Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cHDin_hZuiQejdWDWmqChbkSISU.roa
File: cHDin_hZuiQejdWDWmqChbkSISU.roa (raw, json)
Hash identifier: GD/PJnwukaSqFKiPU4UUE3WSXU9vj9oi7mHGhd8E2M4=
Subject key identifier: 70:70:E2:9F:F8:59:BA:24:1E:8D:D5:83:5A:6A:82:85:B9:12:21:25
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01857CDE9F14E39324C3C18BF6D8CD2250B9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cHDin_hZuiQejdWDWmqChbkSISU.roa
Signing time: Wed 04 Jan 2023 13:00:42 +0000
ROA not before: Wed 04 Jan 2023 13:00:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 45.90.88.0/22 maxlen: 24
45.12.254.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
84.21.173.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
195.178.121.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.238.0/23 maxlen: 24
84.54.49.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
193.222.98.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
185.221.67.0/24 maxlen: 24
79.110.48.0/23 maxlen: 24
194.49.87.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
194.49.95.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:de:9f:14:e3:93:24:c3:c1:8b:f6:d8:cd:22:50:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 4 13:00:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7070e29ff859ba241e8dd5835a6a8285b9122125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:40:1b:92:dd:dd:87:14:8e:66:72:86:d6:9f:
37:ba:93:f4:9e:68:2c:b2:cd:ba:ed:d9:9a:82:00:
98:27:6e:3f:89:19:09:fd:76:f2:36:53:06:a6:23:
ed:be:92:aa:9e:56:64:bf:e6:4c:69:48:eb:96:67:
7d:7a:7d:27:13:d8:82:31:92:3d:fd:1f:72:cf:87:
46:d3:cd:41:02:b2:a2:c1:68:88:23:e1:af:7a:62:
a1:07:82:c8:71:45:11:13:db:73:5d:7c:1a:49:97:
72:71:13:3f:fd:a5:2a:cd:1e:8b:f8:7d:48:29:96:
72:ee:f7:05:84:8f:d3:05:cd:82:c1:d6:d6:24:d1:
1e:8f:5a:f1:0b:17:1d:ad:b9:d8:74:b5:ae:45:3c:
c8:eb:be:c1:0a:f8:a5:b4:ee:91:a1:63:9c:82:b2:
a1:62:f1:90:ea:85:f8:81:39:10:71:23:d0:5f:8b:
60:09:7c:8a:a7:c9:da:8e:82:9e:82:5a:dd:50:b8:
82:bd:cf:a0:0a:46:e4:0f:c2:b8:8c:7a:37:9c:ff:
87:20:22:cc:bf:5e:ba:77:ee:a8:07:16:68:05:d8:
a1:60:35:1c:5e:1a:8c:32:85:2d:22:03:36:68:0e:
b8:7a:29:f3:e6:8d:2f:99:f3:b1:48:66:b2:d9:d8:
c0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:70:E2:9F:F8:59:BA:24:1E:8D:D5:83:5A:6A:82:85:B9:12:21:25
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cHDin_hZuiQejdWDWmqChbkSISU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.90.88.0/22
45.149.233.0/24
45.149.241.0/24
79.110.48.0/23
81.161.238.0/23
84.21.173.0/24
84.54.49.0/24
87.121.220.0/24
109.206.239.0/24
141.98.4.0/24
141.98.7.0/24
147.78.100.0/23
