:48:10:56:cc:31:
9b:65:bc:e6:e0:a4:d2:2a:56:79:f5:41:09:b8:c2:3a:c4:9e:
58:b1:cf:89:48:af:35:57:86:2d:96:fa:7c:3c:58:ff:b5:85:
6c:cf:91:e6
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAY5WTnJuHFXQU7DfzkMFE83HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE5MTA0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzU5ZjUxNjM1MzczOGFhMjA3YjQ1ZTJmMTY3YjVlOTU4Yzk0MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxI39uV+47C1/9fkTghFFvMvSlmj
hGTXYE6MqHa6wOIkRonJL6Zl//99Y/USJkE5fbS7bdJ1yMAOP/IqRWbPDqGBYnnj
MfSJYi3jeDfKdiv21CqjWalvzbhQxHx4QbFuJwUTqBe+5CvO4uzJWcQU3NzFNgvd
hw7HFP2UGPZiqksOa9GRslleHFooXE16Blcih+gAtyTr5Hv8V7hC1wsTzNdELByB
o9CTtzIPgtmuyzBkhyxLMF8P+snbMTEZgPOAfaV15knIao9/xRQOl5NCpxRRpOsE
PU7Ed3Z+Ce2LNhgwYLM17Mk5BQvv9Ppjk0HF9gehAPjhzurFjYj4nZfKAwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFPxZ9RY1NziqIHtF4vFntelYyUKBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX0ZuMUZqVTNPS29nZTBYaThXZTE2VmpKUW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABcd8YDBABc+TIDBABe
mqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogME
ALn23wMEAMEZ2QMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMI3uwME
AMI34QMEAMI7HwMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEAJ4Or3sm8JgOLep8U
JTA7cNXvaQe9WGmNHayuYFMsnu4fKDRENv1NSubCV5T6uGzLBmtxHMTDcZOaT768
miUx3zg2HQocOrzRNcDsWWnel1gGlmHIg5gJNspY2prfeJXNZT5bXb436a4VlOOM
W2Gp+TdgMa8mUcBlA97+muDWhNof6U3qEBjtimwA2KryCIi4jzYBnVmfp4/PY+w3
oSux+toDbAGCZ7qclRW3+K9Zigd1zRrS/fguIQhS2Ec64cIdcwGk7J6zL0wqOXtN
v/DFDx2lgUgQVswxm2W85uCk0ipWefVBCbjCOsSeWLHPiUivNVeGLZb6fDxY/7WF
bM+R5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org