Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/acqLXTlz6RigQnWHjZQdnAzUUD0.roa
File: acqLXTlz6RigQnWHjZQdnAzUUD0.roa (raw, json)
Hash identifier: fEOHZv7ITy0ZEfJc3aZBhYPILnmVuHH6ac7bfg2J/Po=
Subject key identifier: 69:CA:8B:5D:39:73:E9:18:A0:42:75:87:8D:94:1D:9C:0C:D4:50:3D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AA86D00C26078D35CD647B5C4F61DED1E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/acqLXTlz6RigQnWHjZQdnAzUUD0.roa
Signing time: Mon 18 Sep 2023 13:13:50 +0000
ROA not before: Mon 18 Sep 2023 13:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 85.217.145.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:6d:00:c2:60:78:d3:5c:d6:47:b5:c4:f6:1d:ed:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 18 13:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69ca8b5d3973e918a04275878d941d9c0cd4503d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3d:5d:56:0b:ba:e5:36:ac:23:42:62:76:6b:
f7:b3:91:b2:1e:be:a3:b2:b3:29:90:da:42:5a:9c:
eb:df:68:79:8f:86:c8:c5:ce:ac:5b:cd:2e:5a:8a:
d2:19:ad:55:ed:02:e9:45:01:49:55:18:41:2e:26:
fc:89:cd:f9:78:0e:8a:e9:11:04:c4:61:e1:90:6c:
20:50:ba:00:3d:5f:a3:9a:f2:00:1d:44:99:c5:61:
9c:e6:1a:64:2e:14:a8:37:de:52:34:b0:f2:f0:b5:
76:89:18:42:d8:c8:82:72:5c:5e:fd:f9:f9:32:33:
2a:fc:88:0a:7e:4b:30:72:84:32:ae:ef:6e:36:14:
9d:7c:ce:60:7b:40:04:3b:af:35:47:e9:bb:0f:a2:
c3:f1:93:66:66:73:64:ff:a6:71:50:67:77:a0:eb:
49:81:61:0c:6b:34:a3:d7:18:a7:89:60:80:04:18:
12:dc:c9:36:ea:b2:cd:dd:fd:a6:6a:d8:cd:d7:c7:
b3:a6:c5:24:11:c9:5d:de:a4:1b:a3:5f:c6:5b:fa:
9a:7a:71:b0:21:1b:07:71:f6:ea:fa:6e:f9:76:d6:
25:e9:af:a2:c0:2e:16:74:86:60:07:8d:76:73:93:
5d:44:5f:45:75:fe:5b:c7:7d:57:b2:cf:02:87:e7:
c6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CA:8B:5D:39:73:E9:18:A0:42:75:87:8D:94:1D:9C:0C:D4:50:3D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/acqLXTlz6RigQnWHjZQdnAzUUD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
80.76.50.0/24
85.217.145.0/24
93.123.85.0/24
176.125.252.0/24
185.222.163.0/24
193.42.34.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:11:56:01:f8:c6:32:36:00:18:9d:80:85:ac:da:0b:a0:1a:
3e:e7:42:c3:26:7f:8b:c9:62:93:d5:99:bc:bf:63:b2:6b:68:
30:b3:55:cd:01:f1:4a:78:81:6f:45:1c:66:0b:da:77:36:ce:
93:1d:7a:8f:83:f1:4f:79:ef:10:b3:68:29:36:2b:1e:03:b3:
fb:46:bd:eb:03:98:a3:2d:8f:b6:11:21:6a:3a:b4:84:b9:63:
77:13:b0:9a:5c:d4:e4:35:41:66:81:01:8f:a0:5a:db:da:54:
97:93:03:fc:d7:e5:5e:ab:bc:e1:8e:f0:21:b2:51:6a:92:e8:
0e:02:a4:c7:50:b6:88:c0:aa:0f:a9:22:1e:db:09:69:6a:dc:
0f:8e:96:45:d6:76:1a:fa:4d:26:d9:2e:d0:d7:34:6c:06:fd:
7b:e5:4c:a8:09:4d:23:fe:ac:8b:1c:c0:15:f4:6e:f7:0d:f3:
82:fa:bf:7f:55:80:77:98:fd:e5:54:e2:cf:9f:f4:d1:e3:b7:
cd:1f:39:36:da:78:88:82:90:5d:63:e7:32:21:5e:ee:2b:1b:
87:bb:e1:06:22:f4:c5:00:62:17:e3:ad:c5:c3:e4:41:58:9e:
63:95:95:33:c1:29:3a:57:6d:74:1d:08:e3:7c:fd:76:f5:6a:
3f:e4:f4:3e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYqobQDCYHjTXNZHtcT2He0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTE4MTMxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNhOGI1ZDM5NzNlOTE4YTA0Mjc1ODc4ZDk0MWQ5YzBjZDQ1MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz1dVgu65TasI0Jidmv3s5GyHr6j
srMpkNpCWpzr32h5j4bIxc6sW80uWorSGa1V7QLpRQFJVRhBLib8ic35eA6K6REE
xGHhkGwgULoAPV+jmvIAHUSZxWGc5hpkLhSoN95SNLDy8LV2iRhC2MiCclxe/fn5
MjMq/IgKfkswcoQyru9uNhSdfM5ge0AEO681R+m7D6LD8ZNmZnNk/6ZxUGd3oOtJ
gWEMazSj1xiniWCABBgS3Mk26rLN3f2matjN18ezpsUkEcld3qQbo1/GW/qaenGw
IRsHcfbq+m75dtYl6a+iwC4WdIZgB412c5NdRF9Fdf5bx31Xss8Ch+fGAwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGnKi105c+kYoEJ1h42UHZwM1FA9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYWNxTFhUbHo2UmlnUW5XSGpaUWRuQXpVVUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVRaAwQA
UEwyAwQAVdmRAwQAXXtVAwQAsH38AwQAud6jAwQAwSoiAwQAwjD5AwQAwjD7MA0G
CSqGSIb3DQEBCwUAA4IBAQCdEVYB+MYyNgAYnYCFrNoLoBo+50LDJn+LyWKT1Zm8
v2Oya2gws1XNAfFKeIFvRRxmC9p3Ns6THXqPg/FPee8Qs2gpNiseA7P7Rr3rA5ij
LY+2ESFqOrSEuWN3E7CaXNTkNUFmgQGPoFrb2lSXkwP81+Veq7zhjvAhslFqkugO
AqTHULaIwKoPqSIe2wlpatwPjpZF1nYa+k0m2S7Q1zRsBv175UyoCU0j/qyLHMAV
9G73DfOC+r9/VYB3mP3lVOLPn/TR47fNHzk22niIgpBdY+cyIV7uKxuHu+EGIvTF
AGIX463Fw+RBWJ5jlZUzwSk6V210HQjjfP129Wo/5PQ+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:37 2024 by rpki-client on console-ams.rpki-client.org