Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hxVIytwtxkC3PLlwBinlewNSylg.roa
File: hxVIytwtxkC3PLlwBinlewNSylg.roa (raw, json)
Hash identifier: wvpwXIyKZKWEeVXQGpeqNuprx87cEAstN2uGFbHijK4=
Subject key identifier: 87:15:48:CA:DC:2D:C6:40:B7:3C:B9:70:06:29:E5:7B:03:52:CA:58
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B00382FF0334E91F0810D8BE5307C4696
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hxVIytwtxkC3PLlwBinlewNSylg.roa
Signing time: Thu 05 Oct 2023 14:22:44 +0000
ROA not before: Thu 05 Oct 2023 14:22:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:38:2f:f0:33:4e:91:f0:81:0d:8b:e5:30:7c:46:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 5 14:22:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=871548cadc2dc640b73cb9700629e57b0352ca58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:4b:6d:80:5d:58:f3:3b:b6:3f:83:b0:81:
88:23:d8:3a:1c:23:9f:55:ef:84:43:44:f1:32:27:
b6:0f:16:01:8b:63:34:c2:07:ae:69:cc:19:a4:bc:
6f:8b:04:ba:20:91:7c:09:0c:09:f7:d8:66:3f:ce:
6f:1f:ca:5b:e4:b6:49:6f:c5:18:7d:ac:f2:4f:65:
7a:31:74:4f:a1:d9:3e:5f:c0:92:80:b7:4d:dd:dd:
09:b9:a8:cf:54:a4:b7:29:45:bc:a8:6f:61:b4:16:
c5:1e:fe:c4:aa:9c:05:01:6c:99:47:ff:a5:58:77:
63:38:34:3a:b6:e3:dc:22:d7:52:51:b6:a5:cf:ca:
2c:e3:dc:40:6f:1e:5f:7f:ed:82:73:4d:18:52:04:
0b:c6:c4:e0:97:74:76:40:67:a9:36:b9:97:67:77:
0a:fa:b6:4c:e8:5f:5b:96:51:c2:ed:6e:2f:88:f1:
09:03:96:46:9c:02:eb:0f:10:a4:03:11:95:40:f8:
9d:e4:9d:58:91:ce:8b:43:29:5c:67:17:f7:28:b5:
b8:34:9a:f9:42:df:43:7f:e6:f6:66:97:d6:e6:46:
02:3e:92:d5:0e:00:f8:49:21:fe:51:69:e4:4f:bc:
06:b6:b7:61:2a:ea:8e:b2:52:46:a5:a4:d0:7f:12:
0a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:15:48:CA:DC:2D:C6:40:B7:3C:B9:70:06:29:E5:7B:03:52:CA:58
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hxVIytwtxkC3PLlwBinlewNSylg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.90.0/24
84.54.49.0/24
85.217.145.0/24
87.120.87.0/24
94.154.163.0/24
176.125.255.0/24
185.226.175.0/24
193.149.28.0/22
194.49.86.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a0:2a:7c:9c:5a:f2:87:ad:e3:a1:13:b5:2d:8e:d3:16:f1:
7d:06:61:2c:23:93:92:50:c2:c8:d8:ac:7a:82:c9:00:6f:c4:
f1:22:3a:e2:c1:ca:df:3c:15:a5:8f:e0:05:17:6d:7f:af:ea:
06:26:70:51:89:d8:9a:b7:b7:cf:0b:e6:3e:8e:cf:9f:0b:17:
2e:3a:b2:72:6d:ee:6e:5a:58:d4:9e:74:d7:9c:fd:0d:cf:8f:
48:3b:71:20:35:ea:08:aa:69:16:49:71:73:fe:2d:b1:aa:b3:
cc:04:de:ca:ce:75:4f:c9:07:d6:21:c1:4e:53:7f:0d:47:aa:
f5:b2:aa:09:ef:f4:2a:d6:48:8a:58:89:f6:d5:1e:be:e8:71:
76:e1:ff:e0:d1:b8:02:e8:ac:1e:0e:c3:bc:ed:f8:d7:0f:0a:
92:31:4a:2d:67:72:a9:2f:f9:d4:3a:42:95:ea:73:a1:08:4f:
93:eb:d1:ba:a5:2b:b8:41:dc:49:e2:b9:4a:c3:9f:ac:51:3d:
03:5b:73:b1:c7:b8:94:15:12:da:24:44:90:2c:be:59:37:b2:
35:25:59:33:95:98:1a:08:7e:7e:d0:98:f4:4f:b1:e0:a8:21:
12:c4:bb:ee:41:5c:dc:1b:89:2b:a6:22:32:e6:b8:dc:4c:80:
9e:7a:8d:df
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYsAOC/wM06R8IENi+UwfEaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDA1MTQyMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzE1NDhjYWRjMmRjNjQwYjczY2I5NzAwNjI5ZTU3YjAzNTJjYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0RLbYBdWPM7tj+DsIGII9g6HCOf
Ve+EQ0TxMie2DxYBi2M0wgeuacwZpLxviwS6IJF8CQwJ99hmP85vH8pb5LZJb8UY
fazyT2V6MXRPodk+X8CSgLdN3d0JuajPVKS3KUW8qG9htBbFHv7EqpwFAWyZR/+l
WHdjODQ6tuPcItdSUbalz8os49xAbx5ff+2Cc00YUgQLxsTgl3R2QGepNrmXZ3cK
+rZM6F9bllHC7W4viPEJA5ZGnALrDxCkAxGVQPid5J1Ykc6LQylcZxf3KLW4NJr5
Qt9Df+b2ZpfW5kYCPpLVDgD4SSH+UWnkT7wGtrdhKuqOslJGpaTQfxIKKwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIcVSMrcLcZAtzy5cAYp5XsDUspYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaHhWSXl0d3R4a0MzUExsd0Jpbmxld05TeWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZdaAwQA
VDYxAwQAVdmRAwQAV3hXAwQAXpqjAwQAsH3/AwQAueKvAwQCwZUcAwQAwjFWMA0G
CSqGSIb3DQEBCwUAA4IBAQBnoCp8nFryh63joRO1LY7TFvF9BmEsI5OSUMLI2Kx6
gskAb8TxIjriwcrfPBWlj+AFF21/r+oGJnBRidiat7fPC+Y+js+fCxcuOrJybe5u
WljUnnTXnP0Nz49IO3EgNeoIqmkWSXFz/i2xqrPMBN7KznVPyQfWIcFOU38NR6r1
sqoJ7/Qq1kiKWIn21R6+6HF24f/g0bgC6KweDsO87fjXDwqSMUotZ3KpL/nUOkKV
6nOhCE+T69G6pSu4QdxJ4rlKw5+sUT0DW3Oxx7iUFRLaJESQLL5ZN7I1JVkzlZga
CH5+0Jj0T7HgqCESxLvuQVzcG4krpiIy5rjcTICeeo3f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org