Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bYipkweAlUMkBJIF7IUAV3Armws.roa
File: bYipkweAlUMkBJIF7IUAV3Armws.roa (raw, json)
Hash identifier: HKRie2/I1VvwlHGQ6Cl/x4JJIfDQu+TMsusDieRjzmc=
Subject key identifier: 6D:88:A9:93:07:80:95:43:24:04:92:05:EC:85:00:57:70:2B:9B:0B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EF6A7A7E87A728BEFD9EBD5BF18C38B67
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bYipkweAlUMkBJIF7IUAV3Armws.roa
Signing time: Fri 19 Apr 2024 13:59:26 +0000
ROA not before: Fri 19 Apr 2024 13:59:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.163.0/24 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:a7:a7:e8:7a:72:8b:ef:d9:eb:d5:bf:18:c3:8b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 19 13:59:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d88a9930780954324049205ec850057702b9b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:25:89:9e:df:a0:4e:56:65:39:7d:2b:7d:23:
f8:cb:53:c5:81:09:6e:fa:94:94:d2:89:3b:15:f2:
9e:b4:34:80:85:fb:f3:b9:ec:70:da:91:06:0f:4a:
c3:8b:dc:5a:23:f5:94:37:f0:34:df:0d:ed:1b:c1:
d7:19:36:a3:57:c2:76:93:91:5b:f1:68:9a:17:72:
e4:e3:f8:88:9a:33:57:a5:49:9f:ca:07:f4:52:76:
e7:a1:dc:56:cf:b9:5c:70:06:d1:58:9d:e4:70:e4:
54:ff:d6:99:17:20:f5:32:32:3a:35:1a:58:3a:16:
04:54:8c:75:09:bd:f8:1e:39:d4:f2:a9:68:8d:8a:
70:9e:c1:21:7c:42:67:0c:aa:c0:9d:1e:2d:9d:aa:
fc:0a:58:4b:f5:1c:90:8b:89:04:d5:35:56:b5:50:
77:52:ba:70:23:28:ef:22:db:2c:e1:93:63:b3:90:
58:a4:87:19:67:a1:bf:19:27:a3:a4:63:4e:c9:f8:
08:d9:71:61:c9:be:96:3e:10:94:d2:4b:36:18:7c:
23:94:5a:ac:af:cd:06:49:6f:a4:c1:e0:03:0c:09:
0c:2e:11:7f:9c:90:ae:84:b7:fc:0f:a7:f3:92:ce:
7f:ba:d3:f5:c7:ca:34:6b:00:03:d1:13:e3:e5:99:
32:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:88:A9:93:07:80:95:43:24:04:92:05:EC:85:00:57:70:2B:9B:0B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bYipkweAlUMkBJIF7IUAV3Armws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.88.88.0/24
45.151.89.0/24
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.239.0/24
95.214.25.0-95.214.26.255
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
194.48.248.0/24
194.55.186.0/24
194.55.224.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:e8:f5:5d:15:21:19:2d:bf:4b:7c:63:3a:96:9e:07:ed:c7:
b6:a5:7e:b0:d4:0b:b4:6f:13:60:2f:7e:4a:b8:8c:7b:7b:1b:
b8:a6:52:f0:55:0f:17:54:28:db:3e:5b:1a:3d:ec:9d:f1:d8:
e8:0b:94:54:de:48:39:54:d5:db:2c:b9:fb:9a:d6:b9:15:fa:
5c:f0:3e:80:77:7c:8e:27:d5:2b:03:d9:1b:1b:02:9e:c6:36:
ed:c5:8e:5b:b3:4a:8b:fb:05:e8:1f:3a:73:da:fe:7d:e6:af:
18:4a:7e:95:c9:b8:35:83:23:53:a5:19:30:1e:94:08:20:69:
1e:6a:59:39:a3:72:b3:74:de:ff:3f:c3:f5:dd:45:01:30:6e:
e3:56:14:03:7f:6e:01:cf:df:5d:b9:c6:68:60:41:72:1d:2d:
b1:ec:c3:7e:07:d0:36:e3:94:f8:1b:5d:d8:91:ab:36:b8:42:
2d:c6:4c:6b:96:7c:c7:3a:dc:f3:fc:7f:4c:3a:3d:35:19:81:
56:65:c2:54:2f:6b:ee:1b:93:39:65:af:79:31:1e:ee:31:cc:
d7:43:f5:95:e7:86:ba:70:11:18:53:a7:ef:3f:f6:aa:ca:67:
ac:5e:36:d9:3f:f6:cb:c9:c0:c3:e8:60:e3:66:0e:1a:74:38:
48:d5:5a:2e
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY72p6foenKL79nr1b8Yw4tnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDE5MTM1OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDg4YTk5MzA3ODA5NTQzMjQwNDkyMDVlYzg1MDA1NzcwMmI5YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCWJnt+gTlZlOX0rfSP4y1PFgQlu
+pSU0ok7FfKetDSAhfvzuexw2pEGD0rDi9xaI/WUN/A03w3tG8HXGTajV8J2k5Fb
8WiaF3Lk4/iImjNXpUmfygf0UnbnodxWz7lccAbRWJ3kcORU/9aZFyD1MjI6NRpY
OhYEVIx1Cb34HjnU8qlojYpwnsEhfEJnDKrAnR4tnar8ClhL9RyQi4kE1TVWtVB3
UrpwIyjvItss4ZNjs5BYpIcZZ6G/GSejpGNOyfgI2XFhyb6WPhCU0ks2GHwjlFqs
r80GSW+kweADDAkMLhF/nJCuhLf8D6fzks5/utP1x8o0awAD0RPj5Zky5wIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFG2IqZMHgJVDJASSBeyFAFdwK5sLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYllpcGt3ZUFsVU1rQkpJRjdJVUFWM0FybXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAt
CZwDBAAtWFgDBAAtl1kDBABT22EDBAFUFa4DBABXeFcDBABXeS0DBAFXeVYDBABX
ed0DBAFcd8QDBAJemqADBAFenEgDBABenO8wDAMEAF/WGQMEAF/WGgMEAJNOZgME
AqsWSAMEALLX4AMEALLX7AMEArnYVAMEArnaVAMEAcEqIAMEAMIw+AMEAMI3ugME
AMI34AMEAMI7HzANBgkqhkiG9w0BAQsFAAOCAQEAW+j1XRUhGS2/S3xjOpaeB+3H
tqV+sNQLtG8TYC9+SriMe3sbuKZS8FUPF1Qo2z5bGj3snfHY6AuUVN5IOVTV2yy5
+5rWuRX6XPA+gHd8jifVKwPZGxsCnsY27cWOW7NKi/sF6B86c9r+feavGEp+lcm4
NYMjU6UZMB6UCCBpHmpZOaNys3Te/z/D9d1FATBu41YUA39uAc/fXbnGaGBBch0t
sezDfgfQNuOU+Btd2JGrNrhCLcZMa5Z8xzrc8/x/TDo9NRmBVmXCVC9r7huTOWWv
eTEe7jHM10P1leeGunARGFOn7z/2qspnrF422T/2y8nAw+hg42YOGnQ4SNVaLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org