Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hViInuvB4WR7flA0e2krdKOtvqQ.roa
File: hViInuvB4WR7flA0e2krdKOtvqQ.roa (raw, json)
Hash identifier: CL9TphzBKIKwmsYLVV2VZRGg01JeOOl4oix06mics1Q=
Subject key identifier: 85:58:88:9E:EB:C1:E1:64:7B:7E:50:34:7B:69:2B:74:A3:AD:BE:A4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DD00E83DEE84F96E1584D69E8F5045840
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hViInuvB4WR7flA0e2krdKOtvqQ.roa
Signing time: Thu 22 Feb 2024 09:03:48 +0000
ROA not before: Thu 22 Feb 2024 09:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:0e:83:de:e8:4f:96:e1:58:4d:69:e8:f5:04:58:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 22 09:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8558889eebc1e1647b7e50347b692b74a3adbea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a0:3d:1b:a0:14:c5:d0:fe:98:6c:cf:a5:a4:
30:db:ae:65:93:3d:6e:06:ec:4d:6e:e4:45:40:07:
03:06:33:1c:a9:20:73:c7:55:7d:b2:f8:8a:2d:0e:
48:3b:df:e9:e6:bd:98:d6:9d:be:ad:92:67:cb:15:
b0:05:75:be:ae:59:e5:5a:99:d8:08:9e:08:82:2d:
aa:72:b8:3e:c0:8e:27:c2:81:91:7d:51:60:4e:ce:
7a:6a:95:1d:aa:29:b3:d4:6d:c4:12:8a:49:22:72:
87:b9:a0:6e:b0:39:4e:48:ff:26:9b:c9:f9:95:e1:
0a:c8:3a:79:a4:85:6b:2e:5b:32:f7:4f:2f:c9:39:
10:2c:cc:66:11:58:49:6f:d5:2f:55:70:91:18:88:
95:f1:3e:0f:e0:6c:41:6d:39:db:59:4c:e4:6d:40:
cf:a5:34:60:74:eb:cc:cd:42:91:11:23:85:65:a0:
4d:25:a3:dd:68:36:63:ba:4c:00:9f:4f:78:ee:ba:
f7:19:5f:ff:76:5c:ff:ec:de:16:86:9e:1f:12:ae:
ec:12:03:c4:f6:e6:9a:66:50:49:7d:09:51:e5:d0:
d7:53:79:90:49:59:2e:c0:cf:fc:d1:fd:dd:2c:11:
6a:b9:3f:77:1b:92:6b:5d:2d:6d:59:44:ff:82:22:
8a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:58:88:9E:EB:C1:E1:64:7B:7E:50:34:7B:69:2B:74:A3:AD:BE:A4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hViInuvB4WR7flA0e2krdKOtvqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.35.19.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.59.31.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
19:4e:15:47:40:ad:18:fa:b4:34:6b:b4:19:69:46:7d:63:c7:
8e:ac:f4:a2:60:cc:c2:0f:9e:62:a4:3e:1e:00:f8:7c:ea:6a:
0e:71:63:67:56:2c:40:5d:50:0a:9f:55:ea:cf:b2:28:65:15:
26:37:6a:c5:de:25:4d:de:ff:bc:3b:43:00:a7:18:20:3a:90:
9c:e4:82:db:60:99:de:47:16:dc:e4:5a:92:87:78:ab:e2:72:
89:31:16:e6:9d:ee:09:3e:50:b8:2a:bc:93:ff:33:be:bd:27:
9d:5c:f9:03:28:24:3e:01:72:f8:b0:33:e0:30:70:d9:5d:6e:
74:d6:55:25:a2:1e:e9:aa:27:b5:1b:7d:af:fe:b8:d8:da:fa:
8c:99:bd:e8:e6:3b:ed:fa:b5:21:54:7d:66:db:fc:a1:eb:4c:
58:a0:4d:f8:80:dc:84:62:cf:f8:11:25:b8:05:36:47:01:0a:
99:a4:a8:3b:a3:aa:4a:7b:4a:2e:04:85:ab:94:9c:ff:d1:45:
33:04:8f:5b:99:cc:36:e0:86:f9:a4:5b:e2:5d:71:0d:4f:0b:
aa:8a:36:c8:07:19:a8:23:be:5a:dc:88:5e:86:91:04:3d:43:
59:5b:6d:7d:6b:be:f5:36:95:a5:f7:09:19:5a:66:4f:e3:e3:
50:e6:86:79
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAY3QDoPe6E+W4VhNaej1BFhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIyMDkwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU4ODg5ZWViYzFlMTY0N2I3ZTUwMzQ3YjY5MmI3NGEzYWRiZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6A9G6AUxdD+mGzPpaQw265lkz1u
BuxNbuRFQAcDBjMcqSBzx1V9sviKLQ5IO9/p5r2Y1p2+rZJnyxWwBXW+rlnlWpnY
CJ4Igi2qcrg+wI4nwoGRfVFgTs56apUdqimz1G3EEopJInKHuaBusDlOSP8mm8n5
leEKyDp5pIVrLlsy908vyTkQLMxmEVhJb9UvVXCRGIiV8T4P4GxBbTnbWUzkbUDP
pTRgdOvMzUKRESOFZaBNJaPdaDZjukwAn0947rr3GV//dlz/7N4Whp4fEq7sEgPE
9uaaZlBJfQlR5dDXU3mQSVkuwM/80f3dLBFquT93G5JrXS1tWUT/giKKNQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFIVYiJ7rweFke35QNHtpK3Sjrb6kMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaFZpSW51dkI0V1I3ZmxBMGUya3JkS090dnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABT22EDBABcd8YDBABc+TIDBABe
mqIDBABenEsDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogME
ALn23wMEAMEZ2QMEAMEjEwMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwME
AMI3uwMEAMI34QMEAMI7HwMEAMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEA
GU4VR0CtGPq0NGu0GWlGfWPHjqz0omDMwg+eYqQ+HgD4fOpqDnFjZ1YsQF1QCp9V
6s+yKGUVJjdqxd4lTd7/vDtDAKcYIDqQnOSC22CZ3kcW3ORakod4q+JyiTEW5p3u
CT5QuCq8k/8zvr0nnVz5AygkPgFy+LAz4DBw2V1udNZVJaIe6aontRt9r/642Nr6
jJm96OY77fq1IVR9Ztv8oetMWKBN+IDchGLP+BEluAU2RwEKmaSoO6OqSntKLgSF
q5Sc/9FFMwSPW5nMNuCG+aRb4l1xDU8Lqoo2yAcZqCO+WtyIXoaRBD1DWVttfWu+
9TaVpfcJGVpmT+PjUOaGeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org