Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dlYFfjKi95wYhPSbcSrhzTqnbVQ.roa
File: dlYFfjKi95wYhPSbcSrhzTqnbVQ.roa (raw, json)
Hash identifier: ucqeetclc/T2iIj9QN6JDuvKZGt4qVXMRcH0UdtSd8k=
Subject key identifier: 76:56:05:7E:32:A2:F7:9C:18:84:F4:9B:71:2A:E1:CD:3A:A7:6D:54
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018943EE823C1FCDC7BD9DD5679F914099BB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dlYFfjKi95wYhPSbcSrhzTqnbVQ.roa
Signing time: Tue 11 Jul 2023 07:50:51 +0000
ROA not before: Tue 11 Jul 2023 07:50:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
94.156.239.0/24 maxlen: 24
194.113.36.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
45.95.0.0/22 maxlen: 24
94.103.124.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:ee:82:3c:1f:cd:c7:bd:9d:d5:67:9f:91:40:99:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 11 07:50:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7656057e32a2f79c1884f49b712ae1cd3aa76d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5b:01:20:2e:36:b2:97:c6:87:df:c1:7c:8a:
3c:b0:04:31:7c:31:1a:42:15:e7:c5:e9:b4:5f:83:
a6:9e:10:6b:6c:39:2f:06:a9:e2:2a:ff:89:03:d0:
81:14:2d:eb:72:8d:7c:21:58:b5:e5:3f:a2:7b:a5:
ad:b1:75:da:af:69:96:78:37:5e:c3:60:39:b9:50:
bb:eb:79:88:b3:d1:cc:f5:0b:83:0e:44:ae:bc:62:
5b:b6:a6:d1:3f:eb:ca:fb:0e:41:42:c0:42:27:fa:
41:20:e5:f6:2c:3a:c8:df:9e:22:eb:34:a9:04:09:
ce:ba:f1:5f:92:74:70:ce:4e:ea:ee:d6:67:af:aa:
ac:72:9b:23:8f:ab:d2:3b:49:d0:e1:5b:c4:16:db:
2a:c5:cc:c7:16:13:60:d1:8c:93:fc:6b:7b:71:78:
57:ba:b4:ac:46:e9:0a:8c:0e:fe:0f:4d:4c:67:e8:
40:02:27:0d:67:94:54:9f:ee:b3:55:2c:1a:67:a1:
16:ad:c3:ff:84:cb:0b:58:a7:a8:e4:8b:df:16:95:
51:ad:f4:44:70:20:42:45:ba:00:04:18:a5:2a:05:
47:3e:b4:8d:68:13:70:9d:24:c6:f4:68:16:2a:70:
ac:cb:54:9a:26:16:11:e4:eb:fd:db:79:bb:8c:05:
e6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:56:05:7E:32:A2:F7:9C:18:84:F4:9B:71:2A:E1:CD:3A:A7:6D:54
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dlYFfjKi95wYhPSbcSrhzTqnbVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
45.151.89.0/24
87.121.45.0/24
92.119.196.0/23
94.103.124.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
178.215.239.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
194.113.36.0/22
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
79:68:01:78:c9:b8:01:67:5c:cb:6e:96:c0:de:49:73:e0:7c:
3f:0c:45:34:1a:4e:44:db:7e:12:9c:a0:e6:d2:0f:80:cd:ea:
e3:4e:2b:26:30:49:7e:5e:75:89:75:91:b9:86:89:5b:3f:38:
5d:ae:3f:11:80:f1:fc:e3:f7:70:16:8b:05:c6:8f:e7:e9:43:
64:8b:d7:d8:23:4a:1e:86:a6:e9:be:71:ae:fd:47:bc:94:ad:
9b:2c:a1:13:95:e4:ba:b5:c1:18:ad:7d:6b:46:fe:f0:49:15:
77:81:cc:bc:7a:91:d0:65:b0:83:e7:03:a2:28:f5:9b:7b:5d:
30:04:b2:63:94:c0:01:d1:d4:ec:85:73:6c:3d:57:fa:f2:c7:
83:ab:72:b8:59:5d:cd:a5:aa:b3:ce:5a:17:f3:8f:b1:eb:f3:
e9:ed:81:3b:fb:7c:9d:5a:a5:23:6e:70:33:bc:8c:ee:f0:bb:
bc:f6:3d:46:b8:81:95:1b:97:54:3e:5b:0e:c4:61:69:45:7c:
87:9b:28:ab:61:4a:dd:14:bd:33:3f:2d:95:2d:6d:9f:4e:62:
16:e3:05:1e:b6:2b:88:66:3c:f9:b5:a1:c6:ab:80:7a:bb:7f:
e0:02:45:cb:ad:7d:39:c1:f0:b0:eb:ff:65:05:1f:62:82:c3:
c0:85:39:ee
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYlD7oI8H83HvZ3VZ5+RQJm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzExMDc1MDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU2MDU3ZTMyYTJmNzljMTg4NGY0OWI3MTJhZTFjZDNhYTc2ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlsBIC42spfGh9/BfIo8sAQxfDEa
QhXnxem0X4OmnhBrbDkvBqniKv+JA9CBFC3rco18IVi15T+ie6WtsXXar2mWeDde
w2A5uVC763mIs9HM9QuDDkSuvGJbtqbRP+vK+w5BQsBCJ/pBIOX2LDrI354i6zSp
BAnOuvFfknRwzk7q7tZnr6qscpsjj6vSO0nQ4VvEFtsqxczHFhNg0YyT/Gt7cXhX
urSsRukKjA7+D01MZ+hAAicNZ5RUn+6zVSwaZ6EWrcP/hMsLWKeo5IvfFpVRrfRE
cCBCRboABBilKgVHPrSNaBNwnSTG9GgWKnCsy1SaJhYR5Ov923m7jAXm1wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFHZWBX4yovecGIT0m3Eq4c06p21UMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGxZRmZqS2k5NXdZaFBTYmNTcmh6VHFuYlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAi1fAAME
AC2XWQMEAFd5LQMEAVx3xAMEAF5nfDAMAwQAXpqhAwQCXpqgAwQAXpzvAwQBk05k
AwQCqxZIAwQAstfsAwQAstfvAwQCudhUAwQCudpUAwQAudqJAwQAudt+AwQAufyw
AwQCwnEkAwQAwqmuMA0GCSqGSIb3DQEBCwUAA4IBAQB5aAF4ybgBZ1zLbpbA3klz
4Hw/DEU0Gk5E234SnKDm0g+AzerjTismMEl+XnWJdZG5holbPzhdrj8RgPH84/dw
FosFxo/n6UNki9fYI0oehqbpvnGu/Ue8lK2bLKETleS6tcEYrX1rRv7wSRV3gcy8
epHQZbCD5wOiKPWbe10wBLJjlMAB0dTshXNsPVf68seDq3K4WV3NpaqzzloX84+x
6/Pp7YE7+3ydWqUjbnAzvIzu8Lu89j1GuIGVG5dUPlsOxGFpRXyHmyirYUrdFL0z
Py2VLW2fTmIW4wUetiuIZjz5taHGq4B6u3/gAkXLrX05wfCw6/9lBR9igsPAhTnu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org