Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i4bQyjb2O0W-axcTSqWC8hG-fzE.roa
File: i4bQyjb2O0W-axcTSqWC8hG-fzE.roa (raw, json)
Hash identifier: soy2AQLkQsdXlPNYD0N+h8VlUwJPW8VJWdvzSM7rs0k=
Subject key identifier: 8B:86:D0:CA:36:F6:3B:45:BE:6B:17:13:4A:A5:82:F2:11:BE:7F:31
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018810898CA7D0F73B2F8FF31C7CE3E92BB6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i4bQyjb2O0W-axcTSqWC8hG-fzE.roa
Signing time: Fri 12 May 2023 15:17:09 +0000
ROA not before: Fri 12 May 2023 15:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 81.161.230.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
185.246.223.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
82.115.210.0/23 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:89:8c:a7:d0:f7:3b:2f:8f:f3:1c:7c:e3:e9:2b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 12 15:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b86d0ca36f63b45be6b17134aa582f211be7f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b3:b7:72:0b:f9:e4:31:a2:d9:55:a1:9d:0b:
e2:7a:fa:f2:d6:40:3b:7a:ce:db:59:d5:31:09:ae:
16:3c:70:5b:ed:80:af:2f:89:a4:dc:00:cf:6a:64:
1f:2e:94:e2:b2:9e:9c:82:17:4b:32:ae:43:51:e0:
8a:d0:3f:36:4f:d3:77:98:70:5e:36:96:55:bb:59:
88:f9:55:1c:f7:13:1c:bc:cf:2b:af:cf:fe:4c:b2:
6a:cd:9f:8c:e2:f4:fa:9b:58:89:ac:6a:0b:6b:c6:
93:cd:41:23:51:eb:60:5e:d6:9b:a1:7a:d6:67:1b:
81:53:a2:4f:6b:1b:2d:91:7e:67:1a:e8:9b:0b:4f:
a2:ea:d3:38:7b:08:b6:99:96:d3:41:9b:d5:d4:7a:
a1:e1:40:a0:6d:37:98:bd:d0:fd:d8:b3:ab:07:dc:
53:81:af:2f:1a:f0:86:ed:57:77:8f:51:b9:95:38:
92:27:9a:27:e6:59:6c:94:00:74:9d:ba:91:59:08:
ca:a6:f8:09:3a:15:47:a9:dd:e1:4b:ae:44:3c:93:
81:12:d5:f5:a5:a3:98:e2:60:ae:56:37:eb:89:6a:
3d:a3:b3:58:2d:f2:d5:04:4d:b5:27:df:c9:a2:c9:
7c:66:a5:1e:30:a9:5a:e1:73:6e:35:1d:23:bb:1b:
1a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:86:D0:CA:36:F6:3B:45:BE:6B:17:13:4A:A5:82:F2:11:BE:7F:31
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i4bQyjb2O0W-axcTSqWC8hG-fzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
81.161.230.0/24
81.161.239.0/24
82.115.210.0/23
83.219.97.0/24
87.121.124.0/23
87.121.220.0/24
91.200.192.0/22
94.154.172.0/24
94.156.160.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
178.215.226.0/24
185.246.223.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
10:0d:6c:96:df:73:99:09:72:6d:dc:46:10:87:77:17:b2:06:
3e:b9:a3:7b:76:24:4b:8f:84:83:62:c8:f9:e4:a3:96:90:87:
a7:93:a7:5f:11:ff:42:ec:0c:54:6e:3e:b1:fa:9f:df:87:bb:
ce:8a:f2:47:6f:23:23:30:12:3d:a9:ed:df:80:8c:ae:2b:f8:
93:46:93:f8:ef:8a:0a:08:4c:24:d2:dd:aa:40:6b:20:b5:44:
33:cc:2c:bb:db:4c:2f:34:0b:12:91:51:48:3c:d8:e9:28:02:
aa:97:17:20:52:21:ab:9a:5f:55:65:d0:e3:1a:2d:f6:e3:8d:
48:9b:22:0c:9f:fd:62:d9:70:08:88:65:e3:52:4a:2d:06:fe:
cd:c8:a4:11:31:e8:66:87:ce:60:7e:08:3b:31:a5:cc:fa:84:
80:43:60:38:c6:1f:84:e7:aa:38:ef:25:6d:2f:a1:53:20:fa:
1c:f3:ec:4c:27:c6:9d:ff:97:e1:63:d7:3a:06:6d:7b:72:25:
28:82:c8:3e:84:ad:08:e7:79:05:c1:1d:5d:22:57:03:42:c2:
0e:9c:fc:5f:d3:e0:18:97:5f:33:45:f3:cd:60:38:03:ca:72:
2d:1c:2f:38:65:3e:c8:ae:87:cb:cc:13:43:21:4a:41:49:e3:
8b:66:2d:5c
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYgQiYyn0Pc7L4/zHHzj6Su2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTEyMTUxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjg2ZDBjYTM2ZjYzYjQ1YmU2YjE3MTM0YWE1ODJmMjExYmU3ZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLO3cgv55DGi2VWhnQvievry1kA7
es7bWdUxCa4WPHBb7YCvL4mk3ADPamQfLpTisp6cghdLMq5DUeCK0D82T9N3mHBe
NpZVu1mI+VUc9xMcvM8rr8/+TLJqzZ+M4vT6m1iJrGoLa8aTzUEjUetgXtaboXrW
ZxuBU6JPaxstkX5nGuibC0+i6tM4ewi2mZbTQZvV1Hqh4UCgbTeYvdD92LOrB9xT
ga8vGvCG7Vd3j1G5lTiSJ5on5llslAB0nbqRWQjKpvgJOhVHqd3hS65EPJOBEtX1
paOY4mCuVjfriWo9o7NYLfLVBE21J9/Josl8ZqUeMKla4XNuNR0juxsajQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFIuG0Mo29jtFvmsXE0qlgvIRvn8xMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaTRiUXlqYjJPMFctYXhjVFNxV0M4aEctZnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAt
CZwDBAAtDP8DBAAtQuQDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABRoeYDBABR
oe8DBAFSc9IDBABT22EDBAFXeXwDBABXedwDBAJbyMADBABemqwDBABenKADBAGT
TmQwDAMEAKsWEQMEAKsWEgMEALLX4gMEALn23wMEAMEjEwMEAMK0JzANBgkqhkiG
9w0BAQsFAAOCAQEAEA1slt9zmQlybdxGEId3F7IGPrmje3YkS4+Eg2LI+eSjlpCH
p5OnXxH/QuwMVG4+sfqf34e7zoryR28jIzASPant34CMriv4k0aT+O+KCghMJNLd
qkBrILVEM8wsu9tMLzQLEpFRSDzY6SgCqpcXIFIhq5pfVWXQ4xot9uONSJsiDJ/9
YtlwCIhl41JKLQb+zcikETHoZofOYH4IOzGlzPqEgENgOMYfhOeqOO8lbS+hUyD6
HPPsTCfGnf+X4WPXOgZte3IlKILIPoStCOd5BcEdXSJXA0LCDpz8X9PgGJdfM0Xz
zWA4A8pyLRwvOGU+yK6Hy8wTQyFKQUnji2YtXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org