Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fZAiCBNfTBirO3DWiTkOUMbv9r8.roa
File: fZAiCBNfTBirO3DWiTkOUMbv9r8.roa (raw, json)
Hash identifier: I1bXwI7qu8oIJp6BNW18hI2FCgloymDsXBSfHBeGT40=
Subject key identifier: 7D:90:22:08:13:5F:4C:18:AB:3B:70:D6:89:39:0E:50:C6:EF:F6:BF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DA10A96E6609FABE5DB9A02BB667CDD90
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fZAiCBNfTBirO3DWiTkOUMbv9r8.roa
Signing time: Tue 13 Feb 2024 05:57:22 +0000
ROA not before: Tue 13 Feb 2024 05:57:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:0a:96:e6:60:9f:ab:e5:db:9a:02:bb:66:7c:dd:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 13 05:57:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d902208135f4c18ab3b70d689390e50c6eff6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:45:48:e1:7f:5c:bd:ad:86:04:2b:f7:8b:dc:
00:2a:99:86:bf:14:bc:0d:ac:12:39:5c:de:b1:b2:
54:f5:dd:fe:e6:c5:4a:16:eb:5d:28:25:39:94:53:
81:ed:2c:a1:c2:96:40:8d:11:e8:e2:ed:e7:31:cb:
52:dd:58:e2:ac:20:b3:60:14:ea:ca:c2:38:a2:34:
a3:59:e8:ab:ff:36:38:67:07:0f:05:86:2d:fe:04:
f0:48:4b:dc:8d:ff:d9:65:85:77:a7:21:82:c1:18:
d3:a5:12:1b:b3:0e:ad:4e:98:a4:a1:89:09:ab:bd:
c8:53:7f:73:f7:62:b4:5e:37:ea:ed:2b:05:eb:b8:
c2:f2:02:d0:28:ec:25:39:1f:ab:aa:f2:d6:21:1e:
ac:80:a1:f2:12:1b:c0:31:2a:62:a0:5b:ee:a0:8f:
eb:c1:60:80:cb:49:17:8f:b4:71:1a:88:0a:ab:ae:
2c:0d:99:25:e7:43:2c:f5:c6:b7:3e:59:30:0b:ba:
48:78:67:12:88:aa:1d:30:95:37:ef:69:5b:4f:b5:
9d:46:3f:bd:2e:b5:15:8e:a9:f1:54:ec:25:44:fc:
ba:5d:a1:49:60:44:4b:1d:98:3b:5c:fa:31:1f:dc:
ac:e0:87:cb:c7:02:5d:74:44:e0:29:42:22:87:02:
5d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:90:22:08:13:5F:4C:18:AB:3B:70:D6:89:39:0E:50:C6:EF:F6:BF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fZAiCBNfTBirO3DWiTkOUMbv9r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.9.156.0/24
45.84.89.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.35.19.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.59.31.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:25:42:68:75:66:1b:af:18:03:20:21:1c:27:cb:38:48:1f:
45:e6:0e:6b:78:53:65:ae:01:01:0f:4b:a2:67:f3:59:42:84:
d7:c7:f0:95:87:4e:ac:57:ae:72:58:2d:61:d6:7a:c8:be:7e:
a6:9d:a8:3e:63:fc:9e:f5:11:ad:5f:f8:c8:52:0c:52:78:c2:
5e:2a:21:43:bc:4c:43:50:89:fa:7d:54:83:b6:69:b4:d9:92:
b4:6f:42:8b:e3:ad:07:96:13:c1:5b:a6:b1:6c:3f:a4:8c:37:
c2:7d:7b:71:8b:4b:31:12:20:6d:a5:4f:67:5e:bd:99:89:2f:
39:7b:9b:b0:08:4c:38:16:d7:dd:7a:c8:83:45:f4:3b:29:f4:
08:8b:25:3c:cd:0c:95:15:18:6a:9e:91:cd:7c:09:62:90:97:
2a:13:f6:8c:c8:d9:85:4f:d5:75:b3:64:ae:f6:e8:a4:ff:fb:
00:38:13:aa:b5:2f:e7:f5:63:1d:d3:09:c2:ff:34:5b:78:3e:
64:f2:9c:4f:2e:2a:77:2f:b1:f2:6b:5b:d7:17:48:43:ea:d4:
84:00:71:38:ca:b1:75:b4:43:ab:3d:12:dc:84:01:48:cd:a4:
5f:23:39:9e:09:2a:82:3f:66:8f:e0:1d:ef:a7:54:e8:57:2c:
7a:db:a3:ae
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAY2hCpbmYJ+r5duaArtmfN2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjEzMDU1NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDkwMjIwODEzNWY0YzE4YWIzYjcwZDY4OTM5MGU1MGM2ZWZmNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60VI4X9cva2GBCv3i9wAKpmGvxS8
DawSOVzesbJU9d3+5sVKFutdKCU5lFOB7SyhwpZAjRHo4u3nMctS3VjirCCzYBTq
ysI4ojSjWeir/zY4ZwcPBYYt/gTwSEvcjf/ZZYV3pyGCwRjTpRIbsw6tTpikoYkJ
q73IU39z92K0Xjfq7SsF67jC8gLQKOwlOR+rqvLWIR6sgKHyEhvAMSpioFvuoI/r
wWCAy0kXj7RxGogKq64sDZkl50Ms9ca3PlkwC7pIeGcSiKodMJU372lbT7WdRj+9
LrUVjqnxVOwlRPy6XaFJYERLHZg7XPoxH9ys4IfLxwJddETgKUIihwJdiwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFH2QIggTX0wYqztw1ok5DlDG7/a/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZlpBaUNCTmZUQmlyTzNEV2lUa09VTWJ2OXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAC
O/0DBAAtCZwDBAAtVFkDBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABc
d8YDBABc+TIDBABemqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAME
BbneoAMEALneogMEALn23wMEAMEZ2QMEAMEjEwMEAMElKAMEAMElKgMEAMElLAME
AMHeYQMEAMHeYwMEAMI3uwMEAMI34QMEAMI7HwMEAMK0JjANBgkqhkiG9w0BAQsF
AAOCAQEApiVCaHVmG68YAyAhHCfLOEgfReYOa3hTZa4BAQ9LomfzWUKE18fwlYdO
rFeuclgtYdZ6yL5+pp2oPmP8nvURrV/4yFIMUnjCXiohQ7xMQ1CJ+n1Ug7ZptNmS
tG9Ci+OtB5YTwVumsWw/pIw3wn17cYtLMRIgbaVPZ169mYkvOXubsAhMOBbX3XrI
g0X0Oyn0CIslPM0MlRUYap6RzXwJYpCXKhP2jMjZhU/VdbNkrvbopP/7ADgTqrUv
5/VjHdMJwv80W3g+ZPKcTy4qdy+x8mtb1xdIQ+rUhABxOMqxdbRDqz0S3IQBSM2k
XyM5ngkqgj9mj+Ad76dU6Fcsetujrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:16 2024 by rpki-client on console-fra.rpki-client.org