Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_LpnVB63RpKFRgyVeGQ7TV4W8Bk.roa
File: _LpnVB63RpKFRgyVeGQ7TV4W8Bk.roa (raw, json)
Hash identifier: j1sdgmHwHmMSacKRBnMLpWSY1dakDeOXw7osvUESdaI=
Subject key identifier: FC:BA:67:54:1E:B7:46:92:85:46:0C:95:78:64:3B:4D:5E:16:F0:19
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187755A5BAF8628FB1F811EC7837B3551ED
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_LpnVB63RpKFRgyVeGQ7TV4W8Bk.roa
Signing time: Wed 12 Apr 2023 12:04:28 +0000
ROA not before: Wed 12 Apr 2023 12:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
194.49.87.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:5a:5b:af:86:28:fb:1f:81:1e:c7:83:7b:35:51:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 12 12:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcba67541eb7469285460c9578643b4d5e16f019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:18:1d:6e:2d:95:fb:f9:66:8b:bd:b2:9d:d8:
80:de:69:8b:23:df:68:79:4a:d7:80:b3:22:62:d4:
07:52:a0:e5:41:7f:b0:85:d5:3a:c3:59:66:84:f5:
72:ba:61:bd:8b:5c:85:7d:f2:f4:97:81:48:63:f2:
b3:06:9e:fb:3b:e6:b9:cd:d2:bc:4d:30:7e:80:92:
2a:92:6e:64:2c:59:a0:98:c6:08:7a:de:5b:53:e3:
d3:5b:8d:14:91:2d:3c:65:05:a8:82:c2:74:b0:d7:
c9:d4:12:00:57:e2:f7:7d:4b:19:71:89:38:b9:5f:
2c:28:c1:83:a3:c2:cd:c8:6c:32:52:e9:e0:d2:27:
a5:2c:1d:a1:89:af:12:32:93:ca:a4:75:55:77:48:
d9:e0:48:0a:08:3e:cc:9c:ed:97:0d:a7:40:d9:83:
5c:41:0c:bb:2d:1c:9f:9e:f6:9a:7a:c5:52:df:16:
9e:47:39:8d:b5:56:d6:da:ee:bf:62:61:a8:f5:bc:
dd:f8:56:9e:db:e0:25:a9:98:ed:7d:3b:3d:7f:1d:
5b:bc:52:e2:58:b8:21:24:29:09:69:8a:cf:0d:e3:
bc:2f:97:79:18:ea:c4:8d:83:e0:5b:a4:9a:5d:06:
00:c7:95:a5:a4:1a:6f:18:24:e6:a9:e9:97:62:b1:
51:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BA:67:54:1E:B7:46:92:85:46:0C:95:78:64:3B:4D:5E:16:F0:19
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_LpnVB63RpKFRgyVeGQ7TV4W8Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.19.0/24
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
193.25.217.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0f:e5:42:ea:7a:9c:ba:b3:14:da:a0:fb:de:37:0b:9c:ca:
18:ec:66:77:94:10:57:dc:3b:ce:a2:df:70:30:55:12:28:2d:
99:c1:1c:83:11:e8:44:4f:d4:5e:9f:63:84:7b:aa:99:5c:cb:
8e:ac:84:b1:8b:d7:45:5c:19:92:d4:8e:03:4c:f1:2d:4c:a3:
24:ac:0e:d7:08:a1:d5:19:a3:c1:44:eb:f7:24:ec:55:0c:8d:
9d:06:93:0d:b4:b5:ef:80:24:c1:7b:fe:d1:69:b6:13:d9:1b:
b8:cc:45:1b:74:9a:3b:5e:41:99:9c:fc:cf:30:cc:f9:0c:61:
9e:5b:8d:a0:54:6e:33:51:67:3b:a3:e6:0e:02:b2:06:c7:09:
c4:2e:2d:c0:a6:73:8f:99:4c:5c:6e:a3:c3:28:4c:c7:74:c1:
b7:d0:aa:69:66:ac:07:ef:6e:36:d8:97:6b:73:f0:b2:05:cf:
d5:fa:26:c0:80:8c:8c:0e:75:09:a2:f1:b2:83:55:c6:8f:49:
54:90:49:a0:6a:65:18:69:d5:04:96:20:a0:87:ae:8e:0d:82:
9d:4c:64:cf:b9:70:d7:8d:8c:e2:4e:24:f8:e5:bd:8a:e4:63:
13:a5:dd:df:2c:78:ed:8c:24:e2:24:95:c6:d0:9d:7f:dd:6c:
7c:c3:75:27
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYd1Wluvhij7H4Eex4N7NVHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEyMTIwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2JhNjc1NDFlYjc0NjkyODU0NjBjOTU3ODY0M2I0ZDVlMTZmMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBgdbi2V+/lmi72yndiA3mmLI99o
eUrXgLMiYtQHUqDlQX+whdU6w1lmhPVyumG9i1yFffL0l4FIY/KzBp77O+a5zdK8
TTB+gJIqkm5kLFmgmMYIet5bU+PTW40UkS08ZQWogsJ0sNfJ1BIAV+L3fUsZcYk4
uV8sKMGDo8LNyGwyUung0ielLB2hia8SMpPKpHVVd0jZ4EgKCD7MnO2XDadA2YNc
QQy7LRyfnvaaesVS3xaeRzmNtVbW2u6/YmGo9bzd+Fae2+AlqZjtfTs9fx1bvFLi
WLghJCkJaYrPDeO8L5d5GOrEjYPgW6SaXQYAx5WlpBpvGCTmqemXYrFR2QIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFPy6Z1Qet0aShUYMlXhkO01eFvAZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX0xwblZCNjNScEtGUmd5VmVHUTdUVjRXOEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAt
gOkDBAAtlekDBAAtl1kDBABSc9EDBABUNjEDBAFXeEADBABXedwDBAFcd8QDBABe
Z30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAMEAKsWEwMEAqsWSAME
AbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEAMEZ2QMEAMIxVzANBgkqhkiG
9w0BAQsFAAOCAQEAUg/lQup6nLqzFNqg+943C5zKGOxmd5QQV9w7zqLfcDBVEigt
mcEcgxHoRE/UXp9jhHuqmVzLjqyEsYvXRVwZktSOA0zxLUyjJKwO1wih1RmjwUTr
9yTsVQyNnQaTDbS174AkwXv+0Wm2E9kbuMxFG3SaO15BmZz8zzDM+QxhnluNoFRu
M1FnO6PmDgKyBscJxC4twKZzj5lMXG6jwyhMx3TBt9CqaWasB+9uNtiXa3PwsgXP
1fomwICMjA51CaLxsoNVxo9JVJBJoGplGGnVBJYgoIeujg2CnUxkz7lw142M4k4k
+OW9iuRjE6Xd3yx47Ywk4iSVxtCdf91sfMN1Jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org