Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a00ALQ-zfmZYiEp315ZQun5Z16s.roa
File: a00ALQ-zfmZYiEp315ZQun5Z16s.roa (raw, json)
Hash identifier: DvNWj8rKb7eCjdtqRXMtxr8FjIxm/MqLtLhqX8P7x6w=
Subject key identifier: 6B:4D:00:2D:0F:B3:7E:66:58:88:4A:77:D7:96:50:BA:7E:59:D7:AB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BECBB54C2469433750AE29A6E04E2506A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a00ALQ-zfmZYiEp315ZQun5Z16s.roa
Signing time: Mon 20 Nov 2023 12:36:21 +0000
ROA not before: Mon 20 Nov 2023 12:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 45.9.156.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:bb:54:c2:46:94:33:75:0a:e2:9a:6e:04:e2:50:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 20 12:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b4d002d0fb37e6658884a77d79650ba7e59d7ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ce:6a:5e:23:13:46:84:bd:0f:16:1b:18:c2:
ec:5b:1e:c3:9a:86:5d:d8:61:7c:c1:cf:3e:0c:df:
36:1d:9c:5c:a1:de:fc:0c:f8:4e:a5:3c:84:65:26:
3e:5e:64:b7:37:18:42:f4:11:17:ca:cc:45:fc:dc:
04:3d:e4:d8:09:4c:90:b1:e5:2b:5f:95:fa:68:00:
94:5d:d6:f2:cf:d0:09:60:20:49:41:2b:2d:24:08:
92:77:57:9b:57:82:2f:10:5d:92:c2:60:73:61:0d:
13:8e:4d:32:a4:b6:f9:bd:2a:f7:1c:c1:70:61:8f:
f1:ba:34:0e:65:ba:11:a6:c1:c6:ce:b8:b1:c5:e4:
2a:1c:c7:d3:a3:d3:e7:05:11:1b:ec:97:5a:7c:00:
87:d7:bd:46:90:99:bd:5f:08:bc:d6:a0:bd:26:45:
2b:e2:cc:8d:c2:8d:33:6a:ea:91:cc:b7:fa:0e:de:
0b:3f:b8:51:21:c1:c6:df:1a:3b:f1:d5:ae:12:4f:
82:99:3f:ce:93:2a:f2:f9:18:60:3d:ca:cd:2b:aa:
62:95:f9:fa:11:4a:c3:d2:09:15:18:95:07:db:c7:
f7:87:3d:bd:2a:11:cd:91:7f:55:f5:56:50:0c:fa:
06:51:6b:62:d6:ca:d5:ac:83:f9:36:9f:74:e7:b2:
5d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4D:00:2D:0F:B3:7E:66:58:88:4A:77:D7:96:50:BA:7E:59:D7:AB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a00ALQ-zfmZYiEp315ZQun5Z16s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
83.219.97.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
178.215.238.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
98:53:f2:c0:ec:e7:8e:2d:81:66:92:d5:07:60:60:10:dc:87:
0c:3e:a3:23:4f:3e:b2:18:54:cb:df:18:3d:31:d2:10:02:6d:
68:5e:ac:d4:40:de:d2:14:1d:74:82:5e:0d:fe:d8:d6:09:15:
ca:a4:e2:84:3b:24:0d:ea:e6:87:2f:6f:8a:a5:d5:a3:5d:06:
a6:7d:6c:ff:85:b0:ea:08:6c:0f:87:8a:47:fe:52:02:ac:b9:
0b:66:9e:fc:87:f2:03:15:32:6a:3b:5e:b0:a8:d5:f0:25:45:
f8:2f:1e:ad:11:e3:24:2c:62:78:5f:72:bd:bf:8a:c4:44:50:
38:36:47:a7:30:94:3d:69:40:d0:c8:dd:5c:ea:a0:f9:e9:08:
50:50:75:b9:37:59:cb:6e:2d:94:60:9c:92:9c:12:78:2a:ff:
56:c5:1b:ed:83:72:73:8e:de:a7:22:e5:8c:bb:d0:5e:3e:e7:
4a:59:63:a0:8b:2a:c5:8d:c7:39:87:f7:97:c2:48:5f:49:b8:
4c:4b:59:49:fd:98:f8:db:86:57:42:66:fc:9f:b6:46:65:8e:
0c:d1:0a:2f:46:fa:e9:48:fb:c1:3b:32:5c:b8:8c:42:88:f0:
b4:eb:c1:bb:0c:36:7a:fa:1e:c5:f6:e6:fe:33:ac:ed:c7:6e:
2e:21:1d:c1
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYvsu1TCRpQzdQrimm4E4lBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIwMTIzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjRkMDAyZDBmYjM3ZTY2NTg4ODRhNzdkNzk2NTBiYTdlNTlkN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3M5qXiMTRoS9DxYbGMLsWx7DmoZd
2GF8wc8+DN82HZxcod78DPhOpTyEZSY+XmS3NxhC9BEXysxF/NwEPeTYCUyQseUr
X5X6aACUXdbyz9AJYCBJQSstJAiSd1ebV4IvEF2SwmBzYQ0Tjk0ypLb5vSr3HMFw
YY/xujQOZboRpsHGzrixxeQqHMfTo9PnBREb7JdafACH171GkJm9Xwi81qC9JkUr
4syNwo0zauqRzLf6Dt4LP7hRIcHG3xo78dWuEk+CmT/Okyry+RhgPcrNK6pilfn6
EUrD0gkVGJUH28f3hz29KhHNkX9V9VZQDPoGUWti1srVrIP5Np9057Jd8QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFGtNAC0Ps35mWIhKd9eWULp+WderMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYTAwQUxRLXpmbVpZaUVwMzE1WlF1bjVaMTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAl
i4IDBAAtCZwDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABPbj0DBABRoeYDBABR
oe8DBABT22EDBAFXeXwDBABXeaIDBAJbyMADBABc+TADBABemqwDBABenPgDBABe
nPoDBAGTTmQwDAMEAKsWEQMEAKsWEgMEAKsWHwMEALLX4gMEALLX7gMEAMEZ2AME
AMEjEwMEAMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAmFPywOznji2BZpLVB2BgENyH
DD6jI08+shhUy98YPTHSEAJtaF6s1EDe0hQddIJeDf7Y1gkVyqTihDskDermhy9v
iqXVo10Gpn1s/4Ww6ghsD4eKR/5SAqy5C2ae/IfyAxUyajtesKjV8CVF+C8erRHj
JCxieF9yvb+KxERQODZHpzCUPWlA0MjdXOqg+ekIUFB1uTdZy24tlGCckpwSeCr/
VsUb7YNyc47epyLljLvQXj7nSlljoIsqxY3HOYf3l8JIX0m4TEtZSf2Y+NuGV0Jm
/J+2RmWODNEKL0b66Uj7wTsyXLiMQojwtOvBuww2evoexfbm/jOs7cduLiEdwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org