Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eeFT3CLoL-oB4SmKEfSEl3T6tNI.roa
File: eeFT3CLoL-oB4SmKEfSEl3T6tNI.roa (raw, json)
Hash identifier: NcGmAH1v5lXyI9vwEFKQhhTXC1E5+YJgHlYjJ++Co3g=
Subject key identifier: 79:E1:53:DC:22:E8:2F:EA:01:E1:29:8A:11:F4:84:97:74:FA:B4:D2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187983F5BFA486CD8E4B324C4794429009C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eeFT3CLoL-oB4SmKEfSEl3T6tNI.roa
Signing time: Wed 19 Apr 2023 06:41:41 +0000
ROA not before: Wed 19 Apr 2023 06:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
79.110.50.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
194.49.87.0/24 maxlen: 24
45.88.24.0/22 maxlen: 24
185.219.126.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:3f:5b:fa:48:6c:d8:e4:b3:24:c4:79:44:29:00:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 19 06:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79e153dc22e82fea01e1298a11f4849774fab4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:44:1e:e1:40:fa:2f:f3:66:34:ba:eb:aa:
17:ce:31:88:fa:19:21:02:15:2f:2e:73:72:43:bf:
e5:fa:1e:ba:ca:5d:53:b8:22:0e:ea:8a:34:9e:81:
bc:8c:b0:2d:ec:22:7f:16:75:a2:8a:32:f7:62:0b:
82:31:e0:85:12:d6:c7:b2:e6:60:38:e9:c9:fb:54:
86:1a:1b:f6:52:6b:26:6a:25:25:8a:d0:e1:6a:fd:
b3:c5:cf:a5:f8:5c:70:72:e0:5e:55:79:0e:80:f0:
84:8d:41:ce:a0:d1:ca:74:ce:e5:c4:9f:d3:f1:46:
43:f4:e2:d3:29:b1:66:0a:76:8f:2a:bd:5c:74:b3:
94:97:85:da:ae:69:ba:2f:87:f0:db:cb:5a:d2:75:
ab:e4:45:53:f9:af:e5:92:83:2c:27:cd:f1:b3:26:
0f:fe:e3:e7:e3:17:90:38:f8:5a:af:8d:78:be:08:
aa:d9:b0:10:b6:75:a1:53:c9:c1:d4:0a:72:28:16:
8e:b2:a4:58:75:71:b6:3f:7c:64:92:61:3b:03:d4:
14:3a:2d:df:6c:8b:6c:ef:6c:33:cf:40:fa:6c:57:
c6:6e:9f:14:29:07:9d:7d:d3:86:2c:54:fe:73:00:
e3:f5:57:f5:87:5f:b8:ae:cb:42:05:cf:ae:4b:d1:
a5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E1:53:DC:22:E8:2F:EA:01:E1:29:8A:11:F4:84:97:74:FA:B4:D2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/eeFT3CLoL-oB4SmKEfSEl3T6tNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.24.0/22
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
79.110.50.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:4a:0e:1f:ff:31:df:97:cb:7f:2e:e6:0c:33:bf:cd:6e:55:
7e:1d:cd:33:7e:ee:52:60:dc:97:93:ad:06:7e:20:17:3e:fe:
8c:3f:a7:03:8e:66:88:dc:56:bc:78:2c:de:8d:a9:ad:ce:a0:
bb:cd:33:4b:4d:40:2b:6f:c4:59:4d:48:36:f4:cf:96:c9:2a:
7a:8a:af:fa:61:09:07:d7:7c:a2:55:7a:f4:47:75:33:98:92:
62:da:09:d3:de:df:fb:15:84:93:be:05:57:f8:56:02:65:3b:
5a:59:0e:90:ee:01:91:50:e6:11:88:ae:c7:0e:02:fc:f0:c8:
02:2b:30:6f:a9:09:eb:6a:67:de:67:ce:a8:b7:09:f0:55:ee:
ad:8c:fe:34:d8:c0:60:a8:48:e4:79:1a:f1:bd:e1:4e:c6:4b:
90:0f:eb:b4:6d:31:3a:dd:a7:63:be:9d:ee:0f:2f:3b:3b:99:
bb:ad:01:a7:21:12:72:67:b1:65:77:43:99:e6:7e:5c:a2:f2:
65:43:d5:6f:e7:cb:15:68:be:aa:ce:02:5c:d8:81:39:91:60:
7a:3f:01:6e:5c:36:82:d0:c6:4b:d1:93:07:77:f3:ba:15:3c:
08:61:86:52:ee:47:20:73:7e:00:d6:1b:ef:b1:25:c5:cd:c8:
83:b5:6e:e9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYeYP1v6SGzY5LMkxHlEKQCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE5MDY0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWUxNTNkYzIyZTgyZmVhMDFlMTI5OGExMWY0ODQ5Nzc0ZmFiNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF5EHuFA+i/zZjS666oXzjGI+hkh
AhUvLnNyQ7/l+h66yl1TuCIO6oo0noG8jLAt7CJ/FnWiijL3YguCMeCFEtbHsuZg
OOnJ+1SGGhv2UmsmaiUlitDhav2zxc+l+FxwcuBeVXkOgPCEjUHOoNHKdM7lxJ/T
8UZD9OLTKbFmCnaPKr1cdLOUl4Xarmm6L4fw28ta0nWr5EVT+a/lkoMsJ83xsyYP
/uPn4xeQOPhar414vgiq2bAQtnWhU8nB1ApyKBaOsqRYdXG2P3xkkmE7A9QUOi3f
bIts72wzz0D6bFfGbp8UKQedfdOGLFT+cwDj9Vf1h1+4rstCBc+uS9GlSwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFHnhU9wi6C/qAeEpihH0hJd0+rTSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZWVGVDNDTG9MLW9CNFNtS0VmU0VsM1Q2dE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAIt
WBgDBAAtgOkDBAAtlekDBAAtl1kDBABPbjIDBABSc9EDBABUNjEDBAFXeEADBABX
edwDBAFcd8QDBABeZ30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAME
AqsWSAMEAbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEAMIxVzANBgkqhkiG
9w0BAQsFAAOCAQEADEoOH/8x35fLfy7mDDO/zW5Vfh3NM37uUmDcl5OtBn4gFz7+
jD+nA45miNxWvHgs3o2prc6gu80zS01AK2/EWU1INvTPlskqeoqv+mEJB9d8olV6
9Ed1M5iSYtoJ097f+xWEk74FV/hWAmU7WlkOkO4BkVDmEYiuxw4C/PDIAiswb6kJ
62pn3mfOqLcJ8FXurYz+NNjAYKhI5Hka8b3hTsZLkA/rtG0xOt2nY76d7g8vOzuZ
u60BpyEScmexZXdDmeZ+XKLyZUPVb+fLFWi+qs4CXNiBOZFgej8Bblw2gtDGS9GT
B3fzuhU8CGGGUu5HIHN+ANYb77Elxc3Ig7Vu6Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-ams.rpki-client.org