Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bon60ezOSj8vEVPm6AuhxYqCFow.roa
File: bon60ezOSj8vEVPm6AuhxYqCFow.roa (raw, json)
Hash identifier: X6qhXaK1AbbWtHeRcPxfhu/fQ/ildnQdcPdmyG2fvvc=
Subject key identifier: 6E:89:FA:D1:EC:CE:4A:3F:2F:11:53:E6:E8:0B:A1:C5:8A:82:16:8C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189549B9DC23DD1A8294DAF561E491B19B9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bon60ezOSj8vEVPm6AuhxYqCFow.roa
Signing time: Fri 14 Jul 2023 13:33:51 +0000
ROA not before: Fri 14 Jul 2023 13:33:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 83.143.112.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:9b:9d:c2:3d:d1:a8:29:4d:af:56:1e:49:1b:19:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 14 13:33:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e89fad1ecce4a3f2f1153e6e80ba1c58a82168c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:53:e6:4d:56:54:5f:a7:aa:6b:63:e0:2a:63:
45:62:44:75:17:22:4e:48:ed:6d:63:27:79:19:3f:
2c:47:2f:ed:a9:50:0f:6f:a0:4e:11:23:af:c2:bf:
3c:95:76:6e:54:ef:44:8d:a4:92:a5:08:03:78:ff:
b3:f8:61:09:c8:da:96:18:af:35:d0:64:62:35:a5:
4d:90:d6:a1:44:17:a6:53:a2:0d:b0:8b:32:c0:01:
13:62:03:b2:0a:66:72:ac:78:14:91:7f:4f:c3:da:
8f:41:ef:ed:1c:eb:83:6f:98:05:09:a8:74:d1:b0:
d0:8b:a8:12:60:1d:f3:f0:03:e4:65:52:3c:c3:3b:
21:3b:0f:7f:3c:81:43:ca:5c:72:85:60:3c:92:46:
5b:29:94:e7:f3:ad:d1:12:e2:ab:a9:73:4b:4c:d4:
12:a0:5e:9b:7c:86:42:c1:b8:be:84:4c:1a:e6:72:
b8:40:5b:ff:63:a0:f1:b9:5e:16:aa:49:0a:82:3f:
9f:91:4a:90:98:b6:6a:e4:d5:67:d8:88:02:2a:20:
4d:c5:6e:a0:63:7c:79:0b:cc:9b:5e:c1:43:40:23:
ac:01:99:50:11:c8:3f:42:f2:00:40:68:31:2e:83:
b8:c9:47:b8:20:45:6e:43:60:c4:25:97:78:68:cb:
50:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:89:FA:D1:EC:CE:4A:3F:2F:11:53:E6:E8:0B:A1:C5:8A:82:16:8C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bon60ezOSj8vEVPm6AuhxYqCFow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.128.99.0/24
45.149.233.0/24
79.110.50.0/24
83.143.112.0/23
85.209.132.0/24
85.217.145.0/24
87.121.69.0/24
176.125.252.0/24
178.215.237.0/24
185.222.163.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:06:3f:0c:f1:e9:ce:28:ce:bc:bc:e8:04:ca:4b:67:88:54:
2a:9e:b5:07:14:e5:3d:dd:25:46:7c:88:80:1d:f9:65:10:1d:
6a:1c:3d:12:83:a4:dd:ac:87:58:98:97:55:9a:9f:5a:91:75:
60:0f:84:06:c9:97:61:42:c0:b3:05:ca:19:4a:5e:79:79:a4:
af:3e:c7:99:58:a6:a7:91:fb:5b:00:08:97:85:61:3f:0d:07:
71:57:74:7c:05:d2:e1:d2:ad:53:76:53:1c:b3:4f:37:51:59:
e1:16:5c:59:c5:c6:53:f8:15:f5:38:da:45:a6:bd:77:69:44:
a9:af:16:f0:b9:f3:0d:88:57:9b:47:06:98:e0:da:41:56:12:
f1:21:3f:2f:47:cc:fe:bb:6f:34:0e:fe:e1:18:8b:15:66:e4:
e0:65:40:d8:a7:19:6b:cd:a0:d3:d4:f4:04:0f:ae:a4:73:58:
f3:c9:1f:45:3f:24:b9:5b:78:11:fa:3c:ac:c1:9b:47:ac:41:
b9:49:64:1e:fb:f7:22:0b:c1:88:cd:c0:a5:11:26:fc:45:98:
2a:f9:d9:36:02:79:0a:d4:2e:fb:94:71:1c:76:a4:b3:ae:44:
c8:75:63:30:76:5f:a6:a1:d8:81:74:bf:a8:fd:b1:73:c8:29:
87:8e:83:de
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYlUm53CPdGoKU2vVh5JGxm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzE0MTMzMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTg5ZmFkMWVjY2U0YTNmMmYxMTUzZTZlODBiYTFjNThhODIxNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlPmTVZUX6eqa2PgKmNFYkR1FyJO
SO1tYyd5GT8sRy/tqVAPb6BOESOvwr88lXZuVO9EjaSSpQgDeP+z+GEJyNqWGK81
0GRiNaVNkNahRBemU6INsIsywAETYgOyCmZyrHgUkX9Pw9qPQe/tHOuDb5gFCah0
0bDQi6gSYB3z8APkZVI8wzshOw9/PIFDylxyhWA8kkZbKZTn863REuKrqXNLTNQS
oF6bfIZCwbi+hEwa5nK4QFv/Y6DxuV4WqkkKgj+fkUqQmLZq5NVn2IgCKiBNxW6g
Y3x5C8ybXsFDQCOsAZlQEcg/QvIAQGgxLoO4yUe4IEVuQ2DEJZd4aMtQmwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFG6J+tHszko/LxFT5ugLocWKghaMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYm9uNjBlek9Tajh2RVZQbTZBdWh4WXFDRm93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALVRaAwQA
LYBjAwQALZXpAwQAT24yAwQBU49wAwQAVdGEAwQAVdmRAwQAV3lFAwQAsH38AwQA
stftAwQAud6jAwQAwSoiAwQAwS88AwQAwS8/AwQAwjD5AwQAwjD7MA0GCSqGSIb3
DQEBCwUAA4IBAQCPBj8M8enOKM68vOgEyktniFQqnrUHFOU93SVGfIiAHfllEB1q
HD0Sg6TdrIdYmJdVmp9akXVgD4QGyZdhQsCzBcoZSl55eaSvPseZWKankftbAAiX
hWE/DQdxV3R8BdLh0q1TdlMcs083UVnhFlxZxcZT+BX1ONpFpr13aUSprxbwufMN
iFebRwaY4NpBVhLxIT8vR8z+u280Dv7hGIsVZuTgZUDYpxlrzaDT1PQED66kc1jz
yR9FPyS5W3gR+jyswZtHrEG5SWQe+/ciC8GIzcClESb8RZgq+dk2AnkK1C77lHEc
dqSzrkTIdWMwdl+modiBdL+o/bFzyCmHjoPe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org