Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gxmZrmBR0kSIm-XHjFb2q5xqV4U.roa
File: gxmZrmBR0kSIm-XHjFb2q5xqV4U.roa (raw, json)
Hash identifier: v05f4ESAJMc5l7+sPhSoDFfo8Eas7y3gslUhVXNIsSE=
Subject key identifier: 83:19:99:AE:60:51:D2:44:88:9B:E5:C7:8C:56:F6:AB:9C:6A:57:85
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ADF8A58BD3C20D8917362E7FA0A622674
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gxmZrmBR0kSIm-XHjFb2q5xqV4U.roa
Signing time: Fri 29 Sep 2023 06:05:00 +0000
ROA not before: Fri 29 Sep 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
87.121.69.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
93.123.116.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:8a:58:bd:3c:20:d8:91:73:62:e7:fa:0a:62:26:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 29 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=831999ae6051d244889be5c78c56f6ab9c6a5785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8b:8f:fa:b4:67:2a:6b:8f:e9:19:c8:19:d1:
db:74:82:2c:b7:1d:af:8d:3d:00:f0:c6:f9:19:43:
2e:cc:fa:c3:fd:3b:d4:8c:6c:4a:13:8c:b5:c8:26:
4b:5d:e6:6c:32:68:f8:0e:d4:e2:09:8e:df:bd:7b:
6b:a1:2b:f9:bb:fd:23:8d:17:a1:9a:f7:f1:98:c1:
3a:20:44:35:e7:bc:dc:e9:71:e4:2f:bf:46:af:ab:
a5:cc:d7:1d:e5:e2:40:4d:41:71:f5:9e:c6:45:1d:
52:4f:39:de:8a:be:f0:39:38:24:9f:2a:fb:c9:a3:
bb:c9:51:2a:7f:db:e9:2d:22:73:1e:88:1e:0f:ab:
16:f5:3f:43:52:6c:f9:0b:9a:ef:d2:af:e2:fc:38:
08:36:56:f1:b5:b2:b7:fa:49:b2:0f:b5:d8:b7:da:
fd:1d:2f:98:44:78:f9:9a:34:db:a8:e4:9c:2c:ae:
d7:10:d3:f8:54:3a:70:f8:9e:d8:18:46:ab:e3:ed:
2c:62:25:01:99:e9:a1:32:05:d9:2c:9d:2e:f0:59:
69:b5:fd:2e:a6:ee:1a:3a:b6:7e:91:93:d5:bd:e3:
1a:1e:45:88:48:d4:64:74:6b:c9:fd:31:b5:8e:b3:
35:b7:a3:2e:88:ce:07:b4:c6:f5:f7:d4:f9:e6:3e:
4d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:19:99:AE:60:51:D2:44:88:9B:E5:C7:8C:56:F6:AB:9C:6A:57:85
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gxmZrmBR0kSIm-XHjFb2q5xqV4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
82.115.208.0/24
87.121.45.0/24
87.121.59.0/24
87.121.69.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.177.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.219.126.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f6:7b:3a:b5:64:33:40:b2:c2:a4:d5:76:01:8b:db:07:a2:
b6:6c:39:c9:5a:3d:83:98:dc:0b:98:7e:e4:08:06:49:d4:2e:
9c:f0:f6:73:e6:f7:56:58:13:68:6e:94:f1:24:a9:ed:fe:1f:
e5:aa:ea:d8:6e:14:f5:9b:c2:46:c2:d9:dc:3c:fa:66:fe:2d:
78:0f:70:6f:46:06:5b:33:bc:f8:24:e2:8c:ce:26:40:b6:e1:
fc:00:2f:0a:90:a5:9a:84:be:9d:0c:f3:58:4c:2f:5f:84:9c:
95:7f:a3:20:6c:43:5e:ac:b5:fb:1b:af:e7:3f:23:2b:c3:73:
66:dc:2b:9b:3f:65:52:4d:77:d9:9f:4b:be:92:58:bc:94:61:
b2:ec:d2:55:6e:7e:2e:48:6b:dc:37:f6:72:0b:32:c8:8c:d1:
76:8f:bc:41:25:ec:da:3b:59:ee:59:59:4d:52:ff:6b:d8:1e:
38:1b:29:26:58:55:13:de:46:05:c8:62:30:96:68:2f:55:de:
95:b7:df:8e:c6:a7:34:0f:ad:c6:59:68:48:a9:c1:96:2c:f6:
72:7e:2d:d7:c6:28:fb:43:27:19:52:c8:bc:c0:cf:6c:17:06:
a6:fb:b3:33:dc:94:40:73:76:bd:3a:7c:a1:b4:1b:47:9d:90:
bc:d0:a6:59
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYrfili9PCDYkXNi5/oKYiZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI5MDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzE5OTlhZTYwNTFkMjQ0ODg5YmU1Yzc4YzU2ZjZhYjljNmE1Nzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnouP+rRnKmuP6RnIGdHbdIIstx2v
jT0A8Mb5GUMuzPrD/TvUjGxKE4y1yCZLXeZsMmj4DtTiCY7fvXtroSv5u/0jjReh
mvfxmME6IEQ157zc6XHkL79Gr6ulzNcd5eJATUFx9Z7GRR1STzneir7wOTgknyr7
yaO7yVEqf9vpLSJzHogeD6sW9T9DUmz5C5rv0q/i/DgINlbxtbK3+kmyD7XYt9r9
HS+YRHj5mjTbqOScLK7XENP4VDpw+J7YGEar4+0sYiUBmemhMgXZLJ0u8Flptf0u
pu4aOrZ+kZPVveMaHkWISNRkdGvJ/TG1jrM1t6MuiM4HtMb199T55j5NoQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFIMZma5gUdJEiJvlx4xW9qucaleFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZ3htWnJtQlIwa1NJbS1YSGpGYjJxNXhxVjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAt
l1kDBABSc9ADBABXeS0DBABXeTsDBABXeUUDBAFbXBgDBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6cTgMEAF6csQMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZI
AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAudt+AwQAufywAwQAwqmuAwQAwrQy
MA0GCSqGSIb3DQEBCwUAA4IBAQAT9ns6tWQzQLLCpNV2AYvbB6K2bDnJWj2DmNwL
mH7kCAZJ1C6c8PZz5vdWWBNobpTxJKnt/h/lqurYbhT1m8JGwtncPPpm/i14D3Bv
RgZbM7z4JOKMziZAtuH8AC8KkKWahL6dDPNYTC9fhJyVf6MgbENerLX7G6/nPyMr
w3Nm3CubP2VSTXfZn0u+kli8lGGy7NJVbn4uSGvcN/ZyCzLIjNF2j7xBJezaO1nu
WVlNUv9r2B44GykmWFUT3kYFyGIwlmgvVd6Vt9+Oxqc0D63GWWhIqcGWLPZyfi3X
xij7QycZUsi8wM9sFwam+7Mz3JRAc3a9OnyhtBtHnZC80KZZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org