Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i_GsLrJ2CREmpgrQOtS-uzRkpM0.roa
File: i_GsLrJ2CREmpgrQOtS-uzRkpM0.roa (raw, json)
Hash identifier: IXp2MPUMFwfyLHse3fXuZtt5bIWfCMYdpU1/BXqQ5mQ=
Subject key identifier: 8B:F1:AC:2E:B2:76:09:11:26:A6:0A:D0:3A:D4:BE:BB:34:64:A4:CD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187B21436C52D6B14AF66FA163284437BC4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i_GsLrJ2CREmpgrQOtS-uzRkpM0.roa
Signing time: Mon 24 Apr 2023 07:04:41 +0000
ROA not before: Mon 24 Apr 2023 07:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:14:36:c5:2d:6b:14:af:66:fa:16:32:84:43:7b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 07:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bf1ac2eb276091126a60ad03ad4bebb3464a4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c6:6c:b3:c1:01:2c:d4:cf:a5:29:22:c6:cc:
e9:2a:b7:ff:77:e7:8a:92:06:90:88:e3:4a:23:30:
4c:9a:98:9e:00:84:76:f6:c5:a9:78:e4:73:56:f1:
8c:9b:76:34:0e:b7:d4:3c:4a:52:39:9f:74:17:3f:
26:f9:d1:a4:41:16:db:35:8f:9c:48:40:48:0e:0a:
fb:98:fd:7d:b7:71:bf:5e:be:fa:ae:a0:b2:07:f2:
ac:4c:c2:5d:22:cd:26:bf:db:05:1f:cd:92:6c:a9:
af:41:7c:64:8c:9b:8e:b2:4f:4d:e6:51:9a:b5:8c:
ee:ed:41:1d:05:a0:29:53:33:65:19:f3:99:61:ea:
28:7b:ef:65:8c:ee:7e:ad:af:6a:c4:84:ab:2e:40:
fa:19:8c:84:60:0a:ba:5e:90:53:12:8a:81:b0:8d:
eb:08:6a:6b:32:95:38:ba:17:73:96:6e:24:9f:ea:
17:6c:48:8e:ad:81:ae:68:d9:c6:2c:80:e6:08:14:
0f:ce:6f:4c:54:28:40:9a:f0:03:71:d2:bb:f2:e3:
eb:9d:e4:3d:db:99:67:24:54:23:b4:92:f6:b0:28:
0b:65:9b:84:ef:ff:f0:1a:e2:79:bc:26:72:8f:d0:
18:8f:58:73:45:7e:49:9b:1d:8e:6b:d4:b2:67:1a:
1f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F1:AC:2E:B2:76:09:11:26:A6:0A:D0:3A:D4:BE:BB:34:64:A4:CD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i_GsLrJ2CREmpgrQOtS-uzRkpM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:c7:4a:96:7f:fb:4e:f7:6f:6d:09:3c:69:ab:d1:bc:6c:49:
4f:ba:34:13:11:b0:3f:ec:fe:27:9b:ee:fb:f9:e2:ce:31:47:
40:9b:c1:fe:d5:24:49:fe:24:4a:cd:81:f5:07:b5:f8:20:03:
dc:85:b8:ff:0d:a0:27:51:4c:d2:cd:72:ca:6c:87:c3:71:22:
89:ea:57:9e:f5:78:92:77:be:35:56:6d:92:ed:ef:04:6b:aa:
27:b8:49:88:01:8e:f3:b4:39:6f:21:e2:78:e7:99:cf:12:69:
11:34:2c:27:48:87:5c:19:70:3a:58:20:65:ef:43:9d:72:cb:
48:69:2f:7c:8a:3e:03:66:33:c9:39:99:1a:a1:74:22:8b:76:
3e:95:a3:f3:39:5f:72:6b:33:f3:22:5f:ff:fe:f6:45:b6:94:
77:4a:68:7e:02:de:36:a5:33:62:a1:19:a3:30:0c:cf:90:ea:
ba:31:2a:90:2d:91:99:c7:6b:f7:34:85:0d:15:07:78:13:91:
0b:f5:e3:46:0a:dd:2e:1e:ab:16:02:89:fe:82:a2:c1:f8:e3:
3c:47:c5:42:92:56:38:b8:ce:6c:58:2f:5e:22:45:68:c9:c5:
8a:00:c5:d7:48:b6:e3:20:3b:5c:2a:6c:ed:16:75:53:56:59:
c2:46:d8:47
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYeyFDbFLWsUr2b6FjKEQ3vEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDI0MDcwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYxYWMyZWIyNzYwOTExMjZhNjBhZDAzYWQ0YmViYjM0NjRhNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcZss8EBLNTPpSkixszpKrf/d+eK
kgaQiONKIzBMmpieAIR29sWpeORzVvGMm3Y0DrfUPEpSOZ90Fz8m+dGkQRbbNY+c
SEBIDgr7mP19t3G/Xr76rqCyB/KsTMJdIs0mv9sFH82SbKmvQXxkjJuOsk9N5lGa
tYzu7UEdBaApUzNlGfOZYeooe+9ljO5+ra9qxISrLkD6GYyEYAq6XpBTEoqBsI3r
CGprMpU4uhdzlm4kn+oXbEiOrYGuaNnGLIDmCBQPzm9MVChAmvADcdK78uPrneQ9
25lnJFQjtJL2sCgLZZuE7//wGuJ5vCZyj9AYj1hzRX5Jmx2Oa9SyZxofMQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFIvxrC6ydgkRJqYK0DrUvrs0ZKTNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaV9Hc0xySjJDUkVtcGdyUU90Uy11elJrcE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQALZdZAwQB
V3hAAwQAV3ncAwQBXHfEMAwDBABemqEDBAJemqADBABemqwDBAGTTmQDBAKrFkgD
BACy1+wDBAK52FQDBAK52lQDBAC52okDBAC5234DBAC59t8wDQYJKoZIhvcNAQEL
BQADggEBAJ/HSpZ/+073b20JPGmr0bxsSU+6NBMRsD/s/ieb7vv54s4xR0Cbwf7V
JEn+JErNgfUHtfggA9yFuP8NoCdRTNLNcspsh8NxIonqV571eJJ3vjVWbZLt7wRr
qie4SYgBjvO0OW8h4njnmc8SaRE0LCdIh1wZcDpYIGXvQ51yy0hpL3yKPgNmM8k5
mRqhdCKLdj6Vo/M5X3JrM/MiX//+9kW2lHdKaH4C3jalM2KhGaMwDM+Q6roxKpAt
kZnHa/c0hQ0VB3gTkQv140YK3S4eqxYCif6CosH44zxHxUKSVji4zmxYL14iRWjJ
xYoAxddItuMgO1wqbO0WdVNWWcJG2Ec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:41 2024 by rpki-client on console-ams.rpki-client.org