Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jhVP9vm9cpj4ccYlTk5s8R3Nlro.roa
File: jhVP9vm9cpj4ccYlTk5s8R3Nlro.roa (raw, json)
Hash identifier: LpDR8+rT6lnXWg4Q9CChywJORZJoEouHOmhA4EbiwB0=
Subject key identifier: 8E:15:4F:F6:F9:BD:72:98:F8:71:C6:25:4E:4E:6C:F1:1D:CD:96:BA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C57FC4ABA0894659766A9814AD566B67E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jhVP9vm9cpj4ccYlTk5s8R3Nlro.roa
Signing time: Mon 11 Dec 2023 08:26:41 +0000
ROA not before: Mon 11 Dec 2023 08:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 94.156.8.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:fc:4a:ba:08:94:65:97:66:a9:81:4a:d5:66:b6:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 11 08:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e154ff6f9bd7298f871c6254e4e6cf11dcd96ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:04:eb:72:24:9a:eb:e3:50:af:6e:12:2b:84:
e8:04:5a:fe:ce:56:ef:3d:fa:f8:07:8b:5f:c4:1a:
d1:fb:95:a8:db:08:90:24:96:d5:e8:ae:77:d3:e1:
13:91:66:7b:79:53:0b:8f:91:ce:fd:22:53:70:a9:
2f:01:0a:2e:3e:28:95:c4:7e:01:6e:26:24:d2:5c:
33:9a:78:a0:4a:c6:78:30:02:b2:ca:4b:3a:66:0f:
6c:62:1c:aa:2c:30:3b:d9:09:98:f2:58:fc:05:77:
39:8c:dd:fa:f3:9b:ef:56:97:05:bc:72:7f:b1:4a:
3a:94:7a:f1:d3:b6:8c:13:10:c8:69:c0:80:88:15:
93:19:6f:f9:d8:fe:b4:3c:7d:64:11:28:54:5a:47:
eb:3b:90:35:53:be:c5:54:4c:5f:97:ed:25:c8:c9:
73:64:f5:34:97:e1:92:76:2a:64:68:93:38:e3:27:
49:2b:b6:9a:e8:cd:89:41:85:54:21:4b:ff:ba:01:
88:06:e8:06:de:12:db:b6:e1:91:ee:eb:33:4e:68:
1f:31:ab:a1:cd:49:dd:6e:4c:b5:f5:72:8f:6f:8e:
95:34:1d:52:86:9e:3a:1e:28:18:44:34:38:cf:8b:
fe:b9:38:f0:e7:c0:10:88:1a:ae:8e:35:84:20:b7:
48:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:15:4F:F6:F9:BD:72:98:F8:71:C6:25:4E:4E:6C:F1:1D:CD:96:BA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jhVP9vm9cpj4ccYlTk5s8R3Nlro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.8.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
178.215.238.0/24
185.222.160.0-185.222.162.255
185.225.73.0/24
185.246.223.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.186.0/23
194.55.225.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
78:6b:3d:d4:3c:d5:5b:b2:05:d3:64:9f:bb:34:4f:98:d6:68:
ef:19:e5:bf:4d:f7:94:de:4b:7c:82:72:d2:a1:82:c1:89:43:
47:ab:b2:99:b7:f5:0a:20:ce:81:a8:4d:a6:9f:4f:69:d4:1a:
86:d1:71:fe:ae:b9:5f:30:d3:a8:8a:b8:09:ec:1d:60:71:9a:
cd:0c:81:80:2b:d9:d6:10:23:2c:6d:85:65:2f:63:77:d4:a3:
f7:0c:5d:a9:da:cd:5c:88:10:2b:ce:e6:70:19:24:be:4a:35:
4e:4f:2b:a4:19:6b:ce:ce:37:1f:4b:04:50:15:72:47:e8:cd:
d0:a7:e8:82:a8:1f:05:2d:a9:0e:c0:fe:12:aa:be:a6:c7:fd:
61:bf:fb:86:77:e5:ac:e2:9a:43:bc:57:8e:bb:5b:82:8d:8e:
11:f0:4b:be:d9:15:fd:39:30:6a:78:5d:c0:fe:d8:f6:b9:e7:
3f:2a:d2:5b:23:e1:50:ed:0c:fc:4a:04:06:15:7e:72:a3:fd:
8c:64:8f:f4:23:3a:93:37:50:3d:79:c9:12:94:13:63:56:bd:
0f:16:2d:54:d7:fb:9b:2d:9a:01:14:a1:96:05:32:66:2c:70:
e4:71:a4:87:7e:98:35:6c:bd:0a:86:22:8e:47:cc:6c:3b:e1:
25:62:7b:33
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYxX/Eq6CJRll2apgUrVZrZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjExMDgyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE1NGZmNmY5YmQ3Mjk4Zjg3MWM2MjU0ZTRlNmNmMTFkY2Q5NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwTrciSa6+NQr24SK4ToBFr+zlbv
Pfr4B4tfxBrR+5Wo2wiQJJbV6K530+ETkWZ7eVMLj5HO/SJTcKkvAQouPiiVxH4B
biYk0lwzmnigSsZ4MAKyyks6Zg9sYhyqLDA72QmY8lj8BXc5jN3685vvVpcFvHJ/
sUo6lHrx07aMExDIacCAiBWTGW/52P60PH1kEShUWkfrO5A1U77FVExfl+0lyMlz
ZPU0l+GSdipkaJM44ydJK7aa6M2JQYVUIUv/ugGIBugG3hLbtuGR7uszTmgfMauh
zUndbky19XKPb46VNB1Shp46HigYRDQ4z4v+uTjw58AQiBqujjWEILdI3QIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFI4VT/b5vXKY+HHGJU5ObPEdzZa6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvamhWUDl2bTljcGo0Y2NZbFRrNXM4UjNObHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABcd8YDBABc+TIDBABemqIDBABe
nAgDBABtzu8DBACy1+EDBACy1+MDBACy1+wDBACy1+4wDAMEBbneoAMEALneogME
ALnhSQMEALn23wMEAMEZ2QMEAMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwME
AMIfzQMEAMIw+AMEAcI3ugMEAMI34QMEAMKprAMEAMK0JjANBgkqhkiG9w0BAQsF
AAOCAQEAeGs91DzVW7IF02SfuzRPmNZo7xnlv033lN5LfIJy0qGCwYlDR6uymbf1
CiDOgahNpp9PadQahtFx/q65XzDTqIq4CewdYHGazQyBgCvZ1hAjLG2FZS9jd9Sj
9wxdqdrNXIgQK87mcBkkvko1Tk8rpBlrzs43H0sEUBVyR+jN0KfogqgfBS2pDsD+
Eqq+psf9Yb/7hnflrOKaQ7xXjrtbgo2OEfBLvtkV/TkwanhdwP7Y9rnnPyrSWyPh
UO0M/EoEBhV+cqP9jGSP9CM6kzdQPXnJEpQTY1a9DxYtVNf7my2aARShlgUyZixw
5HGkh36YNWy9CoYijkfMbDvhJWJ7Mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:41 2024 by rpki-client on console-ams.rpki-client.org