Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iEysi1PrGSaOuP8dCOjJOwq9qbs.roa
File: iEysi1PrGSaOuP8dCOjJOwq9qbs.roa (raw, json)
Hash identifier: Angs6JP5fCpo7FlQpMQvz+hoV9qvKA6aO1SBunMtOzI=
Subject key identifier: 88:4C:AC:8B:53:EB:19:26:8E:B8:FF:1D:08:E8:C9:3B:0A:BD:A9:BB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BB9DD6A07FEA8D4E9EC2B8CAE3E274A0B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iEysi1PrGSaOuP8dCOjJOwq9qbs.roa
Signing time: Fri 10 Nov 2023 15:32:57 +0000
ROA not before: Fri 10 Nov 2023 15:32:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:dd:6a:07:fe:a8:d4:e9:ec:2b:8c:ae:3e:27:4a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 10 15:32:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=884cac8b53eb19268eb8ff1d08e8c93b0abda9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1d:cf:f6:91:aa:b6:02:60:a8:62:4b:b1:95:
8f:86:56:ed:72:50:50:aa:9d:76:b4:a5:9c:f8:47:
ee:8a:75:1c:f8:a6:73:7a:f7:61:96:b1:29:b9:5a:
02:eb:22:a5:38:9c:3f:fe:50:1a:cc:81:4d:73:29:
10:05:a3:1c:55:17:68:a4:d7:88:d9:a7:d4:74:cc:
53:9a:ec:44:5e:01:48:79:f2:3c:53:6c:dc:8a:be:
5b:2c:df:6f:54:ca:10:e1:07:60:de:a5:88:dc:14:
a0:86:6e:a7:df:75:58:89:e9:5c:06:cf:b7:57:4f:
31:94:a8:d3:6a:9c:95:39:e1:f6:c1:7f:fc:6e:07:
bf:86:4e:a3:59:50:df:b4:44:4e:2b:05:31:7b:00:
a3:be:16:bf:44:33:7d:77:d6:7d:64:da:3c:78:a3:
8f:e1:f2:85:90:8b:fe:2b:47:83:db:db:c9:bd:07:
06:59:1b:10:d3:99:ba:66:09:42:cb:77:f2:51:c6:
30:f6:de:9b:20:fe:15:b3:5f:83:cf:f0:61:6f:cc:
b6:a4:dd:65:50:fc:89:eb:d3:4c:61:d4:f8:fe:bf:
bd:66:38:23:d5:e1:4e:4b:fa:6f:e9:2f:a7:7c:0f:
00:a0:f9:85:07:7c:fb:c9:75:e2:af:60:af:13:33:
c8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4C:AC:8B:53:EB:19:26:8E:B8:FF:1D:08:E8:C9:3B:0A:BD:A9:BB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iEysi1PrGSaOuP8dCOjJOwq9qbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.220.0/23
91.92.24.0/23
92.119.196.0/23
93.123.39.0/24
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
79:97:b4:e9:ce:17:41:22:4f:77:dc:c5:c3:4a:fc:f9:6b:f6:
71:54:4c:5e:86:84:c6:80:ca:07:88:7b:74:3d:25:6b:21:03:
2d:62:b4:7d:9e:76:87:78:c9:6c:d8:5d:b9:de:30:ce:cf:19:
fd:da:e1:77:5b:e7:ab:9b:0d:4e:47:b3:8f:bc:ab:fd:52:3c:
4e:1f:0d:b7:13:d8:05:7d:bb:81:0e:8f:3e:b3:b9:4a:4d:16:
6d:81:30:5d:60:c4:3f:01:f7:96:79:69:f5:14:0e:0f:0c:3d:
af:fd:35:53:8b:a7:38:53:31:cf:12:a1:7e:85:c7:c5:b5:4b:
7e:db:59:d7:c4:5a:bf:5e:db:b9:ae:76:8f:1d:63:a0:b0:bf:
d0:d3:71:4c:d9:e5:13:30:c0:1a:3b:04:97:b2:62:a1:ca:f1:
e4:88:87:57:dc:a1:28:62:1f:e0:51:14:ed:2b:3c:3d:16:b9:
b3:93:2e:6c:c5:ea:e4:f3:8a:69:d4:d9:d4:ce:91:fe:c2:93:
d8:5b:dc:33:f3:0e:93:84:4c:86:c7:a5:a4:3c:43:6e:53:2a:
72:25:20:ae:9d:f0:bc:bd:99:b2:e9:c8:a7:e2:1a:07:55:54:
8b:29:de:e3:8b:1c:e6:5a:3f:ed:3f:f1:57:4a:78:b0:19:3d:
ea:dd:9b:d2
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYu53WoH/qjU6ewrjK4+J0oLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTEwMTUzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRjYWM4YjUzZWIxOTI2OGViOGZmMWQwOGU4YzkzYjBhYmRhOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4B3P9pGqtgJgqGJLsZWPhlbtclBQ
qp12tKWc+EfuinUc+KZzevdhlrEpuVoC6yKlOJw//lAazIFNcykQBaMcVRdopNeI
2afUdMxTmuxEXgFIefI8U2zcir5bLN9vVMoQ4Qdg3qWI3BSghm6n33VYielcBs+3
V08xlKjTapyVOeH2wX/8bge/hk6jWVDftEROKwUxewCjvha/RDN9d9Z9ZNo8eKOP
4fKFkIv+K0eD29vJvQcGWRsQ05m6ZglCy3fyUcYw9t6bIP4Vs1+Dz/Bhb8y2pN1l
UPyJ69NMYdT4/r+9Zjgj1eFOS/pv6S+nfA8AoPmFB3z7yXXir2CvEzPIbwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFIhMrItT6xkmjrj/HQjoyTsKvam7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaUV5c2kxUHJHU2FPdVA4ZENPakpPd3E5cWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAt
l1kDBABXeFcDBABXeS0DBABXeTsDBAFXedwDBAFbXBgDBAFcd8QDBABdeycDBABd
e3QwDAMEAF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZI
AwQAsH3/AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufbfAwQAufyw
AwQAwqmuAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQB5l7TpzhdBIk933MXDSvz5
a/ZxVExehoTGgMoHiHt0PSVrIQMtYrR9nnaHeMls2F253jDOzxn92uF3W+ermw1O
R7OPvKv9UjxOHw23E9gFfbuBDo8+s7lKTRZtgTBdYMQ/AfeWeWn1FA4PDD2v/TVT
i6c4UzHPEqF+hcfFtUt+21nXxFq/Xtu5rnaPHWOgsL/Q03FM2eUTMMAaOwSXsmKh
yvHkiIdX3KEoYh/gURTtKzw9Frmzky5sxerk84pp1NnUzpH+wpPYW9wz8w6ThEyG
x6WkPENuUypyJSCunfC8vZmy6cin4hoHVVSLKd7jixzmWj/tP/FXSniwGT3q3ZvS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org