Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fBgscwX_YVfAOD2n2lYDbgn3INE.roa
File: fBgscwX_YVfAOD2n2lYDbgn3INE.roa (raw, json)
Hash identifier: LJY7AUGXiOUWIR0ujGQsdN9e5DQKaW6gN9kft5lZ8r0=
Subject key identifier: 7C:18:2C:73:05:FF:61:57:C0:38:3D:A7:DA:56:03:6E:09:F7:20:D1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E2C7F6760FB7D83BCE0850BF426D41F78
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fBgscwX_YVfAOD2n2lYDbgn3INE.roa
Signing time: Mon 11 Mar 2024 07:52:10 +0000
ROA not before: Mon 11 Mar 2024 07:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.129.86.0/23 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:7f:67:60:fb:7d:83:bc:e0:85:0b:f4:26:d4:1f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 11 07:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c182c7305ff6157c0383da7da56036e09f720d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ef:b1:8a:7f:c5:57:31:ab:98:2a:16:b1:73:
6f:06:1b:0f:98:2b:2c:f3:f8:4b:e7:e8:36:56:71:
97:5b:3e:3c:9e:ac:ba:bc:74:16:56:ec:c3:ce:ac:
20:38:d2:55:34:9d:b7:6b:af:3e:fe:f7:d3:af:bf:
e3:bd:85:26:19:50:22:89:53:8d:ff:52:3c:d8:f0:
47:ed:f9:e6:d5:09:df:30:5d:de:af:eb:f2:3b:02:
4d:93:42:72:4c:d9:2a:a2:c4:20:da:ff:53:6f:1f:
89:f2:0d:1c:51:43:ba:4f:ff:c6:da:34:d9:9b:13:
be:10:07:52:0d:79:55:02:77:3d:de:54:fc:6d:43:
f0:be:08:79:50:fc:a0:02:8a:83:2b:76:40:53:f8:
7a:70:f2:50:87:78:a2:75:81:63:2b:0b:d2:d1:fa:
9c:85:d9:4d:56:04:79:63:f6:47:69:7e:cd:54:72:
9a:d3:d0:d7:7e:7a:b9:ff:1c:17:bb:13:0a:dc:0a:
60:12:49:41:b5:99:79:e5:ec:f7:15:f1:cd:df:6d:
95:ba:0d:01:9f:61:d5:f0:6f:b5:19:77:88:ec:25:
c0:07:07:4f:d5:89:11:8f:c7:41:a9:28:2e:61:79:
ad:1d:f0:d1:e9:61:72:d9:ef:61:f1:6b:1b:1f:33:
b5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:18:2C:73:05:FF:61:57:C0:38:3D:A7:DA:56:03:6E:09:F7:20:D1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fBgscwX_YVfAOD2n2lYDbgn3INE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.86.0/23
45.151.89.0/24
87.120.87.0/24
87.121.44.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.252.176.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:0c:2a:36:9a:97:6a:a7:43:c3:85:cd:4b:99:06:bf:cc:cd:
86:b4:a4:94:d7:f2:5e:4a:c2:8e:5c:56:52:ec:00:0d:95:80:
51:0f:dc:fb:0a:f2:1d:2a:2f:cf:af:50:bc:5f:7e:81:c4:e0:
1c:f9:4d:62:fe:da:99:95:dd:9f:66:21:a3:36:d5:79:cb:f0:
c5:29:f6:81:ce:19:4a:ef:1f:0b:1e:2a:16:df:28:77:3c:58:
00:ac:d7:9e:fb:b0:13:a0:0c:28:29:f7:8f:2d:72:43:05:ba:
76:f4:a7:3d:08:ec:13:0e:7a:0d:1d:ab:1a:e8:54:b4:71:90:
ed:f0:fc:62:19:4c:a6:80:b6:72:42:57:c6:bd:e7:0e:4e:35:
68:f7:a1:55:24:eb:40:d9:87:98:02:30:e2:cc:31:f6:4f:1d:
5b:e7:98:12:98:3f:15:fb:5e:a6:1d:2e:d5:e7:2d:36:0b:ec:
87:f5:6e:93:26:74:99:37:a5:bb:9c:ee:33:e3:c4:fe:7b:ac:
ac:f1:88:f7:76:a7:4e:52:7a:32:51:aa:b0:b2:7c:01:47:8d:
ca:6a:38:21:d5:ea:8a:14:4a:a8:65:09:94:2b:49:12:25:b3:
ab:30:21:78:8c:14:f0:ce:75:f4:07:37:55:34:3a:e3:47:bd:
8c:b2:54:5b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY4sf2dg+32DvOCFC/Qm1B94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzExMDc1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE4MmM3MzA1ZmY2MTU3YzAzODNkYTdkYTU2MDM2ZTA5ZjcyMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6u+xin/FVzGrmCoWsXNvBhsPmCss
8/hL5+g2VnGXWz48nqy6vHQWVuzDzqwgONJVNJ23a68+/vfTr7/jvYUmGVAiiVON
/1I82PBH7fnm1QnfMF3er+vyOwJNk0JyTNkqosQg2v9Tbx+J8g0cUUO6T//G2jTZ
mxO+EAdSDXlVAnc93lT8bUPwvgh5UPygAoqDK3ZAU/h6cPJQh3iidYFjKwvS0fqc
hdlNVgR5Y/ZHaX7NVHKa09DXfnq5/xwXuxMK3ApgEklBtZl55ez3FfHN322Vug0B
n2HV8G+1GXeI7CXABwdP1YkRj8dBqSguYXmtHfDR6WFy2e9h8WsbHzO1iQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFHwYLHMF/2FXwDg9p9pWA24J9yDRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZkJnc2N3WF9ZVmZBT0QybjJsWURiZ24zSU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBLYFWAwQA
LZdZAwQAV3hXAwQBV3ksAwQAV3ndAwQBXHfEAwQCXpqgAwQBXpxIAwQAXpzvAwQA
k05mAwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAufywAwQAwjfgMA0G
CSqGSIb3DQEBCwUAA4IBAQCbDCo2mpdqp0PDhc1LmQa/zM2GtKSU1/JeSsKOXFZS
7AANlYBRD9z7CvIdKi/Pr1C8X36BxOAc+U1i/tqZld2fZiGjNtV5y/DFKfaBzhlK
7x8LHioW3yh3PFgArNee+7AToAwoKfePLXJDBbp29Kc9COwTDnoNHasa6FS0cZDt
8PxiGUymgLZyQlfGvecOTjVo96FVJOtA2YeYAjDizDH2Tx1b55gSmD8V+16mHS7V
5y02C+yH9W6TJnSZN6W7nO4z48T+e6ys8Yj3dqdOUnoyUaqwsnwBR43Kajgh1eqK
FEqoZQmUK0kSJbOrMCF4jBTwznX0BzdVNDrjR72MslRb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:39 2024 by rpki-client on console-ams.rpki-client.org