Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ijZ_VQwrCDuJQoT97ngfnEFvV4g.roa
File: ijZ_VQwrCDuJQoT97ngfnEFvV4g.roa (raw, json)
Hash identifier: wLpeYpGxiR0zxG6xD6B7WbPLJDyw8Lm/clDvDThfrIk=
Subject key identifier: 8A:36:7F:55:0C:2B:08:3B:89:42:84:FD:EE:78:1F:9C:41:6F:57:88
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01865A7842490EE82D03B5F3CB37345C4E8A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ijZ_VQwrCDuJQoT97ngfnEFvV4g.roa
Signing time: Thu 16 Feb 2023 13:44:36 +0000
ROA not before: Thu 16 Feb 2023 13:44:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
45.81.240.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5a:78:42:49:0e:e8:2d:03:b5:f3:cb:37:34:5c:4e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 16 13:44:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a367f550c2b083b894284fdee781f9c416f5788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:53:de:bd:97:61:3e:64:a4:6b:e3:71:96:
51:f7:16:3b:a2:3e:ab:b7:79:7d:2a:5d:74:79:a7:
b1:0f:8c:29:2d:ab:66:89:5b:3b:1e:c7:00:b2:61:
23:cc:8b:5d:81:1b:c9:a8:fa:bd:fb:ef:45:ff:3f:
7e:86:05:59:d7:95:b2:9e:2d:51:95:4d:70:0c:d2:
ee:63:fc:51:bd:8e:7e:da:f2:6b:58:cc:ae:b8:60:
d2:31:f8:0e:8a:c4:0e:fa:53:35:50:5c:1e:5f:5d:
dc:09:02:f7:94:83:80:43:4a:7a:31:4f:bf:28:aa:
24:b2:a2:f4:f8:42:99:b1:74:b9:91:65:98:e7:d4:
1c:0f:54:a1:97:00:49:90:24:78:21:9d:b7:5f:c5:
d4:43:69:65:1c:52:10:4c:5c:74:ec:c3:5e:64:62:
8f:1d:0a:03:45:33:1c:d2:4a:02:34:9c:a2:cf:2e:
15:46:01:d6:c8:ff:5d:1a:65:c9:c6:da:84:46:ef:
68:7b:1b:33:25:cf:c4:33:a2:5d:83:cc:03:de:f8:
10:68:5f:10:bc:f0:ea:38:a6:14:24:24:e7:53:d5:
79:fc:4c:96:c9:95:b3:c2:73:d8:62:99:91:75:21:
a6:7f:6a:d1:47:c3:1e:e1:1b:a7:82:17:cf:9f:15:
9b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:36:7F:55:0C:2B:08:3B:89:42:84:FD:EE:78:1F:9C:41:6F:57:88
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ijZ_VQwrCDuJQoT97ngfnEFvV4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.240.0/24
45.151.89.0/24
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
171.22.19.0/24
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:e6:9b:cd:15:8f:dc:b7:b2:25:63:2b:f2:a0:2c:ad:fc:39:
ef:1c:2e:b3:57:30:bd:8f:f2:a9:56:bf:c9:9d:e6:33:8b:79:
4a:ee:47:72:4e:29:c0:e8:ba:f5:30:d2:73:f2:2c:b3:35:5d:
ed:28:1a:d9:dd:fe:b3:c9:6a:16:ac:0b:19:43:32:03:a4:2b:
a3:d8:c6:2d:11:3d:7d:ad:7c:18:b1:e1:5e:6a:a5:38:92:ad:
c8:7a:5d:0f:88:67:1a:88:10:76:0a:5a:cc:d6:52:cb:57:e5:
dd:a7:39:22:7d:47:b0:e0:b7:f0:df:6d:26:a2:39:28:4b:01:
3f:89:e4:a4:84:98:e8:de:a8:3f:b0:a3:f0:8a:81:8a:9a:4c:
ba:f3:67:47:32:29:c2:7c:df:64:24:82:aa:0f:e1:14:63:b9:
79:c2:57:82:a3:ef:f6:d7:61:ba:03:e6:fb:00:a1:4e:b9:b8:
2f:63:08:00:b7:21:b6:52:35:b4:a9:e7:1f:f2:b6:50:8a:87:
bf:ae:ce:59:b0:71:8c:dd:62:c2:38:fc:4d:2c:0d:1a:ef:9d:
c0:ca:34:09:5f:f0:54:e3:fb:a2:8e:84:ce:63:e5:e2:91:b9:
26:9f:40:76:db:b9:da:0c:6e:ed:d9:fc:71:2b:4c:d9:a3:4a:
b4:08:4c:3e
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYZaeEJJDugtA7Xzyzc0XE6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjE2MTM0NDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTM2N2Y1NTBjMmIwODNiODk0Mjg0ZmRlZTc4MWY5YzQxNmY1Nzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn29T3r2XYT5kpGvjcZZR9xY7oj6r
t3l9Kl10eaexD4wpLatmiVs7HscAsmEjzItdgRvJqPq9++9F/z9+hgVZ15Wyni1R
lU1wDNLuY/xRvY5+2vJrWMyuuGDSMfgOisQO+lM1UFweX13cCQL3lIOAQ0p6MU+/
KKoksqL0+EKZsXS5kWWY59QcD1ShlwBJkCR4IZ23X8XUQ2llHFIQTFx07MNeZGKP
HQoDRTMc0koCNJyizy4VRgHWyP9dGmXJxtqERu9oexszJc/EM6Jdg8wD3vgQaF8Q
vPDqOKYUJCTnU9V5/EyWyZWzwnPYYpmRdSGmf2rRR8Me4RunghfPnxWblQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFIo2f1UMKwg7iUKE/e54H5xBb1eIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaWpaX1ZRd3JDRHVKUW9UOTduZ2ZuRUZ2VjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALVHwAwQA
LZdZAwQBV3l8AwQBXHfEMAwDBABemqEDBAJemqADBACrFhMDBAKrFkgDBACy1+wD
BAK52FQDBAK52lQDBAC52okDBAC5234DBAC5/LAwDQYJKoZIhvcNAQELBQADggEB
AB3mm80Vj9y3siVjK/KgLK38Oe8cLrNXML2P8qlWv8md5jOLeUruR3JOKcDouvUw
0nPyLLM1Xe0oGtnd/rPJahasCxlDMgOkK6PYxi0RPX2tfBix4V5qpTiSrch6XQ+I
ZxqIEHYKWszWUstX5d2nOSJ9R7Dgt/DfbSaiOShLAT+J5KSEmOjeqD+wo/CKgYqa
TLrzZ0cyKcJ832QkgqoP4RRjuXnCV4Kj7/bXYboD5vsAoU65uC9jCAC3IbZSNbSp
5x/ytlCKh7+uzlmwcYzdYsI4/E0sDRrvncDKNAlf8FTj+6KOhM5j5eKRuSafQHbb
udoMbu3Z/HErTNmjSrQITD4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org