Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dnQQlmTg-1TUg5jy4_3HhcIa7GQ.roa
File: dnQQlmTg-1TUg5jy4_3HhcIa7GQ.roa (raw, json)
Hash identifier: TWL62j7OWCEUROKckdIuRsIKZ21Vw2qqWq8rz1uSRHw=
Subject key identifier: 76:74:10:96:64:E0:FB:54:D4:83:98:F2:E3:FD:C7:85:C2:1A:EC:64
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E651A313773EE95F495D8C5B8BD185F36
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dnQQlmTg-1TUg5jy4_3HhcIa7GQ.roa
Signing time: Fri 22 Mar 2024 07:39:59 +0000
ROA not before: Fri 22 Mar 2024 07:39:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:1a:31:37:73:ee:95:f4:95:d8:c5:b8:bd:18:5f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 22 07:39:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7674109664e0fb54d48398f2e3fdc785c21aec64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ad:27:aa:58:49:52:7c:c8:c4:d5:2d:a6:d4:
45:73:fd:75:5b:48:bc:5a:6d:97:07:74:79:05:07:
94:77:4f:1a:d3:ac:c8:b8:16:ab:0e:c3:67:d9:cb:
62:80:a7:18:bb:73:e3:1a:e4:4a:c8:8a:64:c8:a2:
38:66:82:e5:f3:0e:ca:f3:4f:36:6c:ee:96:38:d0:
fb:bf:34:75:7a:f7:1a:db:18:38:69:3c:63:3b:b5:
ca:cb:d7:64:16:d0:00:f2:24:1f:e2:f5:21:00:73:
a6:29:ad:5d:ed:45:0c:f9:10:a2:b8:70:04:fc:18:
6a:bf:bc:56:a1:30:df:ac:89:b2:f8:0c:2e:40:21:
a7:ba:14:a5:72:78:c8:ce:c7:3b:a3:f8:e3:fe:c1:
28:8b:a0:49:08:d4:20:02:1b:f5:48:53:76:75:e6:
1e:b7:53:7c:35:32:1b:55:cf:40:b1:7a:f6:66:f0:
82:85:47:6f:f7:16:99:d9:35:b7:53:fe:13:b2:a1:
95:bd:64:aa:eb:4e:32:2b:de:7e:4f:a7:73:39:37:
49:f4:65:03:37:a1:12:3e:22:94:0e:8f:7b:d4:32:
c7:5d:95:53:f6:d2:78:02:4d:f0:75:67:e1:84:7e:
f4:f7:ff:31:7c:f5:1c:53:a7:15:de:ae:73:aa:e5:
c3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:74:10:96:64:E0:FB:54:D4:83:98:F2:E3:FD:C7:85:C2:1A:EC:64
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dnQQlmTg-1TUg5jy4_3HhcIa7GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
185.252.176.0/24
185.254.37.0/24
193.37.41.0/24
194.48.250.0/24
194.55.186.0/24
194.55.224.0/24
194.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
03:4f:09:a2:4c:d9:10:04:33:51:f9:0d:51:70:b4:ce:0d:55:
8a:4a:89:26:ef:4a:ce:70:2e:80:f5:2f:05:14:6a:c4:99:ce:
cf:71:5c:a8:d7:ef:f6:c6:5d:9f:64:c4:52:5b:f5:35:4c:57:
4a:28:42:89:91:53:cb:ec:ab:e2:16:ef:ee:72:de:b3:28:0b:
19:e8:74:c7:c8:20:71:13:b7:f8:c9:f5:36:ea:68:39:ac:1f:
7e:dd:be:75:a4:c1:26:8e:f0:e6:fa:54:29:ec:5d:05:87:ba:
39:85:23:e4:8f:08:44:84:25:94:3c:91:f2:31:ef:55:d0:00:
02:ee:5d:06:c3:24:a4:6c:10:84:5d:0d:f1:3e:8a:3d:48:4e:
f7:03:0e:93:94:d2:18:2a:2d:92:54:e3:14:bd:51:09:eb:97:
20:b7:fb:3b:96:b5:81:fe:7f:2f:70:a6:9a:d9:f4:73:5a:47:
df:7e:87:13:15:8c:96:79:1e:8c:d1:c1:2a:97:03:ec:98:79:
80:20:f6:59:55:d3:6c:d8:50:60:3c:47:56:ab:2a:d0:cf:ee:
a2:63:80:7e:ce:18:22:da:67:88:d1:26:fc:28:ce:09:19:6e:
9c:10:d6:01:17:1b:c7:61:d7:af:5a:2d:d1:f3:3c:0d:dd:b0:
fc:e2:e6:78
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY5lGjE3c+6V9JXYxbi9GF82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzIyMDczOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njc0MTA5NjY0ZTBmYjU0ZDQ4Mzk4ZjJlM2ZkYzc4NWMyMWFlYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK0nqlhJUnzIxNUtptRFc/11W0i8
Wm2XB3R5BQeUd08a06zIuBarDsNn2ctigKcYu3PjGuRKyIpkyKI4ZoLl8w7K8082
bO6WOND7vzR1evca2xg4aTxjO7XKy9dkFtAA8iQf4vUhAHOmKa1d7UUM+RCiuHAE
/Bhqv7xWoTDfrImy+AwuQCGnuhSlcnjIzsc7o/jj/sEoi6BJCNQgAhv1SFN2deYe
t1N8NTIbVc9AsXr2ZvCChUdv9xaZ2TW3U/4TsqGVvWSq604yK95+T6dzOTdJ9GUD
N6ESPiKUDo971DLHXZVT9tJ4Ak3wdWfhhH709/8xfPUcU6cV3q5zquXDWwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHZ0EJZk4PtU1IOY8uP9x4XCGuxkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZG5RUWxtVGctMVRVZzVqeTRfM0hoY0lhN0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAt
CZwDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBAJemqADBAFenEgDBABe
nO8DBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQDBAK52lQDBAC59t8DBAC5
/LADBAC5/iUDBADBJSkDBADCMPoDBADCN7oDBADCN+ADBADCqawwDQYJKoZIhvcN
AQELBQADggEBAANPCaJM2RAEM1H5DVFwtM4NVYpKiSbvSs5wLoD1LwUUasSZzs9x
XKjX7/bGXZ9kxFJb9TVMV0ooQomRU8vsq+IW7+5y3rMoCxnodMfIIHETt/jJ9Tbq
aDmsH37dvnWkwSaO8Ob6VCnsXQWHujmFI+SPCESEJZQ8kfIx71XQAALuXQbDJKRs
EIRdDfE+ij1ITvcDDpOU0hgqLZJU4xS9UQnrlyC3+zuWtYH+fy9wpprZ9HNaR99+
hxMVjJZ5HozRwSqXA+yYeYAg9llV02zYUGA8R1arKtDP7qJjgH7OGCLaZ4jRJvwo
zgkZbpwQ1gEXG8dh169aLdHzPA3dsPzi5ng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:38 2024 by rpki-client on console-ams.rpki-client.org