171.22.18.0/24
171.22.31.0/24
178.215.237.0/24
185.221.67.0/24
193.25.217.0-193.25.218.255
193.58.120.0/24
193.222.98.0/23
194.31.204.0/24
194.48.248.0/24
194.49.86.0/23
194.49.95.0/24
194.55.227.0/24
194.169.173.0-194.169.174.255
195.178.121.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:19:87:eb:65:69:e9:8e:ae:db:75:c0:d2:96:58:f9:df:a4:
c2:29:80:35:e7:22:0e:de:f4:03:09:c6:27:ea:20:05:f7:c4:
34:2b:7a:52:bf:24:ac:1e:c1:3e:9a:09:e2:44:37:19:f0:8b:
ac:c6:8b:88:87:45:08:27:8e:e9:13:37:b6:0a:00:e8:2d:f5:
6c:0d:7c:9a:19:85:3f:d2:37:b8:df:b8:03:d6:1d:e6:ef:d1:
b1:6c:4e:fa:d2:d4:32:b2:73:67:32:87:44:f5:59:70:1f:28:
e5:27:8b:b0:41:0a:5c:f6:7e:3e:eb:3f:32:a1:37:1f:75:80:
53:12:c6:15:0b:18:37:d3:dc:98:91:c9:6e:97:94:b6:13:51:
9c:13:8a:8c:96:23:f8:fb:b1:14:fc:15:22:e8:67:64:e1:f1:
cd:59:31:e1:8b:4f:cf:fa:53:ee:62:16:de:b8:19:8c:c2:c9:
e4:26:a8:a3:1e:76:58:86:0f:81:f5:4d:7c:f4:6c:cc:67:4d:
35:69:f1:d8:ee:73:25:3b:9e:c7:5a:46:a9:0e:4c:a0:72:8b:
b7:6a:4c:84:2a:51:98:61:42:51:5a:3d:50:b0:58:5b:ac:9c:
4c:82:3c:2d:ff:4e:d3:97:77:19:dd:8d:94:9f:a1:03:3e:9a:
66:d5:18:0d
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYV83p8U45Mkw8GL9tjNIlC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTA0MTMwMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDcwZTI5ZmY4NTliYTI0MWU4ZGQ1ODM1YTZhODI4NWI5MTIyMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkAbkt3dhxSOZnKG1p83upP0nmgs
ss267dmaggCYJ24/iRkJ/XbyNlMGpiPtvpKqnlZkv+ZMaUjrlmd9en0nE9iCMZI9
/R9yz4dG081BArKiwWiII+GvemKhB4LIcUURE9tzXXwaSZdycRM//aUqzR6L+H1I
KZZy7vcFhI/TBc2CwdbWJNEej1rxCxcdrbnYdLWuRTzI677BCviltO6RoWOcgrKh
YvGQ6oX4gTkQcSPQX4tgCXyKp8najoKeglrdULiCvc+gCkbkD8K4jHo3nP+HICLM
v166d+6oBxZoBdihYDUcXhqMMoUtIgM2aA64einz5o0vmfOxSGay2djAlwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFHBw4p/4WbokHo3Vg1pqgoW5EiElMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvY0hEaW5faFp1aVFlamRXRFdtcUNoYmtTSVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAAt
DP4DBAItWlgDBAAtlekDBAAtlfEDBAFPbjADBAFRoe4DBABUFa0DBABUNjEDBABX
edwDBABtzu8DBACNYgQDBACNYgcDBAGTTmQDBACrFhIDBACrFh8DBACy1+0DBAC5
3UMwDAMEAMEZ2QMEAMEZ2gMEAME6eAMEAcHeYgMEAMIfzAMEAMIw+AMEAcIxVgME
AMIxXwMEAMI34zAMAwQAwqmtAwQAwqmuAwQAw7J5MA0GCSqGSIb3DQEBCwUAA4IB
AQB9GYfrZWnpjq7bdcDSllj536TCKYA15yIO3vQDCcYn6iAF98Q0K3pSvySsHsE+
mgniRDcZ8IusxouIh0UIJ47pEze2CgDoLfVsDXyaGYU/0je437gD1h3m79GxbE76
0tQysnNnModE9VlwHyjlJ4uwQQpc9n4+6z8yoTcfdYBTEsYVCxg309yYkclul5S2
E1GcE4qMliP4+7EU/BUi6Gdk4fHNWTHhi0/P+lPuYhbeuBmMwsnkJqijHnZYhg+B
9U189GzMZ001afHY7nMlO57HWkapDkygcou3akyEKlGYYUJRWj1QsFhbrJxMgjwt
/07Tl3cZ3Y2Un6EDPppm1RgN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org