Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_sKgi85ZCfp4pCy3CRHSE1eNXe0.roa
File: _sKgi85ZCfp4pCy3CRHSE1eNXe0.roa (raw, json)
Hash identifier: 6mXrKXpyqihoQDHLr5ERnbZF5i447AlectE3MDZzqtc=
Subject key identifier: FE:C2:A0:8B:CE:59:09:FA:78:A4:2C:B7:09:11:D2:13:57:8D:5D:ED
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01867D9EB2285CC545D9ABFAF7E447FD1D4C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_sKgi85ZCfp4pCy3CRHSE1eNXe0.roa
Signing time: Thu 23 Feb 2023 09:33:17 +0000
ROA not before: Thu 23 Feb 2023 09:33:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
45.81.240.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:9e:b2:28:5c:c5:45:d9:ab:fa:f7:e4:47:fd:1d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 23 09:33:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fec2a08bce5909fa78a42cb70911d213578d5ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:8e:82:33:77:06:18:39:c3:2e:b9:9f:60:
c5:b9:bb:4e:ad:7b:98:22:49:15:2b:d4:05:b9:fa:
07:7e:fd:55:f9:fc:ae:d3:b2:04:e4:cf:10:ad:82:
3f:b5:ef:6c:81:a0:66:b7:1b:f3:29:15:fe:b1:92:
3b:37:0f:e4:dd:55:2a:78:22:51:61:cb:f7:9e:15:
70:0c:81:3a:9b:85:3b:27:c0:e5:5e:5e:0b:58:f2:
d4:ac:f1:9e:c2:cb:3f:c2:24:43:ce:8c:f1:61:f9:
36:f8:c9:df:65:22:8d:90:08:7e:4f:21:1d:0b:c4:
b3:4c:4d:14:7c:69:c8:fa:2b:c0:f8:13:d0:29:73:
62:18:e4:89:96:f1:89:8e:59:92:16:90:7a:13:ec:
4b:a7:3b:f6:e9:f3:79:b0:3c:06:ba:af:4b:a2:ce:
e6:28:8f:14:02:85:b5:bf:55:98:d7:c5:c7:5d:77:
68:dd:bb:7e:d0:26:17:6d:d0:78:93:93:87:96:20:
69:c1:9f:da:d1:83:1b:1e:d0:ad:64:23:23:28:e3:
18:64:6a:e5:86:e9:64:75:ba:d9:01:96:80:4f:5d:
2e:b3:35:3d:bd:a6:b2:f5:6a:7a:fc:2b:ef:2c:f6:
15:0f:15:87:de:7a:b3:96:c5:71:dd:a1:ef:7e:8f:
61:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C2:A0:8B:CE:59:09:FA:78:A4:2C:B7:09:11:D2:13:57:8D:5D:ED
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_sKgi85ZCfp4pCy3CRHSE1eNXe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.240.0/24
45.151.89.0/24
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
171.22.19.0/24
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
11:78:a7:a8:2c:85:c4:29:b2:83:3c:1f:35:f2:93:7d:c0:8b:
cd:4f:0c:a9:a9:aa:1b:da:1c:17:13:dc:5d:c7:07:e6:ad:b9:
97:8d:a3:87:64:bb:4d:1c:e9:f8:7a:24:cf:04:ff:f5:31:33:
a7:19:b7:b4:b1:16:1f:2b:79:0f:de:24:37:ab:32:4c:88:bd:
18:7b:73:68:11:bd:e9:6c:6f:ed:a0:2f:96:cb:ec:19:ae:14:
a2:88:49:73:17:63:56:28:df:b9:5e:90:94:d9:e0:52:ab:e3:
b6:57:9c:42:a9:36:0b:00:cf:b0:99:5d:5f:99:95:c3:ef:19:
71:74:43:f8:cf:16:81:7d:b4:43:38:79:10:8a:05:16:50:dc:
2f:1a:83:a4:80:3d:97:fb:fe:3d:8a:3e:c0:c2:bb:b5:35:2d:
b0:c4:cf:1e:3e:5f:43:56:4b:5a:97:06:61:d7:cd:50:57:4d:
32:bf:cb:2f:fb:c0:e2:90:3d:f5:f5:8e:57:0a:e7:27:7b:d2:
a3:e0:5a:e4:09:71:32:c2:94:8c:f9:5c:09:90:c4:00:90:28:
3d:cb:72:d8:1c:55:ae:c2:e5:c5:94:b6:d7:7c:70:5f:90:86:
9e:5b:f7:48:0e:af:ed:72:ec:e4:bc:90:77:0c:b5:d5:dd:e1:
10:95:3e:c3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYZ9nrIoXMVF2av69+RH/R1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjIzMDkzMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWMyYTA4YmNlNTkwOWZhNzhhNDJjYjcwOTExZDIxMzU3OGQ1ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWaOgjN3Bhg5wy65n2DFubtOrXuY
IkkVK9QFufoHfv1V+fyu07IE5M8QrYI/te9sgaBmtxvzKRX+sZI7Nw/k3VUqeCJR
Ycv3nhVwDIE6m4U7J8DlXl4LWPLUrPGewss/wiRDzozxYfk2+MnfZSKNkAh+TyEd
C8SzTE0UfGnI+ivA+BPQKXNiGOSJlvGJjlmSFpB6E+xLpzv26fN5sDwGuq9Los7m
KI8UAoW1v1WY18XHXXdo3bt+0CYXbdB4k5OHliBpwZ/a0YMbHtCtZCMjKOMYZGrl
hulkdbrZAZaAT10uszU9vaay9Wp6/CvvLPYVDxWH3nqzlsVx3aHvfo9hRQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFP7CoIvOWQn6eKQstwkR0hNXjV3tMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX3NLZ2k4NVpDZnA0cEN5M0NSSFNFMWVOWGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALVHwAwQA
LZdZAwQBV3l8AwQBXHfEMAwDBABemqEDBAJemqADBACrFhMDBAKrFkgDBACy1+wD
BAK52FQDBAK52lQDBAC52okDBAC5234DBAC5/LAwDQYJKoZIhvcNAQELBQADggEB
ABF4p6gshcQpsoM8HzXyk33Ai81PDKmpqhvaHBcT3F3HB+atuZeNo4dku00c6fh6
JM8E//UxM6cZt7SxFh8reQ/eJDerMkyIvRh7c2gRvelsb+2gL5bL7BmuFKKISXMX
Y1Yo37lekJTZ4FKr47ZXnEKpNgsAz7CZXV+ZlcPvGXF0Q/jPFoF9tEM4eRCKBRZQ
3C8ag6SAPZf7/j2KPsDCu7U1LbDEzx4+X0NWS1qXBmHXzVBXTTK/yy/7wOKQPfX1
jlcK5yd70qPgWuQJcTLClIz5XAmQxACQKD3LctgcVa7C5cWUttd8cF+Qhp5b90gO
r+1y7OS8kHcMtdXd4RCVPsM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org