Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e8VXehf0wYTgoilHjzmICiDI3Ss.roa
File: e8VXehf0wYTgoilHjzmICiDI3Ss.roa (raw, json)
Hash identifier: yqTshis17WH0pZE50RTbv0LZx3UpTV76NXlC93ljXzw=
Subject key identifier: 7B:C5:57:7A:17:F4:C1:84:E0:A2:29:47:8F:39:88:0A:20:C8:DD:2B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01888B1E37C7A43EA0DF8542778BD35EA074
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e8VXehf0wYTgoilHjzmICiDI3Ss.roa
Signing time: Mon 05 Jun 2023 10:33:13 +0000
ROA not before: Mon 05 Jun 2023 10:33:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:1e:37:c7:a4:3e:a0:df:85:42:77:8b:d3:5e:a0:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 5 10:33:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bc5577a17f4c184e0a229478f39880a20c8dd2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7a:25:3a:ab:0a:d1:54:38:35:ef:10:89:60:
71:43:28:a4:ba:08:63:de:22:67:a9:57:47:d0:3b:
00:ca:3a:3a:12:7e:96:ac:b8:5b:9f:ea:56:eb:3f:
53:33:d9:55:a7:07:40:40:07:72:5e:80:a0:b8:e7:
81:e7:a3:5a:ec:3b:12:06:13:88:6e:61:0d:24:2b:
6f:9b:72:35:f6:54:f3:a2:d5:e9:3d:07:d3:a8:a5:
a9:a8:8f:f1:16:6c:d0:8b:33:dd:33:88:f9:28:ce:
14:08:92:0f:3b:c7:d0:a5:42:59:29:ae:40:10:4b:
2d:53:8b:cf:f9:ad:d6:1e:fb:a4:3f:d9:47:82:b9:
8d:9c:cb:d5:2c:18:a1:ea:0c:1c:d1:60:2c:9f:90:
0d:5b:a9:ee:18:e6:0b:fa:70:5b:48:51:4e:d2:b9:
7e:f2:d1:59:11:b4:af:a7:5a:73:a2:ed:95:32:84:
16:7c:c3:12:4a:5f:7a:98:b5:b5:3e:75:23:de:94:
f0:01:bf:4a:eb:f1:99:8b:41:9a:0e:0b:8e:a0:20:
78:8f:32:45:6f:70:4d:5f:61:20:ea:fe:5a:66:9c:
45:33:0d:71:d4:71:a0:67:07:b0:c3:da:86:0b:36:
4e:7f:61:5c:d6:01:b8:e0:c4:ec:25:9e:c7:27:98:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C5:57:7A:17:F4:C1:84:E0:A2:29:47:8F:39:88:0A:20:C8:DD:2B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e8VXehf0wYTgoilHjzmICiDI3Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.236.0/24
185.216.70.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:87:cc:4f:06:3f:4c:8b:5d:ed:65:0d:ed:ac:7f:f5:6e:45:
3d:8a:75:f9:8e:06:60:a2:0c:bb:8d:33:b3:e9:88:e9:7b:3e:
4a:b8:63:b8:1e:65:b5:a0:36:4f:19:d4:b4:d6:a1:ce:ec:39:
6f:90:7e:c0:0e:cc:b8:6e:40:d6:e2:35:ac:76:93:09:da:42:
d4:ed:f1:39:eb:03:0a:17:4c:71:05:d0:b6:d1:db:de:bf:62:
03:a0:5b:8f:29:bb:f9:84:6d:26:6b:3b:9f:91:74:53:86:57:
a3:f6:61:9f:02:03:7e:64:5e:94:c9:c2:2c:4e:db:da:88:4c:
33:a1:8f:f2:a1:ac:19:5c:65:37:e3:8b:3c:71:ad:e4:ef:cf:
4c:a4:18:d0:e1:fa:c9:67:58:68:80:e5:7a:d1:fe:03:82:b2:
62:1d:86:cf:7b:1b:c7:bf:e9:2b:ed:cc:de:78:1d:50:c6:15:
2d:a9:ca:3b:08:ad:db:35:af:f2:f4:05:68:e5:e7:de:c2:bd:
d4:14:10:c0:9b:11:e8:f9:aa:1c:59:48:d8:f5:fb:56:05:10:
52:f3:37:09:3c:67:b8:cc:9d:3e:bd:6b:17:c3:00:5b:d8:89:
55:56:65:51:81:8c:fc:f2:38:07:62:db:27:47:b9:47:d2:2e:
1b:9a:fc:d6
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYiLHjfHpD6g34VCd4vTXqB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjA1MTAzMzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmM1NTc3YTE3ZjRjMTg0ZTBhMjI5NDc4ZjM5ODgwYTIwYzhkZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinolOqsK0VQ4Ne8QiWBxQyikughj
3iJnqVdH0DsAyjo6En6WrLhbn+pW6z9TM9lVpwdAQAdyXoCguOeB56Na7DsSBhOI
bmENJCtvm3I19lTzotXpPQfTqKWpqI/xFmzQizPdM4j5KM4UCJIPO8fQpUJZKa5A
EEstU4vP+a3WHvukP9lHgrmNnMvVLBih6gwc0WAsn5ANW6nuGOYL+nBbSFFO0rl+
8tFZEbSvp1pzou2VMoQWfMMSSl96mLW1PnUj3pTwAb9K6/GZi0GaDguOoCB4jzJF
b3BNX2Eg6v5aZpxFMw1x1HGgZweww9qGCzZOf2Fc1gG44MTsJZ7HJ5jRSQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFHvFV3oX9MGE4KIpR485iAogyN0rMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZThWWGVoZjB3WVRnb2lsSGp6bUlDaURJM1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALZdZAwQB
XHfEAwQAXmd+MAwDBABemqEDBAJemqADBABenO8wDAMEApNOZAMEAJNOZgMEAqsW
SAMEALLX7AMEALnYRgMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEAMK0MjANBgkq
hkiG9w0BAQsFAAOCAQEATYfMTwY/TItd7WUN7ax/9W5FPYp1+Y4GYKIMu40zs+mI
6Xs+SrhjuB5ltaA2TxnUtNahzuw5b5B+wA7MuG5A1uI1rHaTCdpC1O3xOesDChdM
cQXQttHb3r9iA6Bbjym7+YRtJms7n5F0U4ZXo/ZhnwIDfmRelMnCLE7b2ohMM6GP
8qGsGVxlN+OLPHGt5O/PTKQY0OH6yWdYaIDletH+A4KyYh2Gz3sbx7/pK+3M3ngd
UMYVLanKOwit2zWv8vQFaOXn3sK91BQQwJsR6PmqHFlI2PX7VgUQUvM3CTxnuMyd
Pr1rF8MAW9iJVVZlUYGM/PI4B2LbJ0e5R9IuG5r81g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